feat: sync upstream copilot-sdk v1.0.4 (CLI schema 1.0.65)#141
Merged
Conversation
…pecs Bump `.copilot-schema-version` to 1.0.65 (@github/copilot) and regenerate the pinned JSON Schemas plus the auto-generated event specs via `bb schemas:fetch` and `bb codegen`. Adapt `script/codegen/fetch_schemas.clj` to the upstream package split. The session-events delta adds new event types (citations, binary assets, additional canvas events, ScheduleRearmed, MCP OAuth). Event-data specs are open maps, so these pass through automatically; public event-type entries are added in the feature commit only where upstream exposes a public SDK event. Foundational for the v1.0.1 -> v1.0.4 upstream sync. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…rer-token, exp-assignments)
Port the upstream github/copilot-sdk v1.0.1 -> v1.0.4 SDK surface, maintaining
strict API parity with @github/copilot. Each item is RED/GREEN tested in
integration_test.clj.
- System message: add `:preamble` section and `:preserve` action
(upstream PR #1713). `:identity` becomes a section group; `:preserve` opts an
addressable section out of a group-level `:remove`. Exposed via
`system-prompt-sections` and its `system-message-sections` alias.
- `:capi` session option `{:enable-web-socket-responses boolean}`, wire
`capi.enableWebSocketResponses` (upstream PR #1711).
- Provider `:transport` (`:http` | `:websockets`), wire `transport`
(upstream PR #1711).
- Multi-provider BYOK registry `:providers` / `:models` (upstream PR #1718,
@experimental). Model selection id is `providerName/id`; combining singular
`:provider` with `:providers` is rejected. Adds `::named-provider` /
`::provider-model` specs.
- `:bearer-token-provider` callback for dynamic per-request tokens
(upstream PR #1748, @experimental). The fn is stripped before serialization
(`hasBearerTokenProvider true`); a new inbound `providerToken.getToken` RPC
is dispatched to the registered callback. Non-string results are rejected and
never logged.
- `:exp-assignments` opaque experiment map forwarded verbatim as
`expAssignments` (upstream PR #1750, @internal).
- Relax `open-canvases` validation to require only `:extension-id` +
`:canvas-id`, matching upstream session.ts.
Security hardening surfaced during review:
- `redact-secrets` masks credentials across the `:providers` registry via a
shared `mask-provider` helper.
- The bearer-token RPC handler logs only the result type, never the value.
Fields are added to both `build-create-session-params` and
`build-resume-session-params`; new public fns get fdefs in instrument.clj.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Run `clj -T:build sync-version :upstream "1.0.4"`, advancing the UPSTREAM.CLJ_PATCH version to 1.0.4.0 and updating the dependency coordinates in build.clj, README.md, and doc/getting-started.md. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- CHANGELOG: new `### Added (v1.0.4 sync)` and `### Changed (v1.0.4 sync)` subsections under `[Unreleased]`, citing the upstream PRs. - API.md: expand the `:provider` session row (`:transport`, `:bearer-token-provider`); add `:providers`, `:models`, `:capi`, and `:exp-assignments` rows; rework the Customize Mode section for the 12-section catalog (`:preamble` first) and the `:preserve` action. - byok.md: add `:transport` / `:bearer-token-provider` provider fields and new "Dynamic Bearer Tokens" and "Multi-Provider Registry" sections. - Regenerate Codox HTML (`bb docs`) for the updated docstrings and markdown. `bb validate-docs` clean (17 files, 0 warnings). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR syncs the Clojure Copilot SDK to upstream github/copilot-sdk v1.0.4 (CLI schema 1.0.65), expanding the session configuration surface to maintain parity with the official Node.js SDK while updating schemas and user-facing documentation.
Changes:
- Add system-message customize-mode updates (
:preamblesection and:preserveaction) and propagate new schema-derived session events. - Extend BYOK/session config with
:capioptions, provider:transport, multi-provider registry (:providers/:models), dynamic:bearer-token-provider, and:exp-assignments. - Update schema fetching to handle split-package schema layout and refresh docs/version references accordingly.
