MattB

This commit performs a **documentation update** to reflect a change in the versioning scheme for the **nightly Nuget feed**. The `README.md` file has been modified to indicate that nightly package versions now end with the `-beta` suffix, replacing the previous `-alpha` suffix. This **maintenance** task ensures that the project's public documentation accurately represents the current state of nightly build artifacts, providing clear guidance for users consuming these pre-release packages.

This commit **improves code clarity and addresses a static analysis warning** within the **test suite** for `Microsoft.Agents.Storage.Tests`. A new comment has been added to the `entryName` assignment in `src/tests/Microsoft.Agents.Storage.Tests/TranscriptUtilities.cs` to explicitly explain its role in **test validation and safety**. This **maintenance** change specifically references CodeQL [SM02729] to suppress a potential security warning, ensuring better code quality without introducing any functional modifications to the application.

This commit introduces a **new capability** to enhance **error handling** within the `Microsoft.Agents.Core` library by capturing HTTP response headers in `ErrorResponseException` instances. It modifies the `ErrorResponseException` creation process to store these headers in the exception's `Data` dictionary and updates the `ExceptionParser` to include them in formatted exception output, significantly improving diagnostic detail in logs. Crucially, it also implements a **security enhancement** by filtering sensitive HTTP headers like `Authorization` or `Set-Cookie` from being stored or logged, preventing potential information disclosure. This ensures more comprehensive yet secure error reporting for HTTP-related issues.

This commit introduces **Server-Sent Events (SSE) streaming capabilities** to the `Microsoft.Agents.CopilotStudio.Client` library, enabling real-time subscription to Copilot Studio conversation events. It includes a **new sample application** (`CopilotStudioSubscriberClient`) demonstrating this functionality, along with extensive **refactoring** of the `CopilotClient` to support SSE, new overloads, and robust event parsing using `System.Net.ServerSentEvents`. The work also involves adding new data models, an `ICopilotClient` interface, authentication helpers for user-interactive and S2S flows, and updates to `PowerPlatformEnvironment` for generating subscribe URLs. This significant **new capability** allows developers to build more interactive and responsive integrations with Copilot Studio by reacting to conversation events in real-time. Additionally, documentation and resource handling have been improved across the codebase.

This commit introduces a **new capability** to the **Authentication.Msal library** by updating the regex in `MsalAuth.cs` to correctly handle **GUID-formatted tenant IDs** within authority URLs. Previously, only the `/common` identifier was recognized for replacement, but now the `GetAuthorityUrl` method can robustly replace both `/common` and GUIDs, enhancing flexibility in **MSAL authority URL construction**. This change is accompanied by **new test coverage** in `MsalAuthTests.cs` to validate GUID tenant ID replacement, alongside a **refactoring** to simplify mock verification counts in existing tests. This improves the **robustness and flexibility** of the authentication component for diverse tenant configurations.

This commit introduces a **new capability** to the **AgenticAI sample** by enhancing how JWT details are presented in agentic replies. The `OnAgenticMessageAsync` method in `MyAgent.cs` is updated to **decode incoming JWT tokens**, extract their claims, and then render this information as a structured **Adaptive Card** instead of plain text. This significantly improves the readability and user experience for viewing token details within agentic responses. The change involves adding a new `JWTDecodeCard.json` template and integrating the `AdaptiveCards.Templating` package to facilitate this structured display.

This commit introduces a **bug fix** and **maintenance improvement** to the **background activity processing** within the `AspNetCore` hosting library. Specifically, it modifies the `ProcessActivitiesAsync` method in `src/libraries/Hosting/AspNetCore/BackgroundQueue/HostedActivityService.cs` to wrap activity processing in a `try/finally` block. This change **guarantees that `TelemetryActivity` instances are always stopped** after processing, regardless of whether the activity is proactive or regular. The fix prevents potential resource leaks and **improves the overall stability and efficiency** of the telemetry system by ensuring proper resource cleanup.

This commit **refactors** the **telemetry Activity cloning mechanism** within `Microsoft.Agents.Core` to improve parent context accuracy. Specifically, the `Activity.Clone` extension method now uses `TraceId` and `SpanId` with `SetParentId` for establishing the parent relationship. Concurrently, the explicit copying of the source `Activity`'s start time to the cloned `Activity` has been removed. This ensures cloned activities maintain a more semantically correct parent-child relationship and aligns better with OpenTelemetry standards for distributed tracing.

This commit performs a **refactoring** within the **background queue** and **activity processing** components of the `Hosting/AspNetCore` library. Specifically, it **renames** the `DiagnosticsActivity` property to `TelemetryActivity` across `ActivityTaskQueue.cs`, `BackgroundTaskQueue.cs`, and `HostedActivityService.cs`. This update ensures **improved clarity and consistency** for distributed tracing and telemetry correlation by standardizing the naming convention. All internal references, assignments, and method calls, such as when enqueuing, dequeuing, or starting/stopping activities, have been updated with **no functional changes**.

This commit applies code review suggestions to enhance the **telemetry** and **background task queuing** infrastructure. It introduces a **bug fix** in `BackgroundTaskQueue.cs` by adding a null check in `DequeueAsync` to prevent potential errors during work item dequeuing, and refactors the `WorkItem` class to be internal with improved documentation for its `DiagnosticsActivity` property. Further **refactoring** occurs in `ActivityWithClaims.cs` within the **BackgroundQueue** module, renaming `DiagnosticsActivity` to `TelemetryActivity` for clearer semantics. Additionally, comprehensive **XML documentation** is added to the `CloneActivity` extension method in `ActivityExtensions.cs`, significantly improving code readability and maintainability across these core components.

This commit implements **path character validation** for **zip entry names** within the `TranscriptUtilities` module, addressing a CodeQL detection. It **refactors** the validation logic by centralizing it into an `EnsurePathIsSafe` method, which checks for invalid path characters and throws an `InvalidOperationException` if found. This **security improvement** prevents the processing of files or directories with malformed names, thereby enhancing **robustness** and mitigating potential runtime errors or security vulnerabilities. The change improves code maintainability and consistency by abstracting path safety checks.

This commit performs **maintenance** on the **GitHub Actions PR workflow** by updating the condition for the build job. Specifically, it modifies the workflow configuration in `.github/workflows/pr.yml` to use `github.actor` instead of `github.triggering_actor`. This change ensures that the build job's conditions accurately reference the user who initiated the pull request, improving the reliability and correctness of CI/CD triggers for pull requests.

This commit performs **maintenance** by updating the `.gitignore` file to enhance repository hygiene. It specifically adds an entry to **ignore temporary files generated by Claude Code**, preventing these transient artifacts from being inadvertently committed to version control. This change affects the **development environment** for users of Claude Code, ensuring a cleaner working directory and a more focused version control history.

This commit enhances the **Dependabot configuration** by introducing two new dependency groups within `.github/dependabot.yml`. It adds an `all-dependencies` group to consolidate all general dependency updates and a dedicated `dotnet-sdk` group for managing updates related to the **.NET SDK**. This **maintenance** change aims to streamline the automated dependency update process, making pull requests from Dependabot more organized and easier to review by grouping related updates.

This commit introduces a **workflow optimization** to the project's **CI/CD pipeline** by modifying the **pull request workflow**. A new condition has been added to `.github/workflows/pr.yml` that explicitly **skips GitHub Actions builds** when the pull request is opened by Dependabot. This **maintenance** change aims to reduce unnecessary CI/CD resource consumption and build queue times, streamlining the development process by focusing build resources on human-initiated changes.

This commit introduces a **bug fix** and **maintenance improvement** within the **`Microsoft.Agents.Core` library**. It modifies the constructor of the `TokenResponse` class to **conditionally set the `Expiration` property**. Specifically, the `Expiration` property will now only be assigned a value if a non-default expiration is explicitly provided, preventing unnecessary property assignments. This change addresses potential **timezone offset issues** and enhances the reliability of token expiration handling within the system.

This commit **improves the robustness** of the **Authentication.Msal** library by explicitly handling null `scopes` parameters within `MsalAuth.cs`. It introduces a new helper method, `DelimitedScopes`, to ensure that `scopes` are checked for null before being joined into a string, preventing potential `NullReferenceException` errors. This **bug fix** enhances the stability of authentication token retrieval methods like `GetAgenticToken` and `GetAgenticTokenFromMsal`, ensuring safe construction of the `cacheKey` and the "scope" parameter. The change prevents application crashes related to authentication when no scopes are provided.

This commit performs a **version bump** for the project, updating the version string from `1.3-beta` to `1.4-beta`. This **maintenance** task is part of the **release preparation** process, specifically affecting the **project's overall version identification**. The change is reflected in the `src/libraries/version.json` configuration file, ensuring all components correctly report the new beta version. This update signals the project's progression towards the next release cycle.

This commit **disables streaming responses** within the `Microsoft.Agents.Builder` library. It specifically targets **agentic requests** when the communication channel is identified as **Teams**. This **feature modification** addresses a current limitation where streaming responses are not supported in the Teams environment for this request type. The change ensures a more stable and compatible experience for users interacting with agentic features via Teams.

This commit **updates the project's contributing guidelines** by incorporating specific instructions for both Microsoft internal and external developers. It enhances the **documentation** within `README.md` to provide clearer guidance on how different contributor types should engage with the project. This **documentation update** aims to improve the clarity and efficiency of the contribution process, ensuring all potential contributors understand the expected procedures.