Why does GitHub Copilot need read/write access to private repositories?

[ayaankazerouni]

Select Topic Area

Question

Body

Hello! I'm seeing the following authentication pop-up in VSCode for GitHub Copilot Chat, which is an extension pack that appears to have GitHub Copilot as its only extension. I've had Copilot installed, but I haven't seen this pop up before, so I assume it's part of a recent update.

If I click "Allow", I am taken to the following authentication screen, where I am asked to provide read and write access to public and private repositories owned by me or the organizations I'm part of.

So I have a few questions that I'm hoping someone can shed some light on. Thanks!

1. Why does the VSCode Copilot extension need write access to my repositories on GitHub? One would expect a VSCode extension to only need write access to files in VSCode.
2. Why does it need any access to my private repositories on GitHub? The extension README links to this Privacy Policy, but I didn't see any details about GitHub Copilot's usage of private repository access.
3. How can I only provide access to my repositories, and not those of organizations to which I belong?
   • For starters, I am not the owner (just a member) of many of the organizations listed on the authentication page, so it's not appropriate for me to make that choice one way or another.
   • Second, I use GitHub Classroom in classes that I teach, which means hundreds of students' submissions are housed under GitHub organizations that I own. I do not want to provide access to those repositories to Copilot, but I don't see any controls for disallowing that access for particular organizations.

I'd appreciate any help or guidance. Thank you!

[all-iver]

Edit - I think this is the relevant GitHub issue: microsoft/vscode-copilot-release#813

For anyone looking for a workaround for Copilot (not chat), I installed the older version (1.156.0) of the GitHub Copilot extension and it works again without asking for these new permissions. You can also install an older version of the GitHub Copilot Chat extension to get it to stop bugging you, but it seems that it's broken - I don't want to use it anyway, but you can't install one without the other.

The only information I can find is in the VS Code 1.86 notes, where it says "To enable additional workspace search features for private repositories, we require additional permissions." I don't understand what that means, or what that feature is supposed to do, but it seems like this extension is now asking for basically every possible permission when previously it just needed my email address. I agree with what @ayaankazerouni said above about granting full permissions to repos I don't even own, or my company's repos.

[vdods]

Can confirm that 1.156.0 works without additional permissions.

I'll second the OP. Copilot is a tool for the project you're working on locally. That should work regardless of use of git or github (except for the authentication required to use Copilot in the first place), and should not need to know anything about any of your repositories anywhere, let alone gain write access to them. It should operate on code through VSCode, not through github.

Copilot should roll back that access requirement.

[ianb-mp]

I just tried 1.156.0 and it is asking for read + write access to all my repositories.

[ramesh2051]

[queenofcorgis]

@ramesh2051,

We’ve clarified our stance on using generative AI tools like ChatGPT within our Community via this announcement. Please review the guidelines to ensure your post meets them as failure to adhere to those rules can result in action taken by our moderator team.  You can read our updated Code of Conduct and the announcement for more details. Thank you for helping us maintain an authentic and beneficial space for everyone.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[dandv]

I'm still running into this issue while trying to install GitHub Copilot v1.194.0.

I didn't have this problem installing the GitHub Copilot extension for WebStorm, so I've switched to WebStorm.

[demirelcaner]

did they fixed this with free base plan upgrade?

[mannprerak2]

Nope, just thought I'll try copilot but stopped since they are asking for too many permissions

[archimedesdisciple]

Sorry Im late to the party, but I definitely have the same concerns if not many more. Im downright paranoid when it comes to anything pertaining to microsoft after actually reading the whole user agreement that came out last October I think it was? Its something that you would think came straight out of North Korea, I mean they lay claim to literally EVERYTHING that is done on your PC if its running Windows OS. Which isnt surprising considering they went from hawking people on their Keys to pass them out like candy on Halloween. One thing that will never ever change is that nothing is ever free, if you get it for free then you and your data is the cost and thats with everything from Windows to a Kroger+ card. The way were having our privacy taken bit by bit is terrifying to think about the long term ramifications. If you dont fight for it every second on a pc or device theyll take it. I know this is a long rant, but I am 100% positive that it gets sold and consolidated, sold and consolidated, on and on and ends up in Chinas server farm, probably the NSA's as well. Scary to think of how it could be weaponized.

[Kirow]

Having this issue on Insiders build:

Version: 1.97.0-insider
Commit: c594d55bae90276d174cea4ddf2901694d4ebb3e
Date: 2025-01-14T05:04:07.371Z
Electron: 32.2.7
ElectronBuildId: 10660205
Chromium: 128.0.6613.186
Node.js: 20.18.1
V8: 12.8.374.38-electron.0
OS: Darwin x64 24.2.0

I don't want to grant such level of permissions (and actually I don't need any AI on GitHub side, just with local code). But popup appear again and again.

[brandon-williams-t2]

Just started getting prompted with this myself. GitHub is insane thinking I'd provide this permission. Guess I'm moving on to try one of the ChatGPT plugins for VSCode. I just finally started paying $20 for it anyway. Tried to see if GitHub Copilot would let me plug it in, but doesn't look like it. Though a moot point with this permissions issue anyway.

[archimedesdisciple]

our privacy is being raped, every day it gets worse and big corporations now think theyre entitled to it. One site alone 300 different data firms jump in the cookie jar if you arent watching. Privacy is being stolen from everyone by a simple slight of hand. Stay vigilant my friends.

[mcissel]

I'm part of some organizations for which I'm contractually bound not to install tools like this. So, because this is asking for full control of all my repos and all repos of organizations I have access to, I can't install this. I just want to try it out on my public or personal-private repos, 🤷.

[FlorianLiebhart]

Sadly now I don't want to use Copilot any more because of this. I don't want Copilot to have these kinds of permissions, that is just nuts.

[Akash1134]

Hi All,

Thank you for your ongoing feedback regarding GitHub Copilot permissions. We understand the concerns raised about Copilot requesting read/write access to private repositories.

Why These Permissions Are Requested

Copilot's enhanced workspace search capabilities for private repositories require these permissions to provide context-aware suggestions. These features help Copilot understand your codebase more deeply, resulting in more tailored and relevant suggestions.

Important Clarifications

1. Limited Usage: While the permission request appears broad, Copilot only accesses repositories you're actively working with in VS Code.

2. Data Privacy: Repository content accessed via these permissions is not used to train the underlying Copilot models. It's only used to provide you with contextual suggestions during your current session.

3. Alternative Options:

   • Users who prefer not to grant these permissions can still use Copilot with reduced functionality
   • Organization administrators can control which repositories are accessible to Copilot through organization settings

Improvements We're Making

Based on your feedback, we're working on:

• More granular permission options to allow selection of specific repositories
• Clearer documentation explaining exactly how these permissions are used
• Organization-level controls for administrators to manage Copilot access

We value your privacy and security concerns, and we're committed to making Copilot both powerful and respectful of your data boundaries. Thank you for helping us improve.

For more detailed information, please visit our documentation on Copilot privacy and permissions.

[brianzinn]

Thanks. I am also unable to grant these broad permissions, but because it is requesting permission to an org I am part of. I do not want to ask the org to opt me out.

[mooSylla]

What bothers me more is the write access why does Copilot need to write anything to my/org repos ??

[TheObliterator]

Completely agree, this is blocking me from evaluating Co-Pilot.

I cannot give it access to all of my repositories as this breaches NDAs - I need more granular control.
The privacy link you give is inadequate - it mentions not using my data but then calls out items like my prompts and snippets. If its going to call out elements in this way, I would prefer it explicitly reference what it will do with code in my repos (both public and private) - I don't care about snippets. The broad data statement is good but it needs to be much clearer in what data its looking at and how it will be used - specifically in reference to code in my repos.

I would also like a clearer explanation how Co-Pilot works with various models and how my data will be used. For example if I use Claude how is my code used, will it be used for training? Is data passed to them and subject to their terms, or is Github/MS running their own instances of Claude.

Also why does Co-Pilot need access my to SSH keys to make code suggestions? Madness. Please give me control over this - ask when needed.

You say "Users who prefer not to grant these permissions can still use Copilot with reduced functionality"... How exactly? It doesn't seem possible to sign-up without granting full access to everything. If I press cancel, I end up at an error page.

I hope you fix theses issues as the product looks to have great potential. Currently, I need to create a burner GitHub account to evaluate Co-Pilot or continue to use other tools which give me better control.

[Kirow]

Copilot's enhanced workspace search capabilities for private repositories require these permissions to provide context-aware suggestions. These features help Copilot understand your codebase more deeply, resulting in more tailored and relevant suggestions.

Ok, but why write permission? I'm always paranoid about that. It may trash something and I will not even notice until I will need it. "context-aware suggestions" is good, but I don't want any modifications to be made outside my local computer. Even if no changes are intended to be made, the permissions still allow it. This was main concern for me.

[ayaankazerouni]

Thanks for those clarifications @Akash1134. I would appreciate an update when there are more granular organization-level controls.

While the permission request appears broad, Copilot only accesses repositories you're actively working with in VS Code.

That is good to know, but that can't really be how Terms of Service work. It is not sufficient to say "enter an agreement that broadly protects us from wrongdoing, and it'll be okay because we promise not to do anything wrong".

[davidcozsmith]

There is a huge disconnect here. The problem is we do NOT want "context-aware suggestions" on ALL our private repos. We want "context-aware suggestions" on SOME repositories, not ALL repositories. Your email sounds like you think we want copilot features without providing access to copilot. NO ONE asked for that. What we want is the ability to use copilot on the repos where we CAN/DO WANT, and to NOT use it on the ones where we CANNOT/DO NOT WANT copilot. How is that hard to understand? You state: "Copilot's enhanced workspace search capabilities for private repositories require these permissions to provide context-aware suggestions. These features help Copilot understand your codebase more deeply, resulting in more tailored and relevant suggestions."

…

________________________________ From: Akash ***@***.***> Sent: Thursday, April 24, 2025 6:07:53 AM To: community/community ***@***.***> Cc: David (Coz) Smith ***@***.***>; Manual ***@***.***> Subject: Re: [community/community] Why does GitHub Copilot need read/write access to private repositories? (Discussion #106551) Hi All, Thank you for your ongoing feedback regarding GitHub Copilot permissions. We understand the concerns raised about Copilot requesting read/write access to private repositories. Why These Permissions Are Requested Copilot's enhanced workspace search capabilities for private repositories require these permissions to provide context-aware suggestions. These features help Copilot understand your codebase more deeply, resulting in more tailored and relevant suggestions. Important Clarifications 1. Limited Usage: While the permission request appears broad, Copilot only accesses repositories you're actively working with in VS Code. 2. Data Privacy: Repository content accessed via these permissions is not used to train the underlying Copilot models. It's only used to provide you with contextual suggestions during your current session. 3. Alternative Options: * Users who prefer not to grant these permissions can still use Copilot with reduced functionality * Organization administrators can control which repositories are accessible to Copilot through organization settings Improvements We're Making Based on your feedback, we're working on: * More granular permission options to allow selection of specific repositories * Clearer documentation explaining exactly how these permissions are used * Organization-level controls for administrators to manage Copilot access We value your privacy and security concerns, and we're committed to making Copilot both powerful and respectful of your data boundaries. Thank you for helping us improve. For more detailed information, please visit our documentation on Copilot privacy and permissions<https://docs.github.com/en/copilot/overview-of-github-copilot/about-github-copilot-telemetry>. — Reply to this email directly, view it on GitHub<#106551 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AGCE2AJM7MZLCSGBCD3EVOT23DHZBAVCNFSM6AAAAABUAYCHP2VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTEOJTGQ2TSNA>. You are receiving this because you are subscribed to this thread.

[archimedesdisciple]

Iook at all of the things you are asking to view and MANAGE! Why do you need to manage or write access to anything??? Organisation's attributes, resources, and projects?? Why do you need any right on an entire organizational level? People are done being pushed around and forced to agree to these outlandish terms and being forced to give up rights. I think you all are forgetting that you are the ones trying to sell something and we are the buyers with all of the rights which you are trying to sell your product to. If we don't buy them you don't exist and code will continue to be written with or without your product. This small print "gotcha" hour long terms and conditions with sketchy cluases throughout is waaaaay out of hand and I for one will no longer be agreeing to anything that's so lengthy I refuse to read.

…

On Mon, May 5, 2025, 11:40 AM Moo ***@***.***> wrote: What bothers me more is *the write access* why does Copilot need to write anything to my/org repos ?? — Reply to this email directly, view it on GitHub <#106551 (reply in thread)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/BHZFCXD3MAK5U6UNJX73CUT246A7HAVCNFSM6AAAAABUAYCHP2VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTGMBUGEYTQMI> . You are receiving this because you commented.Message ID: ***@***.***>

[archimedesdisciple]

Any idea of how many people who do this for a living that spent countless hours learning that have been or about to be put out of a job because of products just like this? Products that were trained on data scraped from them without their permission and will continue to be trained on data from anyone who does or does not agree to these terms? That's not enough though, now you are asking legal permission after the fact to view while asking them to pay you to do it? Do you know how insane that is? That's what's happening here. On Wed, May 7, 2025, 11:50 AM Jay Wilkinson ***@***.***> wrote:

…

Iook at all of the things you are asking to view and MANAGE! Why do you need to manage or write access to anything??? Organisation's attributes, resources, and projects?? Why do you need any right on an entire organizational level? People are done being pushed around and forced to agree to these outlandish terms and being forced to give up rights. I think you all are forgetting that you are the ones trying to sell something and we are the buyers with all of the rights which you are trying to sell your product to. If we don't buy them you don't exist and code will continue to be written with or without your product. This small print "gotcha" hour long terms and conditions with sketchy cluases throughout is waaaaay out of hand and I for one will no longer be agreeing to anything that's so lengthy I refuse to read. On Mon, May 5, 2025, 11:40 AM Moo ***@***.***> wrote: > What bothers me more is *the write access* why does Copilot need to > write anything to my/org repos ?? > > — > Reply to this email directly, view it on GitHub > <#106551 (reply in thread)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/BHZFCXD3MAK5U6UNJX73CUT246A7HAVCNFSM6AAAAABUAYCHP2VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTGMBUGEYTQMI> > . > You are receiving this because you commented.Message ID: > ***@***.*** > com> >

