Summary
First off, thanks for the work on the local sandbox β it's a great feature. π
This is a friendly question / documentation request, not a bug report, and
I fully understand the root cause may well sit on the Windows platform side
rather than in Copilot CLI itself.
When the local sandbox is enabled on Windows and the sandbox policy references
paths on a ReFS volume (Dev Drive), sandboxed shell commands stop with a
backend_error. The runtime returns a very clear, helpful message β which
suggests the team is already aware of this and is handling it gracefully:
{"error":{"code":"backend_error","message":"The sandbox policy references paths
on ReFS volume(s) (D:) which may be a Dev Drive. The Bind Filter (BFS) used to
enforce filesystem policy does not work correctly on ReFS volumes, so sandboxed
processes may not be able to access files on those paths. Move your working
directory to an NTFS volume, or remove those paths from
readonlyPaths/readwritePaths."}}
(The message already mentions that the Windows Bind Filter (BFS) doesn't
work correctly on ReFS, so this looks like an underlying OS limitation that the
CLI is detecting and surfacing β which I appreciate.)
What I'd like to confirm
- Is this a known limitation at the moment? The clear error message makes
me think it is, but I wanted to confirm rather than assume.
- If it's a current constraint, would it be possible to mention it in the
docs β e.g. in
Configuring local sandbox settings?
There's currently no mention of ReFS / Dev Drive / NTFS in the docs, and I
couldn't find an existing issue tracking it, so a short note would save
others some head-scratching.
Why this matters (motivation, not a complaint)
On Windows, Microsoft Defender real-time scanning adds noticeable overhead to
small-file read/write operations. This is especially relevant for Copilot CLI
specifically: a large part of what the CLI does is searching across files
and their contents (grep/glob-style lookups, reading many small files to build
context), in addition to the usual dependency installs and builds. All of these
are small-file-I/O-heavy workloads where Defender overhead adds up quickly.
Dev Drive (ReFS) is Microsoft's recommended solution for exactly this kind
of workload (performance-mode antimalware on ReFS), so it's a particularly
attractive setup for running Copilot CLI. I'd like to keep my working directory
on a Dev Drive for that reason.
Because of the ReFS / Bind Filter interaction, though, the local sandbox and a
Dev Drive can't currently be used together on my setup. I completely understand
if this is gated by Windows platform behavior β I'm mainly hoping to (a) confirm
the current state and (b) have it documented so the trade-off is visible to
others. If it's something that could be supported down the line, that'd be a
nice bonus, but no pressure. π
Affected version
GitHub Copilot CLI 1.0.60.
Environment
- Tool: GitHub Copilot CLI 1.0.60
- OS: Windows 11 Enterprise
- Volume:
D: β FileSystemType ReFS, label DevDrive
- Sandbox: local sandbox enabled via
/sandbox enable
Steps to reproduce
- On Windows 11, use a Dev Drive (ReFS), e.g.
D:.
- Place a working directory on that volume.
- Start Copilot CLI there and run
/sandbox enable.
- Ask Copilot to run any shell command (e.g.
ls).
- The command stops with the
backend_error shown above.
Summary
First off, thanks for the work on the local sandbox β it's a great feature. π
This is a friendly question / documentation request, not a bug report, and
I fully understand the root cause may well sit on the Windows platform side
rather than in Copilot CLI itself.
When the local sandbox is enabled on Windows and the sandbox policy references
paths on a ReFS volume (Dev Drive), sandboxed shell commands stop with a
backend_error. The runtime returns a very clear, helpful message β whichsuggests the team is already aware of this and is handling it gracefully:
(The message already mentions that the Windows Bind Filter (BFS) doesn't
work correctly on ReFS, so this looks like an underlying OS limitation that the
CLI is detecting and surfacing β which I appreciate.)
What I'd like to confirm
me think it is, but I wanted to confirm rather than assume.
docs β e.g. in
Configuring local sandbox settings?
There's currently no mention of ReFS / Dev Drive / NTFS in the docs, and I
couldn't find an existing issue tracking it, so a short note would save
others some head-scratching.
Why this matters (motivation, not a complaint)
On Windows, Microsoft Defender real-time scanning adds noticeable overhead to
small-file read/write operations. This is especially relevant for Copilot CLI
specifically: a large part of what the CLI does is searching across files
and their contents (grep/glob-style lookups, reading many small files to build
context), in addition to the usual dependency installs and builds. All of these
are small-file-I/O-heavy workloads where Defender overhead adds up quickly.
Dev Drive (ReFS) is Microsoft's recommended solution for exactly this kind
of workload (performance-mode antimalware on ReFS), so it's a particularly
attractive setup for running Copilot CLI. I'd like to keep my working directory
on a Dev Drive for that reason.
Because of the ReFS / Bind Filter interaction, though, the local sandbox and a
Dev Drive can't currently be used together on my setup. I completely understand
if this is gated by Windows platform behavior β I'm mainly hoping to (a) confirm
the current state and (b) have it documented so the trade-off is visible to
others. If it's something that could be supported down the line, that'd be a
nice bonus, but no pressure. π
Affected version
GitHub Copilot CLI 1.0.60.
Environment
D:β FileSystemType ReFS, labelDevDrive/sandbox enableSteps to reproduce
D:./sandbox enable.ls).backend_errorshown above.