fix: add onPermissionRequest handlers to E2E tests for default-deny behavior

Tests that use built-in tools (file reads, shell commands, MCP) now need an
onPermissionRequest handler to approve tool execution, since the SDK now sends
requestPermission=true by default.

- Node.js: hooks.test.ts, tools.test.ts, session.test.ts, mcp_and_agents.test.ts
- Python: test_hooks.py, test_tools.py, test_mcp_and_agents.py + fix chat.py formatting
- Go: mcp_and_agents_test.go
- .NET: HooksTests.cs, ToolsTests.cs, McpAndAgentsTests.cs, SessionTests.cs

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: SteveSandersonMS

dotnet/test/HooksTests.cs

@@ -17,6 +17,7 @@ public async Task Should_Invoke_PreToolUse_Hook_When_Model_Runs_A_Tool()
         CopilotSession? session = null;
         session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>
@@ -52,6 +53,7 @@ public async Task Should_Invoke_PostToolUse_Hook_After_Model_Runs_A_Tool()
         CopilotSession? session = null;
         session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
             Hooks = new SessionHooks
             {
                 OnPostToolUse = (input, invocation) =>
@@ -89,6 +91,7 @@ public async Task Should_Invoke_Both_PreToolUse_And_PostToolUse_Hooks_For_Single
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>
@@ -130,6 +133,7 @@ public async Task Should_Deny_Tool_Execution_When_PreToolUse_Returns_Deny()
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
             Hooks = new SessionHooks
             {
                 OnPreToolUse = (input, invocation) =>

dotnet/test/McpAndAgentsTests.cs

@@ -279,7 +279,8 @@ public async Task Should_Pass_Literal_Env_Values_To_Mcp_Server_Subprocess()
 
         var session = await Client.CreateSessionAsync(new SessionConfig
         {
-            McpServers = mcpServers
+            McpServers = mcpServers,
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
         });
 
         Assert.Matches(@"^[a-f0-9-]+$", session.SessionId);

dotnet/test/SessionTests.cs

@@ -333,7 +333,10 @@ public async Task Should_Receive_Session_Events()
     [Fact]
     public async Task Send_Returns_Immediately_While_Events_Stream_In_Background()
     {
-        var session = await Client.CreateSessionAsync();
+        var session = await Client.CreateSessionAsync(new SessionConfig
+        {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
+        });
         var events = new List<string>();
 
         session.On(evt => events.Add(evt.Type));

dotnet/test/ToolsTests.cs

@@ -21,7 +21,10 @@ await File.WriteAllTextAsync(
             Path.Combine(Ctx.WorkDir, "README.md"),
             "# ELIZA, the only chatbot you'll ever need");
 
-        var session = await Client.CreateSessionAsync();
+        var session = await Client.CreateSessionAsync(new SessionConfig
+        {
+            OnPermissionRequest = (request, invocation) => Task.FromResult(new PermissionRequestResult { Kind = "approved" }),
+        });
 
         await session.SendAsync(new MessageOptions
         {

go/internal/e2e/mcp_and_agents_test.go

@@ -127,6 +127,9 @@ func TestMCPServers(t *testing.T) {
 
 		session, err := client.CreateSession(t.Context(), &copilot.SessionConfig{
 			MCPServers: mcpServers,
+			OnPermissionRequest: func(request copilot.PermissionRequest, invocation copilot.PermissionInvocation) (copilot.PermissionRequestResult, error) {
+				return copilot.PermissionRequestResult{Kind: "approved"}, nil
+			},
 		})
 		if err != nil {
 			t.Fatalf("Failed to create session: %v", err)

nodejs/test/e2e/hooks.test.ts

@@ -20,6 +20,7 @@ describe("Session hooks", async () => {
         const preToolUseInputs: PreToolUseHookInput[] = [];
 
         const session = await client.createSession({
+            onPermissionRequest: async () => ({ kind: "approved" as const }),
             hooks: {
                 onPreToolUse: async (input, invocation) => {
                     preToolUseInputs.push(input);
@@ -50,6 +51,7 @@ describe("Session hooks", async () => {
         const postToolUseInputs: PostToolUseHookInput[] = [];
 
