- Move copilotChatSessions, remoteAgentHost, and agentHost providers from
contrib/ into a new contrib/providers/ subfolder for clearer separation
- Add ESLint layer rule 'contrib/providers/*/~' (before 'contrib/*/~') so
sibling contrib folders cannot import directly from providers
- Update all entry points (sessions.common.main.ts, sessions.desktop.main.ts,
sessions.web.main.ts) to reference new provider paths
- Port all upstream changes from origin/main to the new provider locations
- Add contrib/providers entry to build/lib/i18n.resources.json
- Rewrite docs: README.md, LAYOUT.md, LAYERS.md, SESSIONS.md, SKILL.md,
sessions.instructions.md; add source-code-organization, coding-guidelines,
and writing-tests instruction files; remove stale SESSIONS_PROVIDER.md and
AGENTS_CHAT_WIDGET.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Records the rule that arose from review on #314411: don't mutate globals or use any-casts to install fakes in tests; inject the dependency via an optional constructor parameter.
- Introduced `buildNext.instructions.md` to provide comprehensive notes on the new build pipeline.
- Documented key learnings, including issues with comment stripping, authorization errors, and build-time placeholders.
- Explained integration with the old build system and outlined important fixes related to source maps and resource copying.
- Included testing instructions and future work items to address outstanding issues.
Addresses copilot-pull-request-reviewer feedback on PR #313383:
- otelSpanToChatDebugEvent.ts: replace 6 magic-number 'span.status.code === 2 /* ERROR */' / '=== 1 /* OK */' checks with SpanStatusCode.ERROR / SpanStatusCode.OK. Switched the SpanStatusCode import from type-only to value to enable runtime use of the enum members.
- genAiAttributes.ts: correct HOOK_RESULT_KIND doc to include 'non_blocking_error' (chatHookService also produces this value); soften HOOK_INPUT/HOOK_OUTPUT docs since emitters do not currently gate on captureContent.
- .github/skills/otel/SKILL.md: replace the blanket 'always gate content on captureContent' guideline with the actual two-pattern convention used in the codebase: (1) tool args / hook input-output are always emitted (truncated only) for debug-panel essentials, (2) full prompt/response bodies and system instructions are gated on captureContent. Aligns the skill doc with how toolsService.ts and chatHookService.ts actually behave.
Did NOT add captureContent gating to chatHookService.ts hook input/output (reviewer suggestion 3): doing so would regress the Agent Debug Log panel for default users (captureContent is false by default), and would diverge from the existing toolsService.ts pattern that explicitly states 'Always capture tool call arguments for the debug panel'. A proper fix needs exporter-level stripping in DiagnosticSpanExporter and is out of scope for this PR.
Adds .github/skills/otel/SKILL.md describing:
- The two source-of-truth docs (agent_monitoring.md and agent_monitoring_arch.md)
- The four agent execution paths and their OTel strategies
- Canonical file map for all OTel code
- Service layer (NoopOTelService / NodeOTelService / InMemoryOTelService)
- Span / metric / event conventions, content-capture gating, debug-panel vs OTLP isolation
- Configuration surface invariants (settings + env vars + agent env-var translation)
- Procedure checklists for adding spans / metrics / events / new agent surfaces
- Validation commands and known risks/anti-patterns
Mandates that the two monitoring docs stay in sync with code changes.
Follow-up to #313128. The VSCODE_OSS fallback isn't needed for the
api.github.com calls in core-ci — secrets.GITHUB_TOKEN already
authenticates those reads with permissions: contents: read (added in
#304929), so we don't hit the anonymous rate limit on 1ES.
* chore: migrate agent-browser to @playwright/cli
Replace all uses of the `agent-browser` automation tool with `@playwright/cli`,
which supports `npx @playwright/cli attach --cdp=<port>` for connecting to
Electron/Chromium apps via CDP.
- Rewrite launch SKILL.md files (Code OSS and Copilot variants) with new
command mappings: attach --cdp, tab-list, snapshot, screenshot --filename,
fill, press
- Update auto-perf-optimize and chat-customizations-editor skills with
@playwright/cli commands; fix eval blocks to use IIFE syntax required by
the new tool
- Migrate testRemoteAgentHost.sh: connect→attach --cdp, snapshot -i→snapshot,
screenshot path→screenshot --filename=path; verified end-to-end with --skip-message
- Remove agent-browser from extensions/copilot/package.json (covered by root
devDependency); bump @playwright/cli to ^0.1.9 in root package.json
* fix: add @types/ws as explicit devDependency in copilot extension
Previously pulled in transitively via agent-browser -> webdriver.
