@github/copilot-sdk 0.1.32 → 0.1.33-unstable.0

package/dist/client.d.ts

@@ -1,6 +1,39 @@
 import { createServerRpc } from "./generated/rpc.js";
 import { CopilotSession } from "./session.js";
 import type { ConnectionState, CopilotClientOptions, GetAuthStatusResponse, GetStatusResponse, ModelInfo, ResumeSessionConfig, SessionConfig, SessionLifecycleEventType, SessionLifecycleHandler, SessionListFilter, SessionMetadata, TypedSessionLifecycleHandler } from "./types.js";
+/**
+ * Main client for interacting with the Copilot CLI.
+ *
+ * The CopilotClient manages the connection to the Copilot CLI server and provides
+ * methods to create and manage conversation sessions. It can either spawn a CLI
+ * server process or connect to an existing server.
+ *
+ * @example
+ * ```typescript
+ * import { CopilotClient } from "@github/copilot-sdk";
+ *
+ * // Create a client with default options (spawns CLI server)
+ * const client = new CopilotClient();
+ *
+ * // Or connect to an existing server
+ * const client = new CopilotClient({ cliUrl: "localhost:3000" });
+ *
+ * // Create a session
+ * const session = await client.createSession({ onPermissionRequest: approveAll, model: "gpt-4" });
+ *
+ * // Send messages and handle responses
+ * session.on((event) => {
+ *   if (event.type === "assistant.message") {
+ *     console.log(event.data.content);
+ *   }
+ * });
+ * await session.send({ prompt: "Hello!" });
+ *
+ * // Clean up
+ * await session.disconnect();
+ * await client.stop();
+ * ```
+ */
 export declare class CopilotClient {
     private cliProcess;
     private connection;
@@ -13,6 +46,7 @@ export declare class CopilotClient {
     private options;
     private isExternalServer;
     private forceStopping;
+    private onListModels?;
     private modelsCache;
     private modelsCacheLock;
     private sessionLifecycleHandlers;
@@ -218,10 +252,13 @@ export declare class CopilotClient {
     /**
      * List available models with their metadata.
      *
+     * If an `onListModels` handler was provided in the client options,
+     * it is called instead of querying the CLI server.
+     *
      * Results are cached after the first successful call to avoid rate limiting.
      * The cache is cleared when the client disconnects.
      *
-     * @throws Error if not authenticated
+     * @throws Error if not connected (when no custom handler is set)
      */
     listModels(): Promise<ModelInfo[]>;
     /**

package/dist/client.js

@@ -46,6 +46,7 @@ class CopilotClient {
   options;
   isExternalServer = false;
   forceStopping = false;
+  onListModels;
   modelsCache = null;
   modelsCacheLock = Promise.resolve();
   sessionLifecycleHandlers = /* @__PURE__ */ new Set();
@@ -111,6 +112,7 @@ class CopilotClient {
     if (options.isChildProcess) {
       this.isExternalServer = true;
     }
+    this.onListModels = options.onListModels;
     this.options = {
       cliPath: options.cliPath || getBundledCliPath(),
       cliArgs: options.cliArgs ?? [],
@@ -401,6 +403,7 @@ class CopilotClient {
       mcpServers: config.mcpServers,
       envValueMode: "direct",
       customAgents: config.customAgents,
+      agent: config.agent,
       configDir: config.configDir,
       skillDirectories: config.skillDirectories,
       disabledSkills: config.disabledSkills,
@@ -480,6 +483,7 @@ class CopilotClient {
       mcpServers: config.mcpServers,
       envValueMode: "direct",
       customAgents: config.customAgents,
+      agent: config.agent,
       skillDirectories: config.skillDirectories,
       disabledSkills: config.disabledSkills,
       infiniteSessions: config.infiniteSessions,
@@ -556,15 +560,15 @@ class CopilotClient {
   /**
    * List available models with their metadata.
    *
+   * If an `onListModels` handler was provided in the client options,
+   * it is called instead of querying the CLI server.
+   *
    * Results are cached after the first successful call to avoid rate limiting.
    * The cache is cleared when the client disconnects.
    *
-   * @throws Error if not authenticated
+   * @throws Error if not connected (when no custom handler is set)
    */
   async listModels() {
-    if (!this.connection) {
-      throw new Error("Client not connected");
-    }
     await this.modelsCacheLock;
     let resolveLock;
     this.modelsCacheLock = new Promise((resolve) => {
@@ -574,10 +578,18 @@ class CopilotClient {
       if (this.modelsCache !== null) {
         return [...this.modelsCache];
       }
-      const result = await this.connection.sendRequest("models.list", {});
-      const response = result;
-      const models = response.models;
-      this.modelsCache = models;
+      let models;
+      if (this.onListModels) {
+        models = await this.onListModels();
+      } else {
+        if (!this.connection) {
+          throw new Error("Client not connected");
+        }
+        const result = await this.connection.sendRequest("models.list", {});
+        const response = result;
+        models = response.models;
+      }
+      this.modelsCache = [...models];
       return [...models];
     } finally {
       resolveLock();

package/dist/extension.d.ts

@@ -1,2 +1,20 @@
-import { CopilotClient } from "./client.js";
-export declare const extension: CopilotClient;
+import type { CopilotSession } from "./session.js";
+import type { ResumeSessionConfig } from "./types.js";
+/**
+ * Joins the current foreground session.
+ *
+ * @param config - Configuration to add to the session
+ * @returns A promise that resolves with the joined session
+ *
+ * @example
+ * ```typescript
+ * import { approveAll } from "@github/copilot-sdk";
+ * import { joinSession } from "@github/copilot-sdk/extension";
+ *
+ * const session = await joinSession({
+ *   onPermissionRequest: approveAll,
+ *   tools: [myTool],
+ * });
+ * ```
+ */
+export declare function joinSession(config: ResumeSessionConfig): Promise<CopilotSession>;

package/dist/extension.js

@@ -1,5 +1,17 @@
 import { CopilotClient } from "./client.js";
-const extension = new CopilotClient({ isChildProcess: true });
+async function joinSession(config) {
+  const sessionId = process.env.SESSION_ID;
+  if (!sessionId) {
+    throw new Error(
+      "joinSession() is intended for extensions running as child processes of the Copilot CLI."
+    );
+  }
+  const client = new CopilotClient({ isChildProcess: true });
+  return client.resumeSession(sessionId, {
+    ...config,
+    disableResume: config.disableResume ?? true
+  });
+}
 export {
-  extension
+  joinSession
 };

package/dist/generated/rpc.d.ts

@@ -162,6 +162,7 @@ export interface SessionModelSwitchToParams {
      */
     sessionId: string;
     modelId: string;
+    reasoningEffort?: "low" | "medium" | "high" | "xhigh";
 }
 export interface SessionModeGetResult {
     /**
@@ -442,6 +443,30 @@ export interface SessionPermissionsHandlePendingPermissionRequestParams {
         message: string;
     };
 }
+export interface SessionLogResult {
+    /**
+     * The unique identifier of the emitted session event
+     */
+    eventId: string;
+}
+export interface SessionLogParams {
+    /**
+     * Target session identifier
+     */
+    sessionId: string;
+    /**
+     * Human-readable message
+     */
+    message: string;
+    /**
+     * Log severity level. Determines how the message is displayed in the timeline. Defaults to "info".
+     */
+    level?: "info" | "warning" | "error";
+    /**
+     * When true, the message is transient and not persisted to the session event log on disk
+     */
+    ephemeral?: boolean;
+}
 /** Create typed server-scoped RPC methods (no session required). */
 export declare function createServerRpc(connection: MessageConnection): {
     ping: (params: PingParams) => Promise<PingResult>;
@@ -493,4 +518,5 @@ export declare function createSessionRpc(connection: MessageConnection, sessionI
     permissions: {
         handlePendingPermissionRequest: (params: Omit<SessionPermissionsHandlePendingPermissionRequestParams, "sessionId">) => Promise<SessionPermissionsHandlePendingPermissionRequestResult>;
     };
+    log: (params: Omit<SessionLogParams, "sessionId">) => Promise<SessionLogResult>;
 };

