xcode-copilot-server 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Suyash Srijan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,147 @@
+# xcode-copilot-server
+
+An OpenAI-compatible proxy API server that lets you use GitHub Copilot in Xcode.
+
+## Why
+
+Xcode 26 added support for third-party LLM providers, but it only supports ChatGPT and Claude out of the box. If you have a GitHub Copilot subscription and want to use it in Xcode, that's not possible as there's no built-in option for it.
+
+However, Xcode does let you add a custom model provider, as long as it exposes an OpenAI-compatible API. GitHub Copilot doesn't do that, but this server helps bridges the gap by wrapping the [GitHub Copilot SDK](https://www.npmjs.com/package/@github/copilot-sdk) and exposing it as an OpenAI-compatible API that Xcode can talk to.
+
+It also connects to Xcode's built-in MCP tools (via `xcrun mcpbridge`), giving Copilot access to your project's build logs, indexes and other context that Xcode provides. This requires Xcode 26.3 or later.
+
+## Installation
+
+You need [Node.js](https://nodejs.org) 25.6.0 or later.
+
+```bash
+npm install -g xcode-copilot-server
+```
+
+Or run it directly:
+
+```bash
+npx xcode-copilot-server
+```
+
+## Usage
+
+```bash
+xcode-copilot-server [options]
+
+Options:
+  --port <number>      Port to listen on (default: 8080)
+  --log-level <level>  Log verbosity: none, error, warning, info, debug, all (default: info)
+  --config <path>      Path to config file (default: bundled config.json5)
+  --cwd <path>         Working directory for Copilot sessions (default: process cwd)
+  --help               Show help
+```
+
+The server listens on `http://localhost:8080` by default and exposes two routes:
+
+- `GET /v1/models` — lists available models from your Copilot subscription
+- `POST /v1/chat/completions` — handles chat completion requests (streaming)
+
+You will need to be signed in to GitHub Copilot through the [Copilot CLI](https://docs.github.com/en/copilot/using-github-copilot/using-github-copilot-in-the-command-line).
+
+## Xcode integration
+
+1. Start the server: `xcode-copilot-server`
+2. Open Xcode and go to Settings > Intelligence > Add a provider
+3. Select "Locally hosted" and set the port to 8080 (or the port that you've chosen)
+4. Give it a description e.g. "Copilot"
+5. Save
+
+That's it!
+
+### Tool calling
+
+There's an additional step if you want to use tool calling:
+
+1. Open Xcode and go to Settings > Intelligence
+2. Select the provider (e.g. "Copilot" from above)
+3. Enable "Allow tools" under "Advanced"
+
+### MCP
+
+There's an additional step if you want to use Xcode MCP server (requires Xcode 26.3+):
+
+1. Open Xcode and go to Settings > Intelligence
+2. Enable "Xcode Tools" under "Model Context Protocol"
+
+## Configuration
+
+The server reads its configuration from a `config.json5` file. By default, it uses the bundled one, but you can point to your own with `--config`:
+
+```bash
+xcode-copilot-server --config ./my-config.json5
+```
+
+The config file uses [JSON5](https://json5.org/) format, which supports comments and trailing commas:
+
+```json5
+{
+  // MCP servers to register with the Copilot session.
+  // The bundled config includes Xcode's mcpbridge by default.
+  mcpServers: {
+    xcode: {
+      type: "local",
+      command: "node",
+      args: ["./scripts/mcpbridge-proxy.mjs"],
+      allowedTools: ["*"],
+    },
+  },
+
+  // Built-in CLI tools allowlist.
+  // ["*"] to allow all, [] to deny all, or a list of specific tool names.
+  allowedCliTools: [],
+
+  // Maximum request body size in MiB.
+  bodyLimitMiB: 4,
+
+  // Filename patterns to filter out from search results in the prompt.
+  excludedFilePatterns: [],
+
+  // Reasoning effort for models that support it: "low", "medium", "high", "xhigh"
+  reasoningEffort: "xhigh",
+
+  // Auto-approve MCP permission requests.
+  // true to approve all, false to deny all,
+  // or an array of kinds: "read", "write", "shell", "mcp", "url"
+  autoApprovePermissions: ["read", "mcp"],
+}
+```
+
+## Security
+
+This server acts as a local proxy between Xcode and GitHub Copilot. It's designed to run on your machine and isn't intended to be exposed to the internet or shared networks. So, here's what you should know:
+
+- The server binds to `127.0.0.1`, so it's only reachable from your machine, not from your local network or the internet. Incoming requests are checked for Xcode's user-agent, which means casual or accidental connections from other tools will be rejected. This isn't a strong security boundary since user-agent headers can be trivially spoofed, but it helps ensure only Xcode is talking to the server.
+
+- The bundled config sets `autoApprovePermissions` to `["read", "mcp"]`, which lets the Copilot session read files and call MCP tools without prompting. Writes, shell commands, and URL fetches are denied by default. You can set it to `true` to approve everything, `false` to deny everything, or pick specific kinds from `"read"`, `"write"`, `"shell"`, `"mcp"`, and `"url"`.
+
+- MCP servers defined in the config are spawned as child processes. The bundled config uses `xcrun mcpbridge`, which is an Apple-signed binary. If you add your own MCP servers, make sure you trust the commands you're configuring.
+
+## License
+
+MIT License
+
+Copyright (c) 2026 Suyash Srijan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/config.json5

@@ -0,0 +1,49 @@
+// Server configuration for xcode-copilot-server.
+// Edit this file to add MCP servers, control tool access, and set permissions.
+//
+// Note: The Tool permissions are checked across all allowlists. If the same tool name
+// exists in both CLI and MCP tools, then they cannot have different permissions.
+
+{
+  // MCP servers to register with the Copilot CLI session.
+  // Each key is a server name, where the value follows the Copilot SDK MCPServerConfig shape.
+  // Relative paths in "args" are resolved relative to this file's directory.
+  mcpServers: {
+    xcode: {
+      type: "local",
+      command: "node",
+      args: ["./scripts/mcpbridge-proxy.mjs"],
+      allowedTools: ["*"],
+    },
+    // Example: add another MCP server
+    // myServer: {
+    //   type: "local",
+    //   command: "my-mcp-binary",
+    //   args: ["--some-flag"],
+    //   allowedTools: ["*"],
+    // },
+  },
+
+  // Built-in CLI tools allowlist (glob, grep, bash, etc)
+  // - ["*"]: allow all CLI tools
+  // - []: deny all CLI tools
+  // - ["glob", "grep"]: allow only specific CLI tools
+  allowedCliTools: [],
+
+  // Maximum request body size in MiB.
+  bodyLimitMiB: 4,
+
+  // Filename patterns to filter out from search results in the prompt.
+  // Code blocks whose filename contains any of these (case-insensitive) are stripped.
+  excludedFilePatterns: [],
+
+  // Reasoning effort for models that support it.
+  // E.g: "low", "medium", "high", "xhigh"
+  reasoningEffort: "xhigh",
+
+  // Auto-approve MCP permission requests.
+  // - true: approve all
+  // - false: deny all
+  // - ["read", "mcp"]: approve only listed kinds (e.g: "read", "write", "shell", "mcp", "url")
+  autoApprovePermissions: ["read", "mcp"],
+}

package/dist/config-schema.d.ts

@@ -0,0 +1,85 @@
+import { z } from "zod";
+declare const MCPLocalServerSchema: z.ZodObject<{
+    type: z.ZodUnion<readonly [z.ZodLiteral<"local">, z.ZodLiteral<"stdio">]>;
+    command: z.ZodString;
+    args: z.ZodArray<z.ZodString>;
+    env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    cwd: z.ZodOptional<z.ZodString>;
+    allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+declare const MCPRemoteServerSchema: z.ZodObject<{
+    type: z.ZodUnion<readonly [z.ZodLiteral<"http">, z.ZodLiteral<"sse">]>;
+    url: z.ZodURL;
+    headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+declare const MCPServerSchema: z.ZodUnion<readonly [z.ZodObject<{
+    type: z.ZodUnion<readonly [z.ZodLiteral<"local">, z.ZodLiteral<"stdio">]>;
+    command: z.ZodString;
+    args: z.ZodArray<z.ZodString>;
+    env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    cwd: z.ZodOptional<z.ZodString>;
+    allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>, z.ZodObject<{
+    type: z.ZodUnion<readonly [z.ZodLiteral<"http">, z.ZodLiteral<"sse">]>;
+    url: z.ZodURL;
+    headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>]>;
+declare const ApprovalRuleSchema: z.ZodUnion<readonly [z.ZodBoolean, z.ZodArray<z.ZodEnum<{
+    url: "url";
+    read: "read";
+    write: "write";
+    shell: "shell";
+    mcp: "mcp";
+}>>]>;
+declare const ReasoningEffortSchema: z.ZodEnum<{
+    low: "low";
+    medium: "medium";
+    high: "high";
+    xhigh: "xhigh";
+}>;
+export type MCPLocalServer = z.infer<typeof MCPLocalServerSchema>;
+export type MCPRemoteServer = z.infer<typeof MCPRemoteServerSchema>;
+export type MCPServer = z.infer<typeof MCPServerSchema>;
+export type ApprovalRule = z.infer<typeof ApprovalRuleSchema>;
+export type ReasoningEffort = z.infer<typeof ReasoningEffortSchema>;
+export declare const ServerConfigSchema: z.ZodObject<{
+    mcpServers: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
+        type: z.ZodUnion<readonly [z.ZodLiteral<"local">, z.ZodLiteral<"stdio">]>;
+        command: z.ZodString;
+        args: z.ZodArray<z.ZodString>;
+        env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        cwd: z.ZodOptional<z.ZodString>;
+        allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        timeout: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strip>, z.ZodObject<{
+        type: z.ZodUnion<readonly [z.ZodLiteral<"http">, z.ZodLiteral<"sse">]>;
+        url: z.ZodURL;
+        headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        allowedTools: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        timeout: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strip>]>>>;
+    allowedCliTools: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    excludedFilePatterns: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    bodyLimitMiB: z.ZodDefault<z.ZodNumber>;
+    reasoningEffort: z.ZodOptional<z.ZodEnum<{
+        low: "low";
+        medium: "medium";
+        high: "high";
+        xhigh: "xhigh";
+    }>>;
+    autoApprovePermissions: z.ZodDefault<z.ZodUnion<readonly [z.ZodBoolean, z.ZodArray<z.ZodEnum<{
+        url: "url";
+        read: "read";
+        write: "write";
+        shell: "shell";
+        mcp: "mcp";
+    }>>]>>;
+}, z.core.$strip>;
+export type RawServerConfig = z.infer<typeof ServerConfigSchema>;
+export {};

package/dist/config-schema.js

@@ -0,0 +1,38 @@
+import { z } from "zod";
+const MCPLocalServerSchema = z.object({
+    type: z.union([z.literal("local"), z.literal("stdio")]),
+    command: z.string().min(1, "MCP server command cannot be empty"),
+    args: z.array(z.string()),
+    env: z.record(z.string(), z.string()).optional(),
+    cwd: z.string().optional(),
+    allowedTools: z.array(z.string()).optional(),
+    timeout: z.number().positive().optional(),
+});
+const MCPRemoteServerSchema = z.object({
+    type: z.union([z.literal("http"), z.literal("sse")]),
+    url: z.url(),
+    headers: z.record(z.string(), z.string()).optional(),
+    allowedTools: z.array(z.string()).optional(),
+    timeout: z.number().positive().optional(),
+});
+const MCPServerSchema = z.union([MCPLocalServerSchema, MCPRemoteServerSchema]);
+const VALID_PERMISSION_KINDS = ["read", "write", "shell", "mcp", "url"];
+const ApprovalRuleSchema = z.union([
+    z.boolean(),
+    z.array(z.enum(VALID_PERMISSION_KINDS)),
+]);
+const VALID_REASONING_EFFORTS = ["low", "medium", "high", "xhigh"];
+const ReasoningEffortSchema = z.enum(VALID_REASONING_EFFORTS);
+export const ServerConfigSchema = z.object({
+    mcpServers: z.record(z.string(), MCPServerSchema).default({}),
+    allowedCliTools: z.array(z.string()).default([]),
+    excludedFilePatterns: z.array(z.string()).default([]),
+    bodyLimitMiB: z
+        .number()
+        .positive()
+        .max(100, "bodyLimitMiB cannot exceed 100")
+        .default(4),
+    reasoningEffort: ReasoningEffortSchema.optional(),
+    autoApprovePermissions: ApprovalRuleSchema.default(["read", "mcp"]),
+});
+//# sourceMappingURL=config-schema.js.map

package/dist/config-schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-schema.js","sourceRoot":"","sources":["../src/config-schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IACvD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,oCAAoC,CAAC;IAChE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzB,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CAC1C,CAAC,CAAC;AAEH,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IACpD,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE;IACZ,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpD,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CAC1C,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,CAAC,CAAC;AAE/E,MAAM,sBAAsB,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAU,CAAC;AAEjF,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC;IACjC,CAAC,CAAC,OAAO,EAAE;IACX,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;CACxC,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAU,CAAC;AAE5E,MAAM,qBAAqB,GAAG,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;AAQ9D,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC7D,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAChD,oBAAoB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACrD,YAAY,EAAE,CAAC;SACZ,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,GAAG,CAAC,GAAG,EAAE,gCAAgC,CAAC;SAC1C,OAAO,CAAC,CAAC,CAAC;IACb,eAAe,EAAE,qBAAqB,CAAC,QAAQ,EAAE;IACjD,sBAAsB,EAAE,kBAAkB,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;CACpE,CAAC,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,7 @@
+import type { Logger } from "./logger.js";
+import { type RawServerConfig } from "./config-schema.js";
+export type { MCPLocalServer, MCPRemoteServer, MCPServer, ApprovalRule, ReasoningEffort, } from "./config-schema.js";
+export type ServerConfig = Omit<RawServerConfig, "bodyLimitMiB"> & {
+    bodyLimit: number;
+};
+export declare function loadConfig(configPath: string, logger: Logger): Promise<ServerConfig>;

package/dist/config.js

@@ -0,0 +1,64 @@
+import { existsSync } from "node:fs";
+import { readFile } from "node:fs/promises";
+import { resolve, dirname, isAbsolute } from "node:path";
+import JSON5 from "json5";
+import { ServerConfigSchema, } from "./config-schema.js";
+const DEFAULT_CONFIG = {
+    mcpServers: {},
+    allowedCliTools: [],
+    excludedFilePatterns: [],
+    bodyLimit: 4 * 1024 * 1024, // 4 MiB
+    autoApprovePermissions: ["read", "mcp"],
+};
+function resolveServerPaths(servers, configDir) {
+    return Object.fromEntries(Object.entries(servers).map(([name, server]) => [
+        name,
+        "args" in server
+            ? {
+                ...server,
+                args: server.args.map((arg) => arg.startsWith("./") || arg.startsWith("../")
+                    ? resolve(configDir, arg)
+                    : arg),
+            }
+            : server,
+    ]));
+}
+export async function loadConfig(configPath, logger) {
+    const absolutePath = isAbsolute(configPath)
+        ? configPath
+        : resolve(process.cwd(), configPath);
+    if (!existsSync(absolutePath)) {
+        logger.warn(`No config file at ${absolutePath}, using defaults`);
+        return DEFAULT_CONFIG;
+    }
+    logger.info(`Reading config from ${absolutePath}`);
+    const text = await readFile(absolutePath, "utf-8");
+    let raw;
+    try {
+        raw = JSON5.parse(text);
+    }
+    catch (err) {
+        throw new Error(`Failed to parse config file: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    if (!raw || typeof raw !== "object") {
+        throw new Error("Config file must contain a JSON5 object");
+    }
+    const parseResult = ServerConfigSchema.safeParse(raw);
+    if (!parseResult.success) {
+        const firstError = parseResult.error.issues[0];
+        if (!firstError) {
+            throw new Error("Invalid config: validation failed");
+        }
+        const path = firstError.path.join(".");
+        throw new Error(`Invalid config${path ? ` at "${path}"` : ""}: ${firstError.message}`);
+    }
+    const { bodyLimitMiB, ...rest } = parseResult.data;
+    const config = {
+        ...rest,
+        bodyLimit: bodyLimitMiB * 1024 * 1024,
+        mcpServers: resolveServerPaths(parseResult.data.mcpServers, dirname(absolutePath)),
+    };
+    logger.info(`Loaded ${String(Object.keys(config.mcpServers).length)} MCP server(s) and ${String(config.allowedCliTools.length)} allowed CLI tool(s)`);
+    return config;
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACzD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EACL,kBAAkB,GAGnB,MAAM,oBAAoB,CAAC;AAc5B,MAAM,cAAc,GAAiB;IACnC,UAAU,EAAE,EAAE;IACd,eAAe,EAAE,EAAE;IACnB,oBAAoB,EAAE,EAAE;IACxB,SAAS,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,QAAQ;IACpC,sBAAsB,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC;CACxC,CAAC;AAEF,SAAS,kBAAkB,CACzB,OAAkC,EAClC,SAAiB;IAEjB,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;QAC9C,IAAI;QACJ,MAAM,IAAI,MAAM;YACd,CAAC,CAAC;gBACE,GAAG,MAAM;gBACT,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAC5B,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC;oBAC3C,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC;oBACzB,CAAC,CAAC,GAAG,CACR;aACF;YACH,CAAC,CAAC,MAAM;KACX,CAAC,CACH,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,UAAkB,EAClB,MAAc;IAEd,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,CAAC;QACzC,CAAC,CAAC,UAAU;QACZ,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IAEvC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,qBAAqB,YAAY,kBAAkB,CAAC,CAAC;QACjE,OAAO,cAAc,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,YAAY,EAAE,CAAC,CAAC;IAEnD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACnD,IAAI,GAAY,CAAC;IACjB,IAAI,CAAC;QACH,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,gCAAgC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACnF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACtD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;QACzB,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC/C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QACD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACvC,MAAM,IAAI,KAAK,CACb,iBAAiB,IAAI,CAAC,CAAC,CAAC,QAAQ,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,OAAO,EAAE,CACtE,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC;IACnD,MAAM,MAAM,GAAiB;QAC3B,GAAG,IAAI;QACP,SAAS,EAAE,YAAY,GAAG,IAAI,GAAG,IAAI;QACrC,UAAU,EAAE,kBAAkB,CAC5B,WAAW,CAAC,IAAI,CAAC,UAAU,EAC3B,OAAO,CAAC,YAAY,CAAC,CACtB;KACF,CAAC;IAEF,MAAM,CAAC,IAAI,CACT,UAAU,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,sBAAsB,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,sBAAsB,CACzI,CAAC;IAEF,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/context.d.ts

@@ -0,0 +1,8 @@
+import type { CopilotService } from "./copilot-service.js";
+import type { ServerConfig } from "./config.js";
+import type { Logger } from "./logger.js";
+export interface AppContext {
+    service: CopilotService;
+    logger: Logger;
+    config: ServerConfig;
+}

package/dist/context.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=context.js.map

package/dist/context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":""}

package/dist/copilot-service.d.ts

@@ -0,0 +1,19 @@
+import { type CopilotSession, type SessionConfig, type ModelInfo } from "@github/copilot-sdk";
+import type { LogLevel, Logger } from "./logger.js";
+export interface CopilotServiceOptions {
+    logLevel?: LogLevel | undefined;
+    logger?: Logger | undefined;
+    cwd?: string | undefined;
+}
+export declare class CopilotService {
+    readonly cwd: string;
+    private client;
+    private session;
+    private sessionPromise;
+    private logger;
+    constructor(options?: CopilotServiceOptions);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    listModels(): Promise<ModelInfo[]>;
+    getSession(config: SessionConfig): Promise<CopilotSession>;
+}

package/dist/copilot-service.js

@@ -0,0 +1,49 @@
+import { CopilotClient, } from "@github/copilot-sdk";
+export class CopilotService {
+    cwd;
+    client;
+    session = null;
+    sessionPromise = null;
+    logger;
+    constructor(options = {}) {
+        this.cwd = options.cwd ?? process.cwd();
+        this.logger = options.logger;
+        this.client = new CopilotClient({
+            logLevel: options.logLevel ?? "error",
+            cwd: this.cwd,
+            env: Object.fromEntries(Object.entries(process.env).filter((e) => e[1] != null)),
+        });
+    }
+    async start() {
+        await this.client.start();
+    }
+    async stop() {
+        if (this.session) {
+            await this.session.destroy();
+            this.session = null;
+        }
+        this.sessionPromise = null;
+        await this.client.stop();
+    }
+    async listModels() {
+        return this.client.listModels();
+    }
+    async getSession(config) {
+        if (this.session) {
+            return this.session;
+        }
+        if (!this.sessionPromise) {
+            this.sessionPromise = this.client.createSession(config).then((s) => {
+                this.session = s;
+                this.sessionPromise = null;
+                this.logger?.info("Session created");
+                return s;
+            }, (err) => {
+                this.sessionPromise = null;
+                throw err;
+            });
+        }
+        return this.sessionPromise;
+    }
+}
+//# sourceMappingURL=copilot-service.js.map

package/dist/copilot-service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"copilot-service.js","sourceRoot":"","sources":["../src/copilot-service.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,aAAa,GAId,MAAM,qBAAqB,CAAC;AAS7B,MAAM,OAAO,cAAc;IAChB,GAAG,CAAS;IACb,MAAM,CAAgB;IACtB,OAAO,GAA0B,IAAI,CAAC;IACtC,cAAc,GAAmC,IAAI,CAAC;IACtD,MAAM,CAAqB;IAEnC,YAAY,UAAiC,EAAE;QAC7C,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QACxC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,IAAI,aAAa,CAAC;YAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,OAAO;YACrC,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,GAAG,EAAE,MAAM,CAAC,WAAW,CACrB,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAyB,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAC/E;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IAC5B,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,UAAU;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,MAAqB;QACpC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,OAAO,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAC1D,CAAC,CAAC,EAAE,EAAE;gBACJ,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC;gBACjB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC3B,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;gBACrC,OAAO,CAAC,CAAC;YACX,CAAC,EACD,CAAC,GAAY,EAAE,EAAE;gBACf,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC3B,MAAM,GAAG,CAAC;YACZ,CAAC,CACF,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF"}

package/dist/handlers/completions/session-config.d.ts

@@ -0,0 +1,12 @@
+import type { SessionConfig } from "@github/copilot-sdk";
+import type { ServerConfig } from "../../config.js";
+import type { Logger } from "../../logger.js";
+export interface SessionConfigOptions {
+    model: string;
+    systemMessage?: string | undefined;
+    logger: Logger;
+    config: ServerConfig;
+    supportsReasoningEffort: boolean;
+    cwd?: string | undefined;
+}
+export declare function createSessionConfig({ model, systemMessage, logger, config, supportsReasoningEffort, cwd, }: SessionConfigOptions): SessionConfig;

package/dist/handlers/completions/session-config.js

@@ -0,0 +1,63 @@
+function isApproved(rule, kind) {
+    if (typeof rule === "boolean")
+        return rule;
+    return rule.some((k) => k === kind);
+}
+export function createSessionConfig({ model, systemMessage, logger, config, supportsReasoningEffort, cwd, }) {
+    return {
+        model,
+        streaming: true,
+        infiniteSessions: { enabled: true },
+        workingDirectory: cwd ?? process.cwd(),
+        ...(systemMessage && {
+            systemMessage: {
+                mode: "replace",
+                content: systemMessage,
+            },
+        }),
+        mcpServers: Object.fromEntries(Object.entries(config.mcpServers).map(([name, server]) => [
+            name,
+            { ...server, tools: ["*"] },
+        ])),
+        ...(config.allowedCliTools.length > 0 && {
+            availableTools: config.allowedCliTools,
+        }),
+        ...(config.reasoningEffort && supportsReasoningEffort && {
+            reasoningEffort: config.reasoningEffort,
+        }),
+        onUserInputRequest: (request) => {
+            logger.debug(`User input requested: "${request.question}"`);
+            return Promise.resolve({
+                answer: "User input is not available. Ask your question in your response instead.",
+                wasFreeform: true,
+            });
+        },
+        onPermissionRequest: (request) => {
+            const approved = isApproved(config.autoApprovePermissions, request.kind);
+            logger.debug(`Permission "${request.kind}": ${approved ? "approved" : "denied"}`);
+            return Promise.resolve(approved
+                ? { kind: "approved" }
+                : { kind: "denied-by-rules" });
+        },
+        hooks: {
+            onPreToolUse: (input) => {
+                const toolName = input.toolName;
+                if (config.allowedCliTools.includes("*") ||
+                    config.allowedCliTools.includes(toolName)) {
+                    logger.debug(`Tool "${toolName}": allowed (CLI)`);
+                    return Promise.resolve({ permissionDecision: "allow" });
+                }
+                for (const [serverName, server] of Object.entries(config.mcpServers)) {
+                    const allowlist = server.allowedTools ?? [];
+                    if (allowlist.includes("*") || allowlist.includes(toolName)) {
+                        logger.debug(`Tool "${toolName}": allowed (${serverName})`);
+                        return Promise.resolve({ permissionDecision: "allow" });
+                    }
+                }
+                logger.debug(`Tool "${toolName}": denied (not in any allowlist)`);
+                return Promise.resolve({ permissionDecision: "deny" });
+            },
+        },
+    };
+}
+//# sourceMappingURL=session-config.js.map

package/dist/handlers/completions/session-config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-config.js","sourceRoot":"","sources":["../../../src/handlers/completions/session-config.ts"],"names":[],"mappings":"AAaA,SAAS,UAAU,CAAC,IAAkB,EAAE,IAAY;IAClD,IAAI,OAAO,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAC3C,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,EAClC,KAAK,EACL,aAAa,EACb,MAAM,EACN,MAAM,EACN,uBAAuB,EACvB,GAAG,GACkB;IACrB,OAAO;QACL,KAAK;QACL,SAAS,EAAE,IAAI;QACf,gBAAgB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QACnC,gBAAgB,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;QAEtC,GAAG,CAAC,aAAa,IAAI;YACnB,aAAa,EAAE;gBACb,IAAI,EAAE,SAAkB;gBACxB,OAAO,EAAE,aAAa;aACvB;SACF,CAAC;QAEF,UAAU,EAAE,MAAM,CAAC,WAAW,CAC5B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YACxD,IAAI;YACJ,EAAE,GAAG,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE;SAC5B,CAAC,CACH;QAED,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI;YACvC,cAAc,EAAE,MAAM,CAAC,eAAe;SACvC,CAAC;QACF,GAAG,CAAC,MAAM,CAAC,eAAe,IAAI,uBAAuB,IAAI;YACvD,eAAe,EAAE,MAAM,CAAC,eAAe;SACxC,CAAC;QAEF,kBAAkB,EAAE,CAAC,OAAO,EAAE,EAAE;YAC9B,MAAM,CAAC,KAAK,CAAC,0BAA0B,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YAC5D,OAAO,OAAO,CAAC,OAAO,CAAC;gBACrB,MAAM,EACJ,0EAA0E;gBAC5E,WAAW,EAAE,IAAI;aAClB,CAAC,CAAC;QACL,CAAC;QAED,mBAAmB,EAAE,CAAC,OAAO,EAAE,EAAE;YAC/B,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,sBAAsB,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;YACzE,MAAM,CAAC,KAAK,CACV,eAAe,OAAO,CAAC,IAAI,MAAM,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE,CACpE,CAAC;YACF,OAAO,OAAO,CAAC,OAAO,CACpB,QAAQ;gBACN,CAAC,CAAC,EAAE,IAAI,EAAE,UAAmB,EAAE;gBAC/B,CAAC,CAAC,EAAE,IAAI,EAAE,iBAA0B,EAAE,CACzC,CAAC;QACJ,CAAC;QAED,KAAK,EAAE;YACL,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE;gBACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBAEhC,IACE,MAAM,CAAC,eAAe,CAAC,QAAQ,CAAC,GAAG,CAAC;oBACpC,MAAM,CAAC,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,EACzC,CAAC;oBACD,MAAM,CAAC,KAAK,CAAC,SAAS,QAAQ,kBAAkB,CAAC,CAAC;oBAClD,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,OAAgB,EAAE,CAAC,CAAC;gBACnE,CAAC;gBAED,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;oBACrE,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC;oBAC5C,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAC5D,MAAM,CAAC,KAAK,CAAC,SAAS,QAAQ,eAAe,UAAU,GAAG,CAAC,CAAC;wBAC5D,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,OAAgB,EAAE,CAAC,CAAC;oBACnE,CAAC;gBACH,CAAC;gBAED,MAAM,CAAC,KAAK,CAAC,SAAS,QAAQ,kCAAkC,CAAC,CAAC;gBAClE,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,MAAe,EAAE,CAAC,CAAC;YAClE,CAAC;SACF;KACF,CAAC;AACJ,CAAC"}

package/dist/handlers/completions/streaming.d.ts

@@ -0,0 +1,4 @@
+import type { FastifyReply } from "fastify";
+import type { CopilotSession } from "@github/copilot-sdk";
+import type { Logger } from "../../logger.js";
+export declare function handleStreaming(reply: FastifyReply, session: CopilotSession, prompt: string, model: string, logger: Logger): Promise<void>;