Merge remote-tracking branch 'origin/main' into add-test-scenarios

Author: patniko

docs/compatibility.md

@@ -124,20 +124,13 @@ The `--share` option is not available via SDK. Workarounds:
 
 ### Permission Control
 
+The SDK uses a **deny-by-default** permission model. All permission requests (file writes, shell commands, URL fetches, etc.) are denied unless your app provides an `onPermissionRequest` handler.
+
 Instead of `--allow-all-paths` or `--yolo`, use the permission handler:
 
 ```typescript
 const session = await client.createSession({
-  onPermissionRequest: async (request) => {
-    // Auto-approve everything (equivalent to --yolo)
-    return { approved: true };
-    
-    // Or implement custom logic
-    if (request.kind === "shell") {
-      return { approved: request.command.startsWith("git") };
-    }
-    return { approved: true };
-  },
+  onPermissionRequest: approveAll,
 });
 ```
 

dotnet/samples/Chat.cs

@@ -1,7 +1,10 @@
 using GitHub.Copilot.SDK;
 
 await using var client = new CopilotClient();
-await using var session = await client.CreateSessionAsync();
+await using var session = await client.CreateSessionAsync(new SessionConfig
+{
+    OnPermissionRequest = PermissionHandler.ApproveAll
+});
 
 using var _ = session.On(evt =>
 {

dotnet/src/Client.cs

@@ -377,13 +377,14 @@ public async Task<CopilotSession> CreateSessionAsync(SessionConfig? config = nul
         var request = new CreateSessionRequest(
             config?.Model,
             config?.SessionId,
+            config?.ClientName,
             config?.ReasoningEffort,
             config?.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
             config?.SystemMessage,
             config?.AvailableTools,
             config?.ExcludedTools,
             config?.Provider,
-            config?.OnPermissionRequest != null ? true : null,
+            (bool?)true,
             config?.OnUserInputRequest != null ? true : null,
             hasHooks ? true : null,
             config?.WorkingDirectory,
@@ -460,14 +461,15 @@ public async Task<CopilotSession> ResumeSessionAsync(string sessionId, ResumeSes
 
         var request = new ResumeSessionRequest(
             sessionId,
+            config?.ClientName,
             config?.Model,
             config?.ReasoningEffort,
             config?.Tools?.Select(ToolDefinition.FromAIFunction).ToList(),
             config?.SystemMessage,
             config?.AvailableTools,
             config?.ExcludedTools,
             config?.Provider,
-            config?.OnPermissionRequest != null ? true : null,
+            (bool?)true,
             config?.OnUserInputRequest != null ? true : null,
             hasHooks ? true : null,
             config?.WorkingDirectory,
@@ -1381,6 +1383,7 @@ public static string Escape(string arg)
     internal record CreateSessionRequest(
         string? Model,
         string? SessionId,
+        string? ClientName,
         string? ReasoningEffort,
         List<ToolDefinition>? Tools,
         SystemMessageConfig? SystemMessage,
@@ -1415,6 +1418,7 @@ internal record CreateSessionResponse(
 
     internal record ResumeSessionRequest(
         string SessionId,
+        string? ClientName,
         string? Model,
         string? ReasoningEffort,
         List<ToolDefinition>? Tools,

dotnet/src/PermissionHandlers.cs

@@ -0,0 +1,13 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *--------------------------------------------------------------------------------------------*/
+
+namespace GitHub.Copilot.SDK;
+
+/// <summary>Provides pre-built <see cref="PermissionRequestHandler"/> implementations.</summary>
+public static class PermissionHandler
+{
+    /// <summary>A <see cref="PermissionRequestHandler"/> that approves all permission requests.</summary>
+    public static PermissionRequestHandler ApproveAll { get; } =
+        (_, _) => Task.FromResult(new PermissionRequestResult { Kind = "approved" });
+}

dotnet/src/Session.cs

@@ -47,7 +47,7 @@ public partial class CopilotSession : IAsyncDisposable
     private readonly HashSet<SessionEventHandler> _eventHandlers = new();
     private readonly Dictionary<string, AIFunction> _toolHandlers = new();
     private readonly JsonRpc _rpc;
-    private PermissionHandler? _permissionHandler;
+    private PermissionRequestHandler? _permissionHandler;
     private readonly SemaphoreSlim _permissionHandlerLock = new(1, 1);
     private UserInputHandler? _userInputHandler;
     private readonly SemaphoreSlim _userInputHandlerLock = new(1, 1);
@@ -292,7 +292,7 @@ internal void RegisterTools(ICollection<AIFunction> tools)
     /// When the assistant needs permission to perform certain actions (e.g., file operations),
     /// this handler is called to approve or deny the request.
     /// </remarks>
-    internal void RegisterPermissionHandler(PermissionHandler handler)
+    internal void RegisterPermissionHandler(PermissionRequestHandler handler)
     {
         _permissionHandlerLock.Wait();
         try
@@ -313,7 +313,7 @@ internal void RegisterPermissionHandler(PermissionHandler handler)
     internal async Task<PermissionRequestResult> HandlePermissionRequestAsync(JsonElement permissionRequestData)
     {
         await _permissionHandlerLock.WaitAsync();
-        PermissionHandler? handler;
+        PermissionRequestHandler? handler;
         try
         {
             handler = _permissionHandler;

dotnet/src/Types.cs

@@ -166,7 +166,7 @@ public class PermissionInvocation
     public string SessionId { get; set; } = string.Empty;
 }
 
-public delegate Task<PermissionRequestResult> PermissionHandler(PermissionRequest request, PermissionInvocation invocation);
+public delegate Task<PermissionRequestResult> PermissionRequestHandler(PermissionRequest request, PermissionInvocation invocation);
 
 // ============================================================================
 // User Input Handler Types
@@ -745,6 +745,7 @@ protected SessionConfig(SessionConfig? other)
         if (other is null) return;
 
         AvailableTools = other.AvailableTools is not null ? [.. other.AvailableTools] : null;
+        ClientName = other.ClientName;
         ConfigDir = other.ConfigDir;
         CustomAgents = other.CustomAgents is not null ? [.. other.CustomAgents] : null;
         DisabledSkills = other.DisabledSkills is not null ? [.. other.DisabledSkills] : null;
@@ -768,6 +769,13 @@ protected SessionConfig(SessionConfig? other)
     }
 
     public string? SessionId { get; set; }
+
+    /// <summary>
+    /// Client name to identify the application using the SDK.
+    /// Included in the User-Agent header for API requests.
+    /// </summary>
+    public string? ClientName { get; set; }
+
     public string? Model { get; set; }
 
     /// <summary>
@@ -793,7 +801,7 @@ protected SessionConfig(SessionConfig? other)
     /// Handler for permission requests from the server.
     /// When provided, the server will call this handler to request permission for operations.
     /// </summary>
-    public PermissionHandler? OnPermissionRequest { get; set; }
+    public PermissionRequestHandler? OnPermissionRequest { get; set; }
 
     /// <summary>
     /// Handler for user input requests from the agent.
@@ -874,6 +882,7 @@ protected ResumeSessionConfig(ResumeSessionConfig? other)
         if (other is null) return;
 
         AvailableTools = other.AvailableTools is not null ? [.. other.AvailableTools] : null;
+        ClientName = other.ClientName;
         ConfigDir = other.ConfigDir;
         CustomAgents = other.CustomAgents is not null ? [.. other.CustomAgents] : null;
         DisabledSkills = other.DisabledSkills is not null ? [.. other.DisabledSkills] : null;
@@ -896,6 +905,12 @@ protected ResumeSessionConfig(ResumeSessionConfig? other)
         WorkingDirectory = other.WorkingDirectory;
     }
 
+    /// <summary>
+    /// Client name to identify the application using the SDK.
+    /// Included in the User-Agent header for API requests.
+    /// </summary>
+    public string? ClientName { get; set; }
+
     /// <summary>
     /// Model to use for this session. Can change the model when resuming.
     /// </summary>
@@ -932,7 +947,7 @@ protected ResumeSessionConfig(ResumeSessionConfig? other)
     /// Handler for permission requests from the server.
     /// When provided, the server will call this handler to request permission for operations.
     /// </summary>
-    public PermissionHandler? OnPermissionRequest { get; set; }
+    public PermissionRequestHandler? OnPermissionRequest { get; set; }
 
     /// <summary>
     /// Handler for user input requests from the agent.

dotnet/test/CloneTests.cs

@@ -78,6 +78,7 @@ public void SessionConfig_Clone_CopiesAllProperties()
         var original = new SessionConfig
         {
             SessionId = "test-session",
+            ClientName = "my-app",
             Model = "gpt-4",
             ReasoningEffort = "high",
             ConfigDir = "/config",
@@ -94,6 +95,7 @@ public void SessionConfig_Clone_CopiesAllProperties()
         var clone = original.Clone();
 
         Assert.Equal(original.SessionId, clone.SessionId);
+        Assert.Equal(original.ClientName, clone.ClientName);
         Assert.Equal(original.Model, clone.Model);
         Assert.Equal(original.ReasoningEffort, clone.ReasoningEffort);
         Assert.Equal(original.ConfigDir, clone.ConfigDir);

dotnet/test/HooksTests.cs

@@ -17,6 +17,7 @@ public async Task Should_Invoke_PreToolUse_Hook_When_Model_Runs_A_Tool()
         CopilotSession? session = null;
         session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = PermissionHandler.ApproveAll,
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>
@@ -52,6 +53,7 @@ public async Task Should_Invoke_PostToolUse_Hook_After_Model_Runs_A_Tool()
         CopilotSession? session = null;
         session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = PermissionHandler.ApproveAll,
             Hooks = new SessionHooks
             {
                 OnPostToolUse = (input, invocation) =>
@@ -89,6 +91,7 @@ public async Task Should_Invoke_Both_PreToolUse_And_PostToolUse_Hooks_For_Single
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = PermissionHandler.ApproveAll,
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>
@@ -130,6 +133,7 @@ public async Task Should_Deny_Tool_Execution_When_PreToolUse_Returns_Deny()
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = PermissionHandler.ApproveAll,
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>

dotnet/test/McpAndAgentsTests.cs

@@ -279,7 +279,8 @@ public async Task Should_Pass_Literal_Env_Values_To_Mcp_Server_Subprocess()
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
-            McpServers = mcpServers
+            McpServers = mcpServers,
+            OnPermissionRequest = PermissionHandler.ApproveAll,
         });
 
         Assert.Matches(@"^[a-f0-9-]+$", session.SessionId);

dotnet/test/PermissionTests.cs

@@ -70,6 +70,30 @@ await session.SendAsync(new MessageOptions
         Assert.Equal("protected content", content);
     }
 
+    [Fact]
+    public async Task Should_Deny_Tool_Operations_By_Default_When_No_Handler_Is_Provided()
+    {
+        var session = await Client.CreateSessionAsync(new SessionConfig());
+        var permissionDenied = false;
+
+        session.On(evt =>
+        {
+            if (evt is ToolExecutionCompleteEvent toolEvt &&
+                !toolEvt.Data.Success &&
+                toolEvt.Data.Error?.Message.Contains("Permission denied") == true)
+            {
+                permissionDenied = true;
+            }
+        });
+
+        await session.SendAndWaitAsync(new MessageOptions
+        {
+            Prompt = "Run 'node --version'"
+        });
+
+        Assert.True(permissionDenied, "Expected a tool.execution_complete event with Permission denied result");
+    }
+
     [Fact]
     public async Task Should_Work_Without_Permission_Handler__Default_Behavior_()
     {
@@ -161,6 +185,37 @@ await session.SendAsync(new MessageOptions
         Assert.Matches("fail|cannot|unable|permission", message?.Data.Content?.ToLowerInvariant() ?? string.Empty);
     }
 
+    [Fact]
+    public async Task Should_Deny_Tool_Operations_By_Default_When_No_Handler_Is_Provided_After_Resume()
+    {
+        var session1 = await Client.CreateSessionAsync(new SessionConfig
+        {
+            OnPermissionRequest = PermissionHandler.ApproveAll
+        });
+        var sessionId = session1.SessionId;
+        await session1.SendAndWaitAsync(new MessageOptions { Prompt = "What is 1+1?" });
+
+        var session2 = await Client.ResumeSessionAsync(sessionId);
+        var permissionDenied = false;
+
+        session2.On(evt =>
+        {
+            if (evt is ToolExecutionCompleteEvent toolEvt &&
+                !toolEvt.Data.Success &&
+                toolEvt.Data.Error?.Message.Contains("Permission denied") == true)
+            {
+                permissionDenied = true;
+            }
+        });
+
+        await session2.SendAndWaitAsync(new MessageOptions
+        {
+            Prompt = "Run 'node --version'"
+        });
+
+        Assert.True(permissionDenied, "Expected a tool.execution_complete event with Permission denied result");
+    }
+
     [Fact]
     public async Task Should_Receive_ToolCallId_In_Permission_Requests()
     {