[enhancement] Implement required permission handler for Copilot SDK 0.1.24+

[github-actions]

Background

Recent changes to the GitHub Copilot SDK now require a permission handler to be provided when creating or resuming sessions. This was introduced in PR #554 by Steve Sanderson on Feb 24, 2026, and is enforced in SDK v0.1.24+.

Key SDK changes:

• Permission handler (onPermissionRequest) is now mandatory when calling createSession() or resumeSession()
• Applies to all permission types: 'tool', 'custom-tool', 'mcp-server', 'custom-agent'
• The handler receives PermissionRequest objects with kind, toolName, details, etc.
• Must return PermissionRequestResult: either { allow: true } or { deny: { kind: 'denied-interactively-by-user', reason: '...' } }

Related commits:

• 279f6c4 - Require permission handler on session creation
• 388f2f3 - Add permission checks for SDK-registered custom tools

Proposal

Implement a permission handler in src/services/copilot.ts that integrates with Planeteer's TUI to let users approve or deny tool/agent permissions interactively:

1. Add onPermissionRequest callback to createSession() calls in copilot.ts
2. Create a permission prompt component (e.g., src/components/permission-prompt.tsx) that:
   • Displays the tool/agent name requesting permission
   • Shows permission kind (tool, custom-tool, mcp-server, custom-agent)
   • Presents approve/deny buttons or keyboard shortcuts
   • Optionally allows "Always allow" / "Always deny" for specific tools
3. Store permission preferences (optional) in plan settings or global config to avoid repeated prompts for the same tools
4. Update executor.ts to handle permission denials gracefully (log and skip tasks if critical tools are denied)

Benefit

• Compliance with SDK requirements: Planeteer will work with SDK v0.1.24+ without errors
• User control: Users can see and approve what tools/agents Copilot uses during execution
• Security: Prevents unexpected tool usage, especially for custom MCP servers or third-party agents
• Better UX: Interactive permission prompts integrate naturally with Planeteer's TUI workflow

Acceptance Criteria

• src/services/copilot.ts provides onPermissionRequest handler to all createSession() calls
• Permission requests trigger an Ink component (modal or inline prompt) in the Execute screen
• Users can approve or deny permissions via keyboard input
• Permission decisions are logged to the event stream displayed in Execute screen
• Denied permissions do not crash task execution; instead, tasks log the denial reason and mark as failed
• Tests verify permission approval/denial flows (unit tests for handler logic)
• Updated to SDK ^0.1.25 to get latest permission features

AI generated by Weekly Enhancement Suggestions