Improve permission approval on PowerShell read only commands #2273
Description
Describe the feature or problem you'd like to solve
Currently Copilot CLI uses PowerShell for a lot of tasks. And it asks for approval for each PowerShell commands, which can be very annoying if all of those commands are read only (not change anything). We need to provide a way to allow PowerShell read only operations.
Proposed solution
Classify a list of PowerShell commands as Read only, examples include:
- Get commands like:
- Get-Content
- Get-ChildItem
- Select commands like:
- Select-String
- Select-Object
- Format commands
- Format-Table
- Format-List
- Sort and Group commands
- Sort-Object
- Group-Object
- ConvertTo- and ConvertFrom- commands
- ConvertTo-Json
- ConvertFrom-Csv
- Selected Out- and Write- commands like:
- Out-String
- Write-Host
The above example does not include all read only commands. We could allow certain prefix (e.g. Get-, Select-), or to be safe, only list the ones we determine to be safe for now.
When the run a PowerShell script with only those commands, ask user whether to allow PowerShell read only commands
When user already allows PowerShell read only commands, run the script without confirmation.
Example prompts or workflows
No response
Additional context
No response