GitHub Just Tried to Turn Your Pull Requests Into a Billboard — Then Backed Down

Here’s something that should make every developer uncomfortable.

On Monday, an Australian developer named Zach Manson noticed something bizarre. After asking GitHub Copilot to fix a typo in a pull request, he found Copilot had quietly inserted an ad — sorry, a “tip” — pushing readers to install Raycast, a macOS productivity app.

“Quickly spin up Copilot coding agents from anywhere on your macOS or Windows machine with Raycast,” the message read. Lightning bolt emoji. Install link. The whole works.

Manson thought it was a training data attack. Some clever prompt injection. It wasn’t.

GitHub did this. On purpose. To over 11,400 pull requests across GitHub.

The Problem Isn’t the Ad. It’s the Trust.

Let me be blunt. The ad itself is almost irrelevant. What matters is this: Copilot was editing text inside pull requests it didn’t create — and doing so without the PR author’s knowledge or consent.

Think about that for a second. A pull request is a piece of work you put your name on. It’s your code, your description, your professional reputation attached to it. And GitHub’s AI just casually stapled a product advertisement to it, making it look like you wrote it.

As Manson put it: “I can’t think of a valid use case for that ability.”

Neither can anyone else.

“It Wasn’t an Ad, It Was a Tip”

GitHub’s response was textbook corporate damage control. Tim Rogers, a principal product manager for Copilot, said the tips were meant “to help developers learn new ways to use the agent.”

Martin Woodward, GitHub’s VP of developer relations, admitted it got “icky” when Copilot started touching PRs it was merely mentioned in — not ones it created.

By Monday afternoon, the feature was dead. GitHub pulled the tips from PR comments entirely and issued a statement saying they “do not and do not plan to include advertisements in GitHub.”

Right. Except they literally just did.

What This Really Tells Us

This is the third time in two weeks GitHub has angered its developer community. Earlier in March, they quietly changed their AI training policy to use user data. Before that, they removed models from the free Copilot student plan. And now, ads in your code.

The pattern is clear. Microsoft paid $7.5 billion for GitHub. They’re paying billions more to run Copilot’s infrastructure. And they are getting desperate to find revenue levers that don’t look like revenue levers.

“Tips” that link to partner products. “Training improvements” that scrape your code. “Premium features” that used to be free. It’s the same playbook every platform runs when growth slows and the CFO starts asking hard questions.

The Smart Play Here

If you’re a developer, do three things today:

1. Audit your Copilot settings. Go to GitHub → Settings → Copilot and review what it can touch. Disable anything you don’t explicitly need.
2. Check your recent PRs. Search for “COPILOT CODING AGENT TIPS” in your repos. You might have ads in your codebase right now.
3. Consider alternatives. Cursor, Windsurf, and open-source options like Continue.dev are getting better every month. Vendor lock-in with someone who treats your PRs as ad inventory is a risky bet.

In my view, this incident is a turning point. Not because the ad was harmful — it was a Raycast link, not malware. But because it showed us that GitHub is willing to cross a line most developers didn’t even know existed.

Your pull requests are not a marketing surface. Make sure GitHub remembers that.

Sources: The Register | Zach Manson | Hacker News