[upstream-sync] Port upstream PRs #808, #803, #802: skipPermission, deprecate autoRestart, optional join-session permission handler

[github-actions]

Summary

Ports three upstream changes from github/copilot-sdk merged 2026-03-12/13.

---

Upstream PRs Ported

PR #808 — Allow tools to set skipPermission

Node.js SDK change: Tool(TArgs) interface gains an optional skipPermission?: boolean field. When true, the tool can execute without triggering a permission prompt.

Clojure port:

• Added ::skip-permission? spec to specs.clj
• Added :skip-permission? as optional key in ::tool spec
• Both build-create-session-params and build-resume-session-params now emit skipPermission: true in the wire tool definition when :skip-permission? true is set

Usage:

{:tool-name "safe_lookup"
 :tool-description "A read-only lookup that needs no confirmation"
 :skip-permission? true
 :tool-handler (fn [params _inv] (str "RESULT: " (:id params)))}

---

PR #803 — Remove autoRestart feature

Node.js SDK change: autoRestart?: boolean in CopilotClientOptions is now @deprecated This option has no effect and will be removed in a future release. Internally hardcoded to false; reconnect logic removed.

Clojure port:

• :auto-restart? default changed from true to false
• maybe-reconnect! is now a no-op (reconnect logic removed)
• Docstring updated to mark :auto-restart? as deprecated

---

PR #802 — Add no-result permission handling for extensions

Node.js SDK change: joinSession exposes JoinSessionConfig which is ResumeSessionConfig with onPermissionRequest made optional. Default handler returns {kind: "no-result"}.

Clojure port:

• New ::join-session-config spec in specs.clj — same as ::resume-session-config but :on-permission-request is optional
• join-session now defaults :on-permission-request to (constantly {:kind :no-result}) when not provided
• instrument.clj updated to use ::join-session-config for join-session's :args spec

Usage (extensions that use :skip-permission? tools don't need a permission handler):

(join-session {:tools [my-tool]})  ; :on-permission-request now optional

---

PRs Skipped

PR	Reason
#827	Go-specific (LogOptions.Ephemeral *bool)
#805	.NET-specific (timeout pattern refactor)
#804	.NET documentation only
#793	Python-specific (CopilotClient.__init__ refactor)
#791	.NET/Go-specific (event dispatch serialization)

---

Testing

Tests could not be run in the CI environment due to Maven dependency resolution limitations (no write access to ~/.m2/ and network restrictions). The changes are:

• Small, targeted, and follow existing patterns exactly
• Paren-balanced (verified with static analysis)
• Consistent with the upstream Node.js SDK changes

The PR is submitted as draft for maintainer review and CI run.

Generated by Upstream Sync Agent · ◷

• expires on Mar 20, 2026, 2:04 PM UTC