opencode-copilot-account-switcher 0.1.4 → 0.2.1

package/README.md

@@ -12,14 +12,15 @@
 
 ## English
 
-Manage and switch between multiple **GitHub Copilot** accounts in **OpenCode**. This plugin adds account switching, quota checks, and an optional **Guided Loop Safety** mode that can help Copilot keep a single premium request working longer with fewer report interruptions before it truly needs user input. It **uses the official `github-copilot` provider** and does **not** require model reconfiguration.
+Manage and switch between multiple **GitHub Copilot** accounts in **OpenCode**. This plugin adds account switching, quota checks, an optional **Guided Loop Safety** mode that can keep a single premium request productive for hours with fewer report interruptions before it truly needs user input, and an optional **Copilot Network Retry** switch for retryable network and certificate failures. It **uses the official `github-copilot` provider** and does **not** require model reconfiguration.
 
 ## What You Get
 
 - **Multi-account support** — add multiple Copilot accounts and switch anytime
 - **Quota check** — view remaining quota per account
 - **Auth import** — import Copilot tokens from OpenCode auth storage
-- **Guided Loop Safety** — a stricter Copilot-only question-first policy designed to keep non-blocked work moving, require `question` for user-facing reports when available, and help cut avoidable quota burn caused by repeated status interruptions
+- **Guided Loop Safety** — a stricter Copilot-only question-first policy designed to keep non-blocked work moving, keep one premium request productive for hours, and cut avoidable quota burn by replacing repeated interruption turns with `question`-based waiting
+- **Copilot Network Retry** — optional and off by default; normalizes retryable Copilot network or TLS failures so OpenCode's native retry path can handle them
 - **Zero model config** — no model changes required (official provider only)
 
 ---
@@ -101,12 +102,36 @@ You will see an interactive menu (arrow keys + enter) with actions:
 - **Add account**
 - **Import from auth.json**
 - **Check quotas**
-- **Guided Loop Safety** — prompt-guided question-first reporting that requires `question` for user-facing reports when available, keeps non-blocked work moving, and avoids unnecessary subagent calls
+- **Guided Loop Safety** — prompt-guided question-first reporting that requires `question` for user-facing reports when available, keeps non-blocked work moving, reduces repeated interruptions, and avoids unnecessary subagent calls
+- **Copilot Network Retry** — off by default; only affects the Copilot request `fetch` path and only for retryable network/certificate-style failures
 - **Switch account**
 - **Remove account**
 - **Remove all**
 
-If you want GitHub Copilot sessions to stay in a single premium request longer, enable Guided Loop Safety from the account menu. It is a prompt-guided, Copilot-only question-first mode: when `question` is available and permitted, user-facing reports must go through it; if safe non-blocked work remains, Copilot should keep going instead of pausing early; only when no safe action remains should it use `question` to ask for the next task or clarification, while also reducing unnecessary subagent calls.
+If you want GitHub Copilot sessions to stay in a single premium request longer, enable Guided Loop Safety from the account menu. In practice, this can keep one request productive for hours: when `question` is available and permitted, user-facing reports must go through it, so waiting for your reply does not keep burning extra quota the way repeated direct-status interruptions do. Fewer interruptions also means less avoidable quota burn. If safe non-blocked work remains, Copilot should keep going instead of pausing early; only when no safe action remains should it use `question` to ask for the next task or clarification, while also reducing unnecessary subagent calls.
+
+If you hit transient Copilot TLS or network failures, you can enable Copilot Network Retry from the same menu. It is off by default. When enabled, the plugin keeps the official Copilot header/baseURL behavior from the upstream loader, only wraps the final Copilot `fetch` path, and converts retryable network-like failures into a shape that OpenCode already treats as retryable. This keeps request retry policy aligned with OpenCode instead of re-implementing a second retry system inside the plugin.
+
+## Copilot Network Retry
+
+- Default: **disabled**
+- Scope: only the official Copilot request `fetch` path returned by `auth.loader`
+- Purpose: limited handling for retryable network and certificate-style failures such as `failed to fetch`, `ECONNRESET`, `unknown certificate`, or `self signed certificate`
+- Strategy: preserve official loader behavior, then normalize retryable failures so OpenCode's native retry pipeline can decide whether and when to retry
+- Risk: because the plugin still wraps the official fetch path, upstream internal behavior may change over time and drift is possible
+
+## Upstream Sync
+
+The repository includes a committed upstream snapshot at `src/upstream/copilot-plugin.snapshot.ts` plus a sync/check script at `scripts/sync-copilot-upstream.mjs`.
+
+Useful commands:
+
+```bash
+npm run sync:copilot-snapshot -- --source <file-or-url> --upstream-commit <sha> --sync-date <YYYY-MM-DD>
+npm run check:copilot-sync -- --source <file-or-url> --upstream-commit <sha> --sync-date <YYYY-MM-DD>
+```
+
+The script generates or checks the committed snapshot, requires upstream metadata for repository snapshot updates, and helps catch drift from the official `opencode` `copilot.ts` implementation.
 
 ---
 
@@ -128,20 +153,24 @@ No. This plugin only manages accounts and works with the official `github-copilo
 **Does it replace the official provider?**
 No. It uses the official provider and only adds account switching + quota checks.
 
