Repo Copilot
Repo Copilot is a VS Code extension for operating on many workspace Git repositories from one Dashboard. It uses repositories discovered by the built-in VS Code Git extension, then lets you review status, run Git actions, inspect MR/PR inboxes, check or update npm dependency metadata, run repository commands, and optionally generate MR/PR copy with an OpenAI-compatible model.
The Dashboard uses MR as the generic UI term for merge requests. On GitLab it creates Merge Requests; on GitHub it creates Pull Requests.
Good fits
- Multi-repo release preparation and branch checks.
- Checking whether release, hotfix, or feature branches exist across many repositories.
- Pulling current branches, switching branches, or creating a same-named branch in bulk.
- Checking which repositories already have open MR/PRs.
- Reviewing personal and workspace-scoped MR/PR inboxes for created, assigned, and review-requested work.
- Looking up npm package declarations and resolved lockfile versions.
- Applying consistent
dependencies, devDependencies, or Yarn resolutions entries to many root package.json files.
- Running common commands or npm scripts across selected repositories.
- Creating MR/PRs from current branches with optional generated titles and descriptions.
Requirements
- VS Code or a compatible editor with the built-in Git extension available.
- Git repositories opened in the current window, including single-root and multi-root workspaces.
- Local
git available on PATH for branch, status, diff, pull, and checkout operations.
- A GitHub or GitLab access token for MR/PR API features and Inbox views.
- Optional: an OpenAI-compatible
/chat/completions service for MR/PR copy generation.
Quick start
- Open a workspace that contains one or more Git repositories.
- Open Repo Copilot from the Activity Bar, or run
Repo Copilot: Open Dashboard.
- Use Refresh if the repository list has not loaded yet.
- Select repositories with row checkboxes, row click, keyboard Enter/Space, or Select visible after filtering.
- Run actions from the Git, Inbox, Dependencies, Terminal, or Settings tabs.
For GitHub/GitLab API features, set a token first:
Repo Copilot: Set Git Access Token
For LLM-generated MR/PR content, configure repoCopilot.llmBaseUrl, repoCopilot.llmModel, and an API key:
Repo Copilot: Set LLM API Key
Command Palette
| Command |
Purpose |
Repo Copilot: Open Dashboard |
Open or focus the Repo Copilot Dashboard. |
Repo Copilot: Refresh Repositories |
Reload repositories shown in the Dashboard. Also appears in the view title. |
Repo Copilot: Set Git Access Token |
Save a GitHub/GitLab API token in VS Code Secret Storage. |
Repo Copilot: Clear Git Access Token |
Remove the saved Git API token from Secret Storage. |
Repo Copilot: Set LLM API Key |
Save an OpenAI-compatible API key in Secret Storage. |
Repo Copilot: Clear LLM API Key |
Remove the saved LLM API key from Secret Storage. |
Repo Copilot: Hello |
Confirm that the extension is active. |
Dashboard
Repository list
- Repositories come from the built-in VS Code Git extension, not from arbitrary folder scanning.
- Each row shows repository name, root path tooltip, current branch, clean/changed state, and the last operation status.
- Repository filtering searches name, path, current branch, clean/changed state, last status, and last log text.
- Select visible selects or clears only repositories matching the current filter.
- Stats cards show total repositories, selected repositories, clean repositories, and changed repositories. Their info controls show a quick tooltip list.
- The external-link button on a repository row opens the default remote in a browser when a remote URL is available.
- Results and logs are shown in the bottom panel. Per-repository result cards can be collapsed, and Clear resets the panel.
- Long-running batch operations show a running state and can be cancelled. Cancelling aborts pending work and terminates active VS Code task executions where applicable.
- The webview keeps its context when hidden, and repository discovery refreshes when the view becomes visible or when Git repositories open/close.
Operation confirmation
Potentially mutating or command-running actions show a confirmation dialog before execution:
- Pull current branches.
- Switch branches.
- Create branches.
- Create MR/PRs.
- Apply
package.json settings.
- Run custom terminal commands.
- Run command presets.
- Run discovered tasks.
Read-only checks, Inbox refreshes, and remote-opening actions run without an operation confirmation.
Git tab
Merge Request
The Merge Request section works with GitHub and GitLab repositories. It uses the configured provider, custom API base URL if present, the repository remote URL, and the Git access token.
Actions:
- Check Open MR lists open MR/PRs for each selected repository.
- The target branch input is optional for Check Open MR. Empty input lists all open MR/PRs; a value filters by target/base branch.
- Create MR creates an MR/PR from each selected repository's current branch into the target branch.
- Advanced MR settings include assignees, reviewers, labels, draft mode, and GitLab remove-source-branch.
- Save Settings in this section writes MR settings to the selected settings target, user or workspace.
Create MR/PR preflight behavior:
- Target branch is required.
- Repositories with uncommitted changes are skipped.
- Detached HEAD is skipped.
- Current branch equal to the target branch is skipped.
- Repositories without a remote are skipped.
- If an open MR/PR already exists for the same source branch and target branch, Repo Copilot skips creation and returns the existing link.
- The source branch must exist on the default remote.
- The target branch must exist on the default remote.
- The current branch must have changed files compared with
target...HEAD.
- If Git cannot compare the current branch with the target branch locally, that repository is skipped.
Platform behavior:
- GitHub PR creation uses the Pulls API, then attempts to add assignees, labels, and requested reviewers. If these follow-up updates fail, creation still succeeds and warnings are shown.
- GitHub team reviewers can be configured as
org/team; Repo Copilot sends the team slug to GitHub.
- GitLab MR creation resolves assignee and reviewer usernames to user IDs before creating the MR.
- GitLab
remove_source_branch is controlled by repoCopilot.pullRequestRemoveSourceBranch; GitHub ignores that setting.
Branch Operations
Actions:
- Check Remote Branch runs
git ls-remote --heads <remote> and matches remote branch names.
- Pull Branch pulls each selected repository's current branch with
git pull --ff-only <remote> <branch>.
- Switch Branch runs
git checkout <branch>.
- Create Branch runs
git checkout -b <branch>.
Remote branch query patterns:
| Input |
Meaning |
main |
Exact branch name. |
release/* |
Glob with * wildcard. |
release~ |
Contains query; matches branch names containing release. |
| empty |
List all remote branches. |
Contains queries are case-sensitive. A bare ~ has no search term and matches nothing.
Pull behavior:
- Detached HEAD is skipped.
- Repositories without a remote are skipped.
- If the current branch has an upstream remote and merge ref, Repo Copilot pulls from that upstream.
- Otherwise it falls back to the default remote and the current branch name.
- The default remote is
origin when present, otherwise the first configured remote.
Switch and create branch behavior:
- Repo Copilot does not pre-block dirty repositories for checkout/create branch. Git decides whether local changes can be preserved or whether checkout must fail.
- Existing branch names for Create Branch surface as Git errors.
Inbox tab
Inbox is read-only. It does not create, review, merge, close, approve, or modify MR/PRs.
Personal Inbox
Personal Inbox is account-scoped. It uses the Git access token and the first loaded repository remote that can infer a supported GitHub/GitLab provider.
It shows:
- Created by me
- Assigned to me
- Needs my review
- A combined list of open MR/PR items.
- Local filtering by repository, project path, provider, title, author, source branch, target branch, role, labels, assignees, and reviewers.
- Filter list shortcuts on each stat card.
- Open links and Copy buttons for item title/link text.
GitHub Personal Inbox uses search queries such as author, assignee, and review-requested, then hydrates PR details. GitLab Personal Inbox uses dashboard merge request scopes where supported, with compatibility fallbacks for older GitLab variants.
Workspace Inbox
Workspace Inbox scans the Git repositories loaded in the current VS Code window.
- It uses
repoCopilot.pullRequestQueries to define enabled categories.
- It supports
created, assigned, and reviewRequested query kinds.
- Each query can optionally filter by target/base branch.
- Results are deduplicated when the same MR/PR matches more than one category, and badges show all matched roles.
- Items are sorted by latest update time.
- Repositories with missing or unsupported remotes are skipped with warnings.
- GitHub rate limits are detected; after a rate limit, remaining GitHub Inbox requests are skipped with a warning.
The Dashboard shows at most one enabled Workspace Inbox query per kind, ordered as Needs my review, Assigned to me, then Created by me.
Dependencies tab
Lookup
Check Dependencies checks whether selected repositories declare or resolve npm packages.
- Add multiple query rows.
- Each row contains one package name and optional comma-separated versions.
- Rows are ORed together: a repository passes if any row has a matching entry.
- Versions within one row are also ORed.
- Version matching is exact string matching. For example,
1.2.3 and ^1.2.3 are different.
- Scoped package names are supported.
- Node modules style paths can be normalized in some lockfile entries.
Files scanned at each repository root only:
package.json
package-lock.json
npm-shrinkwrap.json
pnpm-lock.yaml
yarn.lock
The lookup reports declared entries and resolved entries separately, including source file, scope, and version. It does not scan nested packages.
Package.json
Apply Settings updates root package.json files in selected repositories.
Supported sections:
resolutions
devDependencies
dependencies
Behavior:
- Multiple rows can be added per section.
- Empty rows are ignored.
- Duplicate section/package rows are rejected before execution.
- Missing
package.json files are skipped.
- Existing matching values are reported as unchanged and are not rewritten as meaningful changes.
- If a target section exists but is not an object, the repository fails for that update.
- The file must be valid strict JSON. Comments and trailing commas are not accepted.
- Edits are applied through
jsonc-parser modify operations with two-space formatting and a trailing newline.
- Dirty repositories are included after confirmation; Repo Copilot does not require a clean working tree for package updates.
Terminal tab
The Terminal tab supports configured presets, ad hoc shell commands, and discovered npm scripts.
Presets
Presets come from repoCopilot.commandPresets plus shell presets saved from the Dashboard.
- Presets are sorted with favorites first, then by label.
- The star button toggles a local favorite override stored in VS Code workspace state.
- The delete button removes the preset from workspace settings when a workspace preset array exists; otherwise it removes it from user settings.
- The run button executes the preset for selected repositories after confirmation.
Preset kinds:
| Kind |
Behavior |
shell |
Runs configured shell commands in each selected repository root and captures output in Dashboard results. |
npmScript |
Runs npm run <script> through VS Code Tasks with the repository root as cwd. |
vscodeTask |
Looks up an existing VS Code task by label, optionally type and source, and runs it when it matches the repository. |
Custom commands
- Each non-empty line is one shell command.
- Commands run sequentially per repository.
- A failure stops later custom commands for that repository.
- Output is captured in the Dashboard result details.
- Long output is truncated after 20,000 characters per repository result.
git status --short output is formatted for display.
- Save Preset stores the current custom commands as a
shell preset in the selected user/workspace settings target.
- Saving a preset to user settings clears a workspace override for
repoCopilot.commandPresets.
Discovered
- Refresh discovers root
package.json npm scripts for selected repositories.
- Scripts are grouped when they represent the same script and command across repositories.
- A discovered npm script runs through VS Code Tasks as
npm run <script>.
- Selected repositories that do not have the discovered script are skipped.
- Discovered task output is shown in native VS Code task terminals; Dashboard results show elapsed time and exit code.
Repo Copilot constructs per-repository npm script tasks on demand. It does not register a global VS Code Task Provider.
Settings tab
The Settings tab exposes Dashboard-managed settings and secret buttons.
- Save settings to chooses whether Dashboard save actions write to user settings or workspace settings.
- Git Access Token > Set Access Token opens the same Secret Storage command as
Repo Copilot: Set Git Access Token.
- LLM > Save Settings saves base URL, model, and extra headers.
- LLM > Set API Key opens the same Secret Storage command as
Repo Copilot: Set LLM API Key.
- Git provider, Git API base URL, request timeout, and plain-text token fallback values are configured through VS Code settings, not through Dashboard form fields.
- Clearing stored secrets is available from Command Palette commands.
Secret buttons visually indicate when a corresponding secret or setting value is configured.
Configuration
Prefer Secret Storage for token values:
Repo Copilot: Set Git Access Token
Repo Copilot: Set LLM API Key
Plain-text settings are compatibility fallbacks. If repoCopilot.gitAccessToken or repoCopilot.llmApiKey is set, the setting value takes precedence over Secret Storage.
Git hosting and MR/PR settings
{
"repoCopilot.gitProvider": "gitlab",
"repoCopilot.gitApiBaseUrl": "",
"repoCopilot.gitAccessToken": "",
"repoCopilot.pullRequestAssignees": [],
"repoCopilot.pullRequestReviewers": [],
"repoCopilot.pullRequestLabels": [],
"repoCopilot.pullRequestDraft": false,
"repoCopilot.pullRequestRemoveSourceBranch": true,
"repoCopilot.requestTimeoutMs": 120000
}
| Setting |
Default |
Description |
repoCopilot.gitProvider |
gitlab |
Git hosting provider for MR/PR API features. Use github, gitlab, or auto. auto only detects github.com and gitlab.com. |
repoCopilot.gitApiBaseUrl |
"" |
Optional GitHub/GitLab API base URL for private deployments. |
repoCopilot.gitAccessToken |
"" |
Plain-text token fallback. Prefer Secret Storage. |
repoCopilot.pullRequestAssignees |
[] |
Usernames/logins assigned to created MR/PRs. |
repoCopilot.pullRequestReviewers |
[] |
Usernames/logins requested for review. GitHub team reviewers can be written as org/team. |
repoCopilot.pullRequestLabels |
[] |
Labels added to created MR/PRs. |
repoCopilot.pullRequestDraft |
false |
Create draft MR/PRs. |
repoCopilot.pullRequestRemoveSourceBranch |
true |
GitLab remove-source-branch option. Ignored by GitHub. |
repoCopilot.requestTimeoutMs |
120000 |
Timeout in milliseconds for Git API calls, LLM calls, shell commands, and VS Code task waits. Minimum is 5000. |
Default API URL derivation:
- GitHub.com:
https://api.github.com
- GitHub Enterprise:
https://<host>/api/v3
- GitLab.com:
https://gitlab.com/api/v4
- GitLab self-managed:
https://<host>/api/v4
Set repoCopilot.gitApiBaseUrl explicitly when your deployment uses a different path.
Pull Request Inbox queries
{
"repoCopilot.pullRequestQueries": [
{
"id": "needs-my-review",
"label": "Needs my review",
"kind": "reviewRequested",
"limit": 50,
"enabled": true
},
{
"id": "assigned-to-me",
"label": "Assigned to me",
"kind": "assigned",
"limit": 50,
"enabled": true
},
{
"id": "created-by-me",
"label": "Created by me",
"kind": "created",
"limit": 50,
"enabled": true
}
]
}
| Field |
Description |
id |
Stable query identifier. Duplicate IDs are rejected. |
label |
Dashboard label for the category. |
kind |
created, assigned, or reviewRequested. |
targetBranch |
Optional target/base branch filter. |
limit |
Maximum items per repository. Values are normalized to 1 through 100. Default is 50. |
enabled |
Set false to hide the query. |
If the setting is missing or an empty array, Repo Copilot uses the three default queries above.
Command presets
{
"repoCopilot.commandPresets": [
{
"id": "npm-test",
"label": "npm test",
"kind": "npmScript",
"script": "test",
"favorite": true
},
{
"id": "git-status",
"label": "Git short status",
"kind": "shell",
"commands": ["git status --short"]
},
{
"id": "workspace-build-task",
"label": "Workspace build task",
"kind": "vscodeTask",
"taskLabel": "build",
"taskType": "shell",
"taskSource": "workspace"
}
]
}
| Field |
Description |
id |
Stable preset identifier. Duplicate IDs after the first are ignored. |
label |
Dashboard display label. |
kind |
shell, npmScript, or vscodeTask. |
commands |
Required for shell; each non-empty entry runs sequentially per repository. |
script |
Required for npmScript; runs as npm run <script>. |
taskLabel |
Required for vscodeTask; matches a VS Code task by name. |
taskType |
Optional VS Code task definition type matcher. |
taskSource |
Optional VS Code task source matcher. |
stopOnFailure |
Defaults to true; shell presets stop later commands for a repository after a failure. |
timeoutMs |
Optional preset timeout, normalized to at least 5000 ms. Falls back to repoCopilot.requestTimeoutMs. |
favorite |
Shows the preset near the top of the list. |
enabled |
Set false to hide the preset. |
Invalid preset entries are ignored.
LLM settings
{
"repoCopilot.llmBaseUrl": "https://api.openai.com/v1",
"repoCopilot.llmModel": "your-model-id",
"repoCopilot.llmApiKey": "",
"repoCopilot.llmExtraHeaders": {
"X-Client": "repo-copilot"
}
}
| Setting |
Default |
Description |
repoCopilot.llmBaseUrl |
"" |
OpenAI-compatible API base URL. It may point at /v1 or directly at /chat/completions. |
repoCopilot.llmModel |
"" |
Model ID used for MR/PR title and description generation. |
repoCopilot.llmApiKey |
"" |
Plain-text API key fallback. Prefer Secret Storage. |
repoCopilot.llmExtraHeaders |
{} |
Extra string headers sent with LLM requests. Empty header names or values are ignored. |
The model is asked to return strict JSON:
{
"title": "Short MR title",
"description": "Markdown MR description"
}
Natural-language title and description content is requested in Simplified Chinese. If the LLM is not configured, times out, returns invalid JSON, or fails, Repo Copilot uses local fallback content so MR/PR creation can continue.
If the branch has exactly one commit subject compared with the target branch, that subject is used as the MR/PR title even when LLM generation succeeds.
LLM-generated MR/PR content
When LLM configuration is complete, Create MR sends the following redacted context to the configured OpenAI-compatible service:
- Repository name.
- Source branch.
- Target branch.
- Changed file list.
- Git diff for
target...HEAD.
- Diff metadata, including whether the input was truncated.
The diff sent to the model is capped at about 200,000 characters. Git access tokens and LLM API keys are redacted before webview messages and before LLM prompt construction. Git tokens are not sent to the LLM service, and LLM API keys are not sent to GitHub/GitLab.
Behavior and limits
- Batch operations run with concurrency 3.
- Only one batch operation can run at a time.
- Repository discovery follows the built-in Git extension. The extension waits briefly on first load for Git repositories to appear.
- Repository sorting follows
scm.repositories.sortOrder for name and path; other values currently fall back to name sorting.
- Dirty state is based on
git status --porcelain -u.
- Remote branch checks call
git ls-remote --heads.
- Remote URLs support common HTTPS URLs and SSH scp-like URLs such as
git@github.com:owner/repo.git.
- Opening a remote repository converts the remote into an
https://<host>/<owner>/<repo> style browser URL.
- GitHub and GitLab API calls require a token with sufficient repository and MR/PR permissions.
- Git API GET requests retry transient network failures briefly. Non-GET requests are not retried.
- Inbox scans only loaded workspace repositories; it does not discover all repositories in an organization or group.
- Personal Inbox uses one inferred provider context from the first supported loaded repository remote.
- Dependency lookup and package updates only operate on files at each repository root.
- Terminal commands run in your local shell with each repository root as
cwd.
- VS Code task output is shown in native task terminals, not copied into Dashboard results.
- The Dashboard redacts configured Git and LLM secret values in posted messages and displayed result summaries.
Security notes
- Use Secret Storage commands for Git and LLM credentials whenever possible.
- Avoid plain-text token settings in shared workspace files.
- Batch terminal commands run locally with your current environment. Only run commands you trust.
- LLM generation sends code diff snippets to the configured LLM provider. Disable LLM settings if that is not acceptable for a repository.
- Inbox views and Check Open MR are read-only. Create MR and Git branch/package/terminal actions are mutating or command-running operations and should be reviewed in their confirmation dialogs.
FAQ
Why is the Dashboard empty?
Make sure the current window contains Git repositories and the built-in Git extension is available. Discovery can take a moment after opening a workspace; try Refresh Repositories.
Why does provider auto-detection fail for my private host?
repoCopilot.gitProvider: "auto" only recognizes github.com and gitlab.com. For self-hosted instances, set repoCopilot.gitProvider to github or gitlab, and set repoCopilot.gitApiBaseUrl when the default enterprise API path is not correct.
Why was MR/PR creation skipped?
Common reasons include uncommitted changes, detached HEAD, current branch equal to target branch, missing remote, current branch not present on the remote, target branch not present on the remote, an existing open MR/PR for the same source and target, no changed files compared with the target, or Git being unable to compare target...HEAD locally.
MR/PR creation does not depend on LLM generation. Incomplete configuration, timeout, request failure, invalid JSON, or missing title/description causes local fallback content. A single-commit branch also uses that commit subject as the title.
What token permissions are needed?
Use a token that can read MR/PRs and create MR/PRs in the target repositories. Adding assignees, reviewers, or labels requires platform permissions for those operations.