Skip to content

Add automatic code review instructions to copilot-instructions.md#15

Merged
SureshKViswanathan merged 2 commits into
mainfrom
copilot/update-copilot-instructions
Feb 15, 2026
Merged

Add automatic code review instructions to copilot-instructions.md#15
SureshKViswanathan merged 2 commits into
mainfrom
copilot/update-copilot-instructions

Conversation

Copilot AI commented Feb 15, 2026

Copy link
Copy Markdown
Contributor

Adds guidance for Copilot agents to use automated code review and security scanning tools before finalizing tasks.

Changes

  • New "Automatic Code Review" section — Documents the workflow for using code_review tool: when to run it, how to handle feedback, and when to re-run after significant changes
  • Security scanning step — Adds codeql_checker as a follow-up step after code review
  • Updated checklist — Adds two verification items for code review completion and security scan

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Co-authored-by: SureshKViswanathan <257696045+SureshKViswanathan@users.noreply.github.com>
Copilot AI changed the title [WIP] Update Copilot instructions for automatic code reviews Add automatic code review instructions to copilot-instructions.md Feb 15, 2026
@SureshKViswanathan SureshKViswanathan marked this pull request as ready for review February 15, 2026 02:11
Copilot AI review requested due to automatic review settings February 15, 2026 02:11
@SureshKViswanathan SureshKViswanathan merged commit 9670f8e into main Feb 15, 2026
5 checks passed

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds instructions for Copilot agents to use automated code review and security scanning tools as part of their workflow. It introduces a new "Automatic Code Review" section and updates the existing "Code Review Checklist" to include verification steps for these automated tools.

Changes:

  • Added new "Automatic Code Review" section with 6-step workflow for using code_review and codeql_checker tools
  • Extended "Code Review Checklist" with two new items (7 and 8) for automated code review and security scanning

Comment on lines +83 to +90
Before finalizing any task, **always run the `code_review` tool** to get automated feedback on your changes:

1. Use the `code_review` tool before completing any task, even for documentation-only changes.
2. Provide a clear PR title and description when calling the tool.
3. Review all comments returned by the code review tool carefully.
4. Address relevant feedback - use your judgment as the tool may occasionally make incorrect suggestions.
5. If you make significant changes after a code review, run the `code_review` tool again.
6. After addressing code review feedback, run the `codeql_checker` tool to scan for security vulnerabilities.

Copilot AI Feb 15, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The instructions reference code_review and codeql_checker tools that do not appear to be standard GitHub Copilot tools available to coding agents. Before adding these instructions, verify that these tools actually exist and are accessible in the context where Copilot agents will be executing. If these are custom tools, they need to be implemented first. If they are meant to represent GitHub Actions workflows or other external tools, the instructions should be clarified to explain how agents should interact with them.

Copilot uses AI. Check for mistakes.
Comment on lines 81 to +103
@@ -88,3 +99,5 @@ Before submitting or approving a PR, verify:
4. MILESTONES.md is updated if milestone progress changed.
5. All public APIs have documentation comments.
6. Code follows Swift 6.2+ best practices and concurrency model.
7. Automatic code review has been run and feedback addressed.
8. Security scan (`codeql_checker`) has been run with no unaddressed vulnerabilities.

Copilot AI Feb 15, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to the project's own "Documentation Requirements" section (lines 36-38), README.md and MILESTONES.md should be updated when changes are made. While this PR only modifies documentation, it introduces a significant new workflow requirement (automated code review and security scanning) that may warrant updating these files to reflect this new practice. Consider whether README.md should mention this workflow and whether MILESTONES.md needs any updates.

Copilot uses AI. Check for mistakes.

Before finalizing any task, **always run the `code_review` tool** to get automated feedback on your changes:

1. Use the `code_review` tool before completing any task, even for documentation-only changes.

Copilot AI Feb 15, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The instruction "even for documentation-only changes" on line 85 may create unnecessary overhead. Code review tools are typically designed to analyze code logic, not documentation prose. Consider clarifying whether this applies to all documentation changes or only to documentation that describes APIs, configurations, or other technical specifications where automated review could add value.

Suggested change
1. Use the `code_review` tool before completing any task, even for documentation-only changes.
1. Use the `code_review` tool before completing any task that includes code changes or documentation that describes APIs, configurations, or other technical specifications (it is optional for purely editorial documentation changes).

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants