feat: expose CLI config options in Settings UI (fixes #698)

[github-actions]

Summary

Adds an Advanced section to the Settings page with toggles for three Copilot CLI configuration options requested in #698:

Toggle	Description
Compact Paste	Collapse large pasted content to save context-window tokens
Respect .gitignore	Exclude gitignored files from working-tree context
Disable All Hooks	Globally disable all CLI hooks (pre-tool-use, post-tool-use, etc.)

Changes

Model (ConnectionSettings.cs)

• Added CompactPaste, RespectGitignore, DisableAllHooks boolean properties (default false)
• Added SyncCliConfig() method that merges these values into ~/.copilot/config.json, preserving any existing keys in the file

Registry (SettingsRegistry.cs)

• Registered three SettingDescriptor entries under a new Advanced category
• Hidden in Remote/Demo modes (no local CLI to configure)
• Searchable by keywords: compact, paste, gitignore, hooks, cli config, advanced

UI (Settings.razor)

• Added ⚙️ Advanced nav item in the sidebar
• Added Advanced section with description and toggle rendering via SettingEditor
• Wired OnSettingChanged to call SyncCliConfig() when any advanced.* setting changes
• Added GroupVisible("advanced") search support

Tests

• ConnectionSettingsTests: defaults, JSON round-trip, backward compatibility, SyncCliConfig write + merge preservation
• SettingsRegistryTests: get/set value, visibility in different modes, search by keywords
• AdvancedCliConfigTests (integration): verifies the Advanced section renders in the live Blazor UI

Test Results

All 3661 unit tests pass. Integration tests build successfully.

• Fixes Expose additional CLI config options in Settings UI #698

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• 192.0.2.1

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "192.0.2.1"

See Network Configuration for more information.

Generated by Agent Fix for issue #698 · ● 50.4M · ◷

[github-actions]

Cross-Platform Verification — PR #806

Build Results

Platform	Status
Tests (macOS)	✅ success
Mac Catalyst build	✅ success
Windows build	✅ success

✅ All platforms verified

---

Triggered by: verify-build run

[github-actions]

🧪 Integration Test Report — PR #806

Platform	Build	Launch	DevFlow	Smoke
Linux/GTK (xvfb)	✅	✅	✅	✅
Mac Catalyst	✅	—	—	—
Windows	✅	✅	⚠️	⚠️

✅ All platforms passed

View full run

[github-actions]

Review-Fix Loop — Round 1 of 3

Findings addressed: 5 of 6

#	Severity	Finding	Status
1	🟡 MODERATE	Advanced nav button visible in Remote/Demo with no section	✅ Fixed
2	🟡 MODERATE	SyncCliConfig() only called on toggle change — config drifts on restart	✅ Fixed
3	🟡 MODERATE	Parse failure silently drops all non-PolyPilot config keys	✅ Fixed
4	🟡 MODERATE	No test-isolation override for ~/.copilot/ default path	⏭️ Skipped — method already has copilotConfigDir param; tests use temp dirs. Speculative concern.
5	🟢 MINOR	Integration tests log results but never assert	✅ Fixed
6	🟢 MINOR	Non-atomic File.WriteAllBytes risks torn reads	✅ Fixed

Tests

✅ All 3662 tests pass (including new test for parse-failure abort behavior)

Next steps

• Expert review round 2 dispatched ✅
• Cross-platform verify-build dispatched ✅

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• 192.0.2.1

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "192.0.2.1"

See Network Configuration for more information.

Generated by Review & Fix · ● 14.9M · ◷

[github-actions]

Cross-Platform Verification — PR #806

Build Results

Platform	Status
Tests (macOS)	✅ success
Mac Catalyst build	✅ success
Windows build	✅ success

✅ All platforms verified

---

Triggered by: verify-build run

[github-actions]

Expert Code Review — PR #806

Methodology: 3 independent reviewers with adversarial consensus

5 findings posted as inline comments (4 🟡 moderate, 1 🟢 minor)

Findings Summary

#	Severity	Consensus	File	Finding
1	🟡 MODERATE	3/3	Settings.razor	Advanced nav button visible in Remote/Demo modes with no matching content section
2	🟡 MODERATE	3/3 (follow-up)	ConnectionSettings.cs	SyncCliConfig() never called at startup — settings diverge from config.json
3	🟡 MODERATE	3/3 (follow-up)	ConnectionSettings.cs	Corrupt config.json causes silent loss of unrelated CLI config keys
4	🟡 MODERATE	3/3 (follow-up)	ConnectionSettings.cs	Upgrade overwrites user's manual config.json edits with defaults
5	🟢 MINOR	2/3	AdvancedCliConfigTests.cs	Integration tests have zero assertions — always pass

Discarded Findings

• Test isolation for SyncCliConfig path (1/3 — Reviewer 1 only, 🟢 MINOR)
• SyncCliConfig synchronous on UI thread (1/3 — Reviewer 2 only, 🟢 MINOR)

CI Status

No CI check runs detected on this PR.

Test Coverage

The PR includes good unit test coverage: defaults, JSON round-trip, backward compatibility, merge preservation, registry get/set, visibility by mode, and search keywords. Integration tests exist but lack assertions (Finding #5). No tests cover the startup sync gap (Finding #2) or corrupt file handling (Finding #3).

Generated by Expert Code Review · 3 independent reviewers with adversarial consensus

Generated by Expert Code Review · ● 31.7M · ◷

[github-actions]

Review Summary

The PR is well-structured: model properties, registry descriptors, UI wiring, config sync, and tests are all consistent. One moderate UX bug found; the rest is clean.

Findings

🟡 MODERATE — Advanced nav item visible when content section is hidden (Remote/Demo mode on desktop)

File: PolyPilot/Components/Pages/Settings.razor, line 70 (within diff)

The "Advanced" sidebar nav button is guarded only by PlatformHelper.IsDesktop, but the Advanced content section is guarded by advancedSettings.Any() — which returns false in Remote/Demo mode because all three descriptors have IsVisible = ctx => ctx.Settings.Mode != ConnectionMode.Remote && ctx.Settings.Mode != ConnectionMode.Demo. A desktop user in Remote mode sees a clickable "Advanced" nav entry that scrolls to nothing.

Scenario: Desktop user selects Remote mode → sidebar shows "Advanced" → clicking it does nothing (no #settings-advanced element exists to scroll to).

Fix: Add a mode guard to the nav button:

`@if` (PlatformHelper.IsDesktop
     && settings.Mode != ConnectionMode.Remote
     && settings.Mode != ConnectionMode.Demo)
{
    <button class="settings-nav-item ..." ...>Advanced</button>
}

Or compute advancedSettings earlier (e.g., as a field in RebuildSettingsContext) and use @if (advancedSettings.Any()) around the nav item.

---

🟢 MINOR — No test-isolation hook for ~/.copilot/config.json path

File: PolyPilot/Models/ConnectionSettings.cs, line ~378 (within diff, SyncCliConfig default path)

The no-arg SyncCliConfig() resolves to the real ~/.copilot/config.json via Environment.GetFolderPath(UserProfile). Unlike SettingsPath (which has SetSettingsFilePathForTesting), there's no override mechanism for the copilot config dir. Current tests pass explicit dirs so this is safe today, but if a future integration test exercises OnSettingChanged("advanced.compactPaste") end-to-end, it would silently mutate the user's real CLI config.

Fix: Add a static override field (matching the _settingsPath pattern):

private static string? _copilotConfigDirOverride;
internal static void SetCopilotConfigDirForTesting(string? dir) => _copilotConfigDirOverride = dir;

Then in SyncCliConfig: copilotConfigDir ??= _copilotConfigDirOverride ?? Path.Combine(home, ".copilot");

---

No regressions, race conditions, data-loss risks, or security issues found. The SyncCliConfig merge logic correctly preserves unrelated keys, the catch {} is appropriate for best-effort config writes, and the OnSettingChanged handler correctly calls both SyncCliConfig() and SaveSettingsQuietly() to keep both config files in sync.

Generated by Expert Code Review · ● 31.7M

[github-actions]

Review-Fix Loop — Round 2 of 3

Findings addressed: 5 of 5

#	Severity	Finding	Status
1	🟡 MODERATE	Advanced nav button visible in Remote/Demo modes	✅ Fixed — added mode guard matching registry visibility
2	🟡 MODERATE	SyncCliConfig() never called at startup — config drifts	✅ Fixed — added ImportCliConfigValues() at Settings page load
3	🟡 MODERATE	Corrupt config.json silently drops unrelated CLI keys	✅ Fixed — abort (return early) on parse failure
4	🟡 MODERATE	Upgrade overwrites user's manual config.json edits	✅ Fixed — ImportCliConfigValues() imports config.json values before any write
5	🟢 MINOR	Integration tests have zero assertions	✅ Fixed — added Assert.True/Assert.Contains

Additional improvements

• Atomic writes via temp-file-then-rename pattern (Finding 6 from Round 1)
• 5 new unit tests for corrupt config abort, atomic write, and ImportCliConfigValues

Tests

✅ All 3666 tests pass (5 new tests added)

Next steps

• Expert review round 3 dispatched ✅
• Cross-platform verify-build dispatched ✅

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• 192.0.2.1

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "192.0.2.1"

See Network Configuration for more information.

Generated by Review & Fix · ● 16.6M · ◷

[github-actions]

Cross-Platform Verification — PR #806

Build Results

Platform	Status
Tests (macOS)	✅ success
Mac Catalyst build	✅ success
Windows build	✅ success

✅ All platforms verified

Previous Review History

Found 2 automated review(s) on this PR. Build verification validates that all review-driven fixes compile and pass tests across platforms.

---

Triggered by: verify-build run

[github-actions]

Review-Fix Loop — Round 3 of 3

Findings addressed: 6 of 6

#	Severity	Finding	Status
1	🟡 MODERATE	Advanced nav button visible in Remote/Demo modes	✅ Fixed — added mode guard matching registry visibility
2	🟡 MODERATE	SyncCliConfig() never called at startup — config drifts	✅ Fixed — added ImportCliConfigValues() at Settings page load
3	🟡 MODERATE	Corrupt config.json silently drops unrelated CLI keys	✅ Fixed — abort (return early) on parse failure
4	🟡 MODERATE	Upgrade overwrites user's manual config.json edits	✅ Fixed — ImportCliConfigValues() imports config.json values before any write
5	🟢 MINOR	Integration tests have zero assertions	✅ Fixed — added Assert.True/Assert.Contains
6	🟢 MINOR	Non-atomic File.WriteAllBytes risks torn reads	✅ Fixed — atomic temp-file-then-rename pattern

Tests

✅ All 3667 tests pass (6 new unit tests added)

Round status

⚠️ This is round 3 of 3 (maximum). No further automated review rounds will be dispatched. Remaining findings (if any) require manual review.

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• 192.0.2.1

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "192.0.2.1"

See Network Configuration for more information.

Generated by Review & Fix · ● 18.5M · ◷

[github-actions]

Cross-Platform Verification — PR #806

Build Results

Platform	Status
Tests (macOS)	✅ success
Mac Catalyst build	✅ success
Windows build	✅ success

✅ All platforms verified

Previous Review History

Found 2 automated review(s) on this PR. Build verification validates that all review-driven fixes compile and pass tests across platforms.

---

Triggered by: verify-build run