[PR #977] Add Copilot agent manifest and usage documentation #1394

New Issue

Closed

opened 2026-01-29 22:20:21 +00:00 by claunia · 0 comments

claunia commented 2026-01-29 22:20:21 +00:00

Owner

Copy Link

Original Pull Request: https://github.com/adamhathcock/sharpcompress/pull/977

State: closed
Merged: Yes

---

Configures GitHub Copilot coding agent with conservative permissions for automated PR workflows. Enables agent to modify source/test files while requiring human review before merge.

Changes

• .github/agents/copilot-agent.yml: Agent manifest with scoped permissions

  • Write access limited to src/**/*, tests/**/*, README.md, AGENTS.md
  • Enforces review gate: require_review_before_merge: true, required_approvals: 1
  • Allows squash/merge strategies, disables auto-merge, enables workflow execution
  • Documents admin prerequisites: app installation and repo permissions (contents, PRs, checks, actions, issues: write)

• AGENTS.md: Agent instruction reference

  • Instruction channels: PR front-matter YAML, slash commands (/copilot run), labels
  • Configuration examples and recommended labels (copilot: run, copilot: approve)
  • Admin setup steps and governance controls

Admin Action Required

After merge, repository admin must:

1. Install GitHub Copilot coding agent app
2. Grant repository permissions matching manifest scope
3. Verify Actions enabled and branch protections compatible

Original prompt

Create a new branch named copilot-agent-config-and-docs and open a pull request against master that adds/updates the repository agent manifest and adds AGENTS.md to document how to request agent actions.

Files to add/update (only under .github, do not change source files):

1. .github/agents/copilot-agent.yml

• Update or create a manifest that enables the copilot-coding-agent and grants it conservative-but-functional permissions to create branches, modify files under src/ and tests/, open and update PRs, and run workflows. Include safety controls like require_review_before_merge: true and required_approvals: 1. Include notes documenting that repository admin must install/authorize the Copilot coding agent app and grant matching permissions.

Contents (exact):

enabled: true
agent:
name: copilot-coding-agent
allow:
- paths: ["src//*", "tests//*", "README.md", "AGENTS.md"]
actions: ["create", "modify", "delete"]
require_review_before_merge: true
required_approvals: 1
allowed_merge_strategies:
- squash
- merge
auto_merge_on_green: false
run_workflows: true
notes: |

• This manifest expresses the policy for the Copilot coding agent in this repository.
• It does NOT install or authorize the agent; a repository admin must install the Copilot coding agent app and grant the repository the necessary permissions (contents: write, pull_requests: write, checks: write, actions: write/read, issues: write) to allow the agent to act.
• Keep allow paths narrow and prefer require_review_before_merge during initial rollout.

2. AGENTS.md (at repository root)

• Add a markdown document that explains how to request agent actions, supported instruction channels (PR front-matter YAML, slash commands in PR comments, labels), examples, safety notes, and how to enable the agent.

Contents (exact):

Agent usage and commands

This document explains how maintainers and contributors can instruct the GitHub Copilot coding agent in this repository.

Supported instruction channels

• PR front-matter (YAML at top of PR body) — preferred for reproducibility.
• PR comment using slash-style commands (e.g. /copilot run apply-fixes).
• Add a label that triggers a run (e.g. copilot: run).

Example PR front-matter (place at the top of the PR body):

copilot:
  run: "apply-fixes"
  target_branch: "master"
  auto_merge: false
  run_tests: true
  required_approvals: 1

Example slash command via PR comment:

• /copilot run apply-fixes --target=master --run-tests

Recommended labels

• copilot: run -> instructs agent to run its default task on the PR
• copilot: approve -> if allowed by policy, agent may merge once checks pass

How to enable and grant permissions

1. Merge .github/agents/copilot-agent.yml into master.
2. As a repository administrator, install/authorize the GitHub Copilot coding agent app and grant it repository permissions that match the manifest (Contents: write, Pull requests: write, Checks: write, Actions: write/read, Issues: write).
3. Ensure Actions is enabled for the repository and branch protection rules are compatible with the manifest (or allow the agent to have the bypass when appropriate).

Safety & governance

• Keep allow paths narrow — only grant the agent write access where it needs it.
• Prefer require_review_before_merge: true during initial rollout.
• Use audit logs to review agent activity and require a human reviewer until you trust the automation.

PR details

• Branch name: copilot-agent-config-and-docs
• Changes: add/modify .github/agents/copilot-agent.yml and add AGENTS.md at repo root
• This PR is intentionally limited to configuration and documentation; it does not add any workflows that push changes or perform merges.

If the repository settings or installed apps block the agent from running, include a clear note in the PR description describing actions an admin must take: enable Actions, install Copilot coding agent app, grant repo write permissions to agent, or run onboarding steps.

Author: GitHub Copilot (@copilot) acting on behalf of adamhathcock.

This pull request was created as a result of the following prompt from Copilot chat.

Create a new branch named copilot-agent-config-and-docs and open a pull request against master that adds/updates the repository agent manifest and adds AGENTS.md to document how to request agent actions.

Files to add/update (only under .github, do not change source files):

1. .github/agents/copilot-agent.yml

• Update or create a manifest that enables the copilot-coding-agent and grants it conservative-but-functional permissions to create branches, modify files under src/ and tests/, open and update PRs, and run workflows. Include safety controls like require_review_before_merge: true and required_approvals: 1. Include notes documenting that repository admin must install/authorize the Copilot coding agent app and grant matching permissions.

Contents (exact):

enabled: true
agent:
name: copilot-coding-agent
allow:
- paths: ["src//*", "tests//*", "README.md", "AGENTS.md"]
actions: ["create", "modify", "delete"]
require_review_before_merge: true
required_approvals: 1
allowed_merge_strategies:
- squash
- merge
auto_merge_on_green: false
run_workflows: true
notes: |

• This manifest expresses the policy for the Copilot coding agent in this repository.
• It does NOT install or authorize the agent; a repository admin must install the Copilot coding agent app and grant the repository the necessary permissions (contents: write, pull_requests: write, checks: write, actions: write/read, issues: write) to allow the agent to act.
• Keep allow paths narrow and prefer require_review_before_merge during initial rollout.

2. AGENTS.md (at repository root)

• Add a markdown document that explains how to request agent actions, supported instruction channels (PR front-matter YAML, slash commands in PR comments, labels), examples, safety notes, and how to enable the agent.

Contents (exact):

Agent usage and commands

This document explains how maintainers and contributors can instruct the GitHub Copilot coding agent in this repository.

Supported instruction channels

• PR front-matter (YAML at top of PR body) — preferred for reproducibility.
• PR comment using slash-style commands (e.g. /copilot run apply-fixes).
• Add a label that triggers a run (e.g. copilot: run).

Example PR front-matter (place at the top of the PR body):

copilot:
  run: "apply-fixes"
  target_branch: "master"
  auto_merge: false
  run_tests: true
  required_approvals: 1

Example slash command via PR comment:

• /copilot run apply-fixes --target=master --run-tests

Recommended labels

• copilot: run -> instructs agent to run its default task on the PR
• copilot: approve -> if allowed by policy, agent may merge once checks pass

How to enable and grant permissions

1. Merge .github/agents/copilot-agent.yml into master.
2. As a repository administrator, install/authorize the GitHub Copilot coding agent app and grant it repository permissions that match the manifest (Contents: write, Pull requests: write, Checks: write, Actions: write/read, Issues: write).
3. Ensure Actions is enabled for the repository and branch protection rules are compatible with the manifest (or allow the agent to have the bypass when appropriate).

Safety & governance

• Keep allow paths narrow — only grant the agent write access where it needs it.
• Prefer require_review_before_merge: true during initial rollout.
• Use audit logs to review agent activity and require a human reviewer until you trust the automation.

PR details

• Branch name: copilot-agent-config-and-docs
• Changes: add/modify .github/agents/copilot-agent.yml and add AGENTS.md at repo root
• This PR is intentionally limited to configuration and documentation; it does not add any workflows that push changes or perform merges.

If the repository settings or installed apps block the agent from running, include a clear note in the PR description describing actions an admin must take: enable Actions, install Copilot coding agent app, grant repo write permissions to agent, or run onboarding steps.

Author: GitHub Copilot (@copilot) acting on behalf of adamhathcock.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

**Original Pull Request:** https://github.com/adamhathcock/sharpcompress/pull/977 **State:** closed **Merged:** Yes --- Configures GitHub Copilot coding agent with conservative permissions for automated PR workflows. Enables agent to modify source/test files while requiring human review before merge. ## Changes - **`.github/agents/copilot-agent.yml`**: Agent manifest with scoped permissions - Write access limited to `src/**/*`, `tests/**/*`, `README.md`, `AGENTS.md` - Enforces review gate: `require_review_before_merge: true`, `required_approvals: 1` - Allows squash/merge strategies, disables auto-merge, enables workflow execution - Documents admin prerequisites: app installation and repo permissions (contents, PRs, checks, actions, issues: write) - **`AGENTS.md`**: Agent instruction reference - Instruction channels: PR front-matter YAML, slash commands (`/copilot run`), labels - Configuration examples and recommended labels (`copilot: run`, `copilot: approve`) - Admin setup steps and governance controls ## Admin Action Required After merge, repository admin must: 1. Install GitHub Copilot coding agent app 2. Grant repository permissions matching manifest scope 3. Verify Actions enabled and branch protections compatible <!-- START COPILOT CODING AGENT SUFFIX --> <details> <summary>Original prompt</summary> > Create a new branch named copilot-agent-config-and-docs and open a pull request against master that adds/updates the repository agent manifest and adds AGENTS.md to document how to request agent actions. > > Files to add/update (only under .github, do not change source files): > > 1) .github/agents/copilot-agent.yml > - Update or create a manifest that enables the copilot-coding-agent and grants it conservative-but-functional permissions to create branches, modify files under src/ and tests/, open and update PRs, and run workflows. Include safety controls like require_review_before_merge: true and required_approvals: 1. Include notes documenting that repository admin must install/authorize the Copilot coding agent app and grant matching permissions. > > Contents (exact): > > enabled: true > agent: > name: copilot-coding-agent > allow: > - paths: ["src/**/*", "tests/**/*", "README.md", "AGENTS.md"] > actions: ["create", "modify", "delete"] > require_review_before_merge: true > required_approvals: 1 > allowed_merge_strategies: > - squash > - merge > auto_merge_on_green: false > run_workflows: true > notes: | > - This manifest expresses the policy for the Copilot coding agent in this repository. > - It does NOT install or authorize the agent; a repository admin must install the Copilot coding agent app and grant the repository the necessary permissions (contents: write, pull_requests: write, checks: write, actions: write/read, issues: write) to allow the agent to act. > - Keep allow paths narrow and prefer require_review_before_merge during initial rollout. > > 2) AGENTS.md (at repository root) > - Add a markdown document that explains how to request agent actions, supported instruction channels (PR front-matter YAML, slash commands in PR comments, labels), examples, safety notes, and how to enable the agent. > > Contents (exact): > > # Agent usage and commands > > This document explains how maintainers and contributors can instruct the GitHub Copilot coding agent in this repository. > > Supported instruction channels > - PR front-matter (YAML at top of PR body) — preferred for reproducibility. > - PR comment using slash-style commands (e.g. `/copilot run apply-fixes`). > - Add a label that triggers a run (e.g. `copilot: run`). > > Example PR front-matter (place at the top of the PR body): > > ```yaml > copilot: > run: "apply-fixes" > target_branch: "master" > auto_merge: false > run_tests: true > required_approvals: 1 > ``` > > Example slash command via PR comment: > - `/copilot run apply-fixes --target=master --run-tests` > > Recommended labels > - `copilot: run` -> instructs agent to run its default task on the PR > - `copilot: approve` -> if allowed by policy, agent may merge once checks pass > > How to enable and grant permissions > 1. Merge `.github/agents/copilot-agent.yml` into master. > 2. As a repository administrator, install/authorize the GitHub Copilot coding agent app and grant it repository permissions that match the manifest (Contents: write, Pull requests: write, Checks: write, Actions: write/read, Issues: write). > 3. Ensure Actions is enabled for the repository and branch protection rules are compatible with the manifest (or allow the agent to have the bypass when appropriate). > > Safety & governance > - Keep allow paths narrow — only grant the agent write access where it needs it. > - Prefer `require_review_before_merge: true` during initial rollout. > - Use audit logs to review agent activity and require a human reviewer until you trust the automation. > > PR details > - Branch name: copilot-agent-config-and-docs > - Changes: add/modify .github/agents/copilot-agent.yml and add AGENTS.md at repo root > - This PR is intentionally limited to configuration and documentation; it does not add any workflows that push changes or perform merges. > > If the repository settings or installed apps block the agent from running, include a clear note in the PR description describing actions an admin must take: enable Actions, install Copilot coding agent app, grant repo write permissions to agent, or run onboarding steps. > > Author: GitHub Copilot (@copilot) acting on behalf of adamhathcock. > </details> *This pull request was created as a result of the following prompt from Copilot chat.* > Create a new branch named copilot-agent-config-and-docs and open a pull request against master that adds/updates the repository agent manifest and adds AGENTS.md to document how to request agent actions. > > Files to add/update (only under .github, do not change source files): > > 1) .github/agents/copilot-agent.yml > - Update or create a manifest that enables the copilot-coding-agent and grants it conservative-but-functional permissions to create branches, modify files under src/ and tests/, open and update PRs, and run workflows. Include safety controls like require_review_before_merge: true and required_approvals: 1. Include notes documenting that repository admin must install/authorize the Copilot coding agent app and grant matching permissions. > > Contents (exact): > > enabled: true > agent: > name: copilot-coding-agent > allow: > - paths: ["src/**/*", "tests/**/*", "README.md", "AGENTS.md"] > actions: ["create", "modify", "delete"] > require_review_before_merge: true > required_approvals: 1 > allowed_merge_strategies: > - squash > - merge > auto_merge_on_green: false > run_workflows: true > notes: | > - This manifest expresses the policy for the Copilot coding agent in this repository. > - It does NOT install or authorize the agent; a repository admin must install the Copilot coding agent app and grant the repository the necessary permissions (contents: write, pull_requests: write, checks: write, actions: write/read, issues: write) to allow the agent to act. > - Keep allow paths narrow and prefer require_review_before_merge during initial rollout. > > 2) AGENTS.md (at repository root) > - Add a markdown document that explains how to request agent actions, supported instruction channels (PR front-matter YAML, slash commands in PR comments, labels), examples, safety notes, and how to enable the agent. > > Contents (exact): > > # Agent usage and commands > > This document explains how maintainers and contributors can instruct the GitHub Copilot coding agent in this repository. > > Supported instruction channels > - PR front-matter (YAML at top of PR body) — preferred for reproducibility. > - PR comment using slash-style commands (e.g. `/copilot run apply-fixes`). > - Add a label that triggers a run (e.g. `copilot: run`). > > Example PR front-matter (place at the top of the PR body): > > ```yaml > copilot: > run: "apply-fixes" > target_branch: "master" > auto_merge: false > run_tests: true > required_approvals: 1 > ``` > > Example slash command via PR comment: > - `/copilot run apply-fixes --target=master --run-tests` > > Recommended labels > - `copilot: run` -> instructs agent to run its default task on the PR > - `copilot: approve` -> if allowed by policy, agent may merge once checks pass > > How to enable and grant permissions > 1. Merge `.github/agents/copilot-agent.yml` into master. > 2. As a repository administrator, install/authorize the GitHub Copilot coding agent app and grant it repository permissions that match the manifest (Contents: write, Pull requests: write, Checks: write, Actions: write/read, Issues: write). > 3. Ensure Actions is enabled for the repository and branch protection rules are compatible with the manifest (or allow the agent to have the bypass when appropriate). > > Safety & governance > - Keep allow paths narrow — only grant the agent write access where it needs it. > - Prefer `require_review_before_merge: true` during initial rollout. > - Use audit logs to review agent activity and require a human reviewer until you trust the automation. > > PR details > - Branch name: copilot-agent-config-and-docs > - Changes: add/modify .github/agents/copilot-agent.yml and add AGENTS.md at repo root > - This PR is intentionally limited to configuration and documentation; it does not add any workflows that push changes or perform merges. > > If the repository settings or installed apps block the agent from running, include a clear note in the PR description describing actions an admin must take: enable Actions, install Copilot coding agent app, grant repo write permissions to agent, or run onboarding steps. > > Author: GitHub Copilot (@copilot) acting on behalf of adamhathcock. > <!-- START COPILOT CODING AGENT TIPS --> --- ✨ Let Copilot coding agent [set things up for you](https://github.com/adamhathcock/sharpcompress/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot) — coding agent works faster and does higher quality work when set up for your repo.

claunia added the pull-request label 2026-01-29 22:20:21 +00:00

claunia closed this issue 2026-01-29 22:20:21 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

release

adam/merge-release-to-master

dependabot/nuget/xunit.v3-3.2.2

adam/more-explode-async

copilot/fix-infinite-loop-rar-archive

adam/data-descriptor-fix

adam/fix-tests-with-proper-rewind

copilot/fix-data-descriptor-stream-bug

adam/lmza-investigation

adam/create-rar-async

adam/async-rar2

copilot/support-multi-threading-path

copilot/sub-pr-1132-again

adam/memory-perf

copilot/add-performance-benchmarking

copilot/sub-pr-1121

copilot/add-password-support-zip-files

copilot/add-so-optimized-zip-support

adam/rar-async-only

copilot/add-buffered-stream-async-read

copilot/sub-pr-1076

copilot/fix-decompression-exception

copilot/fix-archivefactory-issue

copilot/rationalize-sourcestream-volumes

adam/open-async

copilot/add-ace-archive-support

copilot/sub-pr-1040-again

adam/more-async-3

copilot/fix-tararchive-incomplete-iteration

adam/multi-threaded

copilot/sub-pr-1040

adam/awesome-copilot

copilot/fix-ziparchive-extraction-issue

copilot/fix-tararchive-open-crash

copilot/fix-tar-xz-file-reading-issue

copilot/setup-copilot-instructions

copilot/fix-decompression-performance-issue

copilot/convert-stream-access-to-async

adam/enable-agent

adam/async-deflate

adam/async-rar

adam/more-cleanup

adam/zstd

async-2

zstandard

net461-tests

dmg

async

build-netcore3

recycle-memory-stream

presentation

pax

netcore2

zip_encryption

dotnet-tool

tar_redux

native_zlib

Issue-197

system_buffers

TarNames

7zip_sfx

portable_crypto

WinRT

new_7zip

0.44.5

0.44.4

0.44.3

0.44.2

0.44.1

0.44.0

0.43.0

0.42.1

0.42.0

0.41.0

0.40.0

0.39.0

0.38.0

0.37.2

0.37.1

0.37.0

0.36.0

0.35.0

0.34.2

0.34.1

0.34.0

0.33.0

0.32.2

0.32.1

0.32

0.31

0.30.1

0.30

0.29

0.29.0

0.28.3

0.28.2

0.28.1

0.28

0.27.1

0.27

0.26

0.25.1

0.25

0.24

0.23

0.22

0.21.1

0.21

0.21.0

0.20.0

0.19.2

0.19.1

0.19

0.18.2

0.18.1

0.18

0.17.1

0.17.0

0.16.2

0.16.1

0.16.0

0.15.2

0.15.1

0.15.0

0.14.1

0.14.0

0.13.1

0.13.0

0.12.4

0.12.3

0.12.2

0.12.1

0.12.0

0.11.6

0.11.5

0.11.4

0.11.3

0.11.2

0.11.1

0.11

0.10.3

0.10.2

0.10.1.3

0.10.1.2

0.10.1.1

0.10.1

0.10

0.9

Labels

Clear labels

bug

duplicate

enhancement

feedback requested

not bug

pull-request

Mirrored from GitHub Pull Request

question

up for grabs

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claunia

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/sharpcompress#1394