* Refactor Copilot managed-settings for maintainability
Centralize structured (object/array) managed-setting handling behind a
single descriptor table so adding a key touches one place, consolidate the
duplicated equality helpers onto `equals`, and add shared
`hasManagedSettingsDefinitions` and `managedSettingValue` helpers. Strictly
behavior-preserving.
Incorporates a 3-model maintainability review:
- `adaptManagedSettings` builds the scalar remainder via `{ ...response }`
plus delete (CopyDataProperties) instead of for..in + assignment, so a
server-sent own `__proto__` key cannot trigger the inherited setter. This
matches the original `...rest` semantics; adds a regression test.
- `managedSettingValue` is memoized per key so its policy-definition
reference identity is real rather than incidental to the call site.
- Corrected JSDoc and skill docs that overstated `responseField` as
compiler-checked; it is a hand-maintained union backstopped by tests.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Clarify why structured managed-settings keys must declare type: 'string'
The bag-carrying `type` is load-bearing, not cosmetic: `projectManagedSettings`
gates each value with `typeof value === type` and drops mismatches, and the
native MDM watcher reads the registry/plist value as that type. Spell out that
omitting it (or declaring the object/array type) makes a structured key fail
projection and silently never apply.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review: allocation-free empty check, __proto__ test, doc accuracy
- hasManagedSettingsDefinitions: reuse the allocation-free isEmptyObject
helper instead of Object.keys(...).length (the bot's only valid nit).
- Add a primitive `__proto__` regression test proving a server-sent
`{"__proto__": true}` scalar is dropped, never pollutes the result
(disproves the reviewer's prototype-pollution concern).
- Fix github-managed-settings.md: omitting `type` or declaring
`'object'`/`'array'` is a compile error (the field is required and
constrained to `'string' | 'number' | 'boolean'`), not a runtime drop;
only `'number'`/`'boolean'` compile-but-drop-at-runtime.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Surface managed-settings source in Policy Diagnostics
Centralize the server-over-MDM precedence into a shared selectManagedSettings
helper (plus a ManagedSettingsSource union) and reuse it in both
AccountPolicyService and the Policy Diagnostics report, so the report can never
drift from the source that policy evaluation actually applies.
Rewrite the diagnostics "Managed Settings" section to:
- show the Active source (GitHub Server API / Native MDM / None)
- break down each channel (server fetch status + raw response, native MDM bag)
- label the raw response as the last *successful* fetch, so a later failed
fetch (e.g. a 404) no longer looks like it contradicts an empty effective bag
- compute the true effective bag via the shared projectManagedSettings
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix mock policy server "Generate example" not persisting
The "Generate example" button filled the editor and the localStorage draft but
never called debouncedSave(), so the generated body was never POSTed to
/api/state and the endpoint kept serving the empty preset. Add the missing
debouncedSave() to match applyPreset() and the editor input handler.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Strip prose from Policy Diagnostics and collect managed-settings parse errors
The Developer: Policy Diagnostics "Managed Settings" section now renders
data only (tables and JSON blocks, no explanatory paragraphs).
It also collects non-fatal parsing/normalization warnings from every stage
of the managed-settings pipeline, jsonc-style (accumulate, never throw), and
surfaces them in a new "Parse Errors" section:
- adapt: re-runs adaptManagedSettings on the raw server response
- project: re-runs projectManagedSettings against the declared policy keys
- parse: re-parses JSON-payload string values with the jsonc parser
This explains why a key is silently dropped. For example a server
extraKnownMarketplaces entry with source "github" but no "repo" now shows
the "requires \"repo\"" warning instead of just vanishing from the bag.
Adds a focused test for that github-without-repo normalization case.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Tighten Policy Diagnostics managed-settings rendering (review follow-up)
Code-quality pass on the managed-settings diagnostics section:
- Extract a jsonBlock() helper for the repeated fenced-JSON rendering
(4 call sites collapsed).
- Parse only the known JSON-payload keys (enabledPlugins,
strictKnownMarketplaces, extraKnownMarketplaces) instead of a
leading-brace heuristic. This mirrors what PolicyConfiguration actually
parses, avoids mis-sniffing scalar values, and catches malformed payloads
that don't start with a brace.
- Unify the raw-response guard on isObject() so the printed raw response and
the adapt-stage warning harvest use one predicate.
- Drop the defensive object copy in projectManagedSettings(); it is read-only,
so normalize undefined with `?? {}` instead of spreading.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix native MDM availability in Policy Diagnostics; tidy table headers
The diagnostics report showed "Native MDM | Available | no (desktop only)"
even on desktop. ICopilotManagedSettingsService was registered only in the
electron-main process and hand-plumbed into AccountPolicyService, but never
placed in the renderer service collection, so the report's
accessor.get(ICopilotManagedSettingsService) always threw and mislabeled the
channel as unavailable.
Register the CopilotManagedSettingsChannelClient (the renderer's handle to the
main-process service) in the service collection in both desktop.main.ts and
sessions.main.ts. The diagnostics now resolves it on desktop and Agents windows
and reports real native MDM availability and values; web still has no native
channel and correctly reports unavailable.
Also tidy the report builder: extract a PROPERTY_VALUE_TABLE_HEADER constant for
the five repeated two-column table headers, and drop the now-misleading
"(desktop only)" annotation on the availability row.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: add dev mock server for copilot_internal policy endpoints
Adds scripts/mock-policy-server, a standalone dev tool (npm run
mock-policy-server) that mocks the Copilot policy endpoints
DefaultAccountService calls: entitlements (/copilot_internal/user), token
(/copilot_internal/v2/token), MCP registry (/copilot/mcp_registry) and
managed settings (/copilot_internal/managed_settings).
A small web GUI lets devs pick presets or edit each JSON response, and
Wire/Unwire buttons point product.overrides.json at the local server
(preserving the rest of defaultChatAgent, since bootstrap-meta merges
overrides shallowly). The managed-settings JSON schema is loaded from
--schema/MANAGED_SETTINGS_SCHEMA, defaulting to
./copilot-agent-runtime/schema/managed-settings-schema.json relative to
the app cwd; web URLs and file URIs are accepted, and the GUI warns about
keys not declared in the schema.
The three browser/shared .js files are added to
.eslint-allowed-javascript-files since the GUI loads them directly.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: address mock-policy-server review feedback
- Scope permissive CORS to the mocked GET endpoints only; keep /api/*
same-origin so a website can't drive /api/wire and rewrite
product.overrides.json (CSRF).
- Coerce an empty editor body to {} instead of "" so mocked responses
stay JSON objects.
- Build the endpoint meta line with textContent/DOM nodes instead of
innerHTML.
- Drop the misused tablist/tab ARIA roles; the nav now has an aria-label
and the active item uses aria-current.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: document mock policy server in add-policy skill
Add local-testing.md to the add-policy skill with basic steps for using
the mock policy server (scripts/mock-policy-server) to exercise the
account/managed-settings flow locally, and link it from SKILL.md and
github-managed-settings.md.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: polish mock server GUI — schema validation, wiring backup, localStorage persistence
* policy: auto-save, rename wiring to product.overrides.json, copy path button
* mock-policy-server: convert server.js to TypeScript; add raw response diagnostics
- Convert server.js → server.ts (runs via --experimental-strip-types)
- Add endpoints.d.ts type declarations for the UMD endpoints module
- Add managedSettingsRawResponse to IDefaultAccountProvider/IDefaultAccountService
- Show raw response in Developer: Sync Account Policy output
- Remove server.js from eslint allowed-javascript-files
* mock-policy-server: convert all JS to TypeScript
- endpoints.js → endpoints.ts with proper interfaces (replaces .d.ts)
- public/app.js → public/app.ts with full type annotations
- Server uses module.stripTypeScriptTypes() to serve .ts as plain JS
to the browser — no build step needed
- Remove all mock-policy-server entries from .eslint-allowed-javascript-files
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: support token auth for CLI SDK mock server to enable auto-model in smoke tests
- Add `advanced.debug.overrideAuthType` setting to control HMAC vs token
auth when overrideProxyUrl is set (default: HMAC for dev, token for tests)
- Update mock server model definitions to match real CAPI response shape
(family, vendor, version, supported_endpoints, billing, etc.)
- Add `selected_model` to mock `/models/session` response (required by SDK
auto-mode resolution)
- Add Responses API SSE handler for gpt-5.3-codex which uses `/responses`
instead of `/chat/completions`
- DRY up mock model definitions with shared `ALL_MODELS` array
* fix: add inspectConfig to test mock for copilotCliAuth and skip the other CLI smoke tests for now
* Don't run in PRs for now
* Copilot CLI sanity testing
* Make things better
* see if 1.0.48 correctly fails
* Try to be smarter with git auth
* Test if copilot cli sanity test auth correctly.
* Test if copilot cli sanity test FAILS correctly
* Try to get sanity tests pass?
* Copilot CLI from chat extension sanity test
* Try more smoke test for copilot cli
* More smoke test related things?
* title is messing with chat disabled..?
* Why is there timeout for .editor-instance .interactive-session
* add copilot cli ui smoke auth diagnostics
* Be more descriptive when copilot cli smoke test fail
* remove integration test, upgrade smoke test
* Clean up Copilot CLI smoke test diagnostics
* Get even more inspiration from agent smoke test
* add logs
* fix _currentNewSession race in async send flows
Async commit-wait flows (_sendFirstChat, _sendFirstChatViaController,
_sendSubsequentChat) unconditionally cleared _currentNewSession on
completion. When a newer session was created while the previous one was
still awaiting commit, the clear stomped the newer session's pointer —
causing 'Session not found' errors on the next send.
Extract _clearCurrentNewSessionIfMatch() that only clears when the
value still points at the session that initiated the async flow.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* enable claude test
* update logging
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agents: add smoke test for Agents Window with mocked LLM server
Adds a smoke test that opens the Agents Window, creates a new session
on a workspace folder, sends a 'hello world' prompt, and verifies the
request reaches a local mock LLM server that returns a canned response.
The test exercises two session types: Copilot CLI and Claude Code. A
third Local-session test is included but marked `it.skip` for now.
Key pieces:
* `test/smoke/src/areas/agents/agents.test.ts` — new smoke suite. Starts
`scripts/chat-simulation/common/mock-llm-server.js` on a random port,
registers a per-test scenario with a distinct reply, and injects
`VSCODE_COPILOT_CHAT_TOKEN` / `GITHUB_PAT` / `IS_SCENARIO_AUTOMATION`
env vars so the Copilot extension's token manager picks up a fake
token whose endpoints.api/proxy point at the mock server.
* `test/automation/src/agents.ts` — new `Agents` workbench helper with
`openCurrentFolderInAgentsWindow`, `switchToAgentsWindow`,
`startNewSession`, `selectSessionType`, `submitNewSessionPrompt`,
`waitForAssistantText`.
* `test/automation/src/code.ts` + `electron.ts` — `LaunchOptions` now
accepts an `extraEnv` map that is merged on top of `process.env`
when spawning the Electron child, so tests can inject env-based mocks
without going through a custom launcher.
* `src/vs/sessions/browser/sessionsSetUpService.ts` —
`shouldSkipSessionsWelcome` now returns `true` whenever
`enableSmokeTestDriver` is set, so the welcome/auth dialog does not
block smoke runs.
* `scripts/chat-simulation/common/mock-llm-server.js` — adds two
models to `EXTRA_MODELS` (`gpt-5.3-codex` for Copilot CLI default,
`claude-sonnet-4.5` for Claude Code), and routes `/v1/messages` to a
new `handleMessagesApi` that streams Anthropic-format SSE
(`message_start` / `content_block_delta` / `message_stop`) which the
Claude Code session type's messages-API parser expects.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix copilot cli test
* skip claude test
* sessions: fix new-session removal regression and rename smoke test
1. Revert the `_refreshSessionCache` filter change from d5747b31c4
back to `adapter instanceof AgentSessionAdapter`. The broadened
`adapter !== this._currentNewSession` check raced with the
unconditional `this._currentNewSession = undefined` in the
`_sendFirstChat*` paths: a late callback from a previous session's
commit would wipe the pointer and the next refresh would evict the
new session's temp adapter, navigating the Agents Window back to the
homepage mid-request.
2. Rename the Agents Window smoke test infrastructure for clarity:
- `test/automation/src/agents.ts` -> `agentsWindow.ts`
(class `Agents` -> `AgentsWindow`,
`workbench.agents` -> `workbench.agentsWindow`)
- `test/smoke/src/areas/agents/agents.test.ts` ->
`areas/agentsWindow/agentsWindow.test.ts`
Verified with 10 consecutive smoke-test loops: 8/10 fully green
(Copilot CLI + Claude + Local), 2 intermittent UI timing flakes
unrelated to the navigation regression.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agents smoke: address PR #317545 review feedback
- switchToAgentsWindow: replace fixed 2s sleep with waitForElement on
the Agents workbench DOM (`.agent-sessions-workbench`) so the helper
returns as soon as the new window is interactable.
- resolveElectronConfiguration: apply `extraEnv` last, after the
TESTRESOLVER_* assignments in the remote branch, so caller-provided
env vars truly have final precedence.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agents smoke: skip Agents Window tests for OSS quality
The Copilot extension is not built in OSS CI (it's in excludedExtensions
and its dist/extension.js is only produced by its own esbuild pipeline).
Without it all three session-type providers fail to activate, causing
every Agents Window test to time out.
Skip the suite when quality is OSS, matching the pattern used by
setupExtensionTests and setupLocalizationTests.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* copilotcli: add proxy endpoint to getAuthInfo for mock server routing
Without `endpoints.proxy`, the SDK's model-fetch calls
(`/models/session`, `/copilot_internal/v2/token`) fall back to
the real GitHub API which rejects the fake HMAC with a 401. This
caused intermittent smoke test failures (1 in 10) because the
Copilot CLI language models never registered, making the chat-setup
readiness gate depend on Claude's model registration timing.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* copilotcli: don't cache failed model fetches
When `getAvailableModels` throws (e.g. transient network failure or
HMAC validation error with a proxy), the empty result was permanently
cached in `_availableModels`. Subsequent calls to `getModels()` would
return the cached empty array without retrying, leaving the Copilot CLI
language model provider with zero models for the rest of the session.
Clear `_availableModels` on error so the next call retries the fetch.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agents smoke: reset workspace before opening Agents Window
Earlier smoke test suites (e.g. Tasks) modify .vscode/tasks.json and
leave uncommitted changes. A dirty workspace prevents worktree creation
and triggers the uncommitted-changes confirmation flow which aborts the
Copilot CLI session on builds.
Reset via `git checkout . --quiet` in the before hook, matching the
pattern used by notebook and search smoke tests.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Sandeep Somavarapu <sandy081@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Bump version to 1.117.0
* npm i
* wait to do engine version bump
* Revert "wait to do engine version bump"
This reverts commit 9db1c0feb6.
* Add Copilot extension tests to Linux/Windows Electron integration test runs
* Remove failing step that we moved to the main build
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Add argument parsing, suite filtering, and grep support to integration test scripts
- Add --run, --runGlob, --grep, --suite, and --help argument parsing
- --suite selects extension host test suites (comma-separated, glob patterns)
- --grep forwards test name filter to all runners via MOCHA_GREP env var
- Validate --suite filter matches at least one known suite
- Add MOCHA_GREP support to testrunner.js, CSS and HTML test runners
- Seed user settings to suppress dock bounce notifications
- Always apply *.integrationTest.js glob for node.js tests
- Add integration-tests skill documentation
* Address Copilot review feedback
- Quote cd $ROOT, rm -rf $VSCODEUSERDATADIR, rmdir %VSCODEUSERDATADIR%
- Quote --runGlob pattern to prevent premature glob expansion
- Use GREP_ARGS array for safe grep forwarding in .sh
- Use conditional call with proper quoting for grep in .bat
- Deduplicate suite list into KNOWN_SUITES variable
- Remove unused EXTRA_ARGS and ARGS variables from .bat
* Fix Windows CI: remove unnecessary enabledelayedexpansion
The original script used plain 'setlocal'. Adding 'enabledelayedexpansion'
may affect path resolution behavior on Windows CI. Since no delayed
expansion (\!var\!) syntax is used, revert to the original 'setlocal'.
* Fix Windows CI: capture %~dp0 before call :label corrupts it
In Windows batch, 'call :label' can change what %~dp0 resolves to.
Our should_run_suite subroutine uses 'call :should_run_suite', which
caused %~dp0 to resolve to the wrong directory for extension paths
that appear after the subroutine call. Capture the script directory
once at startup into %SCRIPT_DIR% and use it everywhere.
- Migrates to use AHP types that are synced via `npx tsx scripts/sync-agent-host-protocol.ts`
- One big churn was migrating out of URIs as rich objects in the protocol.
We can't really shove our own `$mid`-type objects in there. I also explored doing a
generated translation layer but I had trouble getting one I was happy with.
- This tightens up some type safety in general and fixes some areas where vscode had
silently/sloppily diverged from the protocol types.
The test/e2e/ directory was too deep for TypeScript to resolve imports
back to src/vs/. Move to test/ (one level up) where imports work.
E2E runner scripts (.cjs) and scenarios stay in test/e2e/.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Keeps all E2E test code (mocks, runners, scenarios, extensions) in one
place, separate from production Sessions code. Updates import paths,
server path, and ESLint config.
Note: ESLint import-patterns warnings remain because the relative
imports from test/e2e/ depth don't match the restriction glob syntax.
This is cosmetic — the imports are valid TypeScript.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
New files:
- web.test.ts: TestSessionsBrowserMain with MockChatEntitlementService
- web.test.factory.ts: Factory using TestSessionsBrowserMain
- sessions.web.test.internal.ts: Test entry point
Server uses test entry point when --mock, which injects a mock
IChatEntitlementService returning ChatEntitlement.Free with
installed=true, so Sessions thinks the user is signed in.
Also adds ESLint import patterns for sessions web entry points.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pre-sets the workspace to github-remote-file://mock-repo/ so the
Sessions UI starts with a folder already open, backed by the mock
file system provider from the E2E extension.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
New extension at extensions/sessions-e2e-mock/ provides:
- Mock GitHub auth provider (fake token, skips sign-in)
- Mock chat participant (canned responses based on input keywords)
- Mock file system for github-remote-file:// (in-memory files)
Server loads the extension when --mock flag is passed. The generate
and test runners both use --mock automatically.
New npm scripts:
- serve:mock — opens Sessions in browser with mocks loaded
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The serve script now opens with ?skip-sessions-welcome to bypass
the sign-in overlay during manual testing.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Created new YAML files to define the structure and components of the session management interface.
- Included various toolbars, buttons, and alerts to enhance user interaction.
- Implemented features such as session actions, agent sessions, and folder picker options.
- Ensured accessibility with appropriate cursor pointers and disabled states for buttons.
Paul
Josh Spicer
Christof Marti
BeniBenj
Alex Ross
Alexandru Dima
Paul
Anthony Kim
Sandeep Somavarapu
Connor Peet
Peng Lyu
Rob Lourens
Osvaldo Ortega
Robo
Henning Dieterichs
Benjamin Pasero
Dmitriy Vasyura
Daniel Imms