Major upgrade:
- deps.dev GetDependencies: full tree in one call (direct + transitive)
- deps.dev GetVersion: cross-ecosystem package→repo mapping (7 ecosystems)
- deps.dev GetProject: OSSF Scorecard health data per project
- Direct vs transitive column (✅ vs ⛓️)
- Health column from Scorecard Maintained check
- Actionable minimum: '💡 Sponsoring just N people covers all funded deps'
- Graceful fallback to registry APIs if deps.dev unavailable
Inspired by jshchnz/tribute, adds:
- Link verification: every funding URL is fetched before presenting
- Web search fallback: finds funding even without FUNDING.yml
- How Verified column: transparency about data source
- 5 ecosystems: npm, Python, Rust, Go, Ruby (was npm-only)
- Corporate-maintained package detection
- No Verified Funding Found section for unfunded deps
Teaches Copilot how to scan a repo's dependencies and find which ones
accept sponsorship via GitHub Sponsors, Open Collective, etc.
Workflow:
1. Fetch package.json from target repo
2. Resolve each dep to source GitHub repo via npm registry
3. Check npm funding field + .github/FUNDING.yml
4. Group by maintainer, present report with sponsor links
Tested against expressjs/express: found 9/28 deps sponsorable (32%)
across 3 funding destinations.
Adds a Copilot CLI skill that teaches absolute beginners how to use
GitHub Copilot CLI through guided, interactive lessons right in the
terminal. Features:
- Dual-track learning: Developer (8 lessons) and Non-Developer (7 lessons)
- Interactive exercises using ask_user
- SQL-based progress tracking
- On-demand Q&A with live doc fetching
- Beginner-friendly with CLI glossary and fallback handling
Source repo: https://github.com/DUBSOpenHub/copilot-cli-quickstart
The samples page never called setupModal(), so the close button,
Escape key, and backdrop click handlers were never registered.
Add the missing setupModal() call matching all other pages.
Add a new cookbook recipe that generates WCAG accessibility reports using
the Playwright MCP server. Includes streaming output, structured report
formatting, and optional Playwright test generation.
- C#, TypeScript, Python, and Go implementations
- Markdown documentation for each language
- Updated cookbook.yml, copilot-sdk README, and package.json
- Add WorkingDirectory/working_directory to pin sessions to project root
- Add OnPermissionRequest/on_permission_request for unattended operation
- Add tool execution event logging for visibility
- Add See Also cross-links to error-handling and persisting-sessions
- Add best practices for WorkingDirectory and permission auto-approval
- Consistent across all 4 languages (Node.js, Python, .NET, Go)
Git operations (commit, push) belong in the prompt instructions, not
hardcoded in the loop orchestrator. The SDK recipes should focus purely
on the SDK API: create client, create session, send prompt, destroy.
