COPILOT SDK ADDS SPEND CAPS AND MCP OAUTH; CLI/APP TIGHTEN RELIABILITY AND COST CONTROLS
GitHub shipped governance and stability upgrades across Copilot SDK, CLI, and the desktop app that make agent workflows easier to secure, observe, and budget. ...
GitHub shipped governance and stability upgrades across Copilot SDK, CLI, and the desktop app that make agent workflows easier to secure, observe, and budget.
The Copilot SDK v1.0.5 adds host-driven MCP OAuth via onMcpAuthRequest and per-session limits for AI credits, plus optional citations and agent exclusions. A preview build, v1.0.6-preview.0, exposes an experimental onGitHubTelemetry hook for session-level telemetry redirection.
The Copilot CLI got safer and faster under load: v1.0.68 improves session resilience and shows plan budget details, while v1.0.69-0 prevents tgrep OOMs on big monorepos by falling back to ripgrep.
The desktop app’s v1.0.13 adds a /compact command to trim token use and clearer session spend lines, alongside quality-of-life updates like chat archiving and Present mode.
You can now enforce per-session spend caps and restrict built-in agents, reducing surprise bills and drift.
First-class MCP OAuth and telemetry hooks make enterprise auth and observability much easier to wire in.
-
terminal
Set sessionLimits in the SDK and verify caps trip correctly under load; confirm excluded agents stay hidden.
-
terminal
Run Copilot CLI on a large monorepo to confirm the tgrep→ripgrep fallback avoids OOM and preserves search speed.
Legacy codebase integration strategies...
- 01.
Plumb onMcpAuthRequest into your existing identity provider and rotate to bearerTokenProvider (rename in v1.0.5).
- 02.
Enable preview telemetry redirection and ship events to your logging pipeline to compare with current audit trails.
Fresh architecture paradigms...
- 01.
Build internal agents on the SDK with spend caps, citations on, and a minimal allowed-agent set from day one.
- 02.
Adopt the CLI for repo automation on big codebases; the new fallback path helps with monorepo scale.
Get daily GITHUB-COPILOT-SDK + SDLC updates.
- Practical tactics you can ship tomorrow
- Tooling, workflows, and architecture notes
- One short email each weekday