GitHub Copilot, Amazon CodeWhisperer and Tabnine are leading options in the new era of AI coding assistants. Advantages include improved developer efficiency and code quality, but are tradeoffs such as security and compliance concerns worth the risk?
According to a study by Bain & Company, nearly 60% of software CTOs and engineering leaders are actively rolling out AI coding tools based on generative AI and foundation models. When deployed strategically, this new class of programming tools provides real-time suggestions to developers based on industry best practices while identifying issues in code.
As with any new technology, there are also downsides to bringing AI coding tools into development pipelines. Industry leaders and AI ethicists are making progress on technologies and frameworks to govern training, but AI coding tools currently operate in a gray area regarding code licensing and copyright that can increase risk and complicate a tool's overall usefulness.
Importantly, generative AI isn't always right. GitHub Copilot and similar coding tools therefore require a disciplined programmer who won't go with the first coding suggestion without some thought and foresight. This includes carefully checking AI-generated code for security vulnerabilities and possible legal issues, such as suggestions of copyrighted code.
AI is no substitute for human coding skills, domain knowledge and life experience, and no AI coding tool will replace a human programmer. To deliver on the promised efficiency of AI coding assistants, organizations will need to smoothly integrate AI coding tools into established software development and DevOps workflows. The process starts with comparing the leading tools available.
GitHub bills GitHub Copilot as an AI pair programmer that offers developers autocomplete suggestions in real time as they code. Developers can write the code they want to use or describe what they want to do in natural language to get suggestions. According to a Stack Overflow 2023 survey, GitHub Copilot commands a 55% developer preference.
Copilot targets developers at all levels of experience, including students.
- Copilot Individual. Costs $10 per month or $100 for an annual plan and supports code completions, chat and other features. It's also free for verified open source project maintainers, teachers and students.
- Copilot Business. Available for $19 per user, per month. This version includes code completions; intellectual property indemnity; and enhanced security, safety and privacy.
- Copilot Enterprise. Costs $39 per user, per month. This version adds chat personalized to enterprise codebases, documentation search and summaries, pull request summaries, and code review skills.
Copilot's Enterprise edition includes some of the tool's most notable features. Documentation search and summaries, for example, help developers spend less time searching for answers and more time actually writing code.
Likewise, pull request summaries improve how developers track their work and give code reviewers more context for code changes. This, in turn, can enhance collaboration for remote and hybrid teams; better code consistency and organization make it easier for developers to understand others' contributions.
Users can also join a waitlist to fine-tune a custom, private Copilot on their own repositories. The option to build a private model might be appealing for organizations handling sensitive data, such as those in the public sector, financial services and life sciences.
Similar to GitHub Copilot, AWS presents CodeWhisperer as an AI coding companion. Developers can use CodeWhisperer to generate code suggestions -- from snippets to full functions -- in real time, rather than engaging in traditional and time-consuming programming tasks and learning an unfamiliar API.
Target users for CodeWhisperer are enterprises running on AWS services and APIs.
- Individual Tier. Free for individual use and provides unlimited code suggestions, reference tracking and 50 security scans per user, per month.
- Professional Tier. Costs $19 per user, per month, and includes 500 security scans per user, per month, with added support for organizational license management.
Notable features include real-time code suggestions that users can customize. CodeWhisperer generates code intended to resemble how users themselves write code, matching developers' style and naming conventions. The software supports 15 programming languages, including Python and Java, as well as a range of integrated development environments (IDEs), including Visual Studio Code, IntelliJ IDEA, AWS Cloud9, AWS Lambda console, JupyterLab and Amazon SageMaker Studio.
CodeWhisperer also includes built-in security scans that analyze existing code in an IDE or written by a developer. There's also enterprise administration for managing groupwide policies and single sign-on with AWS IAM Identity Center integration. Development teams can use CodeWhisperer to flag code suggestions that resemble open source training data, enabling teams to get the associated open source software project URL and licensing for review and proper attribution.
Tabnine is an AI assistant that emphasizes privacy and security. Once an enterprise implements Tabnine, the tool studies the enterprise's codebase, all permissible open source code and Stack Overflow Q&As to generate suggestions.
Target users for Tabnine are developers of all levels, especially those working in markets with stringent security, compliance and privacy requirements.
- Starter version. Free for one user and includes short code completions.
- Pro version. Costs $12 per user, per month, and includes whole-line and full-function code completions.
- Enterprise version. Offers enterprise-level security, controls and customization, but organizations must contact Tabnine sales for pricing.
Some of Tabnine's key benefits are in the areas of privacy and security. The tool can run in fully isolated mode, meaning enterprises can host it in their preferred environment, including on premises, secure SaaS or virtual private cloud. This ensures control over intellectual property; because enterprises' codebases never leave the internal IT environment, their code remains private. Tabnine also offers SOC 2 compliance for businesses that store, process and transmit customer data.
Beyond Tabnine's security and privacy features, other notable features include code completions that consider the organization's private code and autocompletion for lines of code. Tabnine can also suggest full-function completions based on a function declaration and generate blocks of code based on natural language comments.
A beta version of Tabnine chat promises to write code that performs a specific task and generates unit tests. The tool can also navigate and understand legacy codebases, in addition to generating code documentation. However, setup can be cumbersome, and the tool might not work well with languages and frameworks that use complex or dynamic syntax, according to some online reviewers.
Editor's note: This unranked list is based on web research, including product information from vendors, industry reports, and online user reviews and comments.
Will Kelly is a technology writer, content strategist and marketer. He has written extensively about the cloud, DevOps and enterprise mobility for industry publications and corporate clients, and worked on teams introducing DevOps and cloud computing into commercial and public sector enterprises.