Skip to content

Update @github/copilot to 1.0.17#999

Merged
MackinnonBuck merged 2 commits intomainfrom
update-copilot-1.0.17
Apr 3, 2026
Merged

Update @github/copilot to 1.0.17#999
MackinnonBuck merged 2 commits intomainfrom
update-copilot-1.0.17

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions bot commented Apr 3, 2026

Automated update of @github/copilot to version 1.0.17.

Changes

  • Updated @github/copilot in nodejs/package.json and test/harness/package.json
  • Re-ran all code generators (scripts/codegen)
  • Formatted generated output

Created by the Update @github/copilot Dependency workflow.

@github-actions
Update @github/copilot to 1.0.17
ac55287 
- Updated nodejs and test harness dependencies
- Re-ran code generators
- Formatted generated code
@MackinnonBuck MackinnonBuck requested a review from Copilot April 3, 2026 17:50
Copilot AI reviewed Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the monorepo’s Copilot CLI dependency to @github/copilot@1.0.17 and regenerates the protocol-derived types across Node.js, Python, Go, and .NET so SDKs stay in sync with the updated CLI schema.

Changes:

  • Bumped @github/copilot to ^1.0.17 in the Node.js SDK and the test harness (and updated lockfiles).
  • Regenerated protocol/type outputs across languages (new fields + enum variants).
  • Refreshed the Node.js samples lockfile to match the updated SDK dependency tree.

Reviewed changes

Copilot reviewed 4 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
test/harness/package.json Bumps @github/copilot devDependency to ^1.0.17.
test/harness/package-lock.json Lockfile updates for @github/copilot@1.0.17 and platform optional deps.
nodejs/package.json Bumps SDK dependency on @github/copilot to ^1.0.17.
nodejs/package-lock.json Lockfile updates for @github/copilot@1.0.17 and platform optional deps.
nodejs/samples/package-lock.json Updates file-linked SDK package metadata to reflect new dependency versions.
nodejs/src/generated/session-events.ts Regenerated event typings (adds mcpServerName, resolvedByHook, new permission result kind, updated docs).
nodejs/src/generated/rpc.ts Regenerated RPC typings (adds new permission-result variant + fields).
python/copilot/generated/session_events.py Regenerated session event models (adds mcp_server_name, resolved_by_hook, enum addition, doc updates).
python/copilot/generated/rpc.py Regenerated RPC models (adds permission-result enum value and interrupt).
go/generated_session_events.go Regenerated event structs/enums (adds ResolvedByHook, MCPServerName, enum addition, doc updates).
go/rpc/generated_rpc.go Regenerated RPC structs/enums (adds Interrupt, enum addition).
dotnet/src/Generated/SessionEvents.cs Regenerated event models (adds ResolvedByHook, McpServerName, enum addition, doc updates).
Files not reviewed (3)
  • nodejs/package-lock.json: Language not supported
  • nodejs/samples/package-lock.json: Language not supported
  • test/harness/package-lock.json: Language not supported

@MackinnonBuck
Skip permission RPC response when resolvedByHook is true
8638ca6 
When the runtime resolves a permission request via a permissionRequest
hook, it sets resolvedByHook=true on the broadcast event. The SDK
broadcast handlers were unconditionally invoking the permission handler
and sending an RPC response, causing duplicate/invalid responses.

Add a guard in all four SDKs (Node, Python, Go, .NET) to skip the
permission handler and RPC response when resolvedByHook is set, while
still allowing event subscribers to observe the event.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@MackinnonBuck MackinnonBuck requested a review from a team as a code owner April 3, 2026 18:19
@github-actions
Copy link
Copy Markdown
Contributor Author

github-actions bot commented Apr 3, 2026

Cross-SDK Consistency Review ✅ (with one minor gap)

This PR correctly regenerates all SDK generated files across all four SDKs (Node.js, Python, Go, .NET) from the new @github/copilot 1.0.17 schema. The following changes are applied consistently:

Change Node.js Python Go .NET
context_limit added to errorType doc
resolvedByHook field in permission.requested data
Early-return guard for resolvedByHook in session handling
mcpServerName in tool request events
denied-by-permission-request-hook result kind
interrupt in handlePendingPermissionRequest RPC result ✅ (via generated type alias) ✅ (generated rpc.py) ✅ (generated rpc/generated_rpc.go) ✅ (via object result in Generated/Rpc.cs)

Minor follow-up consideration

The interrupt field and denied-by-permission-request-hook kind are now part of the generated RPC result types in all four SDKs. However, the public-facing PermissionRequestResult types (which SDK users return from their permission handlers) are hand-crafted and not auto-generated:

  • Node.js (types.ts): PermissionRequestResult is a type alias over the generated type, so it automatically exposes { kind: "denied-by-permission-request-hook"; message?: string; interrupt?: boolean } after this PR.
  • Python (session.py): PermissionRequestResultKind Literal and PermissionRequestResult dataclass do not include "denied-by-permission-request-hook" or an interrupt field.
  • Go (types.go): PermissionRequestResultKind constants and PermissionRequestResult struct do not include denied-by-permission-request-hook or Interrupt.
  • .NET (Types.cs): PermissionRequestResultKind and PermissionRequestResult do not include DeniedByPermissionRequestHook or Interrupt.

This creates a subtle API inconsistency: Node.js users can return { kind: "denied-by-permission-request-hook", interrupt: true } from their permission handler (the type system allows it), but Python/Go/.NET users would need to use untyped string values to achieve the same.

This may be intentional if denied-by-permission-request-hook is meant to be a CLI-internal kind (not returned by user-written handlers), but if it can be returned by SDK permission handlers, the public API types in Python, Go, and .NET should be updated to match Node.js's coverage.

This is a pre-existing structural difference (Node.js derives its public type from generated code; others hand-maintain it), so it's reasonable to track as a separate follow-up rather than blocking this automated PR.

Generated by SDK Consistency Review Agent for issue #999 ·

@MackinnonBuck MackinnonBuck added this pull request to the merge queue Apr 3, 2026
Merged via the queue into main with commit 0388b9d Apr 3, 2026
36 checks passed
@MackinnonBuck MackinnonBuck deleted the update-copilot-1.0.17 branch April 3, 2026 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@MackinnonBuck MackinnonBuck MackinnonBuck approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MackinnonBuck