JFrog Platform Guide

Appearance

Configure JFrog GitHub Copilot Extension

Last modified by Syed Nasrullah on Apr 4, 2025

Overview

Integrates JFrog Catalog and your JFrog platform data with GitHub Copilot Chat. This allows developers to query GitHub Copilot Chat for recommendations on artifacts, software packages, versions, and their security status.

NOTE

JFrog GitHub Copilot extension is powered by Azure OpenAI language models

Prerequisites

  • Active Subscription with JFrog
  • Active GitHub Copilot License
  • Access to SaaS JFrog Platform
    • JFrog Software Package Catalog (if missing, a 14-day trial is automatically enabled)
    • For JFrog Curation related features - JFrog Software Package Curation subscription required
  • Visual Studio or VS Code IDE installed

IMPORTANT

The minimum required versions are listed below:

  • VS Code: 1.96.2
  • GitHub Copilot: 1.257.0
  • GitHub Copilot Chat: 0.23.2
  • Enterprise X or higher license
  • Artifactory v7.94.x and above
  • Xray 3.103.6 and above

JFrog Extension User Authorization

Once all the prerequisites are completed, follow the below steps to authorize the app in JFrog Platform to use the JFrog GitHub Copilot Extension

  • Open browser and hit this URL https://beta-assistant-auth.jfrog.io/api/v1/oauth/github-redirect?platform_url=https://ford.jfrog.io

  • Accept the 'Beta Agreement' by clicking on the checkbox and click 'Authorize App'

    Picture1

  • Once you click on Authorize App, you will be shown your JFrog Platform corporate login which requires you to login to complete an OAuth flow.

  • Log in as directed. Ensure 'Signing in with SAML SSO'

  • Once you have successfully completed login, the following message confirms successful integration. Picture2

Using JFrog Extension in IDE (VS Code, Visual Studio)

  • Open your IDE and confirm you are logged into the correct GitHub account.
  • Type @jfrog in the chat box to load the JFrog chat component. Picture3
  • Start chatting!

Using JFrog Extension in GitHub.com

  • Open browser and hit https://github.com and Navigate to Copilot Chat or use this direct URL https://github.com/copilot
  • Type @jfrog in the chat box to load the JFrog chat component.
  • Start chatting!

NOTE

Ensure logged into Github.com using Ford GHEC account (CDSID_ford). If you are unsure, refer here

Sample Prompts

Some of the sample prompts for reference

1. @jfrog Can you recommend some npm packages for logging?

2. @jfrog What are some good packages for linear algebra in Java?

3. @jfrog Does the latest version of Numpy have any security issues?
4. @jfrog What is the latest version of axios with no security vulnerabilities?

5. @jfrog What version of Lloguru should I upgrade to to resolve CVE-2022-0338?

6. @jfrog What can you tell me about CVE-2023-39320?

7. @jfrog Are any of the requests, httpx, or aiohttp used in my organization?

8. @jfrog Which versions of Tensorflow are used in my organization?

9. @jfrog In which repositories are gorilla mux and gorm used across our system?

10. @jfrog How popular is the latest secure version of HTTPComponent in the healthcare industry?

11. @jfrog Which of Bouncy Castle, Google Tink, and Apache Commons crypto is more popular among banks?
12. @jfrog Can I use axios 1.6.0 according to my organization's security policies?
13. @jfrog Is pytorch or keras used in my organization?

14. @jfrog What version of axios is my organization using?

15. @jfrog Where exactly in my organization are python or keras used?

16. @jfrog What's the license of aiodns python package?

17. @jfrog Can I use axios 1.6.0 according to my organization security policies?

18. @jfrog How popular is the latest secured version of github.com/gorilla/mux in the healthcare industry?

19. @jfrog What is the popularity of the last 5 versions of axios in the financial services industry?

References

For more information on GitHub Copilot Features in Ford, see Copilot Features
For more information on GitHub Extensions, see GitHub Copilot Extensions

Brought to you by DevTools and Enablement Team.

Copyright © 2019-present Ford Motor Company