Skip to content

.NET: [BREAKING] .NET: Bump GitHub.Copilot.SDK to 1.0.0-beta.3 and forward session config properties (incl. per-session GitHubToken)#5735

Open
saikir1994 wants to merge 1 commit into
microsoft:mainfrom
saikir1994:users/saik/github-token-forwarding
Open

.NET: [BREAKING] .NET: Bump GitHub.Copilot.SDK to 1.0.0-beta.3 and forward session config properties (incl. per-session GitHubToken)#5735
saikir1994 wants to merge 1 commit into
microsoft:mainfrom
saikir1994:users/saik/github-token-forwarding

Conversation

@saikir1994
Copy link
Copy Markdown

@saikir1994 saikir1994 commented May 11, 2026

Motivation and Context

Microsoft.Agents.AI.GitHub.Copilot was already updated to GitHub.Copilot.SDK 1.0.0-beta.2 in #5699, but the CopySessionConfig / CopyResumeSessionConfig helpers were never updated to forward the new SDK properties — most importantly SessionConfig.GitHubToken for per-session GitHub identity (multitenant scenarios where different sessions on the same CLI server use different GitHub accounts/Copilot plans).

Any caller that sets GitHubToken on the SessionConfig they pass to the agent today silently has it dropped when the agent constructs its internal SessionConfig for CreateSessionAsync / ResumeSessionAsync.

This PR also:

  • Bumps the SDK to the latest preview (1.0.0-beta.3).
  • Makes SessionConfig and OnPermissionRequest required parameters on the agent constructors and AsAIAgent extensions, since the SDK now requires SessionConfig.OnPermissionRequest on every CreateSessionAsync / ResumeSessionAsync call (silently failing today if the caller forgets).

Description

SDK version bump:

  • GitHub.Copilot.SDK 1.0.0-beta.21.0.0-beta.3 in Directory.Packages.props

Property forwarding through CopySessionConfig / CopyResumeSessionConfig:
Newly-forwarded SDK properties: SessionId, ClientName, ModelCapabilities, OnElicitationRequest, OnEvent, EnableConfigDiscovery, IncludeSubAgentStreamingEvents, DefaultAgent, Agent, Commands, CreateSessionFsHandler, GitHubToken.

API surface — OnPermissionRequest is now required (matches SDK requirement):

  • GitHubCopilotAgent(CopilotClient, SessionConfig, ...)sessionConfig is now non-nullable. The SDK requires SessionConfig.OnPermissionRequest, so requiring SessionConfig itself surfaces the requirement at construction time.
  • GitHubCopilotAgent(CopilotClient, PermissionRequestHandler, ..., tools, instructions) — replaces the previous tools/instructions constructor. onPermissionRequest is a required (non-nullable) param positioned before the optional ones.
  • CopilotClientExtensions.AsAIAgent overloads mirror the same.
  • Removed fallback throw path in RunCoreStreamingAsync since _sessionConfig can no longer be null.

Tests:

  • Unit tests updated to use the new required-param signatures; GitHubToken assertion added to both copy tests.
  • Added tests for null-argument validation on the new required params and for the new SessionConfig constructor.
  • Integration tests updated.

Contribution Checklist

  • The code builds clean without any errors or warnings
  • The PR follows the Contribution Guidelines
  • All unit tests pass, and I have added new tests where possible
  • Is this a breaking change? Yes — [BREAKING] prefix added. Consumers using the previous optional-sessionConfig / tools+instructions constructors will need to update call sites.

Bump GitHub.Copilot.SDK to 1.0.0-beta.3 and forward session config pr…
2bef597 
…operties

- Bump SDK from 1.0.0-beta.2 to 1.0.0-beta.3

- Forward newly-added SessionConfig/ResumeSessionConfig properties through CopySessionConfig and CopyResumeSessionConfig: SessionId, ClientName, ModelCapabilities, OnElicitationRequest, OnEvent, EnableConfigDiscovery, IncludeSubAgentStreamingEvents, DefaultAgent, Agent, Commands, CreateSessionFsHandler, GitHubToken (per-session token)

- Make sessionConfig non-nullable on the SessionConfig constructor (SDK 1.0.0-beta.x requires SessionConfig.OnPermissionRequest, so SessionConfig itself is required)

