GitHub Copilot: StrictKnownMarketplaces for Plugin Control

Enterprises can now control which plugins users install in GitHub Copilot CLI and VS Code. This new setting, called strictKnownMarketplaces, is now in public preview. Here's how it works: adding strictKnownMarketplaces to enterprise-managed settings.json means Copilot will only allow plugins from marketplaces you've specifically defined. GitHub Copilot automatically applies these settings for users licensed through Copilot Business or Copilot Enterprise accounts. What's interesting is this directly enforces client governance before tool execution. It removes the risk of users installing untrusted plugins. This update expands on previously launched enterprise-managed plugin capabilities for Copilot CLI and VS Code. This matters because it gives organizations more security and control over their development environments.