- Add 'github-copilot' to LlmProviderFlavor type in settings dialog
- Add GitHub Copilot Student to moreProviders array in UI
- Add github-copilot to initial providerConfigs state
- Add isGitHubCopilot flag to handle Device Flow auth flow
- Add GitHub Copilot authentication button in settings UI
- Add GitHub Copilot models (6 models) to listOnboardingModels() output
- Add eslint-disable comment for mock fetch in tests
This fixes the issue where GitHub Copilot Student was not appearing in the Models dropdown in the Settings dialog.
- Remove unused imports in github-copilot-auth.ts
- Remove unused variable in github-copilot-device-flow.ts
- Add eslint-disable comment for any in test file
- Add step-by-step testing procedures for all components
- Include manual Device Flow authentication testing
- Add LLM provider testing examples
- Include token storage and refresh verification
- Add model discovery and disconnection tests
- Provide troubleshooting guide
- Add security notes and best practices
- Add github-copilot-auth.ts: Complete Device Flow authentication service with token management and refresh logic
- Add github-copilot-models.ts: Model discovery and LLM provider integration for GitHub Copilot
- Make createProvider() async to support Device Flow OAuth authentication
- Update all createProvider() calls to await the async result
- Ensure proper token storage/retrieval from oauth.json
- Support automatic token refresh with fallback to re-authentication
- Add error handling for expired tokens and authentication failures
- All packages compile successfully without errors
- Add github-copilot as LLM provider flavor in schema
- Implement GitHub Copilot API integration using OpenAI-compatible endpoint
- Add OAuth Device Flow implementation (RFC 8628) for GitHub authentication
- Configure GitHub OAuth endpoints and client ID
- Add comprehensive documentation for GitHub Copilot integration
This allows users to authenticate with GitHub and use GitHub Copilot models
(GPT-4o, GPT-4, etc.) directly in Rowboat using device code flow authentication.
* feat(oauth): enhance Rowboat sign-in process to prevent duplicate users
Added billing information checks during the Rowboat OAuth connection and onboarding process to ensure user and Stripe customer existence before proceeding. This change mitigates the risk of creating duplicate users due to parallel API calls. Updated error handling for better debugging in case of failures.
* refactor(onboarding): remove billing info check during Rowboat OAuth connection
Eliminated the billing information check that was previously in place to prevent duplicate Stripe customers during the onboarding process. This change simplifies the onboarding flow while maintaining the necessary checks for composio flags after account connection.
Cmd+K (Ctrl+K on Win/Linux) now opens a unified palette with two
modes: Chat (default) and Search (existing behavior). Tab cycles
between them. In Chat mode, if the user triggered the shortcut from
the markdown editor, the palette auto-attaches a removable chip
showing the note path and precise cursor line. Enter sends the
prompt to the right-sidebar copilot — opening the sidebar if closed
and starting a fresh chat tab — with the chip carried as a
FileMention whose lineNumber is forwarded to the agent as
"... at <path> (line N)" so the agent can use workspace-readFile
with offset to fetch the right slice on demand.
Line numbers are computed against the same getMarkdownWithBlankLines
serializer used to write notes to disk, so the reference is
byte-identical to what the agent reads back.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mentions now route through the structured-attachment path, sending
only path/filename/mimeType. The agent fetches content on demand via
workspace-readFile (line-prefixed, paginated). Avoids freezing a stale
snapshot of the note into the conversation and saves tokens on long
notes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Returns utf8 reads as `<path>`/`<type>`/`<content>` blocks with each
line prefixed by its 1-indexed line number, plus offset/limit paging
and an end-of-file/truncation footer. Helps the agent reference
specific lines when forming precise edits to knowledge markdown.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Previously, the Google OAuth integration used a PKCE-only flow (no client
secret). This switches to a standard authorization code flow where the user
provides both a Client ID and Client Secret from a "Web application" type
OAuth client in Google Cloud Console. PKCE is retained alongside the secret
for defense in depth.
Key changes:
- oauth-client.ts: discoverConfiguration() and createStaticConfiguration()
now accept an optional clientSecret param. When provided, uses
ClientSecretPost instead of None() for client authentication.
- oauth-handler.ts: connectProvider() takes a credentials object
({clientId, clientSecret}) instead of a bare clientId. Removed eager
persistence of clientId before flow completion — credentials are now
only saved after successful token exchange. Renamed resolveClientId to
resolveClientCredentials to return both values from a single repo read.
- google-client-factory.ts: same resolveClientId → resolveCredentials
rename. Passes clientSecret to OAuth2Client constructor and
discoverConfiguration for token refresh.
- repo.ts: added clientSecret to ProviderConnectionSchema. Not exposed
to renderer via ClientFacingConfigSchema (stays main-process only).
- IPC: added clientSecret to oauth:connect request schema. Handler builds
a credentials object and passes it through.
- UI: GoogleClientIdModal now collects both Client ID and Client Secret
(password field). Always shown on connect — no in-memory credential
caching. Renamed google-client-id-store to google-credentials-store
with a unified {clientId, clientSecret} object.
- google-setup.md: updated to instruct users to create a "Web application"
type OAuth client (instead of UWP), add the localhost redirect URI, and
copy both Client ID and Client Secret. Added credentials modal screenshot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Introduced billing error patterns to match specific error messages and display appropriate user prompts in the ChatSidebar.
- Enhanced SidebarContentPanel and AccountSettings components to reflect subscription status, including trial expiration details.
- Updated button actions to direct users to the app URL for subscription management and upgrades.
- Added a new Payment section in AccountSettings for managing invoices and payment methods, with conditional rendering based on subscription status.
(Wire up the upgrade buttons)
- Introduced `appUrl` state in both SidebarContentPanel and AccountSettings components.
- Updated OAuth state handling to fetch and set the app URL when connected to Rowboat.
- Enhanced Upgrade button functionality to open the app URL if available.
- Improved error handling during app URL retrieval to ensure robustness.
