Skip to content

Bump the java-codegen-deps group in /java/scripts/codegen with 2 updates#1364

Closed
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/npm_and_yarn/java/scripts/codegen/java-codegen-deps-4f641f8ab1
Closed

Bump the java-codegen-deps group in /java/scripts/codegen with 2 updates#1364
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/npm_and_yarn/java/scripts/codegen/java-codegen-deps-4f641f8ab1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 21, 2026
edited by edburns
Loading

Superseded by #1389 .

Bumps the java-codegen-deps group in /java/scripts/codegen with 2 updates: @github/copilot and tsx.

Updates @github/copilot from 1.0.49-3 to 1.0.51

Release notes

Sourced from @​github/copilot's releases.

1.0.51

2026-05-20

  • --session-id=<id> resumes known sessions or tasks, and starts new sessions with a specific UUID
  • /remote commands now respect organization remote control and view from cloud policy and show a clear error when disabled
  • /remote command can now be used while the agent is working
  • Customizable status line in the terminal footer displays session info such as model, context window, git branch, and more
  • MCP tool loading at startup is faster for users with many HTTP-based MCP servers
  • Settings file no longer accumulates unrelated config keys when settings are updated
  • Add /security-review slash command to review code changes for security vulnerabilities (experimental)
  • Add preMcpToolCall hook for hook providers to control outgoing MCP request metadata
  • Add /chronicle cost-tips subcommand for personalized token usage and cost reduction recommendations
  • MCP servers using OAuth stay connected when authentication was performed in a separate session
  • GFM tables and blockquotes inside list items render correctly without a floating top border
  • Experimental mode indicator now appears persistently in the app header instead of as a one-time notification
  • Loading indicator color matches the active mode (plan, autopilot, shell)
  • Session naming works correctly for usage-based billing users
  • Pressing Enter on a highlighted subcommand completion inserts the selection instead of submitting the partial command
  • Use default release notes when publishing a release with no changelog entries
  • Editor launched with Ctrl+G no longer steals keystrokes or requires double keypresses
  • /memory show displays documentation links for learning about and managing Copilot Memory
  • Add terminalProgress setting to enable or disable OSC 9;4 terminal progress indicators
  • postToolUse hooks can now inject additionalContext into successful tool results
  • Only show remote session startup failure when remote mode is explicitly requested via --remote or enabled in user configuration
  • Shell tool calls succeed even when the model omits the description parameter
  • Ensure input token usage includes cached, update token formatting to clarify
  • Login prompt more clearly warns when token storage falls back to insecure plain text config file
  • GitHub MCP web search tool is available immediately without requiring tool search
  • Secret scanning now covers commit messages and PR descriptions, redacting secrets before they are published
  • Input area grows responsively with terminal height instead of capping at 3 lines

1.0.51-3

Added

  • Add /security-review slash command to review code changes for security vulnerabilities
  • Add preMcpToolCall hook for hook providers to control outgoing MCP request metadata
  • Add /chronicle cost-tips subcommand for personalized token usage and cost reduction recommendations

Improved

  • Experimental mode indicator now appears persistently in the app header instead of as a one-time notification
  • Loading indicator color matches the active mode (plan, autopilot, shell)

Fixed

  • MCP servers using OAuth stay connected when authentication was performed in a separate session
  • GFM tables and blockquotes inside list items render correctly without a floating top border

1.0.51-2

Improved

  • /memory show displays documentation links for learning about and managing Copilot Memory

Fixed

... (truncated)

Changelog

Sourced from @​github/copilot's changelog.

