GitHub Copilot: A Real User’s Honest Overview
I’ve been using GitHub Copilot daily for about eight months, across Python, JavaScript, TypeScript, and some Go. It’s marketed as an “AI pair programmer,” but that tagline oversells it. In practice, Copilot is a sophisticated autocomplete engine with a strong understanding of code context. It doesn’t think or plan—it predicts. Here’s what that actually means.
What It Does Well
Boilerplate and repetitive code: Copilot excels at generating predictable patterns. Writing a REST API endpoint? Type the route and the function signature, and it will often fill in the request parsing, error handling, and JSON response. For example, in a Django view, after typing
def get_user(request, user_id):, Copilot suggested the full try-except block withUser.objects.get(id=user_id)and a404response. It saved me about 15 seconds per endpoint.Inline completion speed: The real-time suggestions (triggered by pressing Tab) are its strongest feature. When I’m writing a loop over a list of dictionaries, Copilot often completes the
for item in data:block with the correct key access patterns. It’s not always right, but it’s fast enough that accepting a wrong suggestion and fixing it is often quicker than typing from scratch.Learning from your codebase: Unlike generic AI tools, Copilot adapts to your project’s style. If you consistently use
snake_caseand specific import patterns, its suggestions align. In a project with custom error classes, it started using them in exception handlers after I used them a few times.Comment-to-code: Writing a comment like
# validate email formatand seeing Copilot generate a regex or a library call is genuinely useful for one-off tasks. But it’s not reliable for complex logic—you still need to review the output carefully.
Limitations
Context blindness: Copilot only sees about 2,000 tokens of the current file and a limited view of open tabs. It doesn’t understand your full project architecture. I once had it suggest calling a function that didn’t exist in the module, because it saw a similar pattern in a different file. You must manually verify imports, function names, and dependencies.
Security and correctness: Copilot generates code that looks correct but is often subtly wrong. It frequently invents API methods that don’t exist, uses deprecated library versions, or writes SQL injection vulnerabilities (e.g., string interpolation in queries). I’ve caught it generating
eval()calls in user input handlers. Never trust its output without testing.No reasoning: It cannot debug or explain its suggestions. If you ask “why did you generate that?” you get silence. It’s a pattern matcher, not a reasoning engine.
License concerns: Copilot was trained on public GitHub repos, including GPL-licensed code. If you’re working on a proprietary product, you may risk license contamination. GitHub offers a “duplication detection” feature that blocks suggestions matching known open-source code, but it’s not foolproof.
Key Workflows
Inline completion: The primary workflow. Type code, accept Tab suggestions, but always read the output. I typically accept about 60-70% of suggestions, but edit 90% of them.
Chat (Copilot Chat): Available as a sidebar or inline. It’s useful for asking “how do I sort this list of dicts by a nested key?” but less reliable for multi-step tasks. The chat version can explain code, but explanations are often vague or wrong.
Code review: Copilot can highlight potential bugs (e.g., unused variables, null pointer risks) but misses many real issues. It’s better than nothing but worse than a human reviewer.
Pricing Reality
Free tier: 2,000 completions and 50 chat requests per month. This is enough for casual use, but you’ll hit the limit fast if you code daily.
Pro ($10/month): Unlimited completions and chat. This is the sweet spot for professional developers. It also includes Copilot Chat in the IDE and on GitHub.com.
Business ($19/user/month): Adds organization-wide policy controls, IP indemnity (important for companies), and audit logs. If you’re in a team of 5+, this is worth it for legal peace of mind.
Enterprise ($39/user/month): Includes custom model fine-tuning and on-premises deployment options. Overkill for most.
Who Should Use It
Intermediate to advanced developers: You’ll save time on boilerplate and catch obvious errors. Beginners may struggle because they can’t distinguish good suggestions from bad ones.
Solo devs or small teams on personal projects: The Pro plan pays for itself in time saved.
Anyone writing repetitive CRUD code: Copilot shines here.
Who Should Skip It
Security-conscious teams (e.g., fintech, healthcare): The risk of generating insecure code is real. Use it only with strict code review policies.
Developers working with niche languages or frameworks: Copilot’s training data is heavy on Python, JS, and Java. For Rust, Elixir, or Haskell, suggestions are often useless.
Those who value deep understanding over speed: Copilot can make you lazy. If you’re learning a new language, turn it off.
Bottom Line
Copilot is a productivity tool, not a programmer. It’s great for cutting down keystrokes on predictable code, but it’s terrible at anything requiring context, security, or correctness. If you treat it like a smarter autocomplete—and always review its output—it’s worth $10/month. If you expect it to think for you, you’ll waste time debugging its mistakes.
