Bump GitHub.Copilot.SDK from 0.2.1 to 0.3.0 by dependabot[bot] · Pull Request #28 · AutomateThePlanet/Spectra

dependabot · 2026-04-25T01:15:28Z

Updated GitHub.Copilot.SDK from 0.2.1 to 0.3.0.

Release notes

Sourced from GitHub.Copilot.SDK's releases.

0.3.0

This release adds new capabilities — per-session authentication, scoped permissions, agent-level tool and skill control, MCP interop utilities, and more — alongside a broad naming cleanup across all four SDK languages. As we close in on a GA release, we've done a deep clean on our naming to bring it closer to the final state, reducing the amount of churn you should expect in subsequent releases. The result is a more consistent, more readable API surface across the board.

New features

Per-session GitHub authentication

Sessions can now carry their own GitHub identity. Different sessions on the same CLI server can have different GitHub users, Copilot plans, and quota limits.

const session = await client.createSession({
    onPermissionRequest: approveAll,
    gitHubToken: userAToken, // Session-level identity
});

This is independent of the client-level gitHubToken (which authenticates the CLI process itself, and is not required if all sessions bring their own auth). The session-level token determines the identity used for content exclusion, model routing, and quota checks.

Per-agent tool visibility

A new defaultAgent.excludedTools option lets you hide tools from the default agent while keeping them available to custom sub-agents, enabling the orchestrator pattern where the default agent delegates to specialized sub-agents. (#1098)

Per-agent skills

Custom agents can now declare skills: string[] to eagerly inject specific skills into their context at startup. Skills are opt-in — agents receive no skills by default, and sub-agents do not inherit skills from the parent. (#995)

Sub-agent streaming content

When streaming is enabled, assistant.message_delta and assistant.reasoning_delta events are now also delivered for sub-agents. Each event carries an agentId field identifying which sub-agent produced it (absent for the root agent). If your application renders all streaming deltas to the UI, you'll want to filter by agentId (or for pure back-compat, set includeSubAgentStreamingEvents: false on SessionConfig to get the old behavior of only streaming main-agent content updates). (#1108)

Session idle timeout

A new sessionIdleTimeoutSeconds client option configures automatic session cleanup after inactivity. When set, sessions without activity for the specified duration are cleaned up. Disabled by default (sessions live indefinitely). Previously, sessions would always time out after 30 minutes of idleness - this change fixes that. (#1093)

Custom HTTP headers for BYOK model providers

Provider headers and per-message requestHeaders can now be passed through createSession, resumeSession, and send, enabling custom header forwarding to bring-your-own-key model providers. (#1094)

MCP CallToolResult conversion

A new convertMcpCallToolResult() utility function converts MCP CallToolResult objects (with content arrays of text, image, and resource blocks) into the SDK's ToolResultObject format. This makes it easy to use MCP tool servers as backends for SDK tool handlers. (#1049)

`ProviderConfig` exported

ProviderConfig is now re-exported from the Node.js and Python SDK entry points, so consumers no longer need to duplicate the type locally when configuring Responses API providers. (#1048)

New RPC methods

Additional low-level RPC methods are now available via session.rpc:
... (truncated)

0.3.0-preview.1

This release adds new capabilities — per-session authentication, scoped permissions, agent-level tool and skill control, MCP interop utilities, and more — alongside a broad naming cleanup across all four SDK languages. As we close in on a GA release, we've done a deep clean on our naming to bring it closer to the final state, reducing the amount of churn you should expect in subsequent releases. The result is a more consistent, more readable API surface across the board.

New features

Per-session GitHub authentication

Sessions can now carry their own GitHub identity. Different sessions on the same CLI server can have different GitHub users, Copilot plans, and quota limits.

const session = await client.createSession({
    onPermissionRequest: approveAll,
    gitHubToken: userAToken, // Session-level identity
});

This is independent of the client-level gitHubToken (which authenticates the CLI process itself, and is not required if all sessions bring their own auth). The session-level token determines the identity used for content exclusion, model routing, and quota checks.

Per-agent tool visibility

A new defaultAgent.excludedTools option lets you hide tools from the default agent while keeping them available to custom sub-agents, enabling the orchestrator pattern where the default agent delegates to specialized sub-agents. (#1098)

Per-agent skills

Custom agents can now declare skills: string[] to eagerly inject specific skills into their context at startup. Skills are opt-in — agents receive no skills by default, and sub-agents do not inherit skills from the parent. (#995)

Sub-agent streaming content

When streaming is enabled, assistant.message_delta and assistant.reasoning_delta events are now also delivered for sub-agents. Each event carries an agentId field identifying which sub-agent produced it (absent for the root agent). If your application renders all streaming deltas to the UI, you'll want to filter by agentId (or for pure back-compat, set includeSubAgentStreamingEvents: false on SessionConfig to get the old behavior of only streaming main-agent content updates). (#1108)

Session idle timeout

A new sessionIdleTimeoutSeconds client option configures automatic session cleanup after inactivity. When set, sessions without activity for the specified duration are cleaned up. Disabled by default (sessions live indefinitely). Previously, sessions would always time out after 30 minutes of idleness - this change fixes that. (#1093)

Custom HTTP headers for BYOK model providers

Provider headers and per-message requestHeaders can now be passed through createSession, resumeSession, and send, enabling custom header forwarding to bring-your-own-key model providers. (#1094)

MCP CallToolResult conversion

A new convertMcpCallToolResult() utility function converts MCP CallToolResult objects (with content arrays of text, image, and resource blocks) into the SDK's ToolResultObject format. This makes it easy to use MCP tool servers as backends for SDK tool handlers. (#1049)

`ProviderConfig` exported

ProviderConfig is now re-exported from the Node.js and Python SDK entry points, so consumers no longer need to duplicate the type locally when configuring Responses API providers. (#1048)

New RPC methods

Additional low-level RPC methods are now available via session.rpc:
... (truncated)

0.3.0-preview.0

What's Changed

Add Go submodule version tags for reproducible builds by @Copilot in Add Go submodule version tags for reproducible builds github/copilot-sdk#33
Correct backtick code block formatting by @leereilly in Correct backtick code block formatting github/copilot-sdk#43
Add minor updates to python sdk by @sugatoray in Add minor updates to python sdk github/copilot-sdk#45
Add tests to verify forward compatibility for unknown session event types by @Copilot in Add tests to verify forward compatibility for unknown session event types github/copilot-sdk#35
fix(go): ensure reliable session event handler unsubscription by @nathfavour in fix(go): ensure reliable session event handler unsubscription github/copilot-sdk#24
Fix Go e2e tests not running in CI by @SteveSandersonMS in Fix Go e2e tests not running in CI github/copilot-sdk#47
Fix JSON-RPC pipe reads >64KB by handling short reads by @Copilot in Fix JSON-RPC pipe reads >64KB by handling short reads github/copilot-sdk#31
Update @github/copilot to 0.0.387 by @devm33 in Update @github/copilot to 0.0.387 github/copilot-sdk#54
Fix escape issue in client.ts by @doggy8088 in Fix escape issue in client.ts github/copilot-sdk#56
Allow issue triage workflow to run for all users by @Copilot in Allow issue triage workflow to run for all users github/copilot-sdk#32
Improve abort tests across all SDKs; add Go unsubscribe tests by @SteveSandersonMS in Improve abort tests across all SDKs; add Go unsubscribe tests github/copilot-sdk#48
Add config dir to session options by @devm33 in Add config dir to session options github/copilot-sdk#15
Update some snapshots; remove redundant ones by @SteveSandersonMS in Update some snapshots; remove redundant ones github/copilot-sdk#52
feat: add skillDirectories and disabledSkills to all SDKs by @friggeri in feat: add skillDirectories and disabledSkills to all SDKs github/copilot-sdk#57
Fix and unskip some skills E2E tests by @SteveSandersonMS in Fix and unskip some skills E2E tests github/copilot-sdk#69
Use STJ's polymorphism support instead of custom converter by @stephentoub in Use STJ's polymorphism support instead of custom converter github/copilot-sdk#70
Update CONTRIBUTING.md to clarify contribution types by @SteveSandersonMS in Update CONTRIBUTING.md to clarify contribution types github/copilot-sdk#68
Copilot SDK Cookbook by @aaronpowell in Copilot SDK Cookbook github/copilot-sdk#80
Add getting started tutorial by @burkeholland in Add getting started tutorial github/copilot-sdk#63
Update README title and add demos folder by @ashleywolf in Update README title and add demos folder github/copilot-sdk#75
Move docs to correct folder by @patniko in Move docs to correct folder github/copilot-sdk#82
Move examples and demos docs by @patniko in Move examples and demos docs github/copilot-sdk#83
Moving files into the correct locations by @aaronpowell in Moving files into the correct locations github/copilot-sdk#84
Update README structure and add samples folder by @ashleywolf in Update README structure and add samples folder github/copilot-sdk#85
feat: add status, auth, and models metadata APIs to all SDKs by @friggeri in feat: add status, auth, and models metadata APIs to all SDKs github/copilot-sdk#77
Adding FAQ section to the README by @aaronpowell in Adding FAQ section to the README github/copilot-sdk#86
Make the .NET library NativeAOT compatible by @stephentoub in Make the .NET library NativeAOT compatible github/copilot-sdk#81
Fix code formatting by @SteveSandersonMS in Fix code formatting github/copilot-sdk#90
fix: correct broken links in cookbook documentation by @GeekTrainer in fix: correct broken links in cookbook documentation github/copilot-sdk#93
Fix .NET SDK prerequisites in CONTRIBUTING.md by @Copilot in Fix .NET SDK prerequisites in CONTRIBUTING.md github/copilot-sdk#87
fix: remove temporary README.md replacement step from publish workflow by @patniko in fix: remove temporary README.md replacement step from publish workflow github/copilot-sdk#108
Modify npm init command for module type by @sinedied in Modify npm init command for module type github/copilot-sdk#132
Document external CLI server connection by @Copilot in Document external CLI server connection github/copilot-sdk#103
Add agentic workflow for cross-SDK consistency enforcement by @Copilot in Add agentic workflow for cross-SDK consistency enforcement github/copilot-sdk#95
Bump Python minimum version to 3.9+ by @Copilot in Bump Python minimum version to 3.9+ github/copilot-sdk#151
Add missing list_sessions() method to Python SDK client by @Copilot in Add missing list_sessions() method to Python SDK client github/copilot-sdk#153
Re-run uv lock and fix Python tests by @friggeri in Re-run uv lock and fix Python tests github/copilot-sdk#157
Document image attachment support in SDK READMEs by @Copilot in Document image attachment support in SDK READMEs github/copilot-sdk#150
Bump githubnext/gh-aw from 0.36.0 to 0.37.1 by @dependabot[bot] in Bump githubnext/gh-aw from 0.36.0 to 0.37.1 github/copilot-sdk#66
Adding .NET to the devcontainer by @aaronpowell in Adding .NET to the devcontainer github/copilot-sdk#88
Use Pydantic for weather parameters in get_weather by @adityagesh in Use Pydantic for weather parameters in get_weather github/copilot-sdk#120
Add uv sync as alternative installation option by @harupy in Add uv sync as alternative installation option github/copilot-sdk#146
feat: Infinite Sessions by @jmoseley in feat: Infinite Sessions github/copilot-sdk#76
Fix BYOK FAQ: clarify it refers to API keys, not encryption keys by @mohamedaminehamdi in Fix BYOK FAQ: clarify it refers to API keys, not encryption keys github/copilot-sdk#174
Include community SDKs in README by @brunoborges in Include community SDKs in README github/copilot-sdk#178
docs: add MCP server usage documentation by @AnassKartit in docs: add MCP server usage documentation github/copilot-sdk#98
Add download badges to README by @Copilot in Add download badges to README github/copilot-sdk#156
docs: add .NET example for interactive weather assistant by @vicperdana in docs: add .NET example for interactive weather assistant github/copilot-sdk#119
chore: Update generated events to match schemas. by @jmoseley in chore: Update generated events to match schemas. github/copilot-sdk#208
... (truncated)

0.2.2

Feature: session filesystem support across all four SDKs

The sessionFs feature introduced earlier in Node.js is now available across .NET, Go, and Python too, so you can redirect session-scoped storage (events, checkpoints, temp files, workspace state) to your own backing store instead of the runtime's default local filesystem. This is especially useful for serverless and multi-tenant hosts. (#1036)

// TypeScript
const client = new CopilotClient({
  sessionFs: { initialCwd: "/", sessionStatePath: "/s", conventions: "posix" },
});

const session = await client.createSession({
    createSessionFsHandler: () => ({ readFile: async () => "...", writeFile: async () => { /* ... */ }, /* ... */ })
});

// C#
var client = new CopilotClient(new CopilotClientOptions {
    SessionFs = new()
    {
        InitialCwd = "/",
        SessionStatePath = "/",
        Conventions = SessionFsSetProviderRequestConventions.Posix
    }
});

var session = await client.CreateSessionAsync(new SessionConfig
{
    CreateSessionFsHandler = _ => new MySessionFsHandler(/* ... */) // e.g., map to in-memory storage, etc
});

For a full end-to-end sample of a multi-user hosted system using sessionFs, see https://github.com/github/copilot-sdk-server-sample

Feature: override model capabilities when creating a session or switching models

All SDKs can now override individual model capabilities such as vision support without replacing the full capabilities object. This makes BYOK and custom-provider scenarios easier, and lets you change behavior mid-session with setModel/SetModelAsync. (#1029)

const session = await client.createSession({
  modelCapabilities: { supports: { vision: false } },
});
await session.setModel("claude-sonnet-4.5", { modelCapabilities: { supports: { vision: true } } });

await session.SetModelAsync("claude-sonnet-4.5", reasoningEffort: null,
    modelCapabilities: new ModelCapabilitiesOverride { Supports = new ModelCapabilitiesOverrideSupports { Vision = true } });

... (truncated)

0.2.2-preview.0

Other changes

bugfix: [C#] [Go] tolerate unknown hook types to prevent session hang (#1013)

When the CLI invokes a hook type the SDK doesn't recognize (e.g. postToolUseFailure), .NET and Go were returning a JSON-RPC error that caused the CLI to terminate the session — appearing as a hang. Unknown hook types are now silently ignored, matching the existing Node.js behavior.

[!NOTE]
🔒 Integrity filter blocked 43 items

The following items were blocked because they don't meet the GitHub integrity level.

github/copilot-sdk@8569d92 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@b4fa5d9 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@6565a3b list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@0388810 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@dfdc6a0 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@c3fa6cb list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@156cf1f list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@200bfef list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@f7fd757 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@da9921e list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@7ecf1d8 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@588951e list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@28d0a33 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@dd42d42 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@ad63b09 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

github/copilot-sdk@ec72d41 list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

... and 27 more items

To allow these resources, lower min-integrity in your GitHub frontmatter:
tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by Release Changelog Generator

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

--- updated-dependencies: - dependency-name: GitHub.Copilot.SDK dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bump GitHub.Copilot.SDK from 0.2.1 to 0.3.0

130cedf

--- updated-dependencies: - dependency-name: GitHub.Copilot.SDK dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Apr 25, 2026

dependabot Bot mentioned this pull request Apr 25, 2026

Bump GitHub.Copilot.SDK from 0.2.1 to 0.2.2 #17

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump GitHub.Copilot.SDK from 0.2.1 to 0.3.0#28

Bump GitHub.Copilot.SDK from 0.2.1 to 0.3.0#28
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/src/Spectra.CLI/GitHub.Copilot.SDK-0.3.0

dependabot Bot commented on behalf of github Apr 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 25, 2026

0.3.0

New features

Per-session GitHub authentication

Per-agent tool visibility

Per-agent skills

Sub-agent streaming content

Session idle timeout

Custom HTTP headers for BYOK model providers

MCP CallToolResult conversion

ProviderConfig exported

New RPC methods

0.3.0-preview.1

New features

Per-session GitHub authentication

Per-agent tool visibility

Per-agent skills

Sub-agent streaming content

Session idle timeout

Custom HTTP headers for BYOK model providers

MCP CallToolResult conversion

ProviderConfig exported

New RPC methods

0.3.0-preview.0

What's Changed

0.2.2

Feature: session filesystem support across all four SDKs

Feature: override model capabilities when creating a session or switching models

0.2.2-preview.0

Other changes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

`ProviderConfig` exported

`ProviderConfig` exported