Security News > 2023 > February > GitHub Copilot update stops AI model from revealing secrets
GitHub has updated the AI model of Copilot, a programming assistant that generates real-time source code and function recommendations in Visual Studio, and says it's now safer and more powerful.
CoPilot will introduce a new paradigm called "Fill-In-the-Middle," which uses a library of known code suffixes and leaves a gap for the AI tool to fill, achieving better relevance and coherence with the rest of the project's code.
GitHub has updated the client of CoPilot to reduce unwanted suggestions by 4.5% for improved overall code acceptance rates.
"When we first launched GitHub Copilot for Individuals in June 2022, more than 27% of developers' code files on average were generated by GitHub Copilot," Senior Director of Product Management Shuyin Zhao said.
"The new system leverages LLMs to approximate the behavior of static analysis tools-and since GitHub Copilot runs advanced AI models on powerful compute resources, it's incredibly fast and can even detect vulnerable patterns in incomplete fragments of code," Zhao said.
The appearance of these secrets in CoPilot's code suggestions has caused fierce criticism from the software developing community, with many accusing Microsoft of using large sets of publicly available data to train its AI models with little regard to security, even including sets that mistakenly contain secrets.