chore: add Copilot custom instructions for code review

Repository-wide instructions (.github/copilot-instructions.md) cover architecture
overview, lock scope rules, glob anchoring, channel semantics, and deny.toml license
gaps.

Path-specific instruction files cover:
- bridge/lsp: TOCTOU, version overflow, notification_pump deadlock, file watcher
- config/deps: license allow list, serde round-trip tests, TOML defaults
- mcp: 1-based positions, JsonSchema derive, tool dispatch completeness
- tests: #[ignore] hygiene, resync coverage, glob pattern correctness
- ci: feature flag parity, RUSTDOCFLAGS, MSRV guards
- CHANGELOG: breaking change format, PR references

Instructions are derived from findings in PR #101 and #103 reviews.

Author: bug-ops

.github/copilot-instructions.md

@@ -0,0 +1,58 @@
+# Copilot Instructions for mcpls
+
+mcpls is a bridge between MCP (Model Context Protocol) and LSP (Language Server Protocol).
+AI clients speak MCP to mcpls; mcpls spawns and communicates with language servers over LSP.
+
+## Architecture
+
+```
+AI Client ←→ [MCP/stdio] ←→ mcpls ←→ [LSP/stdio] ←→ rust-analyzer / tsgo / pyright / ...
+```
+
+Key crates:
+- `mcpls-core/src/bridge/` — MCP→LSP translation, document state, diagnostics cache
+- `mcpls-core/src/lsp/` — LSP client, JSON-RPC 2.0 lifecycle, file watcher
+- `mcpls-core/src/mcp/` — MCP server, tool definitions and dispatch
+- `mcpls-core/src/config/` — TOML config, LSP server discovery heuristics
+
+## Code Review Priorities
+
+### Correctness
+
+- **Position encoding**: MCP is 1-based, LSP is 0-based. All conversions must go through
+  `bridge/encoding.rs`. Flag any direct arithmetic on line/column values outside that module.
+
+- **LSP protocol compliance**: Inbound JSON-RPC messages fall into four shapes:
+  `method`+`id` → server request, `method` only → notification,
+  `id`+(`result`|`error`) → response, anything else → protocol error.
+  Responses without `result` or `error` must not be silently treated as `null`.
+
+- **Document versioning**: `textDocument/didOpen` version numbers must be strictly
+  monotone per document URI. After `didClose`/`didOpen` resync cycles, reset to 1
+  rather than saturating at `i32::MAX`.
+
+- **Glob patterns**: `globset` matches against the full absolute path. Bare patterns
+  like `*.rs` only match filenames with no directory component. Patterns without a
+  leading `/` or `**/` prefix must be anchored with `**/` before passing to `GlobSetBuilder`.
+
+### Concurrency
+
+- **Lock scope**: `Arc<Mutex<Translator>>` must never be held across async LSP I/O
+  (notify calls, request round-trips). If a lock guard is held while awaiting a network
+  operation, flag it — this creates head-of-line blocking between request handlers and
+  the `notification_pump`.
+
+- **Channel semantics**: `std::sync::mpsc::SyncSender::send` blocks when the channel is
+  full; it does not drop. Use `try_send` when the intent is drop-on-full.
+
+### Dependencies
+
+- Check `deny.toml` allow list when new crates are introduced. Licenses not in the list
+  will fail `cargo deny check licenses` in CI. Common gap: `CC0-1.0` (used by `notify`).
+
+## Style
+
+- All `pub` types, traits, functions, and methods must have `///` doc comments explaining
+  *what* and *why*, not just restating the name.
+- No `unsafe` code — `deny(unsafe_code)` is enforced workspace-wide.
+- `#[non_exhaustive]` is required on any public enum that may gain variants in future releases.

.github/instructions/changelog.instructions.md

@@ -0,0 +1,14 @@
+---
+applyTo: "CHANGELOG.md"
+---
+
+## CHANGELOG review checklist
+
+- Breaking changes to public APIs (new enum variants, removed fields, changed
+  signatures) must appear under `### Changed` with an explicit "Breaking change:"
+  prefix. A `### Fixed` entry alone is not sufficient.
+- New `#[non_exhaustive]` enums or structs must be mentioned: downstream crates
+  that match exhaustively need to add a wildcard arm.
+- Every entry must reference the PR or issue number in parentheses: `(#NNN)`.
+- Entries go under `## [Unreleased]` until a release PR assigns a version.
+  Do not add entries directly under a versioned section.

.github/instructions/ci.instructions.md

@@ -0,0 +1,30 @@
+---
+applyTo: ".github/workflows/**,deny.toml,.cargo/**"
+---
+
+## CI and toolchain review checklist
+
+### Workflows
+
+- Feature flag sets in CI jobs must match the local pre-commit commands in `CLAUDE.md`
+  exactly: `--all-features` for clippy and nextest, `--no-deps --all-features` for
+  rustdoc. Divergence causes "passes locally, fails CI" issues.
+- `RUSTDOCFLAGS="-D warnings"` must be set in the rustdoc job. Without it, broken
+  intra-doc links and missing doc comments pass silently.
+- Nightly toolchain is required only for `cargo +nightly fmt`. All other jobs must use
+  stable. Pinning nightly globally causes unnecessary breakage on nightly regressions.
+
+### deny.toml
+
+- New dependencies require a license check before merge. Add the license to the
+  `allow` list in the same PR that introduces the crate. Do not merge a PR that
+  introduces a new crate without verifying `cargo deny check licenses` passes.
+- Known unlisted licenses that will fail CI: `CC0-1.0` (used by `notify`).
+- `cargo deny check advisories` must be clean. A new RUSTSEC advisory in a transitive
+  dependency is a blocker even if the vulnerable code path is not exercised.
+
+### MSRV
+
+- `rust-version` in `Cargo.toml` is the enforced minimum. Any API stabilised after
+  that version requires either a version bump (document in CHANGELOG) or a conditional
+  compile guard.

.github/instructions/mcp-tools.instructions.md

@@ -0,0 +1,25 @@
+---
+applyTo: "crates/mcpls-core/src/mcp/**"
+---
+
+## MCP layer review checklist
+
+### Tool parameter structs (`tools.rs`)
+
+- Every position parameter (`line`, `character`) must be documented as 1-based in both
+  the `///` doc comment and the `#[schemars(description)]` annotation. LSP is 0-based;
+  the conversion happens in `bridge/encoding.rs` — not here.
+- `file_path` parameters must accept absolute paths only. Doc comments must state this
+  explicitly so AI clients don't pass relative paths.
+- New tool structs require `#[derive(JsonSchema)]` — omitting it silently removes the
+  tool from the MCP schema exposed to clients.
+
+### Tool dispatch (`handlers.rs`, `server.rs`)
+
+- Every tool handler must call `ensure_open` (via `Translator`) before issuing any LSP
+  request. Skipping it produces stale results when the file has changed on disk since
+  the last access.
+- Tool errors must propagate as MCP error responses, not panics. `unwrap()` and
+  `expect()` are not acceptable in handler code.
+- New tools must be registered in both the tool list and the dispatch match arm.
+  A tool missing from either will either never appear to clients or panic at runtime.

.github/instructions/rust-bridge.instructions.md

@@ -0,0 +1,55 @@
+---
+applyTo: "crates/mcpls-core/src/bridge/**,crates/mcpls-core/src/lsp/**,crates/mcpls-core/src/lib.rs"
+---
+
+## Bridge and LSP layer review checklist
+
+### Document state (`bridge/state.rs`)
+
+- `ensure_open` stats the file on every call and compares `(mtime, size)` against the
+  cached `SyncSignature`. On mismatch it must send `didClose` then `didOpen` with a
+  bumped version before returning. Verify this resync path is exercised by a test.
+- Stat must happen on the same `File` handle as the subsequent read, or be re-done after
+  the read, to avoid TOCTOU: an atomic `rename(2)` between stat and `read_to_string` on
+  a coarse-mtime filesystem (ext4: 1 s, FAT32: 2 s) leaves the cached signature stale
+  permanently.
+- Version counter must reset to 1 on overflow, not saturate. `saturating_add(1)` at
+  `i32::MAX` sends the same version on every subsequent resync; rust-analyzer silently
+  discards non-monotone `didOpen` notifications.
+
+### Diagnostics pipeline (`bridge/translator.rs`, `bridge/notifications.rs`)
+
+- `DiagnosticsMode::Cached` returns an empty `Vec` for both "no errors" and "server
+  has not yet analysed this file". AI clients cannot distinguish these. Flag if callers
+  treat empty as "clean".
+- `merge_diagnostics` dedup key is `(range, severity, code)` when `code` is present,
+  falling back to a path-qualifier-stripped message otherwise. Doc comments that say
+  `(range, message, code)` are wrong — flag them.
+- `pull_diagnostics` has a 30 s timeout. In `Hybrid` mode it runs before the cache read.
+  The cache read is a synchronous hashmap lookup; it should not be blocked behind the
+  pull. Prefer `tokio::join!` for the two sources.
+
+### Notification pump (`lib.rs`)
+
+- `notification_pump` must hold only a `NotificationCache` lock, never the full
+  `Translator` lock. Holding `Mutex<Translator>` across an LSP round-trip in a request
+  handler while the pump waits for the same lock causes head-of-line deadlock when the
+  notification channel fills.
+
+### File watcher (`lsp/file_watcher.rs`)
+
+- `GlobPattern::String` patterns without a leading `/` or `**/` must be anchored with
+  `**/` before passing to `globset`. Bare `*.rs` does not match `/repo/src/lib.rs`.
+- `SyncSender::send` blocks when the channel is full. Use `try_send` with a warn log
+  when the documented intent is drop-on-full.
+- `NEVER_FORWARD_COMPONENTS` filtering should happen before the channel send, not after,
+  to avoid burning channel capacity on `target/` churn during `cargo build`.
+- `register()` overwrites duplicate registration IDs silently. LSP spec treats
+  re-registration as an error; at minimum log a warning.
+
+### LSP client (`lsp/client.rs`, `lsp/transport.rs`)
+
+- Server-to-client requests (`method` + `id`) must receive a JSON-RPC response.
+  Unhandled methods should return error code `-32601` (Method Not Found), not be dropped.
+- `id`-only messages (no `method`, no `result`, no `error`) are protocol errors and must
+  not be treated as successful `null` responses.

.github/instructions/rust-config.instructions.md

@@ -0,0 +1,22 @@
+---
+applyTo: "crates/mcpls-core/src/config/**,deny.toml,Cargo.toml,crates/*/Cargo.toml"
+---
+
+## Config and dependency review checklist
+
+### deny.toml
+
+- When a new crate is introduced, verify its license appears in the `allow` list.
+  `cargo deny check licenses` runs in CI and will fail on first run if the license is
+  missing. Known gap: `CC0-1.0` (used by `notify`).
+- Check `cargo deny check advisories` output for any new RUSTSEC advisories in added
+  dependencies.
+
+### Config (`config/mod.rs`)
+
+- New `#[serde(default)]` fields on public config structs must have a test covering
+  the omitted-key case (TOML round-trip, not just JSON).
+- Enum config options must include serde round-trip tests for every variant, both JSON
+  and TOML, since `#[serde(rename_all)]` applies to both serializers independently.
+- LSP server discovery heuristics (file-pattern matching) must be case-insensitive on
+  the extension comparison — APFS and NTFS are case-insensitive filesystems.

.github/instructions/tests.instructions.md

@@ -0,0 +1,33 @@
+---
+applyTo: "crates/mcpls-core/tests/**,crates/mcpls-core/src/**/tests.rs,crates/mcpls-core/src/**/*_tests.rs"
+---
+
+## Test review checklist
+
+### Integration tests (`tests/integration/`)
+
+- Tests requiring a live LSP binary (`rust-analyzer`, `tsgo`, etc.) must be marked
+  `#[ignore = "Requires <binary> in PATH"]`. Unmarked tests that shell out to LSP
+  binaries will break CI on clean runners.
+- `rust_analyzer_tests.rs` probes must verify the post-PR #103 diagnostic pipeline:
+  `get_diagnostics` should return errors for files with known type errors, and
+  `get_cached_diagnostics` should return the same set (non-empty) after a
+  `publishDiagnostics` notification has been received.
+
+### E2e tests (`tests/e2e/`)
+
+- Every e2e test spawns the mcpls binary. If the binary is not pre-built, the test
+  must be `#[ignore]`. Document the required build step in the ignore message.
+- Position values in e2e assertions must use 1-based line/column (MCP convention).
+  Using 0-based values will produce off-by-one failures that are hard to diagnose.
+
+### Unit tests
+
+- `ensure_open` resync path (signature mismatch → `didClose` + `didOpen`) must be
+  covered by an async test using a temp file and a mock `LspClient`. The stat-only
+  test (`test_stat_signature_changes_when_file_grows`) does not cover this path.
+- `FileWatcher::register` and `compute_changes` require unit tests. New glob
+  registrations must be verified to actually match the intended file paths using
+  absolute path strings — bare patterns like `*.rs` will not match.
+- `DiagnosticsMode` serde tests must cover all three variants in both JSON and TOML
+  deserialization, including the omitted-key default.