Open
Conversation
* fix: replace execSync with execFileSync in docs validation Replace all execSync calls with execFileSync to avoid shell interpretation of interpolated paths. This resolves a CodeQL alert about shell command injection via uncontrolled absolute paths (scripts/docs-validation/validate.ts:79). execFileSync passes arguments as an array, bypassing the shell entirely, which eliminates the risk of path characters being misinterpreted. Also updated catch blocks to check err.stderr in addition to err.stdout, since 2>&1 shell redirection is no longer used. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: remove unused spawn import Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Document Microsoft Foundry Local setup and usage Added section for Microsoft Foundry Local with installation and usage instructions. * Update docs/auth/byok.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…#542) Update the Copilot CLI dependency to the latest version. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…external cancellation (github#543)
* Improve discoverability of permission handler being required * Update TypeScript tests * Formatting * Test updates * Formatting * More doc updates * Fix E2E tests: add permission handler to all session calls across Python, Go, C# - Add on_permission_request/OnPermissionRequest to all Python and Go E2E test create_session/resume_session calls - Fix pre-existing deny tests: restore 'denied-interactively-by-user' kind (was accidentally changed by blanket replace) - Fix session-resume scenario builds for Go and C# Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix docs validation: add permission handler to getting-started.md examples Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix remaining E2E tests missing permission handler - Go: client_test.go CreateSession calls need OnPermissionRequest - Python: test_client.py create_session call needs config arg Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace fabricated skill.json references with actual SKILL.md format used by the SDK. The previous doc described a skill.json manifest, prompts/ directory, and tools/ directory that don't exist in the implementation. Changes: - Replace skill.json with SKILL.md format (YAML frontmatter + markdown) - Fix directory structure to match actual layout (skill-name/SKILL.md) - Add onPermissionRequest to all code examples (required by SDK) - Remove fabricated prompts/ and tools/ directory concepts - Fix troubleshooting and best practices to reference SKILL.md - Remove speculative skill conflict precedence claims Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add permission checks for SDK-registered custom tools Add 'custom-tool' to the PermissionRequest kind union in Node.js and Python types. Update all existing custom tool e2e tests across all four languages (Node.js, Python, Go, .NET) to provide an onPermissionRequest handler, and add new e2e tests verifying permission approval and denial flows for custom tools. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR review: remove unused import, add toolName verification to Go and .NET tests - Remove unused PermissionRequestResult import from Node.js test - Add toolName assertion in Go test for cross-SDK parity - Add toolName assertion in .NET test for cross-SDK parity Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Formatting * Fix rebase issue * Go fix --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
--- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Upstream: github/copilot-sdk@f9144f1 ACP auto-resolved: false
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Upstream Sync
Commits: 12 new commits from upstream
Upstream SHA:
f9144f1e8cf90b805580413112d1d39a61d9bae5Base SHA:
c4b3b366c4bd8dfba9ba4aa05e4019825360ad78Upstream Changes
Conflict Resolution
After Merge
# Rebase feature branches git fetch origin main git rebase origin/mainAuto-generated by upstream-sync workflow