/
Open edX Policy for GitHub Copilot Code Reviews

Open edX Policy for GitHub Copilot Code Reviews

We are still in the process of evaluating AI Coding Tools, if you have not been given explicit permission, please do not use GitHub Copilot for code reviews or other AI tools on openedx repositories.

For general information on using generative AI tools in Open edX repositories, please see Open edX Policy for Generative AI Tools

Purpose

Guidelines for responsible use of GitHub Copilot's code review features in Open edX Repositories.

Guidelines

Human Oversight

  • Always manually review Copilot's suggestions before approval

  • You remain responsible for all merged code

  • Use Copilot as a tool, not a replacement for human judgment

Code Quality

  • Scrutinize Copilot suggestions for security vulnerabilities, especially in authentication and data handling

  • Test edge cases that AI might overlook (empty inputs, boundary conditions, error states)

  • Verify suggestions handle unexpected user interactions securely

  • Be wary of elegant-looking code that may hide complexity or security issues

Licensing Awareness

  • Copilot may generate code similar to existing projects with different licenses

  • Be cautious with large code blocks suggested by Copilot

  • When uncertain about origin, verify uniqueness of significant suggestions

Environmental Impact

  • Large AI models consume significant energy and have substantial carbon footprints

  • Skip Copilot reviews for simple changes (documentation, minor fixes, style updates)

  • Use only for complex changes where AI assistance provides clear value

  • Plan your workflow to minimize how often you invoke Copilot's analysis

This policy will be reviewed as AI code review technology evolves.

Further Reading: