Per-file operation approval at the prompt #2015
Description
Describe the feature or problem you'd like to solve
File access permissions are granted at the directory level (/add-dir). When Copilot proposes writing to a specific file, there is no way to approve just that one operation — the user must either allow the entire containing directory or use /allow-all, granting broader access than intended. For sensitive locations (e.g. ~/.copilot/, ~/.ssh/), this forces an uncomfortable trade-off between convenience and least-privilege access.
Proposed solution
At the per-operation approval prompt, add a third option alongside Yes / No: "Yes, this file only".
This grants a one-shot, path-scoped permission for the specific file being written, without adding the parent directory to the persistent allow list.
Users retain fine-grained control without needing to manually /reset-allowed-tools afterwards.
Example prompts or workflows
- "Write my coding preferences to ~/.copilot/copilot-instructions.md" — approve only that file without opening ~/.copilot/ to further
writes. - "Update .env.local with the new API key" — allow the single file without granting access to the whole project root.
- "Append a rule to /etc/hosts" — system-sensitive file; user wants one write, not blanket /etc/ access.
- "Edit my ~/.gitconfig to add an alias" — home directory is broad; user trusts only this one file touch.
Additional context
The principle of least privilege is especially important in a terminal agent that can write to arbitrary paths.
Per-file approval closes the gap between the current binary choice (allow directory vs. deny) and what users actually want: a quick, scoped yes for a single known file.