package/dist/generated/rpc.js

@@ -49,7 +49,8 @@ function createSessionRpc(connection, sessionId) {
     },
     permissions: {
       handlePendingPermissionRequest: async (params) => connection.sendRequest("session.permissions.handlePendingPermissionRequest", { sessionId, ...params })
-    }
+    },
+    log: async (params) => connection.sendRequest("session.log", { sessionId, ...params })
   };
 }
 export {

package/dist/generated/session-events.d.ts

@@ -66,6 +66,7 @@ export type SessionEvent = {
              */
             branch?: string;
         };
+        alreadyInUse?: boolean;
     };
 } | {
     /**
@@ -115,6 +116,7 @@ export type SessionEvent = {
              */
             branch?: string;
         };
+        alreadyInUse?: boolean;
     };
 } | {
     /**
@@ -2090,6 +2092,80 @@ export type SessionEvent = {
             };
         };
     };
+} | {
+    /**
+     * Unique event identifier (UUID v4), generated when the event is emitted
+     */
+    id: string;
+    /**
+     * ISO 8601 timestamp when the event was created
+     */
+    timestamp: string;
+    /**
+     * ID of the chronologically preceding event in the session, forming a linked chain. Null for the first event.
+     */
+    parentId: string | null;
+    /**
+     * When true, the event is transient and not persisted to the session event log on disk
+     */
+    ephemeral?: boolean;
+    type: "system.notification";
+    data: {
+        /**
+         * The notification text, typically wrapped in <system_notification> XML tags
+         */
+        content: string;
+        /**
+         * Structured metadata identifying what triggered this notification
+         */
+        kind: {
+            type: "agent_completed";
+            /**
+             * Unique identifier of the background agent
+             */
+            agentId: string;
+            /**
+             * Type of the agent (e.g., explore, task, general-purpose)
+             */
+            agentType: string;
+            /**
+             * Whether the agent completed successfully or failed
+             */
+            status: "completed" | "failed";
+            /**
+             * Human-readable description of the agent task
+             */
+            description?: string;
+            /**
+             * The full prompt given to the background agent
+             */
+            prompt?: string;
+        } | {
+            type: "shell_completed";
+            /**
+             * Unique identifier of the shell session
+             */
+            shellId: string;
+            /**
+             * Exit code of the shell command, if available
+             */
+            exitCode?: number;
+            /**
+             * Human-readable description of the command
+             */
+            description?: string;
+        } | {
+            type: "shell_detached_completed";
+            /**
+             * Unique identifier of the detached shell session
+             */
+            shellId: string;
+            /**
+             * Human-readable description of the command
+             */
+            description?: string;
+        };
+    };
 } | {
     /**
      * Unique event identifier (UUID v4), generated when the event is emitted

package/dist/session.d.ts

@@ -339,4 +339,24 @@ export declare class CopilotSession {
      * ```
      */
     setModel(model: string): Promise<void>;
+    /**
+     * Log a message to the session timeline.
+     * The message appears in the session event stream and is visible to SDK consumers
+     * and (for non-ephemeral messages) persisted to the session event log on disk.
+     *
+     * @param message - Human-readable message text
+     * @param options - Optional log level and ephemeral flag
+     *
+     * @example
+     * ```typescript
+     * await session.log("Processing started");
+     * await session.log("Disk usage high", { level: "warning" });
+     * await session.log("Connection failed", { level: "error" });
+     * await session.log("Debug info", { ephemeral: true });
+     * ```
+     */
+    log(message: string, options?: {
+        level?: "info" | "warning" | "error";
+        ephemeral?: boolean;
+    }): Promise<void>;
 }

package/dist/session.js

@@ -501,6 +501,25 @@ class CopilotSession {
   async setModel(model) {
     await this.rpc.model.switchTo({ modelId: model });
   }
+  /**
+   * Log a message to the session timeline.
+   * The message appears in the session event stream and is visible to SDK consumers
+   * and (for non-ephemeral messages) persisted to the session event log on disk.
+   *
+   * @param message - Human-readable message text
+   * @param options - Optional log level and ephemeral flag
+   *
+   * @example
+   * ```typescript
+   * await session.log("Processing started");
+   * await session.log("Disk usage high", { level: "warning" });
+   * await session.log("Connection failed", { level: "error" });
+   * await session.log("Debug info", { ephemeral: true });
+   * ```
+   */
+  async log(message, options) {
+    await this.rpc.log({ message, ...options });
+  }
 }
 export {
   CopilotSession

package/dist/types.d.ts

@@ -77,6 +77,13 @@ export interface CopilotClientOptions {
      * @default true (but defaults to false when githubToken is provided)
      */
     useLoggedInUser?: boolean;
+    /**
+     * Custom handler for listing available models.
+     * When provided, client.listModels() calls this handler instead of
+     * querying the CLI server. Useful in BYOK mode to return models
+     * available from your custom provider.
+     */
+    onListModels?: () => Promise<ModelInfo[]> | ModelInfo[];
 }
 /**
  * Configuration for creating a session
@@ -586,6 +593,12 @@ export interface SessionConfig {
      * Custom agent configurations for the session.
      */
     customAgents?: CustomAgentConfig[];
+    /**
+     * Name of the custom agent to activate when the session starts.
+     * Must match the `name` of one of the agents in `customAgents`.
+     * Equivalent to calling `session.rpc.agent.select({ name })` after creation.
+     */
+    agent?: string;
     /**
      * Directories to load skills from.
      */
@@ -604,7 +617,7 @@ export interface SessionConfig {
 /**
  * Configuration for resuming a session
  */
-export type ResumeSessionConfig = Pick<SessionConfig, "clientName" | "model" | "tools" | "systemMessage" | "availableTools" | "excludedTools" | "provider" | "streaming" | "reasoningEffort" | "onPermissionRequest" | "onUserInputRequest" | "hooks" | "workingDirectory" | "configDir" | "mcpServers" | "customAgents" | "skillDirectories" | "disabledSkills" | "infiniteSessions"> & {
+export type ResumeSessionConfig = Pick<SessionConfig, "clientName" | "model" | "tools" | "systemMessage" | "availableTools" | "excludedTools" | "provider" | "streaming" | "reasoningEffort" | "onPermissionRequest" | "onUserInputRequest" | "hooks" | "workingDirectory" | "configDir" | "mcpServers" | "customAgents" | "agent" | "skillDirectories" | "disabledSkills" | "infiniteSessions"> & {
     /**
      * When true, skips emitting the session.resume event.
      * Useful for reconnecting to a session without triggering resume-related side effects.

package/docs/agent-author.md

@@ -0,0 +1,265 @@
+# Agent Extension Authoring Guide
+
+A precise, step-by-step reference for agents writing Copilot CLI extensions programmatically.
+
+## Workflow
+
+### Step 1: Scaffold the extension
+
+Use the `extensions_manage` tool with `operation: "scaffold"`:
+
+```
+extensions_manage({ operation: "scaffold", name: "my-extension" })
+```
+
+This creates `.github/extensions/my-extension/extension.mjs` with a working skeleton.
+For user-scoped extensions (persist across all repos), add `location: "user"`.
+
+### Step 2: Edit the extension file
+
+Modify the generated `extension.mjs` using `edit` or `create` tools. The file must:
+- Be named `extension.mjs` (only `.mjs` is supported)
+- Use ES module syntax (`import`/`export`)
+- Call `joinSession({ ... })`
+
+### Step 3: Reload extensions
+
+```
+extensions_reload({})
+```
+
+This stops all running extensions and re-discovers/re-launches them. New tools are available immediately in the same turn (mid-turn refresh).
+
+### Step 4: Verify
+
+```
+extensions_manage({ operation: "list" })
+extensions_manage({ operation: "inspect", name: "my-extension" })
+```
+
+Check that the extension loaded successfully and isn't marked as "failed".
+
+---
+
+## File Structure
+
+```
+.github/extensions/<name>/extension.mjs
+```
+
+Discovery rules:
+- The CLI scans `.github/extensions/` relative to the git root
+- It also scans the user's copilot config extensions directory
+- Only immediate subdirectories are checked (not recursive)
+- Each subdirectory must contain a file named `extension.mjs`
+- Project extensions shadow user extensions on name collision
+
+---
+
+## Minimal Skeleton
+
+```js
+import { approveAll } from "@github/copilot-sdk";
+import { joinSession } from "@github/copilot-sdk/extension";
+
+await joinSession({
+    onPermissionRequest: approveAll, // Required — handle permission requests
+    tools: [],                     // Optional — custom tools
+    hooks: {},                     // Optional — lifecycle hooks
+});
+```
+
+---
+
+## Registering Tools
+
+```js
+tools: [
+    {
+        name: "tool_name",           // Required. Must be globally unique across all extensions.
+        description: "What it does", // Required. Shown to the agent in tool descriptions.
+        parameters: {                // Optional. JSON Schema for the arguments.
+            type: "object",
+            properties: {
+                arg1: { type: "string", description: "..." },
+            },
+            required: ["arg1"],
+        },
+        handler: async (args, invocation) => {
+            // args: parsed arguments matching the schema
+            // invocation.sessionId: current session ID
+            // invocation.toolCallId: unique call ID
+            // invocation.toolName: this tool's name
+            //
+            // Return value: string or ToolResultObject
+            //   string → treated as success
+            //   { textResultForLlm, resultType } → structured result
+            //     resultType: "success" | "failure" | "rejected" | "denied"
+            return `Result: ${args.arg1}`;
+        },
+    },
+]
+```
+
+**Constraints:**
+- Tool names must be unique across ALL loaded extensions. Collisions cause the second extension to fail to load.
+- Handler must return a string or `{ textResultForLlm: string, resultType?: string }`.
+- Handler receives `(args, invocation)` — the second argument has `sessionId`, `toolCallId`, `toolName`.
+- Use `session.log()` to surface messages to the user. Don't use `console.log()` (stdout is reserved for JSON-RPC).
+
+---
+
+## Registering Hooks
+
+```js
+hooks: {
+    onUserPromptSubmitted: async (input, invocation) => { ... },
+    onPreToolUse: async (input, invocation) => { ... },
+    onPostToolUse: async (input, invocation) => { ... },
+    onSessionStart: async (input, invocation) => { ... },
+    onSessionEnd: async (input, invocation) => { ... },
+    onErrorOccurred: async (input, invocation) => { ... },
+}
+```
+
+All hook inputs include `timestamp` (unix ms) and `cwd` (working directory).
+All handlers receive `invocation: { sessionId: string }` as the second argument.
+All handlers may return `void`/`undefined` (no-op) or an output object.
+
+### onUserPromptSubmitted
+
+**Input:** `{ prompt: string, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `modifiedPrompt` | `string` | Replaces the user's prompt |
+| `additionalContext` | `string` | Appended as hidden context the agent sees |
+
+### onPreToolUse
+
+**Input:** `{ toolName: string, toolArgs: unknown, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `permissionDecision` | `"allow" \| "deny" \| "ask"` | Override the permission check |
+| `permissionDecisionReason` | `string` | Shown to user if denied |
+| `modifiedArgs` | `unknown` | Replaces the tool arguments |
+| `additionalContext` | `string` | Injected into the conversation |
+
+### onPostToolUse
+
+**Input:** `{ toolName: string, toolArgs: unknown, toolResult: ToolResultObject, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `modifiedResult` | `ToolResultObject` | Replaces the tool result |
+| `additionalContext` | `string` | Injected into the conversation |
+
+### onSessionStart
+
+**Input:** `{ source: "startup" \| "resume" \| "new", initialPrompt?: string, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `additionalContext` | `string` | Injected as initial context |
+
+### onSessionEnd
+
+**Input:** `{ reason: "complete" \| "error" \| "abort" \| "timeout" \| "user_exit", finalMessage?: string, error?: string, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `sessionSummary` | `string` | Summary for session persistence |
+| `cleanupActions` | `string[]` | Cleanup descriptions |
+
+### onErrorOccurred
+
+**Input:** `{ error: string, errorContext: "model_call" \| "tool_execution" \| "system" \| "user_input", recoverable: boolean, timestamp, cwd }`
+
+**Output (all fields optional):**
+| Field | Type | Effect |
+|-------|------|--------|
+| `errorHandling` | `"retry" \| "skip" \| "abort"` | How to handle the error |
+| `retryCount` | `number` | Max retries (when errorHandling is "retry") |
+| `userNotification` | `string` | Message shown to the user |
+
+---
+
+## Session Object
+
+After `joinSession()`, the returned `session` provides:
+
+### session.send(options)
+
+Send a message programmatically:
+```js
+await session.send({ prompt: "Analyze the test results." });
+await session.send({
+    prompt: "Review this file",
+    attachments: [{ type: "file", path: "./src/index.ts" }],
+});
+```
+
+### session.sendAndWait(options, timeout?)
+
+Send and block until the agent finishes (resolves on `session.idle`):
+```js
+const response = await session.sendAndWait({ prompt: "What is 2+2?" });
+// response?.data.content contains the agent's reply
+```
+
+### session.log(message, options?)
+
+Log to the CLI timeline:
+```js
+await session.log("Extension ready");
+await session.log("Rate limit approaching", { level: "warning" });
+await session.log("Connection failed", { level: "error" });
+await session.log("Processing...", { ephemeral: true }); // transient, not persisted
+```
+
+### session.on(eventType, handler)
+
+Subscribe to session events. Returns an unsubscribe function.
+```js
+const unsub = session.on("tool.execution_complete", (event) => {
+    // event.data.toolName, event.data.success, event.data.result
+});
+```
+
+### Key Event Types
+
+| Event | Key Data Fields |
+|-------|----------------|
+| `assistant.message` | `content`, `messageId` |
+| `tool.execution_start` | `toolCallId`, `toolName`, `arguments` |
+| `tool.execution_complete` | `toolCallId`, `toolName`, `success`, `result`, `error` |
+| `user.message` | `content`, `attachments`, `source` |
+| `session.idle` | `backgroundTasks` |
+| `session.error` | `errorType`, `message`, `stack` |
+| `permission.requested` | `requestId`, `permissionRequest.kind` |
+| `session.shutdown` | `shutdownType`, `totalPremiumRequests` |
+
+### session.workspacePath
+
+Path to the session workspace directory (checkpoints, plan.md, files/). `undefined` if infinite sessions disabled.
+
+### session.rpc
+
+Low-level typed RPC access to all session APIs (model, mode, plan, workspace, etc.).
+
+---
+
+## Gotchas
+
+- **stdout is reserved for JSON-RPC.** Don't use `console.log()` — it will corrupt the protocol. Use `session.log()` to surface messages to the user.
+- **Tool name collisions are fatal.** If two extensions register the same tool name, the second extension fails to initialize.
+- **Don't call `session.send()` synchronously from `onUserPromptSubmitted`.** Use `setTimeout(() => session.send(...), 0)` to avoid infinite loops.
+- **Extensions are reloaded on `/clear`.** Any in-memory state is lost between sessions.
+- **Only `.mjs` is supported.** TypeScript (`.ts`) is not yet supported.
+- **The handler's return value is the tool result.** Returning `undefined` sends an empty success. Throwing sends a failure with the error message.