Update @github/copilot to 1.0.17 (#999)

* Update @github/copilot to 1.0.17

- Updated nodejs and test harness dependencies
- Re-ran code generators
- Formatted generated code

* Skip permission RPC response when resolvedByHook is true

When the runtime resolves a permission request via a permissionRequest
hook, it sets resolvedByHook=true on the broadcast event. The SDK
broadcast handlers were unconditionally invoking the permission handler
and sending an RPC response, causing duplicate/invalid responses.

Add a guard in all four SDKs (Node, Python, Go, .NET) to skip the
permission handler and RPC response when resolvedByHook is set, while
still allowing event subscribers to observe the event.

Co-authored-by: Copilot <[email protected]>

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mackinnon Buck <[email protected]>
Co-authored-by: Copilot <[email protected]>

Author: 3 people

dotnet/src/Generated/SessionEvents.cs

@@ -1180,7 +1180,7 @@ public partial class SessionRemoteSteerableChangedData
 /// <summary>Error details for timeline display including message and optional diagnostic information.</summary>
 public partial class SessionErrorData
 {
-    /// <summary>Category of error (e.g., "authentication", "authorization", "quota", "rate_limit", "query").</summary>
+    /// <summary>Category of error (e.g., "authentication", "authorization", "quota", "rate_limit", "context_limit", "query").</summary>
     [JsonPropertyName("errorType")]
     public required string ErrorType { get; set; }
 
@@ -2267,6 +2267,11 @@ public partial class PermissionRequestedData
     /// <summary>Details of the permission being requested.</summary>
     [JsonPropertyName("permissionRequest")]
     public required PermissionRequest PermissionRequest { get; set; }
+
+    /// <summary>When true, this permission was already resolved by a permissionRequest hook and requires no client action.</summary>
+    [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
+    [JsonPropertyName("resolvedByHook")]
+    public bool? ResolvedByHook { get; set; }
 }
 
 /// <summary>Permission request completion notification signaling UI dismissal.</summary>
@@ -2998,6 +3003,11 @@ public partial class AssistantMessageDataToolRequestsItem
     [JsonPropertyName("toolTitle")]
     public string? ToolTitle { get; set; }
 
+    /// <summary>Name of the MCP server hosting this tool, when the tool is an MCP tool.</summary>
+    [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
+    [JsonPropertyName("mcpServerName")]
+    public string? McpServerName { get; set; }
+
     /// <summary>Resolved intention summary describing what this specific call does.</summary>
     [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
     [JsonPropertyName("intentionSummary")]
@@ -3989,6 +3999,9 @@ public enum PermissionCompletedDataResultKind
     /// <summary>The <c>denied-by-content-exclusion-policy</c> variant.</summary>
     [JsonStringEnumMemberName("denied-by-content-exclusion-policy")]
     DeniedByContentExclusionPolicy,
+    /// <summary>The <c>denied-by-permission-request-hook</c> variant.</summary>
+    [JsonStringEnumMemberName("denied-by-permission-request-hook")]
+    DeniedByPermissionRequestHook,
 }
 
 /// <summary>Elicitation mode; "form" for structured input, "url" for browser-based. Defaults to "form" when absent.</summary>

dotnet/src/Session.cs

@@ -456,6 +456,9 @@ private async Task HandleBroadcastEventAsync(SessionEvent sessionEvent)
                         if (string.IsNullOrEmpty(data.RequestId) || data.PermissionRequest is null)
                             return;
 
+                        if (data.ResolvedByHook == true)
+                            return; // Already resolved by a permissionRequest hook; no client action needed.
+
                         var handler = _permissionHandler;
                         if (handler is null)
                             return; // This client doesn't handle permissions; another client will.

go/generated_session_events.go

@@ -652,11 +652,12 @@ type SessionPermissionsHandlePendingPermissionRequestParams struct {
 }
 
 type SessionPermissionsHandlePendingPermissionRequestParamsResult struct {
-	Kind     Kind    `json:"kind"`
-	Rules    []any   `json:"rules,omitempty"`
-	Feedback *string `json:"feedback,omitempty"`
-	Message  *string `json:"message,omitempty"`
-	Path     *string `json:"path,omitempty"`
+	Kind      Kind    `json:"kind"`
+	Rules     []any   `json:"rules,omitempty"`
+	Feedback  *string `json:"feedback,omitempty"`
+	Message   *string `json:"message,omitempty"`
+	Path      *string `json:"path,omitempty"`
+	Interrupt *bool   `json:"interrupt,omitempty"`
 }
 
 type SessionLogResult struct {
@@ -815,6 +816,7 @@ type Kind string
 const (
 	KindApproved                                       Kind = "approved"
 	KindDeniedByContentExclusionPolicy                 Kind = "denied-by-content-exclusion-policy"
+	KindDeniedByPermissionRequestHook                  Kind = "denied-by-permission-request-hook"
 	KindDeniedByRules                                  Kind = "denied-by-rules"
 	KindDeniedInteractivelyByUser                      Kind = "denied-interactively-by-user"
 	KindDeniedNoApprovalRuleAndCouldNotRequestFromUser Kind = "denied-no-approval-rule-and-could-not-request-from-user"

go/rpc/generated_rpc.go

@@ -915,6 +915,9 @@ func (s *Session) handleBroadcastEvent(event SessionEvent) {
 		if requestID == nil || event.Data.PermissionRequest == nil {
 			return
 		}
+		if event.Data.ResolvedByHook != nil && *event.Data.ResolvedByHook {
+			return // Already resolved by a permissionRequest hook; no client action needed.
+		}
 		handler := s.getPermissionHandler()
 		if handler == nil {
 			return

go/session.go

@@ -56,7 +56,7 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@github/copilot": "^1.0.15-2",
+    "@github/copilot": "^1.0.17",
     "vscode-jsonrpc": "^8.2.1",
     "zod": "^4.3.6"
   },

nodejs/package-lock.json

@@ -1185,6 +1185,11 @@ export interface SessionPermissionsHandlePendingPermissionRequestParams {
         kind: "denied-by-content-exclusion-policy";
         path: string;
         message: string;
+      }
+    | {
+        kind: "denied-by-permission-request-hook";
+        message?: string;
+        interrupt?: boolean;
       };
 }
 

nodejs/package.json

@@ -229,7 +229,7 @@ export type SessionEvent =
        */
       data: {
         /**
-         * Category of error (e.g., "authentication", "authorization", "quota", "rate_limit", "query")
+         * Category of error (e.g., "authentication", "authorization", "quota", "rate_limit", "context_limit", "query")
          */
         errorType: string;
         /**
@@ -1480,6 +1480,10 @@ export type SessionEvent =
            * Human-readable display title for the tool
            */
           toolTitle?: string;
+          /**
+           * Name of the MCP server hosting this tool, when the tool is an MCP tool
+           */
+          mcpServerName?: string;
           /**
            * Resolved intention summary describing what this specific call does
            */
@@ -2872,6 +2876,10 @@ export type SessionEvent =
                */
               hookMessage?: string;
             };
+        /**
+         * When true, this permission was already resolved by a permissionRequest hook and requires no client action
+         */
+        resolvedByHook?: boolean;
       };
     }
   | {
@@ -2909,7 +2917,8 @@ export type SessionEvent =
             | "denied-by-rules"
             | "denied-no-approval-rule-and-could-not-request-from-user"
             | "denied-interactively-by-user"
-            | "denied-by-content-exclusion-policy";
+            | "denied-by-content-exclusion-policy"
+            | "denied-by-permission-request-hook";
         };
       };
     }