GitHub adds strictKnownMarketplaces for Copilot enterprise plugin governance

速览

GitHub added enterprise-managed support for strictKnownMarketplaces in VS Code and the Copilot CLI, letting enterprises restrict plugin installs to explicitly approved marketplaces before tool execution.

主关键词

GitHub strictKnownMarketplaces

分类

AI Developer Security

受众

Copilot Business admins, enterprise security teams, platform engineers, and AI governance owners

窗口期

24-72 小时冲刺

执行难度

先做调研

评分

8 / 优先

来源日期

Jun 25, 2026

来源

查看原文

为什么现在

Copilot and agent tools increasingly execute code-adjacent actions through plugins. Enterprises now need governance templates, allowed-marketplace policies, rollout checklists, and audit language.

Angles: Enterprise rollout guide for strictKnownMarketplaces, Approved marketplace policy template, Plugin governance checklist for AI coding agents, VS Code and Copilot CLI settings.json examples

72 小时行动计划

1. 1核对来源和更新时间，确认 "GitHub strictKnownMarketplaces" 仍处在新窗口。
2. 2先发布一个聚焦页面，回答最直接的实现、采购或对比问题。
3. 3补一个清单、模板或小工具，把搜索意图转成邮箱订阅或线索。