Show a summary per file
| File | Description |
|---|---|
| src/github/copilot_sdk/util.clj | Add wire mapping for new system-message section key (:preamble). |
| src/github/copilot_sdk/specs.clj | Expand specs for new session/provider configuration surface and open-canvas shape update. |
| src/github/copilot_sdk/session.clj | Relax open-canvases validation (dropping reopen/availability) and add providerToken.getToken handler. |
| src/github/copilot_sdk/protocol.clj | Harden openCanvases :input pass-through to only apply to map payloads. |
| src/github/copilot_sdk/client.clj | Add provider masking for redaction, add new inbound RPC dispatch, and serialize new session/provider config fields. |
| src/github/copilot_sdk.clj | Expose new session event types and update open-canvases docstring/example. |
| script/codegen/fetch_schemas.clj | Fetch schemas from main package or fall back to a pinned platform package for split-package layout. |
| schemas/README.md | Update schema source package note and pinned schema version. |
| README.md | Bump published dependency version example to 1.0.4.0. |
| doc/reference/API.md | Document new session config keys (:providers, :models, :capi, :exp-assignments, provider :transport, :bearer-token-provider) and system-message updates. |
| doc/getting-started.md | Bump dependency version example to 1.0.4.0. |
| doc/auth/byok.md | Add docs for dynamic bearer tokens and multi-provider registry; document provider transport. |
| doc/api/style.html | Regenerated Codox HTML docs output. |
| doc/api/overview.html | Regenerated Codox HTML docs output. |
| doc/api/index.html | Regenerated Codox HTML docs output (including new feature links/entries). |
| doc/api/github.copilot-sdk.tool-set.html | New Codox page for tool-set namespace. |
| doc/api/github.copilot-sdk.specs.html | Regenerated Codox HTML docs output (spec namespace). |
| doc/api/github.copilot-sdk.protocol.html | Regenerated Codox HTML docs output (protocol namespace). |
| doc/api/github.copilot-sdk.logging.html | Regenerated Codox HTML docs output (logging namespace). |
| doc/api/github.copilot-sdk.instrument.html | Regenerated Codox HTML docs output (instrumentation namespace). |
| doc/api/github.copilot-sdk.helpers.html | Regenerated Codox HTML docs output (helpers namespace). |
| doc/api/github.copilot-sdk.generated.event-specs.html | Regenerated Codox HTML docs output (generated event specs). |
| doc/api/github.copilot-sdk.generated.coerce.html | Regenerated Codox HTML docs output (generated coercions). |
| doc/api/getting-started.html | Regenerated Codox HTML docs output (getting started). |
| doc/api/debugging.html | Regenerated Codox HTML docs output (MCP debugging). |
| doc/api/custom-agents.html | Regenerated Codox HTML docs output (custom agents). |
| doc/api/codegen.html | Regenerated Codox HTML docs output (codegen guide). |
| doc/api/byok.html | Regenerated Codox HTML docs output (BYOK guide). |
| doc/api/azure-managed-identity.html | Regenerated Codox HTML docs output (Azure managed identity). |
| CHANGELOG.md | Add v1.0.4 sync changelog entries describing newly ported surface. |
| build.clj | Bump library version to 1.0.4.0. |
| .copilot-schema-version | Bump pinned CLI/schema version to 1.0.65. |
Review details
- Files reviewed: 42/44 changed files
- Comments generated: 6
- Review effort level: Low
… harden errors Addresses the round-1 Copilot Code Review on PR #141: - C3/C4: the bearer-token callback now receives the full ProviderTokenArgs map {:provider-name <name> :session-id <id>}, matching the already-correct byok.md docs and upstream `ProviderTokenArgs` (types.ts). It previously dropped :session-id. - C1/C2: extract `validate-provider-config!`, shared by create and both resume paths, which now also rejects combining the singular :provider with the :providers registry (upstream documents the combination as rejected). - C5: the bearer-token error path no longer logs or returns the provider exception message, only the exception class name, so a secret carried in an exception cannot leak into logs or the JSON-RPC error. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The open-canvas instance requires all three id fields (:instance-id, :extension-id, :canvas-id); the changelog entry omitted :instance-id. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Addresses round-2 Copilot Code Review on PR #141. `extract-schemas!` treated any non-zero `tar` exit as "no schemas in this package" and returned false, silently routing genuine failures (corrupt download, missing `tar`, permission errors) into the split-package fallback. Now only the expected split-package case — tar reporting "Not found in archive" for the `package/schemas` member, emitted by both GNU and BSD tar — returns false. Any other tar failure prints stderr and exits non-zero so it can't be masked. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
redact-secrets runs on the already-invalid config in the error path of validate-session-config!, so it cannot assume the spec has constrained :providers to a sequential collection. A set-valued (or any non-sequential) :providers registry previously bypassed masking and leaked api-key / bearer-token / header secrets into the thrown ex-data. Mask any non-map collection instead of only sequential ones. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
::named-provider used an open s/keys, so a registry entry carrying singular- provider-only fields (:transport, :model-id, :wire-model, :max-input-tokens, :max-output-tokens) validated and was then forwarded on the wire, contradicting the upstream NamedProviderConfig contract. Reject those keys at the spec so the mistake fails fast at validate-session-config! rather than silently shipping unsupported fields. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The callback receives the full ProviderTokenArgs map
{:provider-name <s> :session-id <s>}, matching the session.clj dispatch and
the byok.md documentation. The doc comment previously omitted :session-id.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
:remove and :preserve are no-op markers that carry no content payload (upstream PR #1713). ::section-override previously accepted a :content string for them, so a caller mistake was silently dropped rather than rejected. Add a predicate that fails fast when :content accompanies either action. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
redact-secrets runs on already-invalid configs, so a caller mistake of passing :providers as a map (name->provider-config) instead of a sequential collection must still have its secret-bearing values masked. The previous guard explicitly skipped maps, leaking :api-key/:bearer-token/:headers into thrown ex-data. Extract a mask-providers helper that dispatches on shape (map vs other coll). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Review details
Comments suppressed due to low confidence (1)
doc/api/index.html:39
- The Reference section links to reference/API.html and api/index.html, but neither exists under doc/api (API.html is at the root, and there is no api/ subdir). This results in broken navigation in the generated docs.
<h2><a href="#reference" id="reference"></a>Reference</h2>
<ul>
<li><a href="reference/API.html">API Reference</a> — Complete API: helpers, client, session, events, tools</li>
<li><a href="api/index.html">Generated API Docs</a> — Codox-generated namespace documentation</li>
</ul>
- Files reviewed: 42/44 changed files
- Comments generated: 4
- Review effort level: Low
…rides Copilot Code Review (round 5) flagged that both the API.md `:providers` row and the CHANGELOG `:transport` entry implied registry named providers accept `:transport` and inline model-override fields. They do not: `::named-provider` explicitly rejects `:transport`, `:model-id`, `:wire-model`, `:max-input-tokens`, and `:max-output-tokens` (those live on the singular `:provider` / on `:models`), matching upstream's `NamedProviderConfig`. - API.md `:providers` row now enumerates the exact connection fields a named provider accepts and states it does not take `:transport`/inline overrides. - CHANGELOG `:transport` entry now scopes the field to the singular `:provider`. - Regenerated doc/api HTML (also picks up the committed `:session-id` ProviderTokenArgs docstring fix in session.html). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…lock Copilot Code Review (round 6) flagged that the generated github.copilot-sdk.tool-set HTML rendered the docstring examples with typographic smart quotes and even wrapped quoted strings in <a href=...> autolinks, making the Clojure snippets invalid and non-copyable. Root cause: codox strips the docstring's common 3-space prose indent, which left the example lines at only 2 spaces — below markdown's 4-space code-block threshold — so they were processed as prose (smartypants + autolinking). Wrap the examples in a fenced ```clojure block so they render in a <pre><code class="language-clojure"> block with straight quotes and no autolinks. Regenerated the namespace HTML. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
validate-provider-config! enforced mutual exclusion of the singular :provider only against :providers. A config with :provider + :models (no :providers) slipped through the guard and serialized a contradictory wire payload. Upstream documents combining EITHER providers or models with the singular provider as rejected (nodejs/src/types.ts:1829), so generalize the second guard to fire on :provider + (:providers OR :models). Docs (API.md :models row, byok.md) and CHANGELOG updated to state the exclusion covers both registry keys. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sync the Clojure SDK with upstream
github/copilot-sdkv1.0.1 -> v1.0.4 (@github/copilot1.0.63 -> 1.0.65), advancing the local version to1.0.4.0. This ports the v1.0.4 session-configuration surface while keeping strict parity with the official Node.js SDK.Ported SDK surface
Each item is RED/GREEN tested in
integration_test.clj.:preamblesection +:preserveaction — #1713:capi{:enable-web-socket-responses ...}+ provider:transport(:http/:websockets) — #1711:providers/:models(@experimental) — #1718:bearer-token-providerdynamic-token callback over a new inboundproviderToken.getTokenRPC (@experimental) — #1748:exp-assignmentsforwarded verbatim (@internal) — #1750open-canvasesvalidation relaxed to require only the three id fields (:instance-id+:extension-id+:canvas-id); the:reopen/:availabilityrequirements were dropped (session.ts parity)Deferred
The HTTP
requestHandler/llmInferencepassthrough (#1689, #1784, #1775) is a large, self-contained streaming-transport feature with no current HTTP/WS client dependency in the Clojure SDK. It is tracked in #140 for its own PR.Notes for reviewers
:bearer-token-providerand:providerstoken callbacks are stripped before serialization (the wire only seeshasBearerTokenProvider); the fns live in session state and are invoked when the runtime issues aproviderToken.getTokenrequest. Non-string callback results are rejected and never logged.redact-secretsmasks credentials across the whole:providersregistry via a sharedmask-providerhelper, not just the singular:provider.:providerwith the:providersregistry is rejected by a fail-fast client guard (validate-provider-config!), applied on both create and resume.Validation
Full E2E suite (383 tests / 2107 assertions / 0 failures / 0 errors), all examples exit 0,
bb validate-docsclean (17 files), jar builds at1.0.4.0.