Now that agent-browser is removed, @types/ws must be declared directly.
* ci: switch PR workflows back to 1ES self-hosted runners with JobId
Re-applies #311975 (reverted in #312033). Adds per-run+attempt JobId
labels to scope 1ES agents to specific GitHub Actions runs and prevent
intermittent runner cancellations.
Also switches the pr.yml compile job's GITHUB_TOKEN from the
ephemeral repo-scoped runner token to secrets.VSCODE_OSS so cross-repo
GitHub API release fetches (vscode-js-debug, vscode-js-debug-companion,
vscode-js-profile-visualizer, etc.) authenticate properly. On 1ES pools
the shared egress IPs hit the anonymous 60/hr api.github.com rate limit
and produced 403 fan-out across PRs last time.
* ci: fall back to GITHUB_TOKEN for fork PRs
Match the historical pattern from before #255987 — fork PRs can't
access secrets.VSCODE_OSS, so use the conditional to pick GITHUB_TOKEN
for forks.
* feat: replace host picker context menu with mobile-native bottom sheet on phone layout
Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/c0ced124-328e-43c3-a95c-34c56f55a84d
Co-authored-by: osortega <48293249+osortega@users.noreply.github.com>
* fix: guard bottom sheet dismiss against double-invocation and stop event propagation from sheet
Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/c0ced124-328e-43c3-a95c-34c56f55a84d
Co-authored-by: osortega <48293249+osortega@users.noreply.github.com>
* refactor: extract mobile host picker into MobileHostFilterActionViewItem
Move the bottom sheet UI from an inline phone-layout branch in the
desktop HostFilterActionViewItem into a proper mobile subclass in
browser/parts/mobile/, following the established mobile architecture:
- Create MobileHostFilterActionViewItem extending the desktop class,
overriding _showMenu() to show a bottom sheet instead of a context menu
- Remove IsPhoneLayoutContext branching from the desktop component
- Move bottom sheet CSS from hostFilter.css to mobileChatShell.css
- Update hostFilter.contribution.ts to instantiate the mobile variant
for the MobileTitleBarCenter menu registration
- Add Mobile Component Architecture rules to sessions.instructions.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: replace bottom sheet with dropdown anchored below trigger
The bottom sheet slid up from the bottom of the screen, far from the
picker trigger at the top, and had a transparent background. Replace
with a dropdown panel that:
- Anchors directly below the trigger element
- Has a solid background with border and shadow
- Animates in/out with a subtle fade + slide from above
- Uses 44px min-height items for touch targets
- Transparent backdrop for dismiss-on-tap without visual overlay
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: improve mobile host picker dropdown design
- Use agentsChatInput background color to match the chat input
- Add font-weight: normal to prevent bold text in items
- Add Gesture.addTarget + TouchEventType.Tap on each item button
so taps register on iOS/touch devices (CLICK alone is unreliable)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* refactor: move host picker dropdown CSS to own component file
- Create media/hostPickerDropdown.css in mobile parts folder
- Move all host picker styles from mobileChatShell.css to dedicated component file
- Add CSS import in mobileHostFilterActionViewItem.ts
- Document CSS organization pattern in sessions.instructions.md
This follows the same pattern as regular VS Code parts where each component
owns its CSS in a media/ subfolder. Keeps mobileChatShell.css focused on
shell-level phone layout styles only.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use defined CSS theme variables for host picker dropdown
Replace undefined fallback variables with proper agentsChatInput theme tokens:
- background: var(--vscode-agentsChatInput-background)
- foreground: var(--vscode-agentsChatInput-foreground)
- border: var(--vscode-agentsChatInput-border)
These variables are registered in src/vs/sessions/common/theme.ts and
properly available in all themes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use globally available CSS theme variables for host picker
Replace agentsChatInput variables (only available in .agent-sessions-workbench scope)
with globally available input and foreground variables since the backdrop is
rendered directly on body, outside the workbench scope.
- background: var(--vscode-input-background)
- foreground: var(--vscode-foreground)
- border: var(--vscode-input-border)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use inline styles from theme service for host picker
CSS variables aren't available in the body scope where the dropdown is rendered.
Instead, fetch theme colors via IThemeService and apply them as inline styles:
- Get theme colors at dropdown creation time
- Set backgroundColor, borderColor, foregroundColor via style attribute
- Apply hoverBackgroundColor and linkColor via event listeners
- Remove all CSS variable references
This ensures colors work in vscode.dev and all environments where CSS variables
may not be injected.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: remove unused focusBorderColor variable
The focus border styling is handled by the CSS :focus-visible rule,
so the TypeScript variable is not needed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: render dropdown inside workbench container for CSS variables
The dropdown was appended to document.body, which is outside the
.monaco-workbench element where --vscode-* CSS custom properties
are defined. This caused all theme variables to be undefined.
Fix: query for the .monaco-workbench container and append the
backdrop there instead. This restores CSS variable inheritance
and moves all color declarations back to the CSS file where
they belong.
Also reverts the IThemeService inline-styles approach — colors
are now purely in hostPickerDropdown.css using standard CSS
variables.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: center host picker dropdown and remove status text
1. Center the dropdown horizontally on screen using left: 50% +
translateX(-50%) instead of anchoring to the trigger's left edge.
2. Remove the 'connecting…' / 'disconnected' status text from dropdown
items — the titlebar connection icon already conveys this info, and
the status text was causing the dropdown to extend beyond screen.
3. Clean up unused AgentHostFilterConnectionStatus import and status CSS.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: include translateX(-50%) in dropdown animation keyframes
The entrance/exit animations were overriding the centering transform
during playback, causing the dropdown to appear right-aligned then
jump to center when the animation ended.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: remove stray closing brace in mobileChatShell.css
Leftover from extracting host picker CSS into its own file.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: address PR review comments
1. Fix dismiss race condition: guard the timeout callback so it only
clears the dropdown if it still owns the current store, and register
the timeout for disposal when the dropdown is reopened early.
2. Use correct ARIA pattern: switch from listbox/option to menu/menuitemradio
which better matches the single-select interaction pattern.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Remove 22 !important declarations from mobileChatShell.css where the
.phone-layout class already wins by specificity. Kept !important only
where it fights SplitView inline styles, Part.layoutContents inline
sizing, or an equal-specificity desktop rule. Added a top-of-file
policy comment documenting the three legitimate reasons to use
!important here so future additions don't accrete out of habit.
Verified against a 393x852 iPhone emulation with the mock agent host:
welcome screen, sidebar overlay, session opening, and chat input
layout are unchanged.
Also updated the vscode-dev-workbench skill to call out that npm run
dev must run in the vscode-dev folder (not vscode) and that the mock
agent host is a separate process that must be started in addition to
the dev server.
* Implement account policy gate for AI features
- Introduced AccountPolicyGateContribution to manage account policy state and notifications.
- Added support for "Require Approved Account" policy, restricting AI features based on account approval.
- Enhanced AccountPolicyService to handle gate state and reasons for unsatisfaction.
- Updated configuration for chat features to include policy definitions.
- Added tests to validate gate behavior under various account scenarios.
* Refactor account policy gate logic to focus on approved organizations and update related descriptions
* Add Account Policy Gate service and integrate with existing policy services
* Add account policy gate information to PolicyDiagnosticsAction
* Fix CI: layer violation, ESLint, i18n entry, policyData export
- Move ChatAccountPolicyGateActiveContext to services/policies/common to
avoid services-layer import from contrib (chatContextKeys re-exports).
- Replace 'in' operator in test helper with explicit undefined check.
- Add vs/workbench/services/policies entry to i18n.resources.json.
- Append ChatDisableAIFeatures and ChatApprovedAccountOrganizations to
build/lib/policies/policyData.jsonc.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add account policy settings for approved organizations and AI feature control
* Switch ChatApprovedAccountOrganizations to type:'array'
Use the platform's array-typed policy contract instead of a custom
comma-separated string format. Mirrors PolicyConfiguration's existing
normalisation: PolicyValue is always string|number|boolean, so array
policies arrive at the policy service as JSON-stringified arrays.
- chat.contribution.ts: type:'string' -> type:'array', items:string
- accountPolicyService: simpler parser (JSON.parse + Array.isArray)
- tests: pass arrays via JSON.stringify in setupGate helper
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Don't restrict policies during policyNotResolved boot window
When the user IS signed into an approved org but account-side policy
data hasn't loaded yet (policyNotResolved), skip applying restricted
values. Policies with `value` callbacks naturally return undefined
when policyData is null, so no account-level overrides slip through.
This eliminates:
- Transient 'Unable to write chat.disableAIFeatures' error on boot
- Flash of the gate notification that auto-dismisses seconds later
- Brief UI hide/show cycle as ChatDisableAIFeatures toggles
For stable restricted reasons (noAccount, wrongProvider, orgNotApproved)
restrictions still apply immediately.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add Contact Administrator and Learn More links to gate notification
Replace the 'Don't Show Again' button with:
- 'Contact Your informational guidanceAdministrator'
- 'Learn opens enterprise docs overview pageMore'
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Show approved organizations in gate notification
Add approved org list to IAccountPolicyGateInfo so the notification can
display which organizations the admin requires. Shown as a suffix like
'Approved organizations: github, microsoft.' when the list is concrete
(not the wildcard '*').
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Move 'contact your administrator' from button to message text
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix: check org membership before policyData resolution
Move the org-membership check before the policyData null check in
computeGateInfo. This ensures users NOT in an approved org are
restricted immediately (orgNotApproved), even while policy data is
loading. The policyNotResolved reason now only applies to users who
ARE in an approved making it safe to skip restrictions for thatorg
transient state without leaving a security gap.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Directly set chatSetupHidden context key when gate is restricted
entitlement pipeline to
force chat.disableAIFeatures=true (which has timing issues in the
multiplex policy service), directly toggle the chatSetupHidden context
key from the gate contribution. This is the same key that drives
sentiment.hidden across the entire chat UI.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Use IChatEntitlementService.setForceHidden to hide chat when gate restricted
Add setForceHidden(hidden) API to IChatEntitlementService so the gate
contribution can cleanly force the hidden state without fighting with
the entitlement context's own update cycle. The gate contribution calls
setForceHidden(true) when restricted and setForceHidden(false) when
satisfied/inactive.
Inside ChatEntitlementContext, _forceHidden is checked in
withConfiguration alongside the existing chat.disableAIFeatures
either one forces hidden: true on the state.setting
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix setForceHidden fallback when no ChatEntitlementContext
In Code OSS Dev (and any build without productService.defaultChatAgent),
ChatEntitlementContext is never created, so setForceHidden was a no-op.
Fall back to directly setting the chatSetupHidden context key when
the context is unavailable.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add trace logging to AccountPolicyGateContribution
Logs state, reason, and isRestricted on every gate apply so we can
diagnose why setForceHidden might not be taking effect.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Gate chat view on accountPolicyGateActive context key
The chat view's `when` clause had an OR with panelParticipantRegistered
that bypassed the hidden state once the Copilot extension registered.
Wrap the entire condition with accountPolicyGateActive.negate() so the
chat view is hidden whenever the gate is restricted, regardless of
extension registration state.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Re-show notification on account swap, include account name and org list
- Track dismissal by reason+account combo so swapping to a different
account (while still blocked) triggers a fresh notification.
- Show the current account name in the orgNotApproved message so the
user knows which account is being evaluated.
- Format approved org list as bulleted lines for readability.
- Vary message text by reason (noAccount vs orgNotApproved).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Generalize sessions blocked overlay for account policy gate
The sessions (Agents) app now shows a full-screen blocking overlay when
the account policy gate restricts access, reusing the same pattern as
the existing 'agent disabled' overlay.
- SessionsPolicyBlockedOverlay now accepts ISessionsBlockedOverlayOptions
with a reason enum (AgentDisabled | AccountPolicyGate) and optional
account name / approved organizations
- AccountPolicyGate variant shows 'Sign-In Required' title, approved org
list, contact admin text, and Sign In + Open VS Code buttons
- SessionsPolicyBlockedContribution listens to both ChatConfiguration and
IAccountPolicyGateService, prioritizing agent-disabled over gate
- