MMS • Matt Campbell
Article originally posted on InfoQ. Visit InfoQ
GitHub has announced Copilot for Business, a business plan for their OpenAI-powered coding assistant Copilot. The release follows a recent class action lawsuit against Microsoft, GitHub, and OpenAI for violating open-source licenses.
Copilot was made generally available back in July of 2022. The tool is powered by the artificial intelligence model OpenAI Codex which was trained on tens of millions of public repositories. Copilot is a cloud-based tool that analyzes existing code and comments and provides suggestions for developers.
Copilot for Business provides the same feature set as the single license tier. It also adds license management and organization-wide management capabilities. With license management, administrators can decide which organizations, teams, and developers receive licenses. GitHub has also stated that with Copilot for Business they “won’t retain code snippets, store or share your code regardless if the data is from public repositories, private repositories, non-GitHub repositories, or local files.”
According to GitHub, the organization-wide management capabilities will include being able to block Copilot from suggesting codes matching or nearly matching public code found on GitHub. This feature introduced back in June, blocks suggestions of 150+ characters that match public code. GitHub does warn that around 1% of the time a suggestion may contain code snippets longer than 150 characters.
However, Tim Davis, Professor of Computer Science at Texas A&M, has reported that GitHub Copilot has produced “large chunks of my copyrighted code, with no attribution, no LGPL license” even when the block public code flag is enabled. This is not the only controversy surrounding the tool.
In November of 2022, a class action lawsuit was launched against Microsoft, GitHub, and OpenAI. Submitted by Matthew Butterick and the law firm Joseph Saveri, the lawsuit claims that Copilot violates the rights of the developers whose open-source code the service is trained on. They claim that the training code consumed licensed materials without attribution, copyright notice, or adherence to the licensing terms.
Butterick writes that “The walled garden of Copilot is antithetical—and poisonous—to open source. It’s therefore also a betrayal of everything GitHub stood for before being acquired by Microsoft.”
Alex J. Champandard, Founder of creative.ai, agrees with Butterick that licensing should have been respected:
CoPilot is bold [and] innovative IMHO, but could have been equally transformative if they had obtained consent or respected the licenses — which would have been comparatively straightforward to achieve given their budget.
However, many users report how beneficial Copilot has been to their productivity. On Reddit, user ctrlshiftba shares that Copilot is “really good at [boilerplate]. When it’s working at it’s best it’s acting like an autocomplete with my code.” Alexcroox on Reddit agrees, “a lot of time it makes me faster just by autocompleting based on my current code base and code I’ve been writing that day.”.
GitHub does warn that “the training set for GitHub Copilot may contain insecure coding patterns, bugs, or references to outdated APIs or idioms.” They state that the end-user is responsible for ensuring the security and quality of their code, including the code generated and suggested by Copilot.
Some legal experts have argued that Copliot could put companies at risk if they unknowingly use copyrighted suggestions or code pulled from a repository with a copyleft license. GitHub has stated that they will introduce new features in 2023 that help developers have an understanding of code similar to the suggestion found in GitHub public repositories as well as the ability to sort that by license or commit date.
Copliot for Business is available now and is priced at $19 USD per user per month.