Feature Request: Cross-environment session resume (local ↔ Codespace)

[maxbeizer]

Problem

There's no supported way to resume a Copilot CLI session across environments. A common workflow is starting work locally, then needing to continue in a Codespace (or vice versa). Today, --resume only works for sessions created in the same environment.

Current behavior

I manually copied a session directory (~/.copilot/session-state/<uuid>/) from my local machine to a Codespace and ran copilot --resume <uuid>. The CLI found the session directory but overwrote events.jsonl with a fresh session start event, destroying the transferred conversation history. The session had no prior context.

Desired behavior

A first-class way to continue a session in a different environment. This could take many forms — some options:

1. Make --resume work with transferred session directories — restore conversation history from the existing events.jsonl rather than overwriting it
2. Cloud-backed sessions — sessions stored server-side so --resume <id> works from any authenticated environment
3. Import from /share output — /share gist already exports sessions; a /import <gist-url> or copilot --resume-from <gist-url> could restore context from that export

Security considerations

Cross-environment session transfer raises real security questions that should inform the design:

• Session data is sensitive. events.jsonl contains the full conversation history — source code, command output, file contents, and potentially secrets or credentials that appeared in the session. Any transfer mechanism needs to treat this data carefully.
• Authentication boundary. Sessions reference tools, MCP servers, and permissions that may differ between environments. A resumed session shouldn't inherit elevated permissions from the source environment.
• Shared environments. If sessions can be transferred to Codespaces, there's a risk of session data landing in shared or org-wide Codespaces where others have access. The mechanism should warn or prevent transfer to untrusted environments.
• Gist-based transfer. If /share gist output becomes importable, secret gists are still accessible to anyone with the URL. Importing from gists should be opt-in and warn about the sensitivity of the data.
• Replay safety. Replaying events.jsonl in a new environment could re-execute tool calls (bash commands, file writes) that made sense in the original environment but are dangerous in the new one. Resume should restore context, not replay actions.

Workaround

Today I use /share gist to export the session, then manually paste a summarized handoff prompt into a new session in the target environment. This works but loses the structured session state (plan, todos, session DB, file tracking).

Environment

• Copilot CLI v0.0.415
• macOS → GitHub Codespace transfer