← Stackzilla Blog

GitHub Copilot: The AI Coding Assistant That Started the Category

Published July 21, 2026 · 11 min read · GitHub Copilot, AI coding, developer tools, copilot, code generation

GitHub Copilot launched in 2021 and built the AI coding assistant category. With 1.8M paid subscribers and controlled research showing 55% faster task completion, it is the market leader — but also the most studied for security vulnerabilities in its generated code.

GitHub Copilot did not invent AI code completion — tools like Kite and Tabnine preceded it — but it industrialised the category. Launched in technical preview in June 2021 and made generally available in October 2021, Copilot was the first AI coding tool to reach massive scale, backed by the combined weight of Microsoft, GitHub, and OpenAI. By the end of 2023, GitHub CEO Thomas Dohmke had announced 1.8 million paid subscribers, and Copilot had become the reference point against which every other coding assistant is measured. ## What GitHub Copilot Is Copilot is an AI pair programmer integrated directly into code editors. It watches what you type, reads the surrounding context, and suggests completions — anything from a single line to an entire function to a block of boilerplate. It is powered by models built on OpenAI infrastructure; the original Codex model has been succeeded by GPT-4-class models tuned specifically for code generation. The Microsoft-GitHub-OpenAI relationship that produced Copilot is worth understanding. Microsoft acquired GitHub for $7.5 billion in 2018. Microsoft invested $1 billion in OpenAI in 2019, and committed a further $10 billion in 2023. Copilot sits at the centre of that bet: it is GitHub's primary commercial product, OpenAI's most visible applied deployment, and Microsoft's evidence that AI can pay off its investment in real products used by real developers every day. ## The Research on What Copilot Actually Does Copilot has been studied more rigorously than any other AI coding tool, which is one advantage of being the market leader. A controlled experiment published in 2022 by GitHub researchers, and replicated by independent researchers at Peng et al. (published in a 2023 ACM study), found that developers using Copilot completed a web server implementation task 55.8% faster than developers without it. The task was well-defined, the completion criteria were objective, and the result has held up to scrutiny. Routine coding tasks — writing functions with clear inputs and outputs, generating test boilerplate, implementing standard patterns — get done faster with Copilot. An Accenture study published in 2023, which surveyed developers across multiple enterprise clients, found that 90% reported Copilot helped them complete tasks faster, and 67% said it helped them focus on more satisfying work — a proxy for offloading boilerplate so developers could spend more time on non-trivial problems. GitHub's own 2022 analysis of repositories where Copilot was enabled found that approximately 46% of new code in those repositories was written by Copilot. That figure is contested — it depends heavily on the type of code and the workflows of the developers measured — but directionally it reflects the tool's actual penetration into daily coding practice. ## Strengths **Breadth of IDE support.** Copilot works in VS Code (the market-leading editor), Visual Studio, JetBrains IDEs (IntelliJ, PyCharm, WebStorm, GoLand, Rider, and others), Neovim, Xcode via extension, and Azure Data Studio. This covers the tooling stack of the overwhelming majority of professional developers. **GitHub integration.** For teams using GitHub for version control, Copilot integrates directly into pull requests (suggesting summaries and reviewing diffs), GitHub Actions, GitHub.com itself, and the GitHub CLI. No other tool matches this depth of integration with the platform that hosts the majority of the world's open-source code. **Maturity and reliability.** Copilot has been in production at scale for three years. Its latency, uptime, and consistency of completions are well-established. Newer tools may offer more impressive features in demos; Copilot's advantage is that it works predictably across a wide range of languages and frameworks without requiring significant configuration. **Copilot Chat.** Integrated chat within the editor allows developers to ask questions about their codebase, request explanations of unfamiliar code, ask for tests to be generated for selected functions, and get debugging help without leaving the editor. Copilot Chat was added in 2023 and has improved consistently since. **Multi-feature expansion.** Copilot has expanded beyond inline completion into Copilot for CLI (command-line completions and explanations), Copilot in the GitHub.com PR interface, and Copilot Workspace (an experimental multi-step agentic environment for completing larger coding tasks). ## Weaknesses **Security vulnerabilities in generated code.** This is Copilot's most documented weakness. A 2022 study from Stanford University found that code written with AI assistance contained more security vulnerabilities than code written without it. A New York University study in 2023 found that approximately 40% of Copilot-generated code samples contained at least one security vulnerability from the Common Weakness Enumeration (CWE) list. Common issues include hardcoded credentials, SQL injection vulnerabilities, buffer overflows in systems code, and path traversal vulnerabilities. Copilot does not run security analysis on its own suggestions. Developers who accept Copilot completions without review are accepting unknown security risk. **Hallucinated APIs and outdated patterns.** Copilot's training data has a knowledge cutoff, and it will confidently suggest APIs that have been deprecated or functions that do not exist in the version of a library a project is using. This is not a rare edge case — it is a routine occurrence, particularly for frameworks that evolve quickly. Developers unfamiliar with a framework are least equipped to catch these errors, which is also when they are most likely to be using Copilot. **Context limitations.** Copilot primarily operates on the current file and a limited window of surrounding context. Large, complex codebases with intricate interdependencies between files are not well-served by this model. Copilot can suggest code that compiles but violates the architectural assumptions of the codebase it is being added to. This limitation has been partially addressed in newer versions but remains a meaningful constraint. **Cost at enterprise scale.** At $19/user/month for the Business tier and $39/user/month for Enterprise, Copilot is not cheap for large teams. A 500-person engineering organisation pays between $114,000 and $234,000 annually. The productivity claims need to hold up at that cost level, and while most organisations that have evaluated it say they do, the enterprise procurement process for Copilot involves a genuine ROI calculation. ## Pricing - **Free tier** (launched 2024): 2,000 completions per month, 50 chat messages per month. Aimed at students and independent developers. - **Individual**: $10/month — unlimited completions and chat. - **Business**: $19/user/month — team management, audit logs, policy controls. - **Enterprise**: $39/user/month — Copilot knowledge bases (allows training on internal code), GitHub.com integration, and additional controls. ## Who GitHub Copilot Is Best For Copilot is the right default choice for teams already deep in the GitHub ecosystem, for organisations that need broad IDE coverage without forcing a tool change on developers with varied setups, and for developers doing straightforward feature development where the productivity gains from inline completion are most pronounced. It is the market leader not just by adoption but by the coherence of its integration with the tooling chain that most professional developers already use.

Read the full article on Stackzilla →