         const session = await client.createSession({
+            onPermissionRequest: async () => ({ kind: "approved" as const }),
             hooks: {
                 onPostToolUse: async (input, invocation) => {
                     postToolUseInputs.push(input);
@@ -81,6 +83,7 @@ describe("Session hooks", async () => {
         const postToolUseInputs: PostToolUseHookInput[] = [];
 
         const session = await client.createSession({
+            onPermissionRequest: async () => ({ kind: "approved" as const }),
             hooks: {
                 onPreToolUse: async (input) => {
                     preToolUseInputs.push(input);

nodejs/test/e2e/mcp_and_agents.test.ts

@@ -108,6 +108,7 @@ describe("MCP Servers and Custom Agents", async () => {
 
             const session = await client.createSession({
                 mcpServers,
+                onPermissionRequest: async () => ({ kind: "approved" as const }),
             });
 
             expect(session.sessionId).toBeDefined();

nodejs/test/e2e/session.test.ts

@@ -366,7 +366,9 @@ describe("Send Blocking Behavior", async () => {
     const { copilotClient: client } = await createSdkTestContext();
 
     it("send returns immediately while events stream in background", async () => {
-        const session = await client.createSession();
+        const session = await client.createSession({
+            onPermissionRequest: async () => ({ kind: "approved" as const }),
+        });
 
         const events: string[] = [];
         session.on((event) => {

nodejs/test/e2e/tools.test.ts

@@ -15,7 +15,9 @@ describe("Custom tools", async () => {
     it("invokes built-in tools", async () => {
         await writeFile(join(workDir, "README.md"), "# ELIZA, the only chatbot you'll ever need");
 
-        const session = await client.createSession();
+        const session = await client.createSession({
+            onPermissionRequest: async () => ({ kind: "approved" as const }),
+        });
         const assistantMessage = await session.sendAndWait({
             prompt: "What's the first line of README.md in this directory?",
         });

python/e2e/test_hooks.py

@@ -21,7 +21,12 @@ async def on_pre_tool_use(input_data, invocation):
             # Allow the tool to run
             return {"permissionDecision": "allow"}
 
-        session = await ctx.client.create_session({"hooks": {"on_pre_tool_use": on_pre_tool_use}})
+        session = await ctx.client.create_session(
+            {
+                "hooks": {"on_pre_tool_use": on_pre_tool_use},
+                "on_permission_request": lambda _req, _inv: {"kind": "approved"},
+            }
+        )
 
         # Create a file for the model to read
         write_file(ctx.work_dir, "hello.txt", "Hello from the test!")
@@ -49,7 +54,12 @@ async def on_post_tool_use(input_data, invocation):
             assert invocation["session_id"] == session.session_id
             return None
 
-        session = await ctx.client.create_session({"hooks": {"on_post_tool_use": on_post_tool_use}})
+        session = await ctx.client.create_session(
+            {
+                "hooks": {"on_post_tool_use": on_post_tool_use},
+                "on_permission_request": lambda _req, _inv: {"kind": "approved"},
+            }
+        )
 
         # Create a file for the model to read
         write_file(ctx.work_dir, "world.txt", "World from the test!")
@@ -87,7 +97,8 @@ async def on_post_tool_use(input_data, invocation):
                 "hooks": {
                     "on_pre_tool_use": on_pre_tool_use,
                     "on_post_tool_use": on_post_tool_use,
-                }
+                },
+                "on_permission_request": lambda _req, _inv: {"kind": "approved"},
             }
         )
 
@@ -118,7 +129,12 @@ async def on_pre_tool_use(input_data, invocation):
             # Deny all tool calls
             return {"permissionDecision": "deny"}
 
-        session = await ctx.client.create_session({"hooks": {"on_pre_tool_use": on_pre_tool_use}})
+        session = await ctx.client.create_session(
+            {
+                "hooks": {"on_pre_tool_use": on_pre_tool_use},
+                "on_permission_request": lambda _req, _inv: {"kind": "approved"},
+            }
+        )
 
         # Create a file
         original_content = "Original content that should not be modified"