GitHub Copilot CLI Drops PAT Requirement in Actions; Agent Session Streaming in Preview
GitHub
Two July 2 changelog items. Copilot CLI in GitHub Actions can now authenticate using the built-in GITHUB_TOKEN with 'copilot-requests: write' permission — no personal access token needed; AI credits bill to the organization. Agent Session Streaming enters public preview for GitHub Enterprise Cloud with managed users, letting admins stream full agent session data (prompts, responses, tool calls) to a SIEM or Microsoft Purview.
Why it matters
Removing the PAT requirement closes a common security footgun for teams running Copilot in CI. Session streaming gives enterprise security teams the observability needed to audit agentic AI activity at scale.
Importance: 2/5
Enterprise security improvements: no-PAT CI auth and agent session audit streaming for GitHub Enterprise Cloud