We recently announced Copilot Extensions to create the most integrated, powerful and intelligent AI developer platform. This first release with a select few partners enables developers to build and deploy to the cloud in their natural language without leaving GitHub.com or their IDE.

But this is just the start. We recognize that a thriving ecosystem benefits from a diverse array of partner solutions. That is why we need our community of developers to be ready to contribute with their own powerful experiences.

This article will get you ready to start.

Copilot Chat

Users leverage GitHub Copilot Chat to invoke a number of tools to get context, perform actions, and generate files and pull requests.They can do so without having to remember specific commands, flags or syntax. Users can stay in the flow by using natural language queries.

Copilot extensions expand these capabilities by integrating partners’ environments into GitHub. Here are some examples that showcase the power of integration.

• The Octopus Deploy extension integrates with a text based dashboard and identifies additional important details like security vulnerabilities.
• The Sentry extension integrates with GitHub Issues to create, track, summarize and suggest a code fix.
• The DataStax extension gives detailed instructions on how to install and use their database.

GitHub Apps

To provide users with the chat capabilities, partners will integrate through a GitHub App. GitHub Apps are tools that extend GitHub’s functionality and optionally can be published to the GitHub Marketplace as Copilot Apps.

A Copilot Chat extension will seamlessly integrate with VS Code, Visual Studio, and github.com, with other IDEs in development. As this extension is a GitHub App, by definition, application permissions and other GitHub App governance rules will apply. For instance, an organization administrator may restrict where an app can be installed.

Programs and Agreements

Start by joining the Technology Partner Program. The TPP is the overarching program to which we work with partners. You need to be a member of that program while we are in the Limited Public Beta phase. You can view the terms and conditions of that program before you join. The TPP will provide a number of benefits including licenses to which to test on GitHub as well as access to our support through our team.

Specifically for Copilot, we are also asking that partners join the Copilot Partner Program waitlist. In our experience, it can take some time for partners to review and understand the agreements that need to be in place. We’ve put these online for you to review. There are the Copilot pre-release terms and GitHub Marketplace Developer Agreement. Once partners have been accepted into the program, partners will be presented with a GitHub Plugin Acceptable Development and Use Policy. Partners will then have access to the build kit.

We have updated the terms and conditions to protect end user privacy and data. To learn more about how GitHub Copilot and GitHub Apps secure and keep user data private please visit the GitHub Copilot Trust Center.

“Partner-Ship” Webinar

We will be hosting a webinar, Copilot Extensions Featuring Insights from Atlassian, Elastic and Split on June 26th at 10:00AM PDT (UTC-7) that will recap our current partner offerings and provide additional partner news and product updates.

GitHub Universe

This year marks our 10th anniversary for GitHub Universe. We will be at Fort Mason, San Francisco on October 29th-30th. We will showcase our latest Copilot extensibility scenarios to developers. For partners that are in the Technology Partner Program and attending Universe we will also be hosting a Partner Connect - Day 0 to provide more details on latest news, insights and partner program. To participate, you must be a TPP member and registered attendee at Universe. Stay tuned for more program information about Day 0 and Universe.

Let’s build from here with partners! Please visit partner.github.com for more information and help.

So what’s new?

Thank you for joining us at GitHub Partner Connect! We had 100+ partners to hear directly from our CEO, CRO, & VP of Strategy (Product) about our 2023 Vision, Product Roadmap, and how partners play a key part in our vision!

Thank you to our partners that spoke at GitHub Universe: Amazon, Google, HashiCorp, LinkedIn, & Pulumi and to our sponsors Arm, Docker, Sentry, Octopus Deploy, Microsoft, and readme.

“Partner Ship” Speaker Series

Didn’t get a chance to present at Universe? Submit a talk for our new “Partner Ship” Webinar Speaker Series where we’ll be going over the latest partner ships and integrations with the GitHub platform. These speaker series will go on for 3 months with different themes and will be 30 min in length; more details below. Please fill out this form to submit your speaker presentation.

Program Details

Webinar Format

• 30 minute live demo of your team presenting a recent “Partner Ship” of a GitHub integration including a live demo and what it means for our mutual customers.

Speaker Submissions Due:

• February - Application Due: 12/16
• March - Application Due : 1/13
• April - Application Due: 2/10

Speakers Announced:

• February - 1/6
• March - 2/3
• April - 3/3

Track Schedule

• February - Action
• March - Security
• April - AI

Tech-Sales Pilot Program Submissions

The GitHub Tech-Sales Pilot Program is an opportunity for partners to receive revenue for referrals that lead to GitHub sales. This is a pilot program as we look to scale out the program more broadly, so we are taking submissions from partners on integrated solutions with GitHub that we could prioritize. We plan to take submissions and reach out to partners by January 18, 2023, on the next steps with more details. You can submit your ideas here.

Updates

Secret Scanning Partner Updates

New partner agreement coming soon

As GitHub matures its secret scanning program, we want to help our mutual users remediate secrets leaked in their repositories. We are now preparing updates to our process so that we can send you leaked tokens and, in return, retrieve information to help our users. To support this change, we will soon reach out with a new legal agreement addendum for all secret scanning partners to sign. As we continue our improvements, we are also looking to update partner endpoints to accommodate the new metadata checks. If you want to be first in line to get this work done for your organization, please reach out to us at secret-scanning@github.com. with your new endpoint. We would also like to share a sneak peek at what this new experience could look like!

In the first half of FY23, we have onboarded over 20 new patterns for new and prior Technology and Secret Scanning Partners. We published changelogs for the following partners celebrating them as part of our program: Chief Tools, DevCycle, Prefect, ReadMe, UNIwise, Zuplo, Sendinblue

As a reminder, we would love to have all of our Technology Partners also part of our Secret Scanning program. Here is some documentation explaining a high level overview of the technical process. The goal of our program is to secure the internet from any/all leaked tokens in public and private repositories. This blog post will help if you are interested in updating your token patterns to be more specific and secure. Join our free secret scanning program now! Email us at: partnerships@github.com

Get your Actions in the Marketplace verified

If you created a GitHub Action in the GitHub Marketplace, we urge you to get your Actions verified to establish a higher ranking, build trust with our community, and especially because Enterprises can limit Actions created by Verified Creators. To learn more, go to https://partner.github.com/verification

You know where to reach us

As always, feel free to reach out to us for questions at partnerships@github.com or support.github.com

Happy coding!

Enterprises can limit to only actions created by Verified Creators: Admins have the ability to only allow GitHub Marketplace actions created by Verified Creators to be used by workflows. This is useful for Admins who want to ensure that only trusted Actions from the GitHub Marketplace are being used in their organizations.

Verified Publishers Rank Higher in search: The GitHub Marketplace is a great place for users to find Actions to use within their projects. Actions created by Verified Creators rank higher in search within the GitHub marketplace, which leads to higher visibility of those Actions.

Verified Creator badge builds trust with our community: Actions with the Verified Creator badge, indicate that GitHub has verified the creator of the action as a partner organization. This gives customers trust that the partner organization is a Technology Partner and has verified their domain, email and has a support contact with GitHub.

GitHub Advanced Security provides a native application security solution within the developer workflow, enabling organizations to manage open-source dependencies, custom code, and secrets across the software lifecycle. Automated security checks are run with every push and every pull request. Identified security issues are shared with developers immediately, with context, in their familiar workflow to empower them to fix vulnerabilities in minutes, not months

GitHub Advanced Security for Azure DevOps brings the same secret scanning, dependency scanning and CodeQL code scanning solutions already available for GitHub users and natively integrates them into Azure DevOps to protect your Azure Repos and Pipelines.

This is an opportunity for GitHub Technology Partners to extend their solutions to Azure DevOps. This announcement is the first step. In the next few weeks and months, the Technology Partnership and Engineering team will communicate with partners about their current or future integrations with Secret Scanning, Dependency Review, Code Scanning and Alerts experience.

We hope to be able to provide a meaningful set of features in the Private Preview that will highlight the partnership capabilities of GitHub Advanced Security on Azure DevOps.

You can read about the announcement in the Azure DevOps Blog and can sign up for the Private Preview.

For partners that would like to hear more about the latest news in the GitHub Technology Partner Program join us at GitHub Universe and Partner Connect.

@github Actions and Deploy Now are a match made in heaven!

Learn how the tool created by developers for developers is bringing together modern Git workflows and IONOS infrastructure.

➡️ https://t.co/j6yuAOgy8x pic.twitter.com/bFn2sq9wJW

— IONOS (@ionos_com) July 26, 2022

Monitor deployments and upload JavaScript source maps with https://t.co/ZvhN0GP9jC’s new GitHub Actions. Check out the details here: https://t.co/ic2MZIhyP8 @GitHubEnt #developerproductivity

Still haven’t set up @tryBearer on your codebases? Now you can enable Bearer's data discovery and risk management tool with our official GitHub Action. Read more about it on the blog: https://t.co/SOjEjtv7tX. Get the action now at https://t.co/OiwOwe2jlZ @GitHubEnt pic.twitter.com/naHIDCHv8e

— Bearer (@trybearer) June 30, 2022

Detect malicious build tools and packages in your GitHub Actions workflows using Harden Runner GitHub Action, available in the @github Marketplace @GitHubEnt. Blog post: https://t.co/JnekKCCfBi

— StepSecurity (@step_security) May 18, 2022

Go from brainstorming and planning to building with fewer steps in between with the new GitHub widget for FigJam!https://t.co/SRiheAuQOU pic.twitter.com/D3B1qLg2wH

— GitHub (@github) May 10, 2022