Merge branch 'main' into dev/mjbvz/legitimate-squirrel

2026-04-24 10:38:59 +01:00 · 2025-11-17 16:32:38 -08:00
parent 1cc342a089 302ffe667c
commit c679b20148
2121 changed files with 88588 additions and 43466 deletions
--- a/extensions/markdown-language-features/notebook/tsconfig.json
+++ b/extensions/markdown-language-features/notebook/tsconfig.json
@@ -4,7 +4,6 @@
 		"outDir": "./dist/",
 		"jsx": "react",
 		"module": "esnext",
-		"allowSyntheticDefaultImports": true,
 		"lib": [
 			"ES2024",
 			"DOM",
--- a/extensions/markdown-language-features/package-lock.json
+++ b/extensions/markdown-language-features/package-lock.json
@@ -10,7 +10,7 @@
      "license": "MIT",
      "dependencies": {
        "@vscode/extension-telemetry": "^0.9.8",
-        "dompurify": "^3.2.4",
+        "dompurify": "^3.2.7",
        "highlight.js": "^11.8.0",
        "markdown-it": "^12.3.2",
        "markdown-it-front-matter": "^0.2.4",
@@ -386,9 +386,9 @@
      }
    },
    "node_modules/dompurify": {
-      "version": "3.2.4",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.4.tgz",
-      "integrity": "sha512-ysFSFEDVduQpyhzAob/kkuJjf5zWkZD8/A9ywSp1byueyuCfHamrCBa14/Oc2iiB0e51B+NpxSl5gmzn+Ms/mg==",
+      "version": "3.2.7",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.7.tgz",
+      "integrity": "sha512-WhL/YuveyGXJaerVlMYGWhvQswa7myDG17P7Vu65EWC05o8vfeNbvNf4d/BOvH99+ZW+LlQsc1GDKMa1vNK6dw==",
      "license": "(MPL-2.0 OR Apache-2.0)",
      "optionalDependencies": {
        "@types/trusted-types": "^2.0.7"
--- a/extensions/markdown-language-features/package.json
+++ b/extensions/markdown-language-features/package.json
@@ -759,7 +759,7 @@
    "compile": "gulp compile-extension:markdown-language-features && npm run build-preview && npm run build-notebook",
    "watch": "npm run build-preview && gulp watch-extension:markdown-language-features",
    "vscode:prepublish": "npm run build-ext && npm run build-preview",
-    "build-ext": "node ../../node_modules/gulp/bin/gulp.js --gulpfile ../../build/gulpfile.extensions.js compile-extension:markdown-language-features ./tsconfig.json",
+    "build-ext": "node ../../node_modules/gulp/bin/gulp.js --gulpfile ../../build/gulpfile.extensions.mjs compile-extension:markdown-language-features ./tsconfig.json",
    "build-notebook": "node ./esbuild-notebook.mjs",
    "build-preview": "node ./esbuild-preview.mjs",
    "compile-web": "npx webpack-cli --config extension-browser.webpack.config --mode none",
@@ -767,7 +767,7 @@
  },
  "dependencies": {
    "@vscode/extension-telemetry": "^0.9.8",
-    "dompurify": "^3.2.4",
+    "dompurify": "^3.2.7",
    "highlight.js": "^11.8.0",
    "markdown-it": "^12.3.2",
    "markdown-it-front-matter": "^0.2.4",
--- a/extensions/markdown-language-features/src/preview/documentRenderer.ts
+++ b/extensions/markdown-language-features/src/preview/documentRenderer.ts
@@ -8,8 +8,9 @@ import * as uri from 'vscode-uri';
 import { ILogger } from '../logging';
 import { MarkdownItEngine } from '../markdownEngine';
 import { MarkdownContributionProvider } from '../markdownExtensions';
-import { escapeAttribute, getNonce } from '../util/dom';
+import { escapeAttribute } from '../util/dom';
 import { WebviewResourceProvider } from '../util/resources';
+import { generateUuid } from '../util/uuid';
 import { MarkdownPreviewConfiguration, MarkdownPreviewConfigurationManager } from './previewConfig';
 import { ContentSecurityPolicyArbiter, MarkdownPreviewSecurityLevel } from './security';

@@ -82,7 +83,7 @@ export class MdDocumentRenderer {
 		this._logger.trace('DocumentRenderer', `provideTextDocumentContent - ${markdownDocument.uri}`, initialData);

 		// Content Security Policy
-		const nonce = getNonce();
+		const nonce = generateUuid();
 		const csp = this._getCsp(resourceProvider, sourceUri, nonce);

 		const body = await this.renderBody(markdownDocument, resourceProvider);
--- a/extensions/markdown-language-features/src/preview/preview.ts
+++ b/extensions/markdown-language-features/src/preview/preview.ts
@@ -110,15 +110,17 @@ class MarkdownPreview extends Disposable implements WebviewResourceProvider {
 			}
 		}));

-		const watcher = this._register(vscode.workspace.createFileSystemWatcher(new vscode.RelativePattern(resource, '*')));
-		this._register(watcher.onDidChange(uri => {
-			if (this.isPreviewOf(uri)) {
-				// Only use the file system event when VS Code does not already know about the file
-				if (!vscode.workspace.textDocuments.some(doc => doc.uri.toString() === uri.toString())) {
-					this.refresh();
+		if (vscode.workspace.fs.isWritableFileSystem(resource.scheme)) {
+			const watcher = this._register(vscode.workspace.createFileSystemWatcher(new vscode.RelativePattern(resource, '*')));
+			this._register(watcher.onDidChange(uri => {
+				if (this.isPreviewOf(uri)) {
+					// Only use the file system event when VS Code does not already know about the file
+					if (!vscode.workspace.textDocuments.some(doc => doc.uri.toString() === uri.toString())) {
+						this.refresh();
+					}
 				}
-			}
-		}));
+			}));
+		}

 		this._register(this._webviewPanel.webview.onDidReceiveMessage((e: FromWebviewMessage.Type) => {
 			if (e.source !== this._resource.toString()) {
--- a/extensions/markdown-language-features/src/util/dom.ts
+++ b/extensions/markdown-language-features/src/util/dom.ts
@@ -11,11 +11,3 @@ export function escapeAttribute(value: string | vscode.Uri): string {
 		.replace(/'/g, '&#39;');
 }

-export function getNonce() {
-	let text = '';
-	const possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
-	for (let i = 0; i < 64; i++) {
-		text += possible.charAt(Math.floor(Math.random() * possible.length));
-	}
-	return text;
-}
--- a/extensions/markdown-language-features/src/util/uuid.ts
+++ b/extensions/markdown-language-features/src/util/uuid.ts
@@ -0,0 +1,58 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+/**
+ * Copied from src/vs/base/common/uuid.ts
+ */
+export function generateUuid(): string {
+	// use `randomUUID` if possible
+	if (typeof crypto.randomUUID === 'function') {
+		// see https://developer.mozilla.org/en-US/docs/Web/API/Window/crypto
+		// > Although crypto is available on all windows, the returned Crypto object only has one
+		// > usable feature in insecure contexts: the getRandomValues() method.
+		// > In general, you should use this API only in secure contexts.
+
+		return crypto.randomUUID.bind(crypto)();
+	}
+
+	// prep-work
+	const _data = new Uint8Array(16);
+	const _hex: string[] = [];
+	for (let i = 0; i < 256; i++) {
+		_hex.push(i.toString(16).padStart(2, '0'));
+	}
+
+	// get data
+	crypto.getRandomValues(_data);
+
+	// set version bits
+	_data[6] = (_data[6] & 0x0f) | 0x40;
+	_data[8] = (_data[8] & 0x3f) | 0x80;
+
+	// print as string
+	let i = 0;
+	let result = '';
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += '-';
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += '-';
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += '-';
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += '-';
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	result += _hex[_data[i++]];
+	return result;
+}