1.0.51 - 2026-05-20

  • --session-id=<id> resumes known sessions or tasks, and starts new sessions with a specific UUID
  • /remote commands now respect organization remote control and view from cloud policy and show a clear error when disabled
  • /remote command can now be used while the agent is working
  • Customizable status line in the terminal footer displays session info such as model, context window, git branch, and more
  • MCP tool loading at startup is faster for users with many HTTP-based MCP servers
  • Settings file no longer accumulates unrelated config keys when settings are updated
  • Add /security-review slash command to review code changes for security vulnerabilities
  • Add preMcpToolCall hook for hook providers to control outgoing MCP request metadata
  • Add /chronicle cost-tips subcommand for personalized token usage and cost reduction recommendations
  • MCP servers using OAuth stay connected when authentication was performed in a separate session
  • GFM tables and blockquotes inside list items render correctly without a floating top border
  • Experimental mode indicator now appears persistently in the app header instead of as a one-time notification
  • Loading indicator color matches the active mode (plan, autopilot, shell)
  • Session naming works correctly for usage-based billing users
  • Pressing Enter on a highlighted subcommand completion inserts the selection instead of submitting the partial command
  • Use default release notes when publishing a release with no changelog entries
  • Editor launched with Ctrl+G no longer steals keystrokes or requires double keypresses
  • /memory show displays documentation links for learning about and managing Copilot Memory
  • Add terminalProgress setting to enable or disable OSC 9;4 terminal progress indicators
  • postToolUse hooks can now inject additionalContext into successful tool results
  • Only show remote session startup failure when remote mode is explicitly requested via --remote or enabled in user configuration
  • Shell tool calls succeed even when the model omits the description parameter
  • Ensure input token usage includes cached, update token formatting to clarify
  • Login prompt more clearly warns when token storage falls back to insecure plain text config file
  • GitHub MCP web search tool is available immediately without requiring tool search
  • Secret scanning now covers commit messages and PR descriptions, redacting secrets before they are published
  • Input area grows responsively with terminal height instead of capping at 3 lines

1.0.49 - 2026-05-18

  • postToolUse hook additionalContext is now injected as a system message for the model instead of being silently discarded
  • Mouse clicks in the prompt correctly position cursor when input contains wide characters (CJK, emoji)
  • Add /chronicle search subcommand to search all session content by keyword or topic
  • /user switch reuses the fetched user list and shows a loading spinner on first open
  • MCP servers using static OAuth clients correctly persist registration for token refreshes
  • Add support for running the CLI on Alpine Linux (musl libc)
  • Add /exit print option to print the session to the terminal before exiting
  • Add /rubber-duck command to get an independent critique of the agent's current work
  • Add /session id subcommand to display the current session ID and copy it to the clipboard
  • Add auth.redirectPort config option for MCP servers to pin the OAuth callback to a fixed port
  • Add /memory on|off|show slash command to enable, disable, or view memory status (persistent)
  • Add copilot plugin update --all to update all installed plugins at once
  • Add /rubber-duck command to invoke the rubber duck agent for an independent critique (experimental)
  • Input prompt collapses to a single line when empty and grows naturally as you type
  • File diffs are correctly reported to ACP clients for all edit tool types
  • Repo hooks in .github/hooks/ now load in prompt mode (-p) when the folder is already trusted
  • Fix extra line in timeline entries
  • Box drawing and block characters render correctly on Windows terminals not using UTF-8 code page

... (truncated)

Commits

Updates tsx from 4.21.0 to 4.22.3

Release notes

Sourced from tsx's releases.

v4.22.3

4.22.3 (2026-05-19)

Bug Fixes

  • decode typed loader source (dce02fc)
  • preserve entrypoint with TypeScript preload hooks (68f72f3)

This release is also available on:

v4.22.2

4.22.2 (2026-05-18)

Bug Fixes

  • preserve CJS JSON require in ESM hooks (35b700b)
  • preserve named exports from CommonJS TypeScript (11de737)
  • support module.exports require(esm) interop (cf8f199)

This release is also available on:

v4.22.1

4.22.1 (2026-05-17)

Bug Fixes

  • resolve tsconfig path aliases containing a colon (#780) (6979f28)

This release is also available on:

v4.22.0

4.22.0 (2026-05-14)

Features

This release is also available on:

... (truncated)

Commits
  • dce02fc fix: decode typed loader source
  • 68f72f3 fix: preserve entrypoint with TypeScript preload hooks
  • 69455cf test: cover package exports for ambiguous ESM reexports
  • 35b700b fix: preserve CJS JSON require in ESM hooks
  • ef807db chore: update testing dependencies
  • 3917090 test: document compatibility test taxonomy
  • de8113f refactor: centralize Node capability facts
  • c1f62db test: consolidate tsconfig path edge coverage
  • 4e08174 test: consolidate loader hook coverage
  • 674bb30 test: consolidate tsImport commonjs mts coverage
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for tsx since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the java-codegen-deps group in /java/scripts/codegen with 2 updates
3e8eb0c 
Bumps the java-codegen-deps group in /java/scripts/codegen with 2 updates: [@github/copilot](https://github.com/github/copilot-cli) and [tsx](https://github.com/privatenumber/tsx).


Updates `@github/copilot` from 1.0.49-3 to 1.0.51
- [Release notes](https://github.com/github/copilot-cli/releases)
- [Changelog](https://github.com/github/copilot-cli/blob/main/changelog.md)
- [Commits](https://github.com/github/copilot-cli/commits/v1.0.51)

Updates `tsx` from 4.21.0 to 4.22.3
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.22.3)

---
updated-dependencies:
- dependency-name: "@github/copilot"
  dependency-version: 1.0.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: java-codegen-deps
- dependency-name: tsx
  dependency-version: 4.22.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: java-codegen-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 21, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 21, 2026 17:30
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 21, 2026
github-actions Bot and others added 2 commits May 21, 2026 17:31
@github-actions
Regenerate Java codegen output
cb8a3fd 
Auto-committed by java-codegen-check workflow.
@github-actions
Fix Java codegen and build failures after @github/copilot update
19891e5 
The new @github/copilot schemas introduced cross-schema $ref references
in api.schema.json pointing to session-events.schema.json definitions:
- session-events.schema.json#/definitions/SessionEvent
- session-events.schema.json#/definitions/PermissionPromptRequest

The code generator only handled local #/definitions/ refs, causing invalid
Java type names to be emitted (the raw $ref string), which produced
compilation errors:
  PendingPermissionRequest.java: illegal character '#'
  SessionEventLogReadResult.java: '<identifier> expected', etc.

Fix in java/scripts/codegen/java.ts:
- Track generated session-events type names in generatedSessionEventsTypes
- Store session-events definitions in sessionEventsDefinitions
- In schemaTypeToJava, detect cross-schema refs and resolve them:
  - If the type is already generated in the session-events package
    (e.g. SessionEvent), emit it with the correct import
  - Otherwise resolve inline using the external definitions
    (anyOf unions like PermissionPromptRequest fall back to Object)

Regenerated affected files:
  PendingPermissionRequest.java: request field now typed as Object
  SessionEventLogReadResult.java: events field now typed as List<SessionEvent>

Automated fix applied by java-codegen-fix workflow.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 21, 2026

Commit pushed: 19891e5

Generated by Java Codegen Agentic Fix · ● 50.6M

@stephentoub stephentoub requested a review from edburns May 21, 2026 19:52
@edburns
Copy link
Copy Markdown
Collaborator

edburns commented May 22, 2026

Hi @stephentoub,

I'm closing this PR for now. The same changes were brought over (also agentically) from copilot-sdk-java#224 as #1389, using the existing agentic sync process from the standalone Java repo.

I'd like to defer to whatever direction you and the team settle on in ghcp-sp-109 for the long-term maintenance policy. Once that's decided, we'll shut down Java SDK's standalone repo sync process accordingly — currently it just runs weekly on Fridays, and I'm happy to turn it off or adapt it to whatever workflow makes the most sense for the monorepo.

Please let me know if you'd prefer a different approach in the meantime.

@edburns edburns closed this May 22, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 22, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/java/scripts/codegen/java-codegen-deps-4f641f8ab1 branch May 22, 2026 22:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@edburns edburns Awaiting requested review from edburns

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@edburns