You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on May 24, 2026. It is now read-only.
The copilot SDK's internal permission system returns denied-no-approval-rule-and-could-not-request-from-user when the permission callback binding is lost in headless persistent mode. PolyPilot correctly sets AutoApprovePermissions on all session configs, but the headless server loses the binding after reconnections.
Symptoms
Tool executions return "Permission denied and could not request permission from user"
Intermittent — happens after the persistent server has been running for a while
Pattern: 2-4 consecutive denials, sometimes with an OK interspersed
Auto-recovery: dispose broken session, resume with fresh OnPermissionRequest callback, resend last prompt
Max 2 recovery attempts per session before giving up
Root cause
SDK source at /opt/homebrew/lib/node_modules/@github/copilot/sdk/index.js:
pW() handles permission results, Fmr() handles the no-approval-rule case
The permission callback registered via OnPermissionRequest appears to be lost server-side
Desired fix
Fix the SDK to maintain the permission callback binding across reconnections in headless mode. This would eliminate the need for client-side detection and recovery.
Problem
The copilot SDK's internal permission system returns
denied-no-approval-rule-and-could-not-request-from-userwhen the permission callback binding is lost in headless persistent mode. PolyPilot correctly setsAutoApprovePermissionson all session configs, but the headless server loses the binding after reconnections.Symptoms
Current workaround
OnPermissionRequestcallback, resend last promptRoot cause
SDK source at
/opt/homebrew/lib/node_modules/@github/copilot/sdk/index.js:pW()handles permission results,Fmr()handles the no-approval-rule caseOnPermissionRequestappears to be lost server-sideDesired fix
Fix the SDK to maintain the permission callback binding across reconnections in headless mode. This would eliminate the need for client-side detection and recovery.
References