Skip to content

[dotnet-port-fixes] Gate approval-required Copilot tools#459

Draft
michelle-clayton-work wants to merge 3 commits into
mainfrom
dotnet-port-fixes/copilot-approval-hook-948902a819b965e3
Draft

[dotnet-port-fixes] Gate approval-required Copilot tools#459
michelle-clayton-work wants to merge 3 commits into
mainfrom
dotnet-port-fixes/copilot-approval-hook-948902a819b965e3

Conversation

@michelle-clayton-work

@michelle-clayton-work michelle-clayton-work commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Summary

Align provider/copilotprovider with the .NET Copilot approval fix by installing a default OnPreToolUse hook for approval-required tools when the caller has not provided one. The hook returns ask for tools that require approval, preserves caller-supplied Hooks.OnPreToolUse, and clones tool/hook state so per-run session assembly does not mutate the caller's SessionConfig.

This also adds a developer warning when a caller-supplied Hooks.OnPreToolUse is present alongside approval-required tools, indicating those tools will not be auto-gated and the custom hook is responsible for approval handling.

Ported .NET PRs

Breaking Changes

No.

Tests and Examples

  • go test ./provider/copilotprovider -count=1
  • go test ./provider/... -count=1
  • go test ./... -count=1
  • Added internal tests covering create-session and resume-session approval gating, preservation of caller-supplied OnPreToolUse hooks, non-mutation of source SessionConfig, and warning emission when custom hooks bypass auto-gating.

Notes

  • Other recent upstream candidates were skipped because they were broader API work or upstream-only test churn.
  • This Go port keeps caller-provided Hooks.OnPreToolUse authoritative and now emits a warning when approval-required tools are present but auto-gating is skipped due to a custom hook.

> Generated by .NET to Go Fixes and Test Porting Agent · 953.8 AIC · ⌖ 32.3 AIC · ⊞ 21.7K ·

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Cross-repo consistency review

This PR correctly ports the core approval-hook behavior from the upstream .NET commit (d5c5fb9). The mechanism — install a default OnPreToolUse hook that returns "ask" for approval-required tools, defer to the caller's own hook if one is already supplied — is semantically aligned across Go, .NET, and Python.

One intentional divergence: missing developer warning

Both upstream implementations emit a warning when the caller supplies their own OnPreToolUse hook and there are approval-required tools that will therefore not be auto-gated:

Python (_agent.py ~L1040):

logger.warning(
    "A custom 'on_pre_tool_use' hook is configured, so %d approval-required tool(s) (%s) "
    "will not be automatically gated by GitHubCopilotAgent. The custom hook is responsible "
    "for enforcing approval ...",
    ...
)

.NET (GitHubCopilotAgent.cs ~L578–585):

if (sessionConfig.Hooks?.OnPreToolUse is not null)
{
    if (logger.IsEnabled(LogLevel.Warning))
        logger.LogApprovalGatingSkippedDueToCustomHook(...);
    return sessionConfig;
}

The Go implementation silently returns the caller's hooks without any log output, which the PR description explicitly acknowledges as a deliberate choice ("does not add a new logger surface just to warn when callers override approval handling").

This is a real but intentional divergence. The warning exists upstream as a developer-safety signal: if a caller supplies their own OnPreToolUse hook, they are silently responsible for gating approval-required tools, and nothing alerts them to this responsibility. Aligning Go with this behavior (e.g., via slog.Warn or a similar lightweight log call) would close the parity gap without requiring a new top-level API surface.

Suggested upstream surfaces to revisit if/when closing this gap:

  • Python: agent_framework_github_copilot/_agent.py_build_session_hooks() (L1032–1047)
  • .NET: Microsoft.Agents.AI.GitHub.Copilot/GitHubCopilotAgent.csConfigureApprovalHook() (L555–606)

All other aspects of the port — hook cloning, slices.Clone for tools to prevent source mutation, resumeSessionConfig coverage, and SkipPermission → approval-required mapping — are consistent with upstream semantics.

Generated by Go API Consistency Review Agent for #459 · 294.1 AIC · ⌖ 13 AIC · ⊞ 27.1K ·

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generated by Go API Consistency Review Agent for #459 · 294.1 AIC · ⌖ 13 AIC · ⊞ 27.1K

Comment thread provider/copilotprovider/copilot.go Outdated
return hooks
}
approvalRequiredToolNames := approvalRequiredToolNames(tools)
if len(approvalRequiredToolNames) == 0 {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Parity gap vs. .NET and Python: Both upstream implementations log a developer-facing warning here when the caller's own hook takes precedence and there are approval-required tools that will not be auto-gated.

Python logs:

"A custom 'on_pre_tool_use' hook is configured, so N approval-required tool(s) (...) will not be automatically gated"

.NET calls:

logger.LogApprovalGatingSkippedDueToCustomHook(count, names)

The PR intentionally omits this warning to avoid a new logger surface. If the Go SDK grows a logger pattern (the codebase does use slog in other packages), consider adding a slog.Warn here to match upstream developer-safety behavior — no public API change is needed.

@michelle-clayton-work

Copy link
Copy Markdown
Contributor Author

@copilot address PR feedback and resolve conversations once addressed

Copilot AI and others added 2 commits July 10, 2026 20:36
Co-authored-by: michelle-clayton-work <262183035+michelle-clayton-work@users.noreply.github.com>
Co-authored-by: michelle-clayton-work <262183035+michelle-clayton-work@users.noreply.github.com>

Copilot AI commented Jul 10, 2026

Copy link
Copy Markdown

@copilot address PR feedback and resolve conversations once addressed

Addressed the PR feedback in commit 4468762 by adding the custom-hook approval-gating warning path and accompanying test coverage in provider/copilotprovider. You can resolve the related conversation thread now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants