[2025-11-13] Copilot coding agent can be configured as a bypass actor for repo rules (#58461)

Co-authored-by: Copilot <[email protected]>
Co-authored-by: Sam Browning <[email protected]>

Author: 3 people

content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-governance.md

@@ -63,6 +63,9 @@ The following are eligible for bypass access:
 * Enterprise teams, enterprise apps, and enterprise roles ({% data variables.release-phases.public_preview %})
 * Repository admins, organization owners, and enterprise owners
 * The maintain or write role, or deploy keys.
+{%- ifversion ghec %}
+* {% data variables.copilot.copilot_coding_agent %}. For more information about {% data variables.copilot.copilot_coding_agent %}, see [AUTOTITLE](/copilot/concepts/agents/coding-agent/about-coding-agent#limitations-in-copilot-coding-agents-compatibility-with-other-features).
+{%- endif %}
 
 1. To grant bypass permissions for the ruleset, in the "Bypass list" section, click **Add bypass**.
 
@@ -120,6 +123,9 @@ You can grant certain roles, teams, or apps bypass permissions as well as the ab
 * Enterprise teams, enterprise apps, and enterprise roles ({% data variables.release-phases.public_preview %})
 * Repository admins, organization owners, and enterprise owners
 * The maintain or write role, or deploy keys
+{%- ifversion ghec %}
+* {% data variables.copilot.copilot_coding_agent %}. For more information about {% data variables.copilot.copilot_coding_agent %}, see [AUTOTITLE](/copilot/concepts/agents/coding-agent/about-coding-agent#limitations-in-copilot-coding-agents-compatibility-with-other-features).
+{%- endif %}
 
 1. To grant bypass permissions for the ruleset, in the "Bypass list" section, click **Add bypass**.
 1. In the "Add bypass" modal dialog that appears, search for the role, team, or app you would like to grant bypass permissions, then select the role, team, or app from the "Suggestions" section and click Add Selected.

content/copilot/concepts/agents/coding-agent/about-coding-agent.md

@@ -152,7 +152,7 @@ Users can include hidden messages in issues assigned to {% data variables.copilo
 
 ### Limitations in {% data variables.copilot.copilot_coding_agent %}'s compatibility with other features
 
-* **{% data variables.product.prodname_copilot_short %} does not sign its commits**. If you have the "Require signed commits" rule or branch protection enabled, you must rewrite the commit history in order to merge {% data variables.product.prodname_copilot_short %}'s pull requests. See [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-signed-commits).
+* **{% data variables.product.prodname_copilot_short %} isn't able to comply with certain rules that may be configured for your repository**. If you have configured a ruleset or branch protection rule that isn't compatible with {% data variables.copilot.copilot_coding_agent %} (for example the "Require signed commits" rule), access to the agent will be blocked. If the rule is configured using rulesets, you can add {% data variables.product.prodname_copilot_short %} as a bypass actor to enable access. See [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository#granting-bypass-permissions-for-your-branch-or-tag-ruleset).
 * **{% data variables.copilot.copilot_coding_agent %} does not work in personal repositories owned by {% data variables.enterprise.prodname_managed_users %}**. This is because {% data variables.copilot.copilot_coding_agent %} requires {% data variables.product.company_short %}-hosted runners, which are not available to repositories owned by {% data variables.enterprise.prodname_managed_users %}. See [AUTOTITLE](/actions/using-github-hosted-runners/using-github-hosted-runners/about-github-hosted-runners).
 * **{% data variables.copilot.copilot_coding_agent %} doesn't account for content exclusions**. Content exclusions allow administrators to configure {% data variables.product.prodname_copilot_short %} to ignore certain files. When using {% data variables.copilot.copilot_coding_agent %}, {% data variables.product.prodname_copilot_short %} will not ignore these files, and will be able to see and update them. See [AUTOTITLE](/copilot/managing-copilot/configuring-and-auditing-content-exclusion/excluding-content-from-github-copilot).
 * **{% data variables.copilot.copilot_coding_agent %} only works with repositories hosted on {% data variables.product.github %}**. If your repository is stored using a different code hosting platform, {% data variables.product.prodname_copilot_short %} won't be able to work on it.

data/reusables/repositories/rulesets-bypass-step.md

@@ -9,6 +9,9 @@ You can grant certain roles, teams, or apps bypass permissions {% ifversion push
 {%- endif %}
 * {% data variables.product.prodname_github_apps %}
 * {% data variables.product.prodname_dependabot %}. For more information about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/getting-started/dependabot-quickstart-guide).
+{%- ifversion ghec %}
+* {% data variables.copilot.copilot_coding_agent %}. For more information about {% data variables.copilot.copilot_coding_agent %}, see [AUTOTITLE](/copilot/concepts/agents/coding-agent/about-coding-agent#limitations-in-copilot-coding-agents-compatibility-with-other-features).
+{%- endif %}
 
 1. To grant bypass permissions for the ruleset, in the "Bypass list" section, click **{% octicon "plus" aria-hidden="true" aria-label="plus" %} Add bypass**.
 1. In the "Add bypass" modal dialog that appears, search for the role, team, or app you would like to grant bypass permissions, then select the role, team, or app from the "Suggestions" section and click **Add Selected**.