[davidcozsmith]

I have an idea: Microsoft should in turn give us all permission into all Microsoft private repositories. We can even promise not to actually use the access - just give us permission to do it if we wanted to, and we'll all promise not to.

…

________________________________ From: Ayaan Kazerouni ***@***.***> Sent: Tuesday, May 27, 2025 3:09:19 PM To: community/community ***@***.***> Cc: David (Coz) Smith ***@***.***>; Manual ***@***.***> Subject: Re: [community/community] Why does GitHub Copilot need read/write access to private repositories? (Discussion #106551) Thanks for those clarifications @Akash1134<https://github.com/Akash1134>. I would appreciate an update when there are more granular organization-level controls. While the permission request appears broad, Copilot only accesses repositories you're actively working with in VS Code. That is good to know, but that can't really be how Terms of Service work. It is not sufficient to say "enter an agreement that protects us from wrongdoing, and it'll be okay because we promise not to do anything wrong". — Reply to this email directly, view it on GitHub<#106551 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AGCE2AJCUV55UU5NCZCEY4L3ATH77AVCNFSM6AAAAABUAYCHP2VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTGMRYHA3TQNQ>. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[f-villalobos]

love it.

[RyszardRzepa]

How to disable this prompt in copilot chat?!
I don't want to see it ever again :D

I click "Never ask me again" all the time. It popup almost every single time. Wtf. Do copilot try to brute force it?

To get more relevant Copilot Chat results, we need permission to read the contents of your repository on GitHub.

[simon-robertson]

I am not using using Copilot in VS Code (or in any other editor) because if this, the permissions the extension wants is ridiculous. If I want to allow Copilot to access a specific repository I should be able to grant that permission on a per-repository basis, with options for "read" and "read-write", when needed

On a more positive note Copilot has not asked for full administrative access, not yet at least

[danieltodor]

I made a secondary empty github account just because of this. And guess what: the extension still works perfectly fine without any access to repositories and settings.

It's absolutely insane that in order to use copilot chat, i need to give it full control over my account, all repositories, settings, and whatnot. Even if there are features that require this, users should be able to decide what permissions they want to give.

To be honest i wouldn't even give it read permission to repositories/settings. The files are already on my computer. Why would it need to access the remote repository to suggest a completion, or answer a question?

[ta32]

Why does it need permissions like deploy keys if all it needs is context. Other copilot extensions do not request these kind of permissions.

[alex-tsbk]

Same here. I just created a dummy account on github with no access to anything, because this all "we only need to understand your repo structure" tales are good till they have first major data breach, and all private repose end up being in public access. Also, half of that stuff is not mine, and neither I want to be liable for it. Moreover, we've looked through org settings - and there is no way to deny copilot access from the organization settings page. This is super unfriendly, but.. it is what it is. Creating dummy github account only takes few minutes.

[tendermonster]

Same issue here. It's really scary that microsoft asking for such permission where as I see it the copilot is primeraly used to work locally on vscode. Is it possible to move subscription to new dummy github account ?

[dfbaskin]

Why does GitHub Copilot need all these god-like permissions to read/write all my private repos, organizations I'm involved with, my build pipelines? It doesn't make sense.

The popular Nx build tools got hit, back in August, by malware that used AI tools to rename GitHub repos and make private repos public.
https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware

There's got to be a better way to do this. Creating a separate GitHub account with no repos or organizations isn't really the right answer.

[tendermonster]

Why does GitHub Copilot need all these god-like permissions to read/write all my private repos, organizations I'm involved with, my build pipelines? It doesn't make sense.

The popular Nx build tools got hit, back in August, by malware that used AI tools to rename GitHub repos and make private repos public. https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware

There's got to be a better way to do this. Creating a separate GitHub account with no repos or organizations isn't really the right answer.

Due to such microsoft policies I have moved to gitea that i host myself while also moving from vscode to codium. This whole thing of data stealing make zero sense to me

[clouds56]

An workaround to this might like:

1. turn on Backup and Sync Settings (optional uncheck all sync data)
2. sign in with your github account with copilot access (this would only ask permission for email address, no private repo needed)
3. turn off Backup settings.