Comment by timrogers
2 months ago
Tim from the Copilot coding agent team here. We've now disabled these tips in pull requests created by or touched by Copilot, so you won't see this happen again for future PRs.
We've been including product tips in PRs created by Copilot coding agent. The goal was to help developers learn new ways to use the agent in their workflow. But hearing the feedback here, and on reflection, this was the wrong judgement call. We won't do something like this again.
> We've now disabled these tips in pull requests created by or touched by Copilot, so you won't see this happen again for future PRs.
It's appreciated, but these weren't tips, these were ads. Tips are "Save time with keyboard shortcuts" or "Check out the latest features under 'Whats New' in the help menu!" When you name other products, that's an ad.
That doesn't really make sense. So it's an ad for raycast? But raycast said they didn't know about it. To me the explanation makes perfect sense. "You can use this tool with raycast" seems like a very reasonable tip.
> That doesn't really make sense. So it's an ad for raycast?
It's an ad for using CoPilot and for Raycast.
> But raycast said they didn't know about it.
If I buy a billboard that tells people to go eat at a nearby restaurant, that's ad regardless of whether or not the restaurant knows that I bought that ad.
> To me the explanation makes perfect sense. "You can use this tool with raycast" seems like a very reasonable tip.
Raycast is a paid product. Even though they have a free tier, they only have that to get people to use and like the tool enough to pay for it. They want you to use Raycast so you use CoPilot and pay for it. It's an ad.
1 reply →
Tips are also not acceptable to add to PR text. It’s like the definition of a “weed”. A “tip” in the GitHub UI would make sense. But “tips” injected into my own PR text become unwelcome ads. In any case, what may be helpful “tips” today are only a gateway to straight up paid ads tomorrow. After all, I get told all the time by adtech folks that actually, the ads and all the tracking behind them are good because aren’t I glad the ads are relevant to my interests and that I’m supporting small businesses online whose shops can only exist because of the ad infrastructure. To which I say, no, they aren’t, and that’s a lie.
Cambridge Dictionary defines and ad as: a picture, short film, song, etc. that tries to persuade people to buy a product or service
My short search really didn't bring up any definition that included the need of the product/service owner knowning that the advertising is happening.
And the message very much qualifies as trying to bring people to buy raycast (or at minimum to use it which usually want people to also pay later on).
2 replies →
Bet their internal "tips team" used an LLM to generate "useful tips" for their coding agent system ;)
1 reply →
Tips don’t include links to unassociated paid products. Call it a promotion if you prefer, it’s still an unsolicited funnel
Just to add to the feedback.
No one, anywhere, ever wants this or anything like it. Do not inject anything that is outside of the context of the session, ever.
This is how you get your software banned at large companies.
Question for you, did anyone on the team really not push back? Does the team really think anyone wants ads in their copilot output? If the answer to both of these is no, you have a team full of yes men, not actual developers.
> did anyone on the team really not push back?
This is the real question. If they are serious about not doing something like this again, they NEED to look at what process failed and let something like this get proposed, designed, implemented and pushed to production. Usually things get reviewed at each stage. Did the people who pushed back on this get steam rolled? If no one pushed back, that's an even serious culture question and the entire org would need training.
A serious "we won't do it again", needs to be accompanied by a COE on this for identifying what went wrong, and identifying what guardrails can be put in place and then actually implementing them.
> did anyone on the team really not push back?
That's a tough one. In the big meeting? In the small meeting? "Officially" push back? Encouraged to make the push back unofficial? Etc. Even just internally, it can be hard to quantify. From internal > external, more so.
1 reply →
It seems like this was implemented as a way to insert tips, and then abused to insert ads, so the developers involved might not have been aware of that part until later?
They already know that nobody wants it. They don’t care.
They’re also developers and probably do care. I’d wager, as always, someone in management with bonus targets to hit probably told them to do it anyway. :/
> We won't do something like this again.
Microsoft has been pulling user hostile crap for decades, so either "we" or "like this" (or both) is probably not super accurate. ;)
Having worked in such environments. This particular team will try not to do it again But many other teams didn't make the commitment or learn any lesson. And even the original team will churn over people and people will forget or new leadership comes in.
I believe they were being sincere but reality is often more complicated than 1 persons statement.
We will never do something like this unless we get caught
Wait! I think most people missed your "touched by Copilot" disclaimer.
Over on twitter, someone from MS said that Copilot can modify PRs simply because they were mentioned?
I've been using GitHub since it was new and heavily rely on coding agents for development, but that's an insanely large security hole. There's clearly confusion about what copilot is and is not able to edit elsewhere in this thread.
I'm backing up old repos now, and am no longer trusting your service as an archive. I'm wondering if the world needs to fork things like npm and vs code to save itself from the supply chain attacks these sort of product management decisions will enable.
I already moved active development elsewhere when you dropped below three nines back in 2024-2025.
If you don’t want copilot to work on your PRs, don’t ask it to.
I would expect it to comment, not alter the code?
2 replies →
> We've been including product tips in PRs created by Copilot coding agent
If the PR is wholly authored by Copilot I get the spirit of this, although maybe not the best implementation. And "tips" like this that look like an ad for a product _definitely_ feel like an enshittification betrayal of the user, even if it was a genuine recommendation and not a paid advertisement.
In the OP's situation, where where Copilot was summoned to fix some thing within a human-authored PR, irrelevant modification of the PR description to insert unrelated content is specifically egregious. Copilot can easily include the tip in its own comment, so I'm curious why it was decided to edit the description of a PR instead.
Nah, PR text is a completely inappropriate place for a tip to appear. A PR description should describe the contents of the PR, not include unrelated, unsolicited advice. It’d be like submitting a bug fix, and saying “this PR fixes bug X, and also, have you considered using a different linter in this project?” Completely inappropriate.
To be honest, just a user here, it’s only recently (like a week?) you can ask Copilot to edit an existing PR, historically it’s had to open a new one (that merged back to original PR) or it had to make it to begin with, I can see this unintentionally happening as part of this improvement to edit existing PRs
Tip: tomatoes are on offer at Contoso now!
(Now imagine this edited into the post you just made for a more-apt comparison)
If you do work at MS, I cannot believe any person involved legit thought it was "just a tip and nobody will mind their posts being edited to include product recommendations". I don't know what other parts of your comment are honest if the core statement is false
> We won't do something like this again.
This has just as much value as when an LLM claims it won't make a certain mistake again, and for exactly the same reason.
Thank you, Tim.
You should gather together your team and look through the responses to this thread together. There are a lot of emotions in these comments, but it could be a very constructive experience if you're able to put that aside. I'm sure you're aware that customer-sentiment toward Github has been poor lately, but these commenters are your customers. I believe Github has the potential to win back loyalty, but it will require a deeper understanding of your customer segment.
I’m curious how the decision to include ads like this was made. Is that something you can share?
[flagged]
MS was deemed a Monopoly I believe around '99 and was not broken up, was instead given behavioral edicts by the court.
Microsoft owns GitHub where many of these ethical violations are easily found and were perpetrated.
I speculate the cultural safety around that monopoly-power for corporate-benefit behavior could still be present and accepted for negotiations between MS and acquisition targets.
Hi Tim,
I see that you're a product manager at GitHub. Can you explain why you thought this feature was value-added?
Whoever did this must have realised the users will hate it. So… is this just demonstrating that the internal culture emphasises other things than user happiness?
I also note that ”for PRs” - will we see these appearing as comments in generated code?
We don’t like ads, my man. There are too many MBAs in that company now. MBA holders lose contact with reality about halfway through that degree. Do not listen to them. They will destroy any product they touch if given enough time.
> The goal was to help developers learn new ways to use the agent in their workflow.
I appreciate the rest of your reply, but it would be generous to say you're stretching the truth here. Yes, the official MS statement is that these are "tips", but you, I, and everyone else here knows what this is.
"We won't do something like this again"
Sureeeeee
Will surely do something like another thing nobody wanted or needed instead.
Including ads in Copilot-generated content (that is clearly marked as such or approved by a human before being posted in their name) would be a bad judgement call. Adding ads to other people's human-written content, without their knowledge or informed consent, is a criminally bad judgement call if it was intentional. And I don't use the term metaphorically: You're impersonating other people to post your advertising in their name. You are pretending that Zach Manson finds your product so awesome that he includes a recommendation for it in PRs that he personally posts.
Imagine what Microsoft's lawyers would do to me if I made a billboard "<my random product> is awesome, use it -- Satya Nadella" and started sticking it all over the city.
I don't see any effort to remediate it. Have you informed people whose names you used to post the ads and offered them to remove the ads?
I know this is not the right place for this but if there's any chance you could send this link to someone internal at Github who knows how to fix this, that would be awesome! https://github.com/orgs/community/discussions/70577
It's only semi-related in that it's a similar string thats appearing in millions of repos due to a Github feature change, but it's now polluting Google search results with tons of duplicate URLs unnecessarily. Issue has 100+ votes but has been entirely ignored by Github team.
Who approved this dumbaz move? It’s clearly an Ad and calling it a tip is insulting
> The goal was to help developers
Is Microsoft receiving payments for these?
WE won't see it happen again ... UNTIL IT DOES! You guys are disingenuous actors. Bad faith and all that.
See, what I expect is that you or someone on your team will move on internally, and then all promises made will be not just forgotten, but tossed aside with relief. Because this is The Way within MS now. All projects are just fodder for your CV, and when you get that paybump/position you want some other completely unscrupulous actor will join and implement the same. exact. thing.
Edit: Wow this is a shitshow. It's almost like you dumb fuckers have burned up ALL THE GOODWILL YOU HAD LEFT.
Can I get that in writing in the ToS/EULA please?
For what it's worth, I appreciate that you took the time to address the issue and respond here, Tim.
This was obviously a terrible error of judgement. Will you be resigning over this?
You mean ads. Don't sugarcoat it. They are ads. Not tips. Ads.
So you continue to show ads to Copilt, just not to the user? If so, not a fix.
Shockingly poor judgment.
Thank you for listening.
I literally thought it was an early April fool's
mate nobody wants unwarranted tips. have you guys lost your mind
Huge miss. Again. And again. And again.
You may not want to do it, but will Microslop leadership agree? I don’t think this problem can be solved while leadership is focused only on adding more slop.
“We won’t do something like this again”
A verifiable claim! I put it at 75% you totally will, but if any manifolders think I’m full of it it should converge to something less cynical
https://manifold.markets/HastingsGreer/will-microsoft-copilo...
Don’t worry, some alternate interpretation of the words “we”, “do”, or “like this” will allow a welch.
> A verifiable claim!
Once you put a deadline on it. As stated I don’t think it is.
I mean its microslop, it'll probably be back by the end of the week. They only know how to let people to say "yes" or "ask again later"
[flagged]
Please see https://news.ycombinator.com/newsguidelines.html
GP did not personally attack or denigrate the person they were replying to.
As the dozens of other comments show, the overwhelming majority of us do not believe the root commentors claims, and this PM quite objectively does not have the leverage and authority to back their claim that they won’t let this happen again.
It’s hard not to read your conception of “trying for something different” as granting undue credulity to a transparently dishonest corporate actor.
7 replies →
> But hearing the feedback here, and on reflection, this was the wrong judgement call
Hi Tim.. Why is there no pushback from grounded individuals against these decisions ?
I'm sure there was push-back, but only inside the minds of the rank-and-file. Nobody would have dared to actually speak out against it, as it would be career limiting. That's probably how a lot of these boneheaded decisions happen: It's an Emperor's New Clothes situation, nobody speaks up, and then the emperor is satisfied that the decision is great.
> We won't do something like this again.
It's like you hiding shorts on youtube.
For some reason I don't believe you. When you do things like this, you lose trust. Work to get it back
Hi Tim, it's Jim, your manager. Please stick to the officially released statement:
"We tried to put ads in our product and it made people upset, upon realizing that this has angered our already paying users, we realize we should try again in a month. We're also aware GitHub is down, and are doing our best to deliver you a single 9 of reliability"
This helps us establish a strong, cohesive brand image inline with what customers of GitHub expect.
---
Edit: I don't mean anything bad to Tim here, seems like a nice guy with good technical experience, etc. Rather, I'm expressing the almost comical extent to which I and - to the best of my understanding - many other community members see GitHub in a very negative light now, being unreliable and, as the article points out, enshitified. So, this is at GitHub, Not Tim, it's just addressed to him for the bit.
Tim, I do actually appreciate you responding to this thread and if you do have the power to make things better, using that power to do so.
> We won't do something like this again.
it won't be an ad. It won't be a tip. It will be a suggestion! Recommendation! Opportunity!
Be like Discord, call it a “Quest”.
[flagged]
[flagged]
This feels a bit threatening. Just want to call it out. I also disagree with the decision but I respect that someone came forward and took responsibility. That helps build our shared understanding of what happened. It’s hard and not something we should discourage.
I feel threatened by Product placements disguised as "Tips".
We're not remotely even.
How is that "threatening"? Genuinely curious.
1 reply →
[flagged]
Please don't attack people for showing up to engage in discussion like this. I'm sure you don't intend to, but it quickly becomes part of mob behavior. We don't want that on HN for obvious reasons, and I'm sure nobody intends it, exactly, but it happens all too easily anyhow.
https://news.ycombinator.com/newsguidelines.html
Absolutely my bad it came across like this.
3 replies →
>It’s rather bold to post here…
it is rather nice, honestly. would you prefer to scream into the void and not get any response at all?
an open line of communication with the responsible people seems like literally the best possible option, why are you actively discouraging it?
>Maybe you all want to talk to Microsoft PR/legal before posting?
you would rather not hear anything, or get word-salad legalese that doesnt mean anything? how exactly would that be better?
>would you prefer to scream into the void and not get any response at all?
At this point, yes. What has false platitudes done except cause more in-fighting?
>an open line of communication with the responsible people
And here's how the in-fighting begins. I'm not falling for the "they responded on social media. They're just like us!" anymore.
I don't want words, I want actions. Tired of playing whack a mole.
>you would rather not hear anything, or get word-salad legalese that doesnt mean anything?
Hearing nothing doesn't waste my time.
2 replies →
I’m not intentionally discouraging it.
The responses are affecting my impression of Microsoft and Github extremely negatively. I don’t think I am alone.
It’s already pretty word salad legalese in my opinion, at least from Github.
We are not training on the contents of private repos, but we do plan on training on usage data with Copilot unless you opt out before April 24. Details here: https://github.blog/news-insights/company-news/updates-to-gi...
That post has a link to the FAQ which might also be helpful: https://github.com/orgs/community/discussions/188488
> We are not training on the contents of private repos
Supremely ethical of you to ignore the license terms of open source code, but respect the license for proprietary code.
This too is creepy.
The behavioral impositions by the court in the United States versus Microsoft trial discourage it from Monopoly behavior by opening third-party apis to competitors.
Q: Will Microsoft share its access to users private repos where they have not opted out of this training via its GitHub subsidiary, with third parties (eg OpenAI and Anthropic), in the spirit of its loss to the United States during its trial for Monopoly behavior?
Eg ethically today, Microsoft may be able to be argued to be monopolizing user data for its own AI tooling advantage.
Why such strong opposition to getting user consent before doing any of this? Not respecting consent seems to be a very common theme with MS these days, and it really doesn't reflect well on the company or you personally.
1 reply →
Opt out is the same as forcing this on people that don’t want it. You know this.
Microslop proving their name time and time again.
why not make it opt-in?
and I wonder if this opt-out applies to data we stored under your umbrella before having opted-out.
What am I supposed to opt out of? The only setting in "Privacy" is "Suggestions matching public code" which is blocked and seems wholly unrelated to this.
How much has Microsoft paid you to sell your soul?
Yes or No: Hypothetically I put customer data in a private repo, a single file. I use copilot to analyze the file, submitting its contents to that backend. This is the only thing in the repo. Is that data collected and trained on? If the answer is not no, you are lying about what this opt in is.
Opt out is horse shit
IANAL I wonder how that is legal in the EU, at least for private individuals, since under the GDPR you need consent for collecting such data. (A timed opt-out is not consent.)
I’ve felt similarly about moving off GitHub. I bought a small 5U server rack years ago for my home network setup.
I’m considering getting a 1U device to host my own git server. I feel like if I move off, I should do it generally vs just moving to another provider who may also pull shenanigans.
For low-resource usage, Forgejo has a good reputation: https://forgejo.org
ie you can run it effectively on even a Raspberry Pi
Remember to ensure you have proper backups regardless of whatever you decide to host it on. :)
1 reply →