* OTel visibility in Copilot Chat UI (#47)
* [msrc/1.123] 114763
* Add maxAttributeSizeChars configuration to OpenTelemetry settings
---------
Co-authored-by: Zhichao Li <zhichli@microsoft.com>
(cherry picked from commit 042dc59dbb51f58ef03a6909d5dfb0292a6b2576)
(cherry picked from commit be6ab8b589)
* Prompt before connecting to non-loopback remote host:port authorities (#46)
A direct `<host>:<port>` remote authority (no resolver `+` prefix) bypasses
resolver extensions and connects straight to the given server. Since this form
can originate from untrusted sources (e.g. the `remoteAuthority` of a
`.code-workspace` file), a crafted workspace could silently point the window's
extension host backend at an attacker-controlled server.
Centralize a confirmation prompt at the connection point in the renderer:
when resolving a direct authority whose host is not loopback (localhost,
127.0.0.1, ::1), ask the user to confirm before connecting and abort if
declined. Add `isLoopbackHost` helper and tests.
(cherry picked from commit 9505d0fca49eadb707c450d18dcb41a46b720a9e)
(cherry picked from commit 9673132502)
* GitHub - improve host parsing (#48)
(cherry picked from commit 4b6e2467dbd828018d602f73cc25d1b11f699d2c)
(cherry picked from commit 9fea92e141)
* path traversal fix (#50)
* fix path traversal
* fix compilation
(cherry picked from commit 9b31ff896671125cbfc65f33731c4a99660d6201)
(cherry picked from commit a703741497)
* Path - improve isEqualOrParent calculation (#49)
(cherry picked from commit 0f1ba1ea103757f3023cc1f9c3eb7327c3ec4b02)
(cherry picked from commit 5927baa7af)
---------
Co-authored-by: Zhichao Li <Li.Zhichao@microsoft.com>
Co-authored-by: Zhichao Li <zhichli@microsoft.com>
Co-authored-by: Alexandru Dima <alexdima@microsoft.com>
Co-authored-by: Ladislau Szomoru <lszomoru@microsoft.com>
Co-authored-by: Sandeep Somavarapu <sasomava@microsoft.com>