Support Copilot CLI multi-storage recall and provider-based fallback#5
Closed
jshessen wants to merge 2 commits into
Closed
Support Copilot CLI multi-storage recall and provider-based fallback#5jshessen wants to merge 2 commits into
jshessen wants to merge 2 commits into
Conversation
dezgit2025
added a commit
that referenced
this pull request
Apr 28, 2026
PR #5 remediation — 21 findings addressed across 6 phases: Phase 1 — Foundation fixes: - CC1: File backends opt-in via SESSION_RECALL_ENABLE_FILE_BACKENDS - F7: list --limit default reverted to 10 - F5: search excerpt restored to 250-char truncation - F1+F21: Deterministic labels + macOS VS Code path - CC4: Asymmetric lookback (5d JSONL / 30d SQLite) - F10: schema_problems() on repos command - F13: Provider field shortened/omitted Phase 1.5 — WSL/Linux compatibility: - VS Code Server path, XDG dirs verified Phase 2 — Structure + hardening: - CC2: file_backends.py split into providers/file/ subpackage - copilot_cli.py split into providers/copilot_cli/ subpackage - F3: Bounded JSONL reader (iter_jsonl_bounded) Phase 3 — Security: - F2: Symlink guard (is_under_root) at all glob sites - F4: Trust level field + sentinel fence for untrusted content - F6: mtime prefilter + early termination Phase 4 — Regression tests: - Token budget tests (list/search/files byte limits) - Adversarial tests (symlink, JSONL bomb, injection, nested JSON) Phase 5 — Conventions: - CLAUDE.md LOC cap relaxed to 200/300 - Version bumped to 0.2.0 - CHANGELOG.md reformatted to Keep a Changelog Phase 6 — Documentation: - README: What's New, multi-storage section, env vars, upgrade instructions - deploy/install.md: v0.2.0 upgrade guide, multi-storage config - PyPI publish workflow (.github/workflows/publish.yml) 171 tests passing (90 → 171). Zero runtime dependencies. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
dezgit2025
added a commit
that referenced
this pull request
Apr 28, 2026
#11) * Support multi-storage recall for Copilot CLI 1.0.34+ (fixes #3) * Align PR with CONTRIBUTING checks (ruff clean + docs update) * ci: add PyPI publish workflow on tag push Trusted Publisher OIDC — no API tokens needed. Triggers: git tag v* + git push origin v* Pipeline: test matrix → build → PyPI publish → GitHub Release Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat: v0.2.0 — multi-storage recall, security hardening, token budgets PR #5 remediation — 21 findings addressed across 6 phases: Phase 1 — Foundation fixes: - CC1: File backends opt-in via SESSION_RECALL_ENABLE_FILE_BACKENDS - F7: list --limit default reverted to 10 - F5: search excerpt restored to 250-char truncation - F1+F21: Deterministic labels + macOS VS Code path - CC4: Asymmetric lookback (5d JSONL / 30d SQLite) - F10: schema_problems() on repos command - F13: Provider field shortened/omitted Phase 1.5 — WSL/Linux compatibility: - VS Code Server path, XDG dirs verified Phase 2 — Structure + hardening: - CC2: file_backends.py split into providers/file/ subpackage - copilot_cli.py split into providers/copilot_cli/ subpackage - F3: Bounded JSONL reader (iter_jsonl_bounded) Phase 3 — Security: - F2: Symlink guard (is_under_root) at all glob sites - F4: Trust level field + sentinel fence for untrusted content - F6: mtime prefilter + early termination Phase 4 — Regression tests: - Token budget tests (list/search/files byte limits) - Adversarial tests (symlink, JSONL bomb, injection, nested JSON) Phase 5 — Conventions: - CLAUDE.md LOC cap relaxed to 200/300 - Version bumped to 0.2.0 - CHANGELOG.md reformatted to Keep a Changelog Phase 6 — Documentation: - README: What's New, multi-storage section, env vars, upgrade instructions - deploy/install.md: v0.2.0 upgrade guide, multi-storage config - PyPI publish workflow (.github/workflows/publish.yml) 171 tests passing (90 → 171). Zero runtime dependencies. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: resolve ruff lint errors (unused imports + __all__ re-exports) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: make test_schema_check_missing_db CI-compatible Test now handles both local (session-state exists) and CI (no Copilot CLI installed) environments gracefully. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: update progress.md (all phases complete) + save session context Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: jshessen <jeff.hessenflow@gmail.com> Co-authored-by: Desi Villanueva <217994822+dezgit2025@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Owner
|
Addressed via #11 — took the multi-storage concept but reimplemented with security hardening and provider isolation. Thank you for the contribution and the idea, @jshessen! The provider architecture, trust fencing, bounded JSONL reads, and token budget enforcement in v0.2.0 were all inspired by your work here. |
dezgit2025
added a commit
that referenced
this pull request
Apr 28, 2026
#11) * Support multi-storage recall for Copilot CLI 1.0.34+ (fixes #3) * Align PR with CONTRIBUTING checks (ruff clean + docs update) * ci: add PyPI publish workflow on tag push Trusted Publisher OIDC — no API tokens needed. Triggers: git tag v* + git push origin v* Pipeline: test matrix → build → PyPI publish → GitHub Release Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat: v0.2.0 — multi-storage recall, security hardening, token budgets PR #5 remediation — 21 findings addressed across 6 phases: Phase 1 — Foundation fixes: - CC1: File backends opt-in via SESSION_RECALL_ENABLE_FILE_BACKENDS - F7: list --limit default reverted to 10 - F5: search excerpt restored to 250-char truncation - F1+F21: Deterministic labels + macOS VS Code path - CC4: Asymmetric lookback (5d JSONL / 30d SQLite) - F10: schema_problems() on repos command - F13: Provider field shortened/omitted Phase 1.5 — WSL/Linux compatibility: - VS Code Server path, XDG dirs verified Phase 2 — Structure + hardening: - CC2: file_backends.py split into providers/file/ subpackage - copilot_cli.py split into providers/copilot_cli/ subpackage - F3: Bounded JSONL reader (iter_jsonl_bounded) Phase 3 — Security: - F2: Symlink guard (is_under_root) at all glob sites - F4: Trust level field + sentinel fence for untrusted content - F6: mtime prefilter + early termination Phase 4 — Regression tests: - Token budget tests (list/search/files byte limits) - Adversarial tests (symlink, JSONL bomb, injection, nested JSON) Phase 5 — Conventions: - CLAUDE.md LOC cap relaxed to 200/300 - Version bumped to 0.2.0 - CHANGELOG.md reformatted to Keep a Changelog Phase 6 — Documentation: - README: What's New, multi-storage section, env vars, upgrade instructions - deploy/install.md: v0.2.0 upgrade guide, multi-storage config - PyPI publish workflow (.github/workflows/publish.yml) 171 tests passing (90 → 171). Zero runtime dependencies. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: resolve ruff lint errors (unused imports + __all__ re-exports) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: make test_schema_check_missing_db CI-compatible Test now handles both local (session-state exists) and CI (no Copilot CLI installed) environments gracefully. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: update progress.md (all phases complete) + save session context Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: jshessen <jeff.hessenflow@gmail.com> Co-authored-by: Desi Villanueva <217994822+dezgit2025@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
dezgit2025
added a commit
that referenced
this pull request
Apr 28, 2026
#11) * Support multi-storage recall for Copilot CLI 1.0.34+ (fixes #3) * Align PR with CONTRIBUTING checks (ruff clean + docs update) * ci: add PyPI publish workflow on tag push Trusted Publisher OIDC — no API tokens needed. Triggers: git tag v* + git push origin v* Pipeline: test matrix → build → PyPI publish → GitHub Release Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat: v0.2.0 — multi-storage recall, security hardening, token budgets PR #5 remediation — 21 findings addressed across 6 phases: Phase 1 — Foundation fixes: - CC1: File backends opt-in via SESSION_RECALL_ENABLE_FILE_BACKENDS - F7: list --limit default reverted to 10 - F5: search excerpt restored to 250-char truncation - F1+F21: Deterministic labels + macOS VS Code path - CC4: Asymmetric lookback (5d JSONL / 30d SQLite) - F10: schema_problems() on repos command - F13: Provider field shortened/omitted Phase 1.5 — WSL/Linux compatibility: - VS Code Server path, XDG dirs verified Phase 2 — Structure + hardening: - CC2: file_backends.py split into providers/file/ subpackage - copilot_cli.py split into providers/copilot_cli/ subpackage - F3: Bounded JSONL reader (iter_jsonl_bounded) Phase 3 — Security: - F2: Symlink guard (is_under_root) at all glob sites - F4: Trust level field + sentinel fence for untrusted content - F6: mtime prefilter + early termination Phase 4 — Regression tests: - Token budget tests (list/search/files byte limits) - Adversarial tests (symlink, JSONL bomb, injection, nested JSON) Phase 5 — Conventions: - CLAUDE.md LOC cap relaxed to 200/300 - Version bumped to 0.2.0 - CHANGELOG.md reformatted to Keep a Changelog Phase 6 — Documentation: - README: What's New, multi-storage section, env vars, upgrade instructions - deploy/install.md: v0.2.0 upgrade guide, multi-storage config - PyPI publish workflow (.github/workflows/publish.yml) 171 tests passing (90 → 171). Zero runtime dependencies. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: resolve ruff lint errors (unused imports + __all__ re-exports) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: make test_schema_check_missing_db CI-compatible Test now handles both local (session-state exists) and CI (no Copilot CLI installed) environments gracefully. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: update progress.md (all phases complete) + save session context Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: jshessen <jeff.hessenflow@gmail.com> Co-authored-by: Desi Villanueva <217994822+dezgit2025@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Owner
|
Hey @jshessen — wanted to give you proper credit here. Your PR laid the groundwork for the multi-storage provider architecture we shipped in v0.2.0. The provider-based fallback design, the VS Code/JetBrains/Neovim backend concepts, and the JSONL event parsing all trace back to your work on this PR. We ended up refactoring significantly before merging (different module structure, tighter schema validation, some scope changes), but the core idea of pluggable storage providers originated here. You've been added to the Contributors section in the README. Thanks for the solid foundation. 🙏 |
dezgit2025
added a commit
that referenced
this pull request
Apr 29, 2026
Acknowledge jshessen's multi-storage provider architecture work that laid the groundwork for the v0.2.0 provider system. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
Author
Perfect -- I am just glad it can be extended to cover the other use cases |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR resolves Copilot CLI 1.0.34+ storage compatibility by introducing provider-based multi-storage recall instead of assuming a single SQLite layout.
Closes #3
Storage model coverage by provider
cli(Copilot CLI)~/.copilot/session-store.dblist,search,show,files,checkpoints,health,schema-checkclifallback~/.copilot/session-state/*/events.jsonllist,search,show(schema-check reports compatibility mode)vscode~/.config/Code/User/workspaceStorage/**/chatSessions/*.jsonl(+ flatpak/snap variants)list,search,show,filesjetbrains~/.config/github-copilot/chat-sessions/*+ related chat fileslist,search,show,filesneovim~/.config/github-copilot/**and~/.local/share/nvim/**chat JSON/JSONLlist,search,show,filesEnvironment overrides supported
SESSION_RECALL_DBSESSION_RECALL_CLI_STATE_ROOTSESSION_RECALL_VSCODE_STORAGESESSION_RECALL_JETBRAINS_ROOTSESSION_RECALL_NEOVIM_ROOTRuntime behavior and fallback semantics
Provider discovery
At runtime, providers are discovered and filtered to those actually available on the machine:
Command behavior in multi-storage mode
list,search,show,files,checkpointsnow route through active providers.schema-checkis provider-aware:session-state-or-sqlite) when fallback event storage is active.healthis provider-aware:UX and recall quality improvements
session-recall reposto summarize discovered repositories/workspaces across providers.What changed
src/session_recall/providers/(base.py,discovery.py,copilot_cli.py,file_backends.py,common.py)src/session_recall/commands/repos.pylist,search,show,files,checkpoints,health,schema-checksrc/session_recall/util/detect_repo.pysrc/session_recall/util/format_output.pytest_provider_backends.pytest_health_schema_multistorage.pytest_repo_scope_fallback.pytest_repos_command.pytest_list_sessions.pyHow this differs from PR #4
PR #4 primarily introduces a DB-layer adapter approach (
db/jsonl_store.py+ connect/schema integration).This PR addresses the same issue via provider routing and command-layer fallback, including:
Both aim at Issue #3 but with different architecture and operational surface area.
Validation
pytest src/session_recall/tests/ -q→ 105 passedruff check src/→ all checks passedpytest -q src/session_recall/tests/test_provider_backends.py src/session_recall/tests/test_repo_scope_fallback.py src/session_recall/tests/test_repos_command.py src/session_recall/tests/test_list_sessions.py src/session_recall/tests/test_health_schema_multistorage.py→ 18 passedCONTRIBUTING checklist
pytest src/session_recall/tests/ -qruff check src/README.md)