Skip to content

chore(deps): bump @github/copilot-sdk from 1.0.5 to 1.0.6 in the production-dependencies group#194

Merged
patrick-knight merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-91ae17a45b
Jul 13, 2026
Merged

chore(deps): bump @github/copilot-sdk from 1.0.5 to 1.0.6 in the production-dependencies group#194
patrick-knight merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-91ae17a45b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 1 update: @github/copilot-sdk.

Updates @github/copilot-sdk from 1.0.5 to 1.0.6

Release notes

Sourced from @​github/copilot-sdk's releases.

GitHub Copilot SDK for Java 1.0.6

Installation

⚠️ Artifact versioning plan: Releases of this implementation track releases of the reference implementation. For each release of the reference implementation, there may follow a corresponding release of this implementation with the same number as the reference implementation. Release identifiers of the reference implementation are in the form vMaj.Min.Micro. For example v0.1.32. The corresponding maven version for the release will be Maj.Min.Micro-java.N, where Maj, Min and Micro are the corresponding numbers for the reference implementation release, and N is a monotonically increasing sequence number starting with 0 for each release. See the corresponding architectural decision record for more information in the docs/adr directory of the source code.

📦 [View on Maven Central](https://github.com/github/copilot-sdk/blob/HEAD/(central.sonatype.com/redacted)

📖 [Documentation](https://github.com/github/copilot-sdk/blob/HEAD/(github.github.io/redacted) · [Javadoc](https://github.com/github/copilot-sdk/blob/HEAD/(github.github.io/redacted)

Maven

<dependency>
    <groupId>com.github</groupId>
    <artifactId>copilot-sdk-java</artifactId>
    <version>1.0.6</version>
</dependency>

Gradle (Kotlin DSL)

implementation("com.github:copilot-sdk-java:1.0.6")

Gradle (Groovy DSL)

implementation 'com.github:copilot-sdk-java:1.0.6'

Feature: inline lambda tool definitions

Developers can now define tools directly at the call site using ToolDefinition.from(...) with typed lambda handlers and Param.of(...) parameter metadata — no separate annotated class required. Async variants (fromAsync) and ToolInvocation context injection (fromWithToolInvocation) are also available. (#1895)

ToolDefinition greet = ToolDefinition.from(
    "greet", "Greets a user by name",
    Param.of(String.class, "name", "The user's name"),
    name -> "Hello, " + name + "!");

Other changes

  • bugfix: [Java] preserve explicit null map values in JSON-RPC params so user setting clears reach the CLI (#1906)
  • feature: [Java] add experimental onGitHubTelemetry callback on CopilotClientOptions for receiving forwarded GitHub telemetry events (#1835)

Generated by Release Changelog Generator · sonnet46 2.5M

... (truncated)

Changelog

Sourced from @​github/copilot-sdk's changelog.

java/v1.0.6 (2026-07-08)

Feature: inline lambda tool definitions

Developers can now define tools directly at the call site using ToolDefinition.from(...) with typed lambda handlers and Param.of(...) parameter metadata — no separate annotated class required. Async variants (fromAsync) and ToolInvocation context injection (fromWithToolInvocation) are also available. (#1895)

ToolDefinition greet = ToolDefinition.from(
    "greet", "Greets a user by name",
    Param.of(String.class, "name", "The user's name"),
    name -> "Hello, " + name + "!");

Other changes

  • bugfix: [Java] preserve explicit null map values in JSON-RPC params so user setting clears reach the CLI (#1906)
  • feature: [Java] add experimental onGitHubTelemetry callback on CopilotClientOptions for receiving forwarded GitHub telemetry events (#1835)

java/v1.0.5-01 (2026-07-01)

Feature: new session options — citations, agent exclusions, and credit limits

Three new options are available on SessionConfig and ResumeSessionConfig. enableCitations (experimental) enables native model citations for supported providers; excludedBuiltInAgents hides named built-in agents from discovery; and sessionLimits sets a per-session AI-credit budget. (#1865)

SessionConfig config = new SessionConfig()
    .setEnableCitations(true)
    .setExcludedBuiltInAgents(List.of("copilot"))
    .setSessionLimits(new SessionLimitsConfig(100.0));

New contributors

Commits
  • 7e29004 Update @​github/copilot to 1.0.69 (#1941)
  • c9a7784 Surface Pydantic ValidationError to LLM in tool arg validation (#1862)
  • 5eead9c Update @​github/copilot to 1.0.69-3 (#1940)
  • 32298f9 Update ADR-007 title to indicate draft status
  • 45129af Make .NET CopilotClient.DisposeAsync graceful (#1932)
  • 7aaa13d C#: make per-client Environment coherent per transport (#1930)
  • f3ebf3e fix(python): preserve original JSON keys in Data shim round-trips (#1900)
  • 34e89cd Simplify in-process env isolation to snapshot/restore (#1929)
  • f250a9e Honor inprocess transport in C# E2E harness and fix in-process auth (#1920)
  • 0f8d9d4 docs(java): add ADR-007 native runtime bundling strategy (#1923)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 1 update: [@github/copilot-sdk](https://github.com/github/copilot-sdk).


Updates `@github/copilot-sdk` from 1.0.5 to 1.0.6
- [Release notes](https://github.com/github/copilot-sdk/releases)
- [Changelog](https://github.com/github/copilot-sdk/blob/main/CHANGELOG.md)
- [Commits](github/copilot-sdk@v1.0.5...v1.0.6)

---
updated-dependencies:
- dependency-name: "@github/copilot-sdk"
  dependency-version: 1.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 13, 2026
@dependabot dependabot Bot requested a review from patrick-knight as a code owner July 13, 2026 03:08
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 13, 2026
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updated@​github/​copilot-sdk@​1.0.5 ⏵ 1.0.680 +1100100 +1100 +1100

View full report

@patrick-knight patrick-knight merged commit 2f69a1c into main Jul 13, 2026
8 of 9 checks passed
@patrick-knight patrick-knight deleted the dependabot/npm_and_yarn/production-dependencies-91ae17a45b branch July 13, 2026 04:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant