GitHub’s latest Copilot changelog for Visual Studio Code shows the product moving deeper into agent-first development. The June 3, 2026 post covers VS Code releases from v1.120 through v1.123 and says the Agents window is now available in Stable as a preview, with better support for remotely controlling longer-running agent sessions. Microsoft’s Visual Studio 2026 June update adds the heavier enterprise side of the same story: Copilot usage controls, MCP trust validation, and IDE-level modernization work.
The important shift is that Copilot is no longer just an autocomplete feature or a chat pane. GitHub and Microsoft are building surfaces for long-running sessions, remote execution, model selection, utility-task routing, terminal safety, and modernization workflows. That is the layer teams need if agents are going to touch real repositories instead of demo tasks.
The Agents window is the product signal
GitHub says the Agents window is now in VS Code Stable as a preview. The company frames it as a dedicated surface for working across multiple projects, navigating faster, and reviewing changes. It also says users can open multiple sessions side by side, compare or review work in parallel, and sync chat sessions to a GitHub account for searchable history.
Those details matter because they turn agent work into a managed activity. A real agent session has state: branch choices, isolation settings, terminal output, tool results, changed files, and user approvals. If that state lives only inside a scrolling chat, developers lose track quickly. A dedicated window is GitHub’s answer to that problem.
GitHub also describes remote agents that can run over SSH or Dev Tunnels and continue when the client disconnects. That is the difference between a local assistant and background engineering work. Once the session can survive disconnection, the interface has to show what changed while the user was gone.
BYOK is becoming enterprise plumbing
The same changelog expands bring-your-own-key model support. VS Code can use a user’s own language model API keys, and GitHub says BYOK now works in air-gapped environments without GitHub authentication. It also added controls for choosing which models handle utility tasks such as titles, summaries, rename suggestions, commit messages, and intent detection.
That is not cosmetic. Enterprise teams do not want one undifferentiated model setting for every task. They may want a cheap model to name branches, a stronger model to reason over code, and a restricted endpoint for sensitive work. BYOK token visibility and reasoning-effort controls make those decisions visible enough to govern.
Terminal safety is part of the agent surface
GitHub’s terminal notes are also practical. The changelog says verbose output from tests, builds, linters, Docker, and package managers can be compressed before reaching the model. Terminal confirmations can include AI-generated risk levels. Passwords, passphrases, PINs, and verification codes stay in the terminal rather than being shared with the LLM.
These are the small controls that determine whether agents are tolerable in production repositories. Long output can waste context and money. Risky commands need a prompt that humans can understand. Secrets should not become model context just because an agent asked a shell to run something.
Microsoft’s Visual Studio notes add another enterprise angle. The June 2026 update emphasizes deep AI integration and includes Copilot usage tracking, alerts, and MCP server trust validation. The MCP trust feature detects changed server configurations or assets and asks for re-approval before running them. In an agent workflow, that is supply-chain hygiene: tools are part of the execution environment, not harmless preferences.
The follow-up to Microsoft’s agent platform
The AI Feed already covered Microsoft’s broader agent-platform push. This update is narrower and more concrete. The new material is the IDE-level product shape: how a developer starts, monitors, routes, and secures agent work inside VS Code and Visual Studio.
The counter-case is that many of these pieces are still previews, toggles, or incremental controls. A dedicated Agents window does not prove that agents can complete complex engineering work reliably. Better BYOK controls do not solve code-review quality. MCP trust prompts do not guarantee that every tool call is safe.
They do show where the product pressure is. If coding agents are going to become normal developer infrastructure, the winners will need more than the best completion model. They will need state management, remote execution, terminal safety, model routing, cost visibility, and review ergonomics.
For model comparisons, see our AI model leaderboard. For company-level coverage across Microsoft, GitHub, OpenAI, Anthropic, and xAI, see our AI company tracker.
