fix: reduce /enabled endpoint traffic and surface unexpected status codes (#308879)

* fix: cache CCA disabled results with 5-min TTL to reduce /enabled traffic

The checkCCAEnabled() method previously only cached enabled=true results
(introduced in 19541d7). For the majority of users whose repos have CCA
disabled, every provideChatSessionProviderOptions() call bypassed the cache
and hit the jobs/:owner/:repo/enabled CAPI endpoint unconditionally. With
growing adoption, this became significant upstream traffic.

Fix: cache all /enabled results. enabled=true keeps the 30-min TTL.
enabled=false/undefined uses a new 5-min TTL (CCA_DISABLED_CACHE_TTL_MS),
short enough that users who just enabled CCA won't wait long, but long enough
to dramatically reduce repeated calls.

To support the shorter TTL for disabled entries without changing the enabled
TTL, TtlCache.set() now accepts an optional per-entry ttlMs override that
takes precedence over the cache-wide TTL.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: surface unexpected /enabled status codes (e.g. 429) in telemetry

Previously, isCCAEnabled's default case returned { enabled: undefined }
with no statusCode, swallowing 429 rate-limit and 5xx responses.

Changes:
- Widen CCAEnabledResult.statusCode from 401|403|422 to number so
  unexpected codes can be propagated
- Return statusCode: response.status in isCCAEnabled's default case
- Add sendTelemetryErrorEvent('copilot.codingAgent.CCAIsEnabledUnexpectedStatus')
  in checkCCAEnabled for any status code outside {401, 403, 422}, with
  isRateLimited flag for quick 429 filtering in dashboards

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* refactor: hoist knownStatusCodes to constant and add GDPR annotation

- Extract CCA_KNOWN_STATUS_CODES to file-level Set to avoid re-creating
  it on every call and centralize the list of handled status codes
- Add __GDPR__ comment block for the new
  copilot.codingAgent.CCAIsEnabledUnexpectedStatus telemetry error event

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: joshspicer

extensions/copilot/src/extension/chatSessions/common/test/ttlCache.spec.ts

@@ -89,6 +89,23 @@ describe('TtlCache', () => {
 		vi.advanceTimersByTime(1000);
 		expect(cache.has('key')).toBe(false);
 	});
+
+	it('supports per-entry TTL override', () => {
+		const cache = new TtlCache<string>(5000);
+		cache.set('default', 'value1');
+		cache.set('short', 'value2', 1000);
+
+		vi.advanceTimersByTime(999);
+		expect(cache.get('default')).toBe('value1');
+		expect(cache.get('short')).toBe('value2');
+
+		vi.advanceTimersByTime(1);
+		expect(cache.get('default')).toBe('value1');
+		expect(cache.get('short')).toBeUndefined(); // expired at 1000ms
+
+		vi.advanceTimersByTime(4000);
+		expect(cache.get('default')).toBeUndefined(); // expired at 5000ms
+	});
 });
 
 describe('SingleSlotTtlCache', () => {

extensions/copilot/src/extension/chatSessions/common/ttlCache.ts

@@ -8,7 +8,7 @@
  * Entries are evicted lazily on access when their TTL has elapsed.
  */
 export class TtlCache<V> {
-	private readonly _entries = new Map<string, { value: V; timestamp: number }>();
+	private readonly _entries = new Map<string, { value: V; timestamp: number; ttlMs?: number }>();
 
 	/**
 	 * @param _ttlMs The time-to-live in milliseconds for cache entries.
@@ -23,7 +23,8 @@ export class TtlCache<V> {
 		if (!entry) {
 			return undefined;
 		}
-		if (Date.now() - entry.timestamp >= this._ttlMs) {
+		const ttl = entry.ttlMs ?? this._ttlMs;
+		if (Date.now() - entry.timestamp >= ttl) {
 			this._entries.delete(key);
 			return undefined;
 		}
@@ -32,9 +33,10 @@ export class TtlCache<V> {
 
 	/**
 	 * Stores a value in the cache with the current timestamp.
+	 * @param ttlMs Optional per-entry TTL override in milliseconds. If not provided, the cache-wide TTL is used.
 	 */
-	set(key: string, value: V): void {
-		this._entries.set(key, { value, timestamp: Date.now() });
+	set(key: string, value: V, ttlMs?: number): void {
+		this._entries.set(key, { value, timestamp: Date.now(), ttlMs });
 	}
 
 	/**

extensions/copilot/src/extension/chatSessions/vscode-node/copilotCloudSessionsProvider.ts

@@ -158,8 +158,13 @@ const CLEAR_CACHES_COMMAND_ID = 'github.copilot.chat.cloudSessions.clearCaches';
 const USER_SELECTED_REPOS_KEY = 'userSelectedRepositories';
 const USER_SELECTED_REPOS_EXPIRY_MS = 7 * 24 * 60 * 60 * 1000; // 1 week
 
-// TTL for caching /enabled responses (only caches enabled=true; disabled results always re-fetch)
+// TTL for caching /enabled responses when CCA is enabled
 const CCA_ENABLED_CACHE_TTL_MS = 30 * 60 * 1_000; // 30 minutes
+// Shorter TTL for caching /enabled responses when CCA is disabled or undetermined,
+// so users aren't stuck but we don't hammer the endpoint on every options query
+const CCA_DISABLED_CACHE_TTL_MS = 5 * 60 * 1_000; // 5 minutes
+// Status codes that are expected/handled by isCCAEnabled; anything else is unexpected
+const CCA_KNOWN_STATUS_CODES = new Set([401, 403, 422]);
 // TTL for caching session provider options (custom agents, models, partner agents, etc.)
 const OPTIONS_CACHE_TTL_MS = 15 * 60 * 1_000; // 15 minutes
 
@@ -273,7 +278,7 @@ export class CopilotCloudSessionsProvider extends Disposable implements vscode.C
 	private readonly gitOperationsManager = new CopilotCloudGitOperationsManager(this.logService, this._gitService, this._gitExtensionService);
 
 	// TTL cache for CCA enabled status per repository (key: "owner/repo")
-	// Only caches enabled=true results; disabled results always re-fetch to avoid stuck states
+	// enabled=true cached for 30 min; disabled/undetermined cached for 5 min to reduce traffic
 	private _ccaEnabledCache = new TtlCache<CCAEnabledResult>(CCA_ENABLED_CACHE_TTL_MS);
 
 	// Single-slot TTL cache for the full session provider options result (custom agents, models, partner agents, etc.)
@@ -600,8 +605,8 @@ export class CopilotCloudSessionsProvider extends Disposable implements vscode.C
 	/**
 	 * Checks if the Copilot cloud agent is enabled for a repository.
 	 * Results are cached with a TTL: enabled=true results are cached for {@link CCA_ENABLED_CACHE_TTL_MS},
-	 * while enabled=false results are never cached (always re-fetched) so users who just
-	 * enabled CCA are not stuck in a disabled state.
+	 * while disabled/undetermined results are cached for a shorter {@link CCA_DISABLED_CACHE_TTL_MS}
+	 * to balance responsiveness with reducing endpoint traffic.
 	 * @param owner Repository owner
 	 * @param repo Repository name
 	 * @returns CCAEnabledResult with enabled status and optional status code
@@ -610,19 +615,20 @@ export class CopilotCloudSessionsProvider extends Disposable implements vscode.C
 		const cacheKey = `${owner}/${repo}`;
 
 		const cached = this._ccaEnabledCache.get(cacheKey);
-		if (cached !== undefined && cached.enabled === true) {
+		if (cached !== undefined) {
 			this.logService.trace(`copilotCloudSessionsProvider#checkCCAEnabled: using cached CCA enabled status for ${owner}/${repo}: ${cached.enabled}`);
 			return cached;
 		}
 
 		const result = await this._octoKitService.isCCAEnabled(owner, repo, {});
 
-		// Only cache enabled=true results with a TTL; disabled results should always re-fetch
+		// Cache all results: enabled=true uses the default 30 min TTL,
+		// disabled/undetermined uses a shorter 5 min TTL so users who just
+		// enabled CCA aren't stuck for too long
 		if (result.enabled === true) {
 			this._ccaEnabledCache.set(cacheKey, result);
 		} else {
-			// Remove any stale positive cache entry
-			this._ccaEnabledCache.delete(cacheKey);
+			this._ccaEnabledCache.set(cacheKey, result, CCA_DISABLED_CACHE_TTL_MS);
 		}
 
 		this.telemetry.sendTelemetryEvent('copilot.codingAgent.CCAIsEnabledCheck', { microsoft: true, github: false }, {
@@ -631,6 +637,22 @@ export class CopilotCloudSessionsProvider extends Disposable implements vscode.C
 			cacheHit: 'false',
 		});
 
+		// Track unexpected status codes (429 rate-limit, 5xx, etc.) as errors so they surface in dashboards
+		if (result.statusCode !== undefined && !CCA_KNOWN_STATUS_CODES.has(result.statusCode)) {
+			/* __GDPR__
+				"copilot.codingAgent.CCAIsEnabledUnexpectedStatus" : {
+					"owner": "joshspicer",
+					"comment": "Fired when the /enabled endpoint returns an unexpected HTTP status code (e.g. 429 rate-limit or 5xx).",
+					"statusCode": { "classification": "SystemMetaData", "purpose": "PerformanceAndHealth", "comment": "The unexpected HTTP status code returned by the /enabled endpoint." },
+					"isRateLimited": { "classification": "SystemMetaData", "purpose": "PerformanceAndHealth", "comment": "True if the status code is 429 (rate limited)." }
+				}
+			*/
+			this.telemetry.sendTelemetryErrorEvent('copilot.codingAgent.CCAIsEnabledUnexpectedStatus', { microsoft: true, github: false }, {
+				statusCode: String(result.statusCode),
+				isRateLimited: String(result.statusCode === 429),
+			});
+		}
+
 		this.logService.trace(`copilotCloudSessionsProvider#checkCCAEnabled: fetched CCA enabled status for ${owner}/${repo}: ${result.enabled}`);
 		return result;
 	}

extensions/copilot/src/platform/github/common/githubService.ts

@@ -97,9 +97,10 @@ export interface CCAEnabledResult {
 	 */
 	enabled: boolean | undefined;
 	/**
-	 * The HTTP status code when the cloud agent is disabled (401, 403, or 422).
+	 * The HTTP status code from the /enabled response. Known values: 401, 403, 422.
+	 * Unexpected values (e.g. 429 rate-limit, 5xx) are also propagated for telemetry.
 	 */
-	statusCode?: 401 | 403 | 422;
+	statusCode?: number;
 }
 
 export interface IOctoKitSessionInfo {

extensions/copilot/src/platform/github/common/octoKitServiceImpl.ts

@@ -530,7 +530,7 @@ export class OctoKitService extends BaseOctoKitService implements IOctoKitServic
 					return { enabled: false, statusCode: 422 };
 				default:
 					this._logService.trace(`Unexpected status code for isCCAEnabled: ${response.status}`);
-					return { enabled: undefined };
+					return { enabled: undefined, statusCode: response.status };
 			}
 		} catch (e) {
 			this._logService.error(`Error checking if CCA is enabled: ${e}`);