# 🚀 GitHub Copilot SDK Pipe v0.8.0: Conditional Tool Filtering & Publish Reliability 🎛️ **GitHub Copilot SDK Pipe v0.8.0** — A major control and reliability upgrade. This release introduces a four-priority tool permission system that makes tool access fully configurable per conversation, fixes file publishing across all storage backends, and ensures CLI built-in tools are never accidentally silenced. --- ## 📦 Quick Installation - **GitHub Copilot SDK (Pipe)**: [Install v0.8.0](https://openwebui.com/posts/ce96f7b4-12fc-4ac3-9a01-875713e69359) - **GitHub Copilot SDK (Filter)**: [Install v0.1.3](https://openwebui.com/posts/403a62ee-a596-45e7-be65-fab9cc249dd6) --- ## 🚀 What's New in v0.8.0 ### 1. Conditional Tool Filtering (P1~P4) — The Headline Feature This release introduces a **four-priority tool permission system** that gives you precise control over which tools are active in each conversation. | Priority | Scope | Mechanism | | :--- | :--- | :--- | | **P1** | Global | Pipe-level Valve switches (`ENABLE_OPENWEBUI_TOOLS`, `ENABLE_OPENAPI_SERVER`, `ENABLE_MCP`) | | **P2** | Server-level | Admin `config.enable` — disable a tool server from the OpenWebUI admin panel without changing code | | **P3** | User-level | Per-user `UserValves` overrides | | **P4** | Conversation-level | **Chat UI tool selection** — only tools the user explicitly checks in the chat input are activated | **How P4 works**: OpenWebUI passes the user's currently selected tools as `tool_ids` in `__metadata__`. The plugin reads this whitelist and filters both **OpenWebUI tools** and **MCP servers** accordingly. - **Default ON (No Selection)**: If you **do not select any tools** (leave the checkbox empty), the plugin considers all enabled tools active (provided the P1 global Valve is enabled). OpenWebUI tools, OpenAPI Servers, and MCP Servers are **all mounted by default**. - **Whitelist Mode (Selection Active)**: Once you explicitly check at least one tool (e.g., only "web search"), **only your selected tools are activated**, and all other tools (including MCP servers) are filtered out. ``` User checks ✅ web-search, ✅ code-runner in Chat UI ↓ chat_tool_ids = ["web-search", "server:code-runner"] ↓ filtered tools = only the two checked tools ↓ MCP servers not in the list are skipped entirely ``` **P2 admin control**: Each tool server entry in OpenWebUI now has a `config.enable` field. Setting it to `false` from the admin panel disables that server globally — no Valve edits required. ### 2. File Publish Reliability — All Storage Backends Fixed The persistent `{"detail":"[ERROR: Error getting file content]"}` error when agents publish files has been fully resolved. | Root Cause | Fix | | :--- | :--- | | Fallback path used `shutil.copy2` + manual DB write, which stored a local absolute path that S3-backed deployments cannot resolve | Fallback now calls `Storage.upload_file()` directly, auto-adapting to local/S3/GCS/Azure | | HTML files were blocked by OpenWebUI's `ALLOWED_FILE_EXTENSIONS` check | Upload URL always includes `?process=false`, bypassing the content-type filter | When the published artifact is an HTML file, the plugin also returns a direct-access HTML link for immediate opening/preview in chat. All published links now follow a strict format: they must be relative paths beginning with `/api/v1/files/`. `api/...` (without leading slash) and domain-prefixed absolute URLs are treated as invalid. ### 3. CLI Built-in Tools Always Available `available_tools` is now always `None` (instead of filtering by loaded tool IDs), which means Copilot CLI built-in tools — such as `bash`, `create_file`, `read_file`, `list_directory` — are **always available by default**. Previously, when no server tools were configured/loaded, the CLI could receive `available_tools=[]` and silently block all built-ins. ### 4. Publish Tool Always Injected `publish_file_from_workspace` is injected into the tool list before the `ENABLE_OPENWEBUI_TOOLS` guard, so it is **never lost** even when all OpenWebUI tool loading is disabled via Valves. ### 5. Code Interpreter Warning (Not Disabled) The built-in `code_interpreter` tool is **enabled** but operates in a remote, ephemeral sandbox. A system prompt warning is now automatically injected to clarify its limitations: > "The `code_interpreter` tool executes code in a remote, ephemeral environment. It cannot access files in your local workspace or persist changes." ### 6. Bug Fixes Summary - **File publish backend mismatch**: Fixed object-storage publish failures (`Error getting file content`) caused by local-path fallback writes. - **HTML artifact extension rejection**: Fixed HTML uploads being blocked by OpenWebUI extension processing by forcing `?process=false`. - **Invalid artifact URL formats**: Fixed links occasionally generated as `api/...` or domain-prefixed URLs; output is now constrained to `/api/v1/files/...` relative paths. - **CLI built-ins silently blocked**: Fixed built-ins becoming unavailable when no server tools were configured/loaded (which resulted in `available_tools=[]`); now default remains `None`. - **Publish tool injection loss**: Fixed `publish_file_from_workspace` being omitted when `ENABLE_OPENWEBUI_TOOLS=False`. ### 7. Companion Files Filter Included in Pipe Guidance The release documentation now embeds the key points of `GitHub Copilot SDK Files Filter` so users can configure the full workflow from a single page: - It prevents default RAG pre-processing from consuming uploaded files before Pipe processing. - It preserves raw binary access by moving uploads into `copilot_files`. - v0.1.3 improvements included in guidance: BYOK model-id prefix matching + optional dual-channel debug logs. --- ## 🛠️ Key Capabilities | Feature | Description | | :--- | :--- | | **Conditional Tool Filtering (P1~P4)** | Multi-priority permission system: global Valves → admin config.enable → user valves → Chat UI selection | | **Universal Tool Protocol** | Native support for **MCP**, **OpenAPI**, and **OpenWebUI built-in tools** | | **Native Tool Call UI** | Adapted to OpenWebUI's built-in tool call rendering | | **Workspace Isolation** | Strict sandboxing for per-session data privacy and security | | **Workspace Artifacts** | Agents generate files (Excel/CSV/HTML) with persistent download links | | **Multi-storage Publishing** | File publish works across local disk, S3, GCS, and Azure backends | | **11-Language Localization** | Auto-detected, native status messages for global users | --- ## 🔄 Migration Notes - **No breaking changes** for existing users. The P4 whitelist is only active when the user has explicitly selected tools in the Chat UI; with no selection, all enabled tools are passed as before. - Users on S3/GCS/Azure deployments who experienced file download failures can now publish normally without any additional configuration. - `ENABLE_TOOL_CACHE` Valve has been removed. Tool server connections are now always read fresh from the database to avoid stale state across multiple workers. Use `MODEL_CACHE_TTL` for model list caching. --- ## 📥 Import Chat Templates - [📥 Star Prediction Chat log](https://fu-jie.github.io/awesome-openwebui/plugins/pipes/star-prediction-chat.json) - [📥 Video Processing Chat log](https://fu-jie.github.io/awesome-openwebui/plugins/pipes/video-processing-chat.json) *Settings → Data → Import Chats.* --- ## 🔗 Resources - **GitHub Repository**: [openwebui-extensions](https://github.com/Fu-Jie/openwebui-extensions) - **Full Changelog**: [README.md](https://github.com/Fu-Jie/openwebui-extensions/blob/main/plugins/pipes/github-copilot-sdk/README.md)