- Make onPermissionRequest a required (non-nullable) parameter on the tools/instructions constructor and the corresponding AsAIAgent extension overload

- Remove fallback throw in RunCoreStreamingAsync since _sessionConfig is now non-nullable

- Update unit tests, integration tests, and sample for the new required-param signatures
Copilot AI review requested due to automatic review settings May 11, 2026 04:38
@moonbox3 moonbox3 added the .NET label May 11, 2026
@github-actions github-actions Bot changed the title [BREAKING] .NET: Bump GitHub.Copilot.SDK to 1.0.0-beta.3 and forward session config properties (incl. per-session GitHubToken) .NET: [BREAKING] .NET: Bump GitHub.Copilot.SDK to 1.0.0-beta.3 and forward session config properties (incl. per-session GitHubToken) May 11, 2026
Copilot AI reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the .NET GitHub Copilot agent integration to align with GitHub.Copilot.SDK 1.0.0-beta.3, ensuring newly introduced SDK SessionConfig fields (notably per-session GitHubToken) are preserved when creating/resuming sessions, and updating the public API to require permission handling configuration in line with the SDK’s requirements.

Changes:

  • Bump GitHub.Copilot.SDK from 1.0.0-beta.2 to 1.0.0-beta.3.
  • Make agent/extension construction require either a SessionConfig (now non-nullable) or an explicit OnPermissionRequest handler, and update call sites accordingly.
  • Expand CopySessionConfig / CopyResumeSessionConfig to forward additional SDK properties, including GitHubToken.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
dotnet/Directory.Packages.props Bumps GitHub.Copilot.SDK to 1.0.0-beta.3.
dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.cs Requires non-null SessionConfig, adds required permission-handler constructor, and forwards new SDK session configuration properties.
dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/CopilotClientExtensions.cs Updates AsAIAgent overloads to match new required permission/session-config requirements.
dotnet/tests/Microsoft.Agents.AI.GitHub.Copilot.UnitTests/GitHubCopilotAgentTests.cs Updates unit tests for new ctor signatures; adds assertions for GitHubToken forwarding and null-arg validation.
dotnet/tests/Microsoft.Agents.AI.GitHub.Copilot.UnitTests/CopilotClientExtensionsTests.cs Updates extension-method tests for new overloads and required permission/session-config inputs.
dotnet/tests/Microsoft.Agents.AI.GitHub.Copilot.IntegrationTests/GitHubCopilotAgentTests.cs Updates integration tests to provide required permission handling/session config.
Comments suppressed due to low confidence (3)

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.cs:55

  • The SessionConfig-based constructor only checks sessionConfig for null, but does not validate the SDK-required sessionConfig.OnPermissionRequest. Callers can still pass a non-null SessionConfig with a null OnPermissionRequest, which will defer the failure to CreateSessionAsync/ResumeSessionAsync (and may fail silently per PR description). Consider throwing ArgumentException/ArgumentNullException when sessionConfig.OnPermissionRequest is null to surface the requirement at construction time.
    public GitHubCopilotAgent(
        CopilotClient copilotClient,
        SessionConfig sessionConfig,
        bool ownsClient = false,
        string? id = null,
        string? name = null,
        string? description = null)
    {
        _ = Throw.IfNull(copilotClient);
        _ = Throw.IfNull(sessionConfig);

        this._copilotClient = copilotClient;
        this._sessionConfig = sessionConfig;
        this._ownsClient = ownsClient;

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/CopilotClientExtensions.cs:47

  • AsAIAgent(SessionConfig sessionConfig, ...) doesn’t validate that sessionConfig.OnPermissionRequest is set, even though the XML docs state it’s required by the SDK. Adding an explicit guard (and preferably an argument-name-specific exception) would prevent confusing runtime behavior when callers construct a SessionConfig but forget to set the permission handler.
    public static AIAgent AsAIAgent(
        this CopilotClient client,
        SessionConfig sessionConfig,
        bool ownsClient = false,
        string? id = null,
        string? name = null,
        string? description = null)
    {
        Throw.IfNull(client);

        return new GitHubCopilotAgent(client, sessionConfig, ownsClient, id, name, description);
    }

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.cs:166

  • sessionConfig is copied unconditionally before the create/resume branch, but the copied instance is only used on the CreateSessionAsync path. When resuming (typedSession.SessionId != null), this performs an unnecessary allocation/copy each run. Consider moving CopySessionConfig(_sessionConfig) into the else branch (or only when creating a new session).
        // Ensure the client is started
        await this.EnsureClientStartedAsync(cancellationToken).ConfigureAwait(false);

        // Create or resume a session with streaming enabled
        SessionConfig sessionConfig = CopySessionConfig(this._sessionConfig);

        CopilotSession copilotSession;
        if (typedSession.SessionId is not null)
        {
            copilotSession = await this._copilotClient.ResumeSessionAsync(
                typedSession.SessionId,
                this.CreateResumeConfig(),
                cancellationToken).ConfigureAwait(false);
        }
        else
        {
            copilotSession = await this._copilotClient.CreateSessionAsync(sessionConfig, cancellationToken).ConfigureAwait(false);
            typedSession.SessionId = copilotSession.SessionId;
        }

@saikir1994
Copy link
Copy Markdown
Author

saikir1994 commented May 11, 2026

This is a follow up PR to - #5574 related to issue #5575

The previous PR was closed as superseded but the root issue was not addressed.

@saikir1994 saikir1994 requested a review from Copilot May 11, 2026 18:05
@saikir1994
Copy link
Copy Markdown
Author

saikir1994 commented May 11, 2026

@westey-m @giles17 @lokitoth - Can you please review this as this is related to the previous PR you reviewed

Copilot AI reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (3)

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.cs:55

  • The SessionConfig-based constructor enforces sessionConfig is non-null, but it does not validate sessionConfig.OnPermissionRequest. Since the SDK requires this handler for Create/Resume, consider throwing ArgumentNullException (or similar) when sessionConfig.OnPermissionRequest is null to fail fast with a clear error.
    public GitHubCopilotAgent(
        CopilotClient copilotClient,
        SessionConfig sessionConfig,
        bool ownsClient = false,
        string? id = null,
        string? name = null,
        string? description = null)
    {
        _ = Throw.IfNull(copilotClient);
        _ = Throw.IfNull(sessionConfig);

        this._copilotClient = copilotClient;
        this._sessionConfig = sessionConfig;
        this._ownsClient = ownsClient;

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/CopilotClientExtensions.cs:47

  • AsAIAgent(this CopilotClient client, SessionConfig sessionConfig, ...) only null-checks client. Even with a non-nullable parameter, callers can still pass null! at runtime; add Throw.IfNull(sessionConfig) (and ideally validate sessionConfig.OnPermissionRequest) so the extension method fails with a clear ArgumentNullException instead of deferring to deeper code.
    public static AIAgent AsAIAgent(
        this CopilotClient client,
        SessionConfig sessionConfig,
        bool ownsClient = false,
        string? id = null,
        string? name = null,
        string? description = null)
    {
        Throw.IfNull(client);

        return new GitHubCopilotAgent(client, sessionConfig, ownsClient, id, name, description);
    }

dotnet/src/Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.cs:165

  • RunCoreStreamingAsync always allocates a copied SessionConfig before checking whether it will resume an existing session. When typedSession.SessionId is non-null, that copy isn't used; consider moving CopySessionConfig(...) into the create-session branch to avoid an unnecessary allocation per run when resuming.
        // Ensure the client is started
        await this.EnsureClientStartedAsync(cancellationToken).ConfigureAwait(false);

        // Create or resume a session with streaming enabled
        SessionConfig sessionConfig = CopySessionConfig(this._sessionConfig);

        CopilotSession copilotSession;
        if (typedSession.SessionId is not null)
        {
            copilotSession = await this._copilotClient.ResumeSessionAsync(
                typedSession.SessionId,
                this.CreateResumeConfig(),
                cancellationToken).ConfigureAwait(false);
        }
        else
        {
            copilotSession = await this._copilotClient.CreateSessionAsync(sessionConfig, cancellationToken).ConfigureAwait(false);
            typedSession.SessionId = copilotSession.SessionId;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

.NET

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@saikir1994 @moonbox3