Tags: microsoft/vscode
Tags
[Cherry-pick] Remove last-used session type and agent logic (#323484) (… …#324826) * cherry-pick b802a62 * signing commit * Fix test * Revert PR #324669 * Revert "Revert PR #324669" This reverts commit d97c4e5. * Preserve explicit local chat session branch * Remove IStorageService --------- Co-authored-by: Don Jayamanne <don.jayamanne@outlook.com>
Cherry pick/msrc 1.123 to release 1.123 (#55) (#320698) * OTel visibility in Copilot Chat UI (#47) * [msrc/1.123] 114763 * Add maxAttributeSizeChars configuration to OpenTelemetry settings --------- (cherry picked from commit 042dc59) * Prompt before connecting to non-loopback remote host:port authorities (#46) A direct `<host>:<port>` remote authority (no resolver `+` prefix) bypasses resolver extensions and connects straight to the given server. Since this form can originate from untrusted sources (e.g. the `remoteAuthority` of a `.code-workspace` file), a crafted workspace could silently point the window's extension host backend at an attacker-controlled server. Centralize a confirmation prompt at the connection point in the renderer: when resolving a direct authority whose host is not loopback (localhost, 127.0.0.1, ::1), ask the user to confirm before connecting and abort if declined. Add `isLoopbackHost` helper and tests. (cherry picked from commit 9505d0f) * GitHub - improve host parsing (#48) (cherry picked from commit 4b6e246) * path traversal fix (#50) * fix path traversal * fix compilation (cherry picked from commit 9b31ff8) * Path - improve isEqualOrParent calculation (#49) (cherry picked from commit 0f1ba1e) * Version bump to 1.123.1 (#52) (cherry picked from commit db24d8b) * copilot: update engines.vscode to ^1.123.1 (cherry picked from commit ffa3c3f) * upgrading version to 1.123.2 * cherrypicking changes --------- (cherry picked from commit 3c631b164c239e7aeaaae7c626b46c527b361af2) Co-authored-by: Zhichao Li <Li.Zhichao@microsoft.com> Co-authored-by: Zhichao Li <zhichli@microsoft.com> Co-authored-by: Alexandru Dima <alexdima@microsoft.com> Co-authored-by: Ladislau Szomoru <lszomoru@microsoft.com> Co-authored-by: Sandeep Somavarapu <sasomava@microsoft.com> Co-authored-by: ulugbekna <ulugbekna@gmail.com> Co-authored-by: Megan Rogge <Megan.Rogge@microsoft.com>
Cherry pick/msrc 1.123 to release 1.123 (#320632) * OTel visibility in Copilot Chat UI (#47) * [msrc/1.123] 114763 * Add maxAttributeSizeChars configuration to OpenTelemetry settings --------- Co-authored-by: Zhichao Li <zhichli@microsoft.com> (cherry picked from commit 042dc59) * Prompt before connecting to non-loopback remote host:port authorities (#46) A direct `<host>:<port>` remote authority (no resolver `+` prefix) bypasses resolver extensions and connects straight to the given server. Since this form can originate from untrusted sources (e.g. the `remoteAuthority` of a `.code-workspace` file), a crafted workspace could silently point the window's extension host backend at an attacker-controlled server. Centralize a confirmation prompt at the connection point in the renderer: when resolving a direct authority whose host is not loopback (localhost, 127.0.0.1, ::1), ask the user to confirm before connecting and abort if declined. Add `isLoopbackHost` helper and tests. (cherry picked from commit 9505d0f) * GitHub - improve host parsing (#48) (cherry picked from commit 4b6e246) * path traversal fix (#50) * fix path traversal * fix compilation (cherry picked from commit 9b31ff8) * Path - improve isEqualOrParent calculation (#49) (cherry picked from commit 0f1ba1e) * Version bump to 1.123.1 (#52) (cherry picked from commit db24d8b) * copilot: update engines.vscode to ^1.123.1 (cherry picked from commit ffa3c3f) --------- Co-authored-by: Zhichao Li <Li.Zhichao@microsoft.com> Co-authored-by: Zhichao Li <zhichli@microsoft.com> Co-authored-by: Alexandru Dima <alexdima@microsoft.com> Co-authored-by: Ladislau Szomoru <lszomoru@microsoft.com> Co-authored-by: Sandeep Somavarapu <sasomava@microsoft.com> Co-authored-by: ulugbekna <ulugbekna@gmail.com>
PreviousNext