+**Does Copilot Network Retry replace OpenCode's retry logic?**
+No. The plugin keeps retry policy inside OpenCode by normalizing retryable Copilot network/TLS failures into a shape that OpenCode already recognizes as retryable.
+
 ---
 
 <a name="中文"></a>
 
 ## 中文
 
-在 **OpenCode** 中管理并切换多个 **GitHub Copilot** 账号。本插件提供**账号切换、配额查询**以及可选的 **Guided Loop Safety** 模式，帮助 Copilot 在一次 premium request 里更持续地工作，并尽量减少真正需要你输入之前的汇报打断。**完全依赖官方 `github-copilot` provider**，无需修改模型配置。
+在 **OpenCode** 中管理并切换多个 **GitHub Copilot** 账号。本插件提供**账号切换、配额查询**、可选的 **Guided Loop Safety** 模式，以及默认关闭的 **Copilot Network Retry** 开关；前者帮助一次 premium request 更容易连续工作好几个小时、减少真正需要你输入之前的汇报打断，后者用于处理可重试的网络与证书类失败。**完全依赖官方 `github-copilot` provider**，无需修改模型配置。
 
 ## 功能一览
 
 - **多账号管理** — 添加多个 Copilot 账号，随时切换
 - **配额查询** — 查看每个账号的剩余额度
 - **导入认证** — 可从 OpenCode 认证存储导入
-- **Guided Loop Safety** — 仅对 Copilot 生效的更严格 question-first 提示词策略，推动非阻塞工作持续执行、在可用时要求用户可见汇报走 `question`，并帮助降低因反复中断带来的无谓配额消耗
+- **Guided Loop Safety** — 仅对 Copilot 生效的更严格 question-first 提示词策略，推动非阻塞工作持续执行、让一次 premium request 更容易连续工作好几个小时，并通过减少反复中断来降低无谓配额消耗
+- **Copilot Network Retry** — 默认关闭；把可重试的 Copilot 网络或 TLS 失败归一化成 OpenCode 原生重试链路可识别的形态
 - **无需模型配置** — 使用官方 provider，无需改模型
 
 ---
@@ -223,12 +252,36 @@ opencode auth login --provider github-copilot
 - **添加账号**
 - **从 auth.json 导入**
 - **检查配额**
-- **Guided Loop Safety 开关** — 通过提示词引导模型在可用时必须使用 `question` 做用户可见汇报、继续完成非阻塞工作，并避免不必要的子代理调用
+- **Guided Loop Safety 开关** — 通过提示词引导模型在可用时必须使用 `question` 做用户可见汇报、继续完成非阻塞工作、减少反复中断，并避免不必要的子代理调用
+- **Copilot Network Retry 开关** — 默认关闭；仅影响 Copilot 请求的 `fetch` 路径，只处理可重试的网络/证书类失败
 - **切换账号**
 - **删除账号**
 - **全部删除**
 
-如果你希望 GitHub Copilot 会话在一次 premium request 中尽量持续工作、更少被汇报打断，可以在账号菜单中开启 Guided Loop Safety。它是仅对 Copilot 生效的 prompt 引导式 question-first 模式：当 `question` 工具在当前会话中可用且被允许时，用户可见汇报必须通过它完成；只要还有安全的非阻塞工作可做，Copilot 就应继续执行而不是提前暂停；只有在当前确实没有可安全执行的动作时，才应通过 `question` 询问下一项任务或所需澄清，同时也会减少不必要的子代理调用。
+如果你希望 GitHub Copilot 会话在一次 premium request 中尽量持续工作、更少被汇报打断，可以在账号菜单中开启 Guided Loop Safety。实际使用中，它可以让一次 request 更容易连续工作好几个小时：当 `question` 工具在当前会话中可用且被允许时，用户可见汇报必须通过它完成，因此等待你的回复本身不会像反复插入直接状态消息那样继续额外消耗配额；少一次中断，本身就少一次无谓的配额消耗。只要还有安全的非阻塞工作可做，Copilot 就应继续执行而不是提前暂停；只有在当前确实没有可安全执行的动作时，才应通过 `question` 询问下一项任务或所需澄清，同时也会减少不必要的子代理调用。
+
+如果你遇到 Copilot 的瞬时 TLS 或网络失败，也可以在同一菜单中开启 Copilot Network Retry。它默认关闭。开启后，插件会先保留 upstream 官方 loader 生成的 `baseURL`、认证头和 `fetch` 行为，只在最后一跳 Copilot `fetch` 路径上做最小包装，把可重试的网络类失败归一化成 OpenCode 已有重试链路能识别的形态，而不是在插件内部重新定义一套独立的请求重试策略。
+
+## Copilot Network Retry
+
+- 默认：**关闭**
+- 作用范围：仅影响 `auth.loader` 返回的官方 Copilot 请求 `fetch` 路径
+- 用途：有限处理 `failed to fetch`、`ECONNRESET`、`unknown certificate`、`self signed certificate` 等可重试网络/证书类失败
+- 实现策略：尽量保留官方 loader 行为，再把可重试失败归一化给 OpenCode 原生重试链路判断是否重试
+- 风险提示：因为插件仍然包裹了官方 fetch 路径，若 upstream 后续内部实现变化，仍可能产生行为漂移
+
+## Upstream 同步机制
+
+仓库中提交了一份 upstream 快照 `src/upstream/copilot-plugin.snapshot.ts`，并提供同步/校验脚本 `scripts/sync-copilot-upstream.mjs`。
+
+常用命令：
+
+```bash
+npm run sync:copilot-snapshot -- --source <file-or-url> --upstream-commit <sha> --sync-date <YYYY-MM-DD>
+npm run check:copilot-sync -- --source <file-or-url> --upstream-commit <sha> --sync-date <YYYY-MM-DD>
+```
+
+该脚本会生成或校验仓库中提交的 snapshot，并要求在更新正式 snapshot 时显式提供 upstream commit 与同步日期，用来尽早发现与官方 `opencode` `copilot.ts` 的行为漂移。
 
 ---
 
@@ -250,6 +303,9 @@ opencode auth login --provider github-copilot
 **会替换官方 provider 吗？**
 不会。它只是在官方 provider 基础上增加账号切换和配额查询。
 
+**Copilot Network Retry 会替代 OpenCode 自己的重试逻辑吗？**
+不会。插件的目标是把可重试的 Copilot 网络/TLS 失败归一化成 OpenCode 已识别的可重试错误形态，真正的是否重试与如何退避仍由 OpenCode 原生链路决定。
+
 ---
 
 ## License

package/dist/copilot-network-retry.d.ts

@@ -0,0 +1,6 @@
+type FetchLike = (request: Request | URL | string, init?: RequestInit) => Promise<Response>;
+export declare function isRetryableCopilotFetchError(error: unknown): boolean;
+export declare function createCopilotRetryingFetch(baseFetch: FetchLike, options?: {
+    wait?: (ms: number) => Promise<void>;
+}): (request: Request | URL | string, init?: RequestInit) => Promise<Response>;
+export {};

package/dist/copilot-network-retry.js

@@ -0,0 +1,61 @@
+const RETRYABLE_MESSAGES = [
+    "load failed",
+    "failed to fetch",
+    "network request failed",
+    "econnreset",
+    "etimedout",
+    "socket hang up",
+    "unknown certificate",
+    "self signed certificate",
+    "unable to verify the first certificate",
+    "self-signed certificate in certificate chain",
+];
+const RETRYABLE_PATH_SEGMENTS = ["/chat/completions", "/responses", "/models", "/token"];
+function isAbortError(error) {
+    return error instanceof Error && error.name === "AbortError";
+}
+function getErrorMessage(error) {
+    return String(error instanceof Error ? error.message : error).toLowerCase();
+}
+function toRetryableSystemError(error) {
+    const base = error instanceof Error ? error : new Error(String(error));
+    const wrapped = new Error(`[copilot-network-retry normalized] ${base.message}`);
+    wrapped.name = base.name;
+    wrapped.code = "ECONNRESET";
+    wrapped.syscall = "fetch";
+    wrapped.cause = error;
+    return wrapped;
+}
+function isCopilotUrl(request) {
+    const raw = request instanceof Request ? request.url : request instanceof URL ? request.href : String(request);
+    try {
+        const url = new URL(raw);
+        const isCopilotHost = url.hostname === "api.githubcopilot.com" || url.hostname.startsWith("copilot-api.");
+        if (!isCopilotHost)
+            return false;
+        return RETRYABLE_PATH_SEGMENTS.some((segment) => url.pathname.includes(segment));
+    }
+    catch {
+        return false;
+    }
+}
+export function isRetryableCopilotFetchError(error) {
+    if (!error || isAbortError(error))
+        return false;
+    const message = getErrorMessage(error);
+    return RETRYABLE_MESSAGES.some((part) => message.includes(part));
+}
+export function createCopilotRetryingFetch(baseFetch, options) {
+    void options;
+    return async function retryingFetch(request, init) {
+        try {
+            return await baseFetch(request, init);
+        }
+        catch (error) {
+            if (!isCopilotUrl(request) || !isRetryableCopilotFetchError(error)) {
+                throw error;
+            }
+            throw toRetryableSystemError(error);
+        }
+    };
+}

package/dist/index.d.ts

@@ -1,3 +1,4 @@
 export { CopilotAccountSwitcher } from "./plugin.js";
 export { applyMenuAction } from "./plugin-actions.js";
 export { buildPluginHooks } from "./plugin-hooks.js";
+export { createOfficialFetchAdapter, loadOfficialCopilotConfig } from "./upstream/copilot-loader-adapter.js";

package/dist/index.js

@@ -1,3 +1,4 @@
 export { CopilotAccountSwitcher } from "./plugin.js";
 export { applyMenuAction } from "./plugin-actions.js";
 export { buildPluginHooks } from "./plugin-hooks.js";
+export { createOfficialFetchAdapter, loadOfficialCopilotConfig } from "./upstream/copilot-loader-adapter.js";

package/dist/loop-safety-plugin.d.ts

@@ -1,6 +1,6 @@
 import type { Hooks } from "@opencode-ai/plugin";
 import { type StoreFile } from "./store.js";
-export declare const LOOP_SAFETY_POLICY = "Guided Loop Safety Policy\n- Continue working on any remaining non-blocked task before stopping to report or wait for more instructions.\n- If you are not fully blocked, do not stop just because you feel ready to pause; finish the work that can still be done safely.\n- When the question tool is available and permitted in the current session, all user-facing reports must be delivered through the question tool.\n- The question tool is considered available and permitted when it appears in the active tool list and the current session has not denied its use.\n- Direct assistant text is allowed only when the question tool is unavailable, denied, or absent from the current session.\n- When reporting multiple related items, prefer a single question tool call with multiple well-grouped questions instead of multiple separate interruptions.\n- Group related items into clear question batches such as current progress, key findings, and next-step choices.\n- For long or complex reports, split the report into paginated or sequential question batches instead of overloading one large message.\n- Present the highest-priority information first and defer secondary details to later question batches when needed.\n- Even when no explicit decision is required, prefer brief question-tool status updates over direct assistant text whenever the tool is available.\n- Avoid unnecessary question frequency; combine small related updates when a single question call can cover them clearly.\n- When no further action can be taken safely and no non-blocked work remains, use the question tool to ask for the next task or clarification instead of ending with direct assistant text.\n- Dispatching task or subagent work is expensive and should be avoided unless it materially improves the result.\n- Materially improves the result means clearly beneficial cases such as parallel analysis of independent areas; it does not include routine local searches, small file reads, or straightforward edits.\n- If task or subagent delegation is used, keep the number minimal and explain the reason briefly through the question tool when available.";
+export declare const LOOP_SAFETY_POLICY = "Guided Loop Safety Policy\n- Continue working on any remaining non-blocked task before stopping to report or wait for more instructions.\n- If you are not fully blocked, do not stop just because you feel ready to pause; finish the work that can still be done safely.\n- MANDATORY: When the question tool is available and permitted in the current session, ALL user-facing reports MUST be delivered through the question tool.\n- MANDATORY: Treat progress updates, status reports, summaries, explanations, completion notes, and next-step choices as user-facing reports.\n- MANDATORY: In this workflow, the question tool is both the question channel and the report channel for user-visible communication.\n- MANDATORY: Do not reinterpret \"keep working unless blocked\" as permission to send direct assistant text. If you need to report, report through the question tool.\n- MANDATORY: Do not reinterpret \"don't ask unnecessary questions\" as permission to skip the question tool. Use fewer question batches, not a different reporting channel.\n- NO EXCEPTIONS: Do not switch to direct assistant text just because the report is long, detailed, complex, or contains multiple related items.\n- The question tool is considered available and permitted when it appears in the active tool list and the current session has not denied its use.\n- Direct assistant text is allowed only when the question tool is unavailable, denied, or absent from the current session.\n- If a report would otherwise be sent as direct text, convert it into one question batch or a short sequence of question batches instead.\n- IMPORTANT: A report-mode violation usually means the wrong tool was used, not that the report was too long.\n- IMPORTANT: Do not reinterpret a tool-usage violation as a verbosity problem.\n- Long reports are allowed. Use pagination or sequential question batches when needed; do not fall back to direct assistant text.\n- A single question tool call may contain multiple well-grouped questions. Prefer that over multiple small interruptions when it keeps the report clear.\n- Group related items into explicit batches such as current progress, key findings, decisions, and next-step choices.\n- Present the highest-priority information first and defer secondary details to later question batches when needed.\n- Even when no explicit decision is required, use brief question-tool status updates instead of direct assistant text whenever the tool is available.\n- Avoid unnecessary question frequency; combine small related updates when a single question call can cover them clearly.\n- When no further action can be taken safely and no non-blocked work remains, use the question tool to ask for the next task or clarification instead of ending with direct assistant text.\n- Dispatching task or subagent work is expensive and should be avoided unless it materially improves the result.\n- Materially improves the result means clearly beneficial cases such as parallel analysis of independent areas; it does not include routine local searches, small file reads, or straightforward edits.\n- If task or subagent delegation is used, keep the number minimal and explain the reason briefly through the question tool when available.";
 export type ExperimentalChatSystemTransformHook = (input: {
     sessionID: string;
     model: {

package/dist/loop-safety-plugin.js

@@ -2,14 +2,22 @@ import { readStoreSafe } from "./store.js";
 export const LOOP_SAFETY_POLICY = `Guided Loop Safety Policy
 - Continue working on any remaining non-blocked task before stopping to report or wait for more instructions.
 - If you are not fully blocked, do not stop just because you feel ready to pause; finish the work that can still be done safely.
-- When the question tool is available and permitted in the current session, all user-facing reports must be delivered through the question tool.
+- MANDATORY: When the question tool is available and permitted in the current session, ALL user-facing reports MUST be delivered through the question tool.
+- MANDATORY: Treat progress updates, status reports, summaries, explanations, completion notes, and next-step choices as user-facing reports.
+- MANDATORY: In this workflow, the question tool is both the question channel and the report channel for user-visible communication.
+- MANDATORY: Do not reinterpret "keep working unless blocked" as permission to send direct assistant text. If you need to report, report through the question tool.
+- MANDATORY: Do not reinterpret "don't ask unnecessary questions" as permission to skip the question tool. Use fewer question batches, not a different reporting channel.
+- NO EXCEPTIONS: Do not switch to direct assistant text just because the report is long, detailed, complex, or contains multiple related items.
 - The question tool is considered available and permitted when it appears in the active tool list and the current session has not denied its use.
 - Direct assistant text is allowed only when the question tool is unavailable, denied, or absent from the current session.
-- When reporting multiple related items, prefer a single question tool call with multiple well-grouped questions instead of multiple separate interruptions.
-- Group related items into clear question batches such as current progress, key findings, and next-step choices.
-- For long or complex reports, split the report into paginated or sequential question batches instead of overloading one large message.
+- If a report would otherwise be sent as direct text, convert it into one question batch or a short sequence of question batches instead.
+- IMPORTANT: A report-mode violation usually means the wrong tool was used, not that the report was too long.
+- IMPORTANT: Do not reinterpret a tool-usage violation as a verbosity problem.
+- Long reports are allowed. Use pagination or sequential question batches when needed; do not fall back to direct assistant text.
+- A single question tool call may contain multiple well-grouped questions. Prefer that over multiple small interruptions when it keeps the report clear.
+- Group related items into explicit batches such as current progress, key findings, decisions, and next-step choices.
 - Present the highest-priority information first and defer secondary details to later question batches when needed.
-- Even when no explicit decision is required, prefer brief question-tool status updates over direct assistant text whenever the tool is available.
+- Even when no explicit decision is required, use brief question-tool status updates instead of direct assistant text whenever the tool is available.
 - Avoid unnecessary question frequency; combine small related updates when a single question call can cover them clearly.
 - When no further action can be taken safely and no non-blocked work remains, use the question tool to ask for the next task or clarification instead of ending with direct assistant text.
 - Dispatching task or subagent work is expensive and should be avoided unless it materially improves the result.

package/dist/plugin-actions.js

@@ -1,7 +1,13 @@
 export async function applyMenuAction(input) {
-    if (input.action.type !== "toggle-loop-safety")
-        return false;
-    input.store.loopSafetyEnabled = input.store.loopSafetyEnabled !== true;
-    await input.writeStore(input.store);
-    return true;
+    if (input.action.type === "toggle-loop-safety") {
+        input.store.loopSafetyEnabled = input.store.loopSafetyEnabled !== true;
+        await input.writeStore(input.store);
+        return true;
+    }
+    if (input.action.type === "toggle-network-retry") {
+        input.store.networkRetryEnabled = input.store.networkRetryEnabled !== true;
+        await input.writeStore(input.store);
+        return true;
+    }
+    return false;
 }

package/dist/plugin-hooks.d.ts

@@ -1,6 +1,13 @@
 import { type CopilotPluginHooks } from "./loop-safety-plugin.js";
+import { createCopilotRetryingFetch } from "./copilot-network-retry.js";
 import { type StoreFile } from "./store.js";
+import { type CopilotAuthState, type CopilotProviderConfig, type OfficialCopilotConfig } from "./upstream/copilot-loader-adapter.js";
 export declare function buildPluginHooks(input: {
-    auth: CopilotPluginHooks["auth"];
+    auth: NonNullable<CopilotPluginHooks["auth"]>;
     loadStore?: () => Promise<StoreFile | undefined>;
+    loadOfficialConfig?: (input: {
+        getAuth: () => Promise<CopilotAuthState | undefined>;
+        provider?: CopilotProviderConfig;
+    }) => Promise<OfficialCopilotConfig | undefined>;
+    createRetryFetch?: typeof createCopilotRetryingFetch;
 }): CopilotPluginHooks;

package/dist/plugin-hooks.js

@@ -1,8 +1,33 @@
 import { createLoopSafetySystemTransform } from "./loop-safety-plugin.js";
+import { createCopilotRetryingFetch } from "./copilot-network-retry.js";
 import { readStoreSafe } from "./store.js";
+import { loadOfficialCopilotConfig, } from "./upstream/copilot-loader-adapter.js";
 export function buildPluginHooks(input) {
+    const loadStore = input.loadStore ?? readStoreSafe;
+    const loadOfficialConfig = input.loadOfficialConfig ?? loadOfficialCopilotConfig;
+    const createRetryFetch = input.createRetryFetch ?? createCopilotRetryingFetch;
+    const loader = async (getAuth, provider) => {
+        const config = await loadOfficialConfig({
+            getAuth: getAuth,
+            provider: provider,
+        });
+        if (!config)
+            return {};
+        const store = await loadStore().catch(() => undefined);
+        if (store?.networkRetryEnabled !== true) {
+            return config;
+        }
+        return {
+            ...config,
+            fetch: createRetryFetch(config.fetch),
+        };
+    };
     return {
-        auth: input.auth,
-        "experimental.chat.system.transform": createLoopSafetySystemTransform(input.loadStore ?? readStoreSafe),
+        auth: {
+            ...input.auth,
+            provider: input.auth.provider ?? "github-copilot",
+            loader,
+        },
+        "experimental.chat.system.transform": createLoopSafetySystemTransform(loadStore),
     };
 }

package/dist/plugin.js

@@ -561,7 +561,7 @@ export const CopilotAccountSwitcher = async ({ client }) => {
                     : undefined,
             }));
             const refresh = { enabled: store.autoRefresh === true, minutes: store.refreshMinutes ?? 15 };
-            const action = await showMenu(accounts, refresh, store.lastQuotaRefresh, store.loopSafetyEnabled === true);
+            const action = await showMenu(accounts, refresh, store.lastQuotaRefresh, store.loopSafetyEnabled === true, store.networkRetryEnabled === true);
             if (action.type === "cancel") {
                 const active = store.active ? store.accounts[store.active] : undefined;
                 return active;

package/dist/store.d.ts

@@ -55,6 +55,7 @@ export type StoreFile = {
     refreshMinutes?: number;
     lastQuotaRefresh?: number;
     loopSafetyEnabled?: boolean;
+    networkRetryEnabled?: boolean;
 };
 export declare function storePath(): string;
 export declare function authPath(): string;

package/dist/store.js

@@ -18,6 +18,8 @@ export function parseStore(raw) {
         data.accounts = {};
     if (data.loopSafetyEnabled !== true)
         data.loopSafetyEnabled = false;
+    if (data.networkRetryEnabled !== true)
+        data.networkRetryEnabled = false;
     for (const [name, entry] of Object.entries(data.accounts)) {
         const info = entry;
         if (!info.name)

package/dist/ui/menu.d.ts

@@ -55,6 +55,8 @@ export type MenuAction = {
     type: "set-interval";
 } | {
     type: "toggle-loop-safety";
+} | {
+    type: "toggle-network-retry";
 } | {
     type: "switch";
     account: AccountInfo;
@@ -74,9 +76,10 @@ export declare function buildMenuItems(input: {
     };
     lastQuotaRefresh?: number;
     loopSafetyEnabled: boolean;
+    networkRetryEnabled: boolean;
 }): MenuItem<MenuAction>[];
 export declare function showMenu(accounts: AccountInfo[], refresh?: {
     enabled: boolean;
     minutes: number;
-}, lastQuotaRefresh?: number, loopSafetyEnabled?: boolean): Promise<MenuAction>;
+}, lastQuotaRefresh?: number, loopSafetyEnabled?: boolean, networkRetryEnabled?: boolean): Promise<MenuAction>;
 export declare function showAccountActions(account: AccountInfo): Promise<"switch" | "remove" | "back">;

package/dist/ui/menu.js

@@ -47,6 +47,12 @@ export function buildMenuItems(input) {
             color: "cyan",
             hint: "Prompt-guided: fewer report interruptions, fewer unnecessary subagents",
         },
+        {
+            label: input.networkRetryEnabled ? "Disable Copilot network retry" : "Enable Copilot network retry",
+            value: { type: "toggle-network-retry" },
+            color: "cyan",
+            hint: "Overrides official fetch path; may drift from upstream",
+        },
         { label: "", value: { type: "cancel" }, separator: true },
         { label: "Accounts", value: { type: "cancel" }, kind: "heading" },
         ...input.accounts.map((account) => {
@@ -76,12 +82,13 @@ export function buildMenuItems(input) {
         { label: "Remove all accounts", value: { type: "remove-all" }, color: "red" },
     ];
 }
-export async function showMenu(accounts, refresh, lastQuotaRefresh, loopSafetyEnabled = false) {
+export async function showMenu(accounts, refresh, lastQuotaRefresh, loopSafetyEnabled = false, networkRetryEnabled = false) {
     const items = buildMenuItems({
         accounts,
         refresh,
         lastQuotaRefresh,
         loopSafetyEnabled,
+        networkRetryEnabled,
     });
     while (true) {
         const result = await select(items, {

package/dist/upstream/copilot-loader-adapter.d.ts

@@ -0,0 +1,42 @@
+export type CopilotAuthState = {
+    type: string;
+    refresh?: string;
+    access?: string;
+    expires?: number;
+    enterpriseUrl?: string;
+};
+export type CopilotProviderModel = {
+    id?: string;
+    api: {
+        url?: string;
+        npm?: string;
+    };
+    cost?: {
+        input: number;
+        output: number;
+        cache: {
+            read: number;
+            write: number;
+        };
+    };
+};
+export type CopilotProviderConfig = {
+    models?: Record<string, CopilotProviderModel>;
+};
+export type OfficialCopilotConfig = {
+    baseURL?: string;
+    apiKey: string;
+    fetch: (request: Request | URL | string, init?: RequestInit) => Promise<Response>;
+};
+export declare function loadOfficialCopilotConfig(input: {
+    getAuth: () => Promise<CopilotAuthState | undefined>;
+    baseFetch?: typeof fetch;
+    provider?: CopilotProviderConfig;
+    version?: string;
+}): Promise<OfficialCopilotConfig | undefined>;
+export declare function createOfficialFetchAdapter(input: {
+    getAuth: () => Promise<CopilotAuthState | undefined>;
+    baseFetch?: typeof fetch;
+    provider?: CopilotProviderConfig;
+    version?: string;
+}): (request: Request | URL | string, init?: RequestInit) => Promise<Response>;

package/dist/upstream/copilot-loader-adapter.js

@@ -0,0 +1,26 @@
+import { createOfficialCopilotLoader } from "./copilot-plugin.snapshot.js";
+export async function loadOfficialCopilotConfig(input) {
+    const loader = createOfficialCopilotLoader({
+        fetchImpl: input.baseFetch,
+        version: input.version,
+    });
+    const result = await loader(input.getAuth, input.provider);
+    if (!("fetch" in result) || typeof result.fetch !== "function") {
+        return undefined;
+    }
+    return {
+        baseURL: result.baseURL,
+        apiKey: result.apiKey,
+        fetch: result.fetch,
+    };
+}
+export function createOfficialFetchAdapter(input) {
+    return async function fetchWithOfficialHeaders(request, init) {
+        const config = await loadOfficialCopilotConfig(input);
+        const fallback = input.baseFetch ?? fetch;
+        if (!config) {
+            return fallback(request, init);
+        }
+        return config.fetch(request, init);
+    };
+}

package/dist/upstream/copilot-plugin.snapshot.d.ts

@@ -0,0 +1,25 @@
+type RequestInfo = Request | URL | string;
+type Hooks = any;
+type PluginInput = any;
+type OfficialProviderInput = {
+    models?: Record<string, {
+        id?: string;
+        api: {
+            url?: string;
+            npm?: string;
+        };
+        cost?: unknown;
+    }>;
+};
+type OfficialLoaderResult = {
+    baseURL?: string;
+    apiKey: string;
+    fetch: (request: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+};
+type OfficialLoader = (getAuth: () => Promise<any>, provider?: OfficialProviderInput) => Promise<OfficialLoaderResult | {}>;
+export declare function CopilotAuthPlugin(input: PluginInput): Promise<Hooks>;
+export declare function createOfficialCopilotLoader(options?: {
+    fetchImpl?: typeof fetch;
+    version?: string;
+}): OfficialLoader;
+export {};

package/dist/upstream/copilot-plugin.snapshot.js

@@ -0,0 +1,393 @@
+// @ts-nocheck
+/*
+ * Upstream snapshot source:
+ * - Repository: https://github.com/sst/opencode
+ * - Original path: packages/opencode/src/plugin/copilot.ts
+ * - Sync date: 2026-03-13
+ * - Upstream commit: d1482e148399bfaf808674549199f5f4aa69a22d
+ *
+ * Generated by scripts/sync-copilot-upstream.mjs.
+ * Do not edit this file directly; update the sync script and regenerate it.
+ */
+const Installation = {
+    VERSION: "snapshot",
+};
+function iife(fn) {
+    return fn();
+}
+const Bun = {
+    sleep(ms) {
+        return new Promise((resolve) => setTimeout(resolve, ms));
+    },
+};
+/* LOCAL_SHIMS_END */
+const CLIENT_ID = "Ov23li8tweQw6odWQebz";
+// Add a small safety buffer when polling to avoid hitting the server
+// slightly too early due to clock skew / timer drift.
+const OAUTH_POLLING_SAFETY_MARGIN_MS = 3000; // 3 seconds
+function normalizeDomain(url) {
+    return url.replace(/^https?:\/\//, "").replace(/\/$/, "");
+}
+function getUrls(domain) {
+    return {
+        DEVICE_CODE_URL: `https://${domain}/login/device/code`,
+        ACCESS_TOKEN_URL: `https://${domain}/login/oauth/access_token`,
+    };
+}
+export async function CopilotAuthPlugin(input) {
+    const sdk = input.client;
+    return {
+        auth: {
+            provider: "github-copilot",
+            async loader(getAuth, provider) {
+                const info = await getAuth();
+                if (!info || info.type !== "oauth")
+                    return {};
+                const enterpriseUrl = info.enterpriseUrl;
+                const baseURL = enterpriseUrl ? `https://copilot-api.${normalizeDomain(enterpriseUrl)}` : undefined;
+                if (provider && provider.models) {
+                    for (const model of Object.values(provider.models)) {
+                        model.cost = {
+                            input: 0,
+                            output: 0,
+                            cache: {
+                                read: 0,
+                                write: 0,
+                            },
+                        };
+                        // TODO: re-enable once messages api has higher rate limits
+                        // TODO: move some of this hacky-ness to models.dev presets once we have better grasp of things here...
+                        // const base = baseURL ?? model.api.url
+                        // const claude = model.id.includes("claude")
+                        // const url = iife(() => {
+                        //   if (!claude) return base
+                        //   if (base.endsWith("/v1")) return base
+                        //   if (base.endsWith("/")) return `${base}v1`
+                        //   return `${base}/v1`
+                        // })
+                        // model.api.url = url
+                        // model.api.npm = claude ? "@ai-sdk/anthropic" : "@ai-sdk/github-copilot"
+                        model.api.npm = "@ai-sdk/github-copilot";
+                    }
+                }
+                return {
+                    baseURL,
+                    apiKey: "",
+                    async fetch(request, init) {
+                        const info = await getAuth();
+                        if (info.type !== "oauth")
+                            return fetch(request, init);
+                        const url = request instanceof URL ? request.href : request.toString();
+                        const { isVision, isAgent } = iife(() => {
+                            try {
+                                const body = typeof init?.body === "string" ? JSON.parse(init.body) : init?.body;
+                                // Completions API
+                                if (body?.messages && url.includes("completions")) {
+                                    const last = body.messages[body.messages.length - 1];
+                                    return {
+                                        isVision: body.messages.some((msg) => Array.isArray(msg.content) && msg.content.some((part) => part.type === "image_url")),
+                                        isAgent: last?.role !== "user",
+                                    };
+                                }
+                                // Responses API
+                                if (body?.input) {
+                                    const last = body.input[body.input.length - 1];
+                                    return {
+                                        isVision: body.input.some((item) => Array.isArray(item?.content) && item.content.some((part) => part.type === "input_image")),
+                                        isAgent: last?.role !== "user",
+                                    };
+                                }
+                                // Messages API
+                                if (body?.messages) {
+                                    const last = body.messages[body.messages.length - 1];
+                                    const hasNonToolCalls = Array.isArray(last?.content) && last.content.some((part) => part?.type !== "tool_result");
+                                    return {
+                                        isVision: body.messages.some((item) => Array.isArray(item?.content) &&
+                                            item.content.some((part) => part?.type === "image" ||
+                                                // images can be nested inside tool_result content
+                                                (part?.type === "tool_result" &&
+                                                    Array.isArray(part?.content) &&
+                                                    part.content.some((nested) => nested?.type === "image")))),
+                                        isAgent: !(last?.role === "user" && hasNonToolCalls),
+                                    };
+                                }
+                            }
+                            catch { }
+                            return { isVision: false, isAgent: false };
+                        });
+                        const headers = {
+                            "x-initiator": isAgent ? "agent" : "user",
+                            ...init?.headers,
+                            "User-Agent": `opencode/${Installation.VERSION}`,
+                            Authorization: `Bearer ${info.refresh}`,
+                            "Openai-Intent": "conversation-edits",
+                        };
+                        if (isVision) {
+                            headers["Copilot-Vision-Request"] = "true";
+                        }
+                        delete headers["x-api-key"];
+                        delete headers["authorization"];
+                        return fetch(request, {
+                            ...init,
+                            headers,
+                        });
+                    },
+                };
+            },
+            methods: [
+                {
+                    type: "oauth",
+                    label: "Login with GitHub Copilot",
+                    prompts: [
+                        {
+                            type: "select",
+                            key: "deploymentType",
+                            message: "Select GitHub deployment type",
+                            options: [
+                                {
+                                    label: "GitHub.com",
+                                    value: "github.com",
+                                    hint: "Public",
+                                },
+                                {
+                                    label: "GitHub Enterprise",
+                                    value: "enterprise",
+                                    hint: "Data residency or self-hosted",
+                                },
+                            ],
+                        },
+                        {
+                            type: "text",
+                            key: "enterpriseUrl",
+                            message: "Enter your GitHub Enterprise URL or domain",
+                            placeholder: "company.ghe.com or https://company.ghe.com",
+                            condition: (inputs) => inputs.deploymentType === "enterprise",
+                            validate: (value) => {
+                                if (!value)
+                                    return "URL or domain is required";
+                                try {
+                                    const url = value.includes("://") ? new URL(value) : new URL(`https://${value}`);
+                                    if (!url.hostname)
+                                        return "Please enter a valid URL or domain";
+                                    return undefined;
+                                }
+                                catch {
+                                    return "Please enter a valid URL (e.g., company.ghe.com or https://company.ghe.com)";
+                                }
+                            },
+                        },
+                    ],
+                    async authorize(inputs = {}) {
+                        const deploymentType = inputs.deploymentType || "github.com";
+                        let domain = "github.com";
+                        let actualProvider = "github-copilot";
+                        if (deploymentType === "enterprise") {
+                            const enterpriseUrl = inputs.enterpriseUrl;
+                            domain = normalizeDomain(enterpriseUrl);
+                            actualProvider = "github-copilot-enterprise";
+                        }
+                        const urls = getUrls(domain);
+                        const deviceResponse = await fetch(urls.DEVICE_CODE_URL, {
+                            method: "POST",
+                            headers: {
+                                Accept: "application/json",
+                                "Content-Type": "application/json",
+                                "User-Agent": `opencode/${Installation.VERSION}`,
+                            },
+                            body: JSON.stringify({
+                                client_id: CLIENT_ID,
+                                scope: "read:user",
+                            }),
+                        });
+                        if (!deviceResponse.ok) {
+                            throw new Error("Failed to initiate device authorization");
+                        }
+                        const deviceData = (await deviceResponse.json());
+                        return {
+                            url: deviceData.verification_uri,
+                            instructions: `Enter code: ${deviceData.user_code}`,
+                            method: "auto",
+                            async callback() {
+                                while (true) {
+                                    const response = await fetch(urls.ACCESS_TOKEN_URL, {
+                                        method: "POST",
+                                        headers: {
+                                            Accept: "application/json",
+                                            "Content-Type": "application/json",
+                                            "User-Agent": `opencode/${Installation.VERSION}`,
+                                        },
+                                        body: JSON.stringify({
+                                            client_id: CLIENT_ID,
+                                            device_code: deviceData.device_code,
+                                            grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+                                        }),
+                                    });
+                                    if (!response.ok)
+                                        return { type: "failed" };
+                                    const data = (await response.json());
+                                    if (data.access_token) {
+                                        const result = {
+                                            type: "success",
+                                            refresh: data.access_token,
+                                            access: data.access_token,
+                                            expires: 0,
+                                        };
+                                        if (actualProvider === "github-copilot-enterprise") {
+                                            result.provider = "github-copilot-enterprise";
+                                            result.enterpriseUrl = domain;
+                                        }
+                                        return result;
+                                    }
+                                    if (data.error === "authorization_pending") {
+                                        await Bun.sleep(deviceData.interval * 1000 + OAUTH_POLLING_SAFETY_MARGIN_MS);
+                                        continue;
+                                    }
+                                    if (data.error === "slow_down") {
+                                        // Based on the RFC spec, we must add 5 seconds to our current polling interval.
+                                        // (See https://www.rfc-editor.org/rfc/rfc8628#section-3.5)
+                                        let newInterval = (deviceData.interval + 5) * 1000;
+                                        // GitHub OAuth API may return the new interval in seconds in the response.
+                                        // We should try to use that if provided with safety margin.
+                                        const serverInterval = data.interval;
+                                        if (serverInterval && typeof serverInterval === "number" && serverInterval > 0) {
+                                            newInterval = serverInterval * 1000;
+                                        }
+                                        await Bun.sleep(newInterval + OAUTH_POLLING_SAFETY_MARGIN_MS);
+                                        continue;
+                                    }
+                                    if (data.error)
+                                        return { type: "failed" };
+                                    await Bun.sleep(deviceData.interval * 1000 + OAUTH_POLLING_SAFETY_MARGIN_MS);
+                                    continue;
+                                }
+                            },
+                        };
+                    },
+                },
+            ],
+        },
+        "chat.headers": async (incoming, output) => {
+            if (!incoming.model.providerID.includes("github-copilot"))
+                return;
+            if (incoming.model.api.npm === "@ai-sdk/anthropic") {
+                output.headers["anthropic-beta"] = "interleaved-thinking-2025-05-14";
+            }
+            const session = await sdk.session
+                .get({
+                path: {
+                    id: incoming.sessionID,
+                },
+                query: {
+                    directory: input.directory,
+                },
+                throwOnError: true,
+            })
+                .catch(() => undefined);
+            if (!session || !session.data.parentID)
+                return;
+            // mark subagent sessions as agent initiated matching standard that other copilot tools have
+            output.headers["x-initiator"] = "agent";
+        },
+    };
+}
+/* GENERATED_EXPORTS_START */
+export function createOfficialCopilotLoader(options = {}) {
+    const fetchImpl = options.fetchImpl ?? fetch;
+    const version = options.version ?? Installation.VERSION;
+    return async function loader(getAuth, provider) {
+        const info = await getAuth();
+        if (!info || info.type !== "oauth")
+            return {};
+        const enterpriseUrl = info.enterpriseUrl;
+        const baseURL = enterpriseUrl ? `https://copilot-api.${normalizeDomain(enterpriseUrl)}` : undefined;
+        if (provider && provider.models) {
+            for (const model of Object.values(provider.models)) {
+                model.cost = {
+                    input: 0,
+                    output: 0,
+                    cache: {
+                        read: 0,
+                        write: 0,
+                    },
+                };
+                // TODO: re-enable once messages api has higher rate limits
+                // TODO: move some of this hacky-ness to models.dev presets once we have better grasp of things here...
+                // const base = baseURL ?? model.api.url
+                // const claude = model.id.includes("claude")
+                // const url = iife(() => {
+                //   if (!claude) return base
+                //   if (base.endsWith("/v1")) return base
+                //   if (base.endsWith("/")) return `${base}v1`
+                //   return `${base}/v1`
+                // })
+                // model.api.url = url
+                // model.api.npm = claude ? "@ai-sdk/anthropic" : "@ai-sdk/github-copilot"
+                model.api.npm = "@ai-sdk/github-copilot";
+            }
+        }
+        return {
+            baseURL,
+            apiKey: "",
+            async fetch(request, init) {
+                const info = await getAuth();
+                if (info.type !== "oauth")
+                    return fetchImpl(request, init);
+                const url = request instanceof URL ? request.href : request.toString();
+                const { isVision, isAgent } = iife(() => {
+                    try {
+                        const body = typeof init?.body === "string" ? JSON.parse(init.body) : init?.body;
+                        // Completions API
+                        if (body?.messages && url.includes("completions")) {
+                            const last = body.messages[body.messages.length - 1];
+                            return {
+                                isVision: body.messages.some((msg) => Array.isArray(msg.content) && msg.content.some((part) => part.type === "image_url")),
+                                isAgent: last?.role !== "user",
+                            };
+                        }
+                        // Responses API
+                        if (body?.input) {
+                            const last = body.input[body.input.length - 1];
+                            return {
+                                isVision: body.input.some((item) => Array.isArray(item?.content) && item.content.some((part) => part.type === "input_image")),
+                                isAgent: last?.role !== "user",
+                            };
+                        }
+                        // Messages API
+                        if (body?.messages) {
+                            const last = body.messages[body.messages.length - 1];
+                            const hasNonToolCalls = Array.isArray(last?.content) && last.content.some((part) => part?.type !== "tool_result");
+                            return {
+                                isVision: body.messages.some((item) => Array.isArray(item?.content) &&
+                                    item.content.some((part) => part?.type === "image" ||
+                                        // images can be nested inside tool_result content
+                                        (part?.type === "tool_result" &&
+                                            Array.isArray(part?.content) &&
+                                            part.content.some((nested) => nested?.type === "image")))),
+                                isAgent: !(last?.role === "user" && hasNonToolCalls),
+                            };
+                        }
+                    }
+                    catch { }
+                    return { isVision: false, isAgent: false };
+                });
+                const headers = {
+                    "x-initiator": isAgent ? "agent" : "user",
+                    ...init?.headers,
+                    "User-Agent": `opencode/${version}`,
+                    Authorization: `Bearer ${info.refresh}`,
+                    "Openai-Intent": "conversation-edits",
+                };
+                if (isVision) {
+                    headers["Copilot-Vision-Request"] = "true";
+                }
+                delete headers["x-api-key"];
+                delete headers["authorization"];
+                return fetchImpl(request, {
+                    ...init,
+                    headers,
+                });
+            },
+        };
+    };
+}
+/* GENERATED_EXPORTS_END */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-copilot-account-switcher",
-  "version": "0.1.4",
+  "version": "0.2.1",
   "description": "GitHub Copilot account switcher plugin for OpenCode",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -32,6 +32,8 @@
   ],
   "scripts": {
     "build": "tsc -p tsconfig.build.json",
+    "sync:copilot-snapshot": "node scripts/sync-copilot-upstream.mjs --output src/upstream/copilot-plugin.snapshot.ts",
+    "check:copilot-sync": "node scripts/sync-copilot-upstream.mjs --output src/upstream/copilot-plugin.snapshot.ts --check",
     "test": "npm run build && node --test",
     "typecheck": "tsc --noEmit",
     "prepublishOnly": "npm run build"