The Copilot CLI ignore "exclude content" of organization settings

[hi-morimoto-i]

Describe the bug

Organization administrators don't allow users to transmit confidential company data to the cloud.
"excluding content" is an extremely important feature for this purpose.

Many companies likely use this tool under the assumption this feature works properly.
Information leakage incidents are occurring worldwide due to this tool.

detail

I set below yaml to "exclude-content" of our organization settings.
(https://docs.github.com/en/copilot/how-tos/configure-content-exclusion/exclude-content-from-copilot)

This setting will keep the contents of “.env” files confidential across all repositories.

"*":
- "**/.env"

Then, launch The Copilot CLI in any repository.
Instructs the system to read the .env file located in this repository.

prompt

Check a .env file content. # in Japanese

response

The contents of the env file are as follows.
1. hogehoge 2.
2nd line is blank (or unset).
# in Japanese

Copilot CLI can access files that should be excluded.

When making a same request in GitHub Copilot Chat for VS Code, you'll receive a response stating that the file cannot be read (or that its existence is not recognized).

Affected version

Version 0.0.334 Commit 26896a6

Steps to reproduce the behavior

No response

Expected behavior

The contents of the “.env” file cannot be read. Or, the file's existence is not recognized.

Additional context

No response

[williammartin]

Thanks for raising this! I've opened a docs PR to clarify our behaviour github/docs#40705 to indicate the current state as the same as Copilot Coding Agent. I'm not going to close this though, I'm going to re-label it as a feature request, so that people can find it and weigh in on it. Totally understandable this would be desired.

Note, you said GitHub Copilot Chat for VS Code will respect this, though the docs say Agent mode in Copilot Chat in IDEs does not support this. Maybe those docs are out of date, or maybe there is a slight distinction in modes.