Skip to content

fix(python): derive __version__ from package metadata; align Node version sentinel#1521

Merged
stephentoub merged 2 commits into
mainfrom
stephentoub/fixpythonversion
May 31, 2026
Merged

fix(python): derive __version__ from package metadata; align Node version sentinel#1521
stephentoub merged 2 commits into
mainfrom
stephentoub/fixpythonversion

Conversation

@stephentoub
Copy link
Copy Markdown
Collaborator

@stephentoub stephentoub commented May 31, 2026

Summary

The Python SDK was baking in a stale, hardcoded version number. python/copilot/__init__.py had __version__ = "0.1.0" and python/pyproject.toml had version = "0.1.0". The publish workflow only rewrites pyproject.toml at release time (sed 's/^version = .*/...'), so the public runtime __version__ never got updated and permanently reported a stale value regardless of what was actually published.

This PR implements the correct fix and brings the Node SDK in line with the dev-sentinel convention already used by the .NET and Rust SDKs.

Changes

Python (the actual fix)

  • __version__ is now derived from the installed package metadata via importlib.metadata.version("github-copilot-sdk"), so it always matches what was installed.
  • The fallback (when no package metadata is present, e.g. a raw source checkout) is a 0.0.0.dev0 dev sentinel rather than a real-looking number that would silently go stale again.
  • pyproject.toml version is now the 0.0.0.dev0 dev sentinel; CI injects the real version at publish time.

Node (consistency alignment)

  • package.json version 0.1.80.0.0-dev, and the package script's trailing npm version 0.1.00.0.0-dev.
  • scripts/set-version.js default fallback 0.1.0-dev0.0.0-dev.
  • package-lock.json (root + packages[""]) and samples/package-lock.json (packages[".."]) synced to 0.0.0-dev to keep npm ci happy.

The publish flow is unchanged — CI still injects the real VERSION at publish time; only the committed defaults become unmistakable dev placeholders.

Audit of the other SDKs

No changes needed; they were already correct:

SDK Version source Status
.NET <Version>0.0.0-dev</Version> (set via dotnet pack -p:Version=) ✅ already a dev sentinel
Rust version = "0.0.0-dev" (set via sed) ✅ already a dev sentinel
Go tag-based (go/v…), no embedded version ✅ n/a
Java …-SNAPSHOT, managed by maven-release-plugin ✅ Maven dev convention

Only Python exposed a runtime __version__, and only Node committed a real-looking number — both addressed here.

Validation

  • __version__ resolves from installed metadata; fallback returns the sentinel.
  • 0.0.0.dev0 is valid PEP 440; 0.0.0-dev is valid semver.
  • The publish workflow's sed '^version = .*' still matches exactly one line.
  • package.json and all lockfiles agree on 0.0.0-dev; JSON validated.
  • ruff check passes on the modified Python file (stdlib import correctly placed for isort).
  • No code reads copilot.__version__ and no tests assert on it.

Reviewed by two independent code-review passes (GPT-5.5 and Opus 4.7); the one issue surfaced (stale samples/package-lock.json) is fixed here.

Co-authored-by: Copilot 223556219+Copilot@users.noreply.github.com

stephentoub and others added 2 commits May 31, 2026 09:36
@stephentoub
fix(python): derive __version__ from package metadata with dev sentinel
9dd1c2e 
The Python SDK hardcoded __version__ = "0.1.0" in copilot/__init__.py and
version = "0.1.0" in pyproject.toml. The publish workflow only rewrites
pyproject.toml at release time, so the public runtime __version__ drifted
and always reported a stale version regardless of what was published.

Derive __version__ from installed package metadata via importlib.metadata,
falling back to a 0.0.0.dev0 sentinel (instead of a real-looking version)
when no metadata is present. Set the committed pyproject.toml version to the
same dev sentinel, matching the .NET and Rust SDKs; CI injects the real
version at publish time.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@stephentoub
chore(nodejs): use 0.0.0-dev version sentinel for consistency
d5c6fd5 
The Node SDK committed a real-looking version (0.1.8) in package.json and
reset to 0.1.0 in the package script, unlike the .NET and Rust SDKs which
use a 0.0.0-dev sentinel. CI injects the real version at publish via
set-version.js, so the committed value should be an unmistakable dev
placeholder rather than a stale real version.

Align package.json, the package script, set-version.js default, and the
package-lock.json files (including nodejs/samples) to 0.0.0-dev.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings May 31, 2026 13:40
@stephentoub stephentoub requested a review from a team as a code owner May 31, 2026 13:40
Copilot AI reviewed May 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes Python SDK runtime version reporting by deriving copilot.__version__ from installed package metadata, and aligns committed Node SDK development versions with the repo’s dev-sentinel convention.

Changes:

  • Python now uses importlib.metadata.version("github-copilot-sdk") with a 0.0.0.dev0 fallback.
  • Python pyproject.toml uses a PEP 440 dev sentinel that publish CI can still replace.
  • Node package metadata and lockfiles now use 0.0.0-dev consistently.
Show a summary per file
File Description
python/pyproject.toml Replaces stale hardcoded project version with Python dev sentinel and explanatory comment.
python/copilot/__init__.py Derives __version__ from installed package metadata with source-checkout fallback.
nodejs/scripts/set-version.js Updates default fallback version to Node dev sentinel.
nodejs/package.json Updates committed package version and package script reset target.
nodejs/package-lock.json Synchronizes root package lock version entries.
nodejs/samples/package-lock.json Synchronizes sample lockfile’s parent package version entry.

Copilot's findings

Files not reviewed (2)
  • nodejs/package-lock.json: Language not supported
  • nodejs/samples/package-lock.json: Language not supported
  • Files reviewed: 4/6 changed files
  • Comments generated: 0

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 31, 2026

Cross-SDK Consistency Review ✅

This PR makes no changes to public API surface — it only updates version sentinel strings in package.json, package-lock.json, pyproject.toml, and __init__.py.

The PR description already includes a thorough audit of all SDK version strategies:

SDK Status
Python ✅ Fixed — now derives __version__ from installed package metadata
Node.js ✅ Fixed — sentinel aligned to 0.0.0-dev
.NET ✅ Already used 0.0.0-dev sentinel
Rust ✅ Already used 0.0.0-dev sentinel
Go ✅ Tag-based, no embedded version
Java ✅ Uses Maven -SNAPSHOT convention

No cross-SDK consistency concerns. The changes appropriately align Python and Node with the convention already established by the other SDKs.

Generated by SDK Consistency Review Agent for issue #1521 · ● 915.5K ·

@stephentoub stephentoub merged commit a488081 into main May 31, 2026
44 checks passed
@stephentoub stephentoub deleted the stephentoub/fixpythonversion branch May 31, 2026 16:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stephentoub