guanghu/docs/adr/0150-github-copilot-cli-agent-adapter.md
Guanghu Domestic Migration 9b41d51231
Some checks are pending
Auto-update PR branches / Update open PR branches (push) Waiting to run
CI / Frontend Static Quality Checks (push) Waiting to run
CI / Frontend Tests & Coverage (push) Waiting to run
CI / Rust Tests & Quality Checks (push) Waiting to run
CI / Linux build verification (push) Waiting to run
Deploy docs / Build VitePress site (push) Waiting to run
Deploy docs / Deploy to GitHub Pages (push) Blocked by required conditions
Release (Alpha) / Compute alpha version (push) Waiting to run
Release (Alpha) / Build release artifacts (push) Blocked by required conditions
Release (Alpha) / GitHub Release (alpha) (push) Blocked by required conditions
Release (Alpha) / Update docs and release pages (push) Blocked by required conditions
chore: import sanitized domestic snapshot for REPO-004
Source snapshot: 514ab1975951d94342ea38e64101d5a0f1c51c77
2026-07-17 15:55:28 +08:00

2.6 KiB

type, id, title, status, date, supersedes
type id title status date supersedes
ADR 0150 GitHub Copilot CLI agent adapter active 2026-07-02

Context

Tolaria already exposes several app-managed local AI agent adapters through one normalized AI panel contract. GitHub Copilot CLI is a mainstream local agent with programmatic copilot -p ... execution, per-session tool permissions, current-directory path scoping, custom instructions support including AGENTS.md, and MCP server support.

Users who prefer Copilot should not have to leave Tolaria or manually configure a generic/custom agent to get vault-aware assistance.

Decision

Tolaria adds GitHub Copilot as a first-class local agent with product-facing id copilot.

The desktop backend:

  • discovers copilot through PATH, login-shell lookup, and common local install locations including npm, pnpm, Bun, Mise, asdf, nvm-managed Node versions, Homebrew, and Windows npm/pnpm/Scoop shims
  • runs copilot -p <prompt> -s --no-ask-user from the active vault directory
  • passes Tolaria MCP as a per-session --additional-mcp-config JSON payload instead of mutating ~/.copilot/mcp-config.json
  • uses Safe mode with --available-tools=write,tolaria, --allow-tool=write,tolaria, and --deny-tool=shell
  • maps Power User mode to --allow-all-tools
  • intentionally avoids --allow-all, --yolo, --allow-all-paths, and --allow-all-urls
  • streams line-oriented stdout through the shared agent event contract and registers the child process under the request-scoped stream id for cancellation
  • maps authentication, organization policy, subscription, and directory-trust stderr into Copilot-specific setup guidance

The renderer adds Copilot to the shared AI-agent registry so the onboarding prompt, Settings target picker, command palette switch command, AI workspace target groups, and persisted agent:copilot target all use the same definition.

Consequences

  • Users can select GitHub Copilot anywhere Tolaria lists local/app-managed AI agents.
  • App-managed Copilot sessions stay vault-scoped by current working directory and Copilot's default path verification unless the user chooses Tolaria Power User, which still does not bypass all paths or URLs.
  • Tolaria does not persist Copilot credentials, model-provider secrets, or durable third-party MCP files.
  • Native end-to-end QA requires a local Copilot CLI install and authentication; automated tests use fake executables for deterministic streaming and error coverage.
  • Future Copilot CLI permission or MCP flag changes must update this adapter and ADR rather than falling back to broad --allow-all / --yolo behavior.