- Removed re-added collections/ path triggers from CI
- Merged plugin checklist improvements from both branches
- Kept plugin:generate-marketplace script from main
- Removed new ospo-sponsorship collection file (plugin already exists)
- Dropped obsolete plugin:migrate and plugin:refresh scripts
Replace Collections with Plugins as first-class citizens in the repo.
With the Copilot CLI v0.409 release making plugins an on-by-default
marketplace, collections are redundant overhead.
## What changed
### Plugin Infrastructure
- Created eng/validate-plugins.mjs (replaces validate-collections.mjs)
- Created eng/create-plugin.mjs (replaces create-collection.mjs)
- Enhanced all 42 plugin.json files with tags, featured, display, and
items metadata from their corresponding collection.yml files
### Build & Website
- Updated eng/update-readme.mjs to generate plugin docs
- Updated eng/generate-website-data.mjs to emit plugins.json with full
items array for modal rendering
- Renamed website collections page to plugins (/plugins/)
- Fixed plugin modal to use <div> instead of <pre> for proper styling
- Updated README.md featured section from Collections to Plugins
### Documentation & CI
- Updated CONTRIBUTING.md, AGENTS.md, copilot-instructions.md, PR template
- Updated CI workflows to validate plugins instead of collections
- Replaced docs/README.collections.md with docs/README.plugins.md
### Cleanup
- Removed eng/validate-collections.mjs, eng/create-collection.mjs,
eng/collection-to-plugin.mjs
- Removed entire collections/ directory (41 .collection.yml + .md files)
- Removed parseCollectionYaml from yaml-parser.mjs
- Removed COLLECTIONS_DIR from constants.mjs
Closes#711
Major upgrade:
- deps.dev GetDependencies: full tree in one call (direct + transitive)
- deps.dev GetVersion: cross-ecosystem package→repo mapping (7 ecosystems)
- deps.dev GetProject: OSSF Scorecard health data per project
- Direct vs transitive column (✅ vs ⛓️)
- Health column from Scorecard Maintained check
- Actionable minimum: '💡 Sponsoring just N people covers all funded deps'
- Graceful fallback to registry APIs if deps.dev unavailable
Inspired by jshchnz/tribute, adds:
- Link verification: every funding URL is fetched before presenting
- Web search fallback: finds funding even without FUNDING.yml
- How Verified column: transparency about data source
- 5 ecosystems: npm, Python, Rust, Go, Ruby (was npm-only)
- Corporate-maintained package detection
- No Verified Funding Found section for unfunded deps
Teaches Copilot how to scan a repo's dependencies and find which ones
accept sponsorship via GitHub Sponsors, Open Collective, etc.
Workflow:
1. Fetch package.json from target repo
2. Resolve each dep to source GitHub repo via npm registry
3. Check npm funding field + .github/FUNDING.yml
4. Group by maintainer, present report with sponsor links
Tested against expressjs/express: found 9/28 deps sponsorable (32%)
across 3 funding destinations.
Adds a Copilot CLI skill that teaches absolute beginners how to use
GitHub Copilot CLI through guided, interactive lessons right in the
terminal. Features:
- Dual-track learning: Developer (8 lessons) and Non-Developer (7 lessons)
- Interactive exercises using ask_user
- SQL-based progress tracking
- On-demand Q&A with live doc fetching
- Beginner-friendly with CLI glossary and fallback handling
Source repo: https://github.com/DUBSOpenHub/copilot-cli-quickstart
The samples page never called setupModal(), so the close button,
Escape key, and backdrop click handlers were never registered.
Add the missing setupModal() call matching all other pages.
Add a new cookbook recipe that generates WCAG accessibility reports using
the Playwright MCP server. Includes streaming output, structured report
formatting, and optional Playwright test generation.
- C#, TypeScript, Python, and Go implementations
- Markdown documentation for each language
- Updated cookbook.yml, copilot-sdk README, and package.json
- Add WorkingDirectory/working_directory to pin sessions to project root
- Add OnPermissionRequest/on_permission_request for unattended operation
- Add tool execution event logging for visibility
- Add See Also cross-links to error-handling and persisting-sessions
- Add best practices for WorkingDirectory and permission auto-approval
- Consistent across all 4 languages (Node.js, Python, .NET, Go)
Git operations (commit, push) belong in the prompt instructions, not
hardcoded in the loop orchestrator. The SDK recipes should focus purely
on the SDK API: create client, create session, send prompt, destroy.
