Commit Graph

9 Commits

Author SHA1 Message Date
dileepyavan 7422e06ada [main] Cherry-pick MSRC fixes (#320659)
* OTel visibility in Copilot Chat UI (#47)

* [msrc/1.123] 114763

* Add maxAttributeSizeChars configuration to OpenTelemetry settings

---------

Co-authored-by: Zhichao Li <zhichli@microsoft.com>
(cherry picked from commit 042dc59dbb51f58ef03a6909d5dfb0292a6b2576)
(cherry picked from commit be6ab8b589)

* Prompt before connecting to non-loopback remote host:port authorities (#46)

A direct `<host>:<port>` remote authority (no resolver `+` prefix) bypasses
resolver extensions and connects straight to the given server. Since this form
can originate from untrusted sources (e.g. the `remoteAuthority` of a
`.code-workspace` file), a crafted workspace could silently point the window's
extension host backend at an attacker-controlled server.

Centralize a confirmation prompt at the connection point in the renderer:
when resolving a direct authority whose host is not loopback (localhost,
127.0.0.1, ::1), ask the user to confirm before connecting and abort if
declined. Add `isLoopbackHost` helper and tests.

(cherry picked from commit 9505d0fca49eadb707c450d18dcb41a46b720a9e)
(cherry picked from commit 9673132502)

* GitHub - improve host parsing (#48)

(cherry picked from commit 4b6e2467dbd828018d602f73cc25d1b11f699d2c)
(cherry picked from commit 9fea92e141)

* path traversal fix (#50)

* fix path traversal

* fix compilation

(cherry picked from commit 9b31ff896671125cbfc65f33731c4a99660d6201)
(cherry picked from commit a703741497)

* Path - improve isEqualOrParent calculation (#49)

(cherry picked from commit 0f1ba1ea103757f3023cc1f9c3eb7327c3ec4b02)
(cherry picked from commit 5927baa7af)

---------

Co-authored-by: Zhichao Li <Li.Zhichao@microsoft.com>
Co-authored-by: Zhichao Li <zhichli@microsoft.com>
Co-authored-by: Alexandru Dima <alexdima@microsoft.com>
Co-authored-by: Ladislau Szomoru <lszomoru@microsoft.com>
Co-authored-by: Sandeep Somavarapu <sasomava@microsoft.com>
2026-06-09 14:26:48 -07:00
Matt Bierner 13a604e50c Revert "Revert "Port github extension to use esbuild" (#298920)"
This reverts commit 51f5cafd6f.
2026-03-09 08:10:36 -07:00
Christof Marti 51f5cafd6f Revert "Port github extension to use esbuild" (#298920) 2026-03-03 12:40:44 +01:00
Matt Bierner 9e0a44acc3 Port github extension to use esbuild
Had to make same fixes as with #296355. We can't pull in const enums from a d.ts file like this
2026-03-02 11:28:35 -08:00
Johannes Rieken cb0950e9d7 Migrate github extension to ESM (2nd attempt) (#248312)
* Revert "GitHub - revert ESM migration (#247322)"

This reverts commit 2047ab0fff.

* use `"@vscode/extension-telemetry": "^1.0.0"` which doesn't use default export anymore
2025-05-07 15:52:46 +02:00
Ladislau Szomoru 2047ab0fff GitHub - revert ESM migration (#247322)
* Revert "fix github extension bundling (#247314)"

This reverts commit 0cffb673f5.

* Revert "migrate github-extension to ESM"

This reverts commit 493874c390.

* Add missing JS file
2025-04-24 19:24:59 +02:00
Johannes 493874c390 migrate github-extension to ESM 2025-04-16 16:04:12 +02:00
Rachel Macfarlane 629e1d7e16 Remove old getSessions and login methods from auth provider API 2020-06-24 15:33:09 -07:00
João Moreno a85a2e6044 move credential provider to github 2020-05-18 21:04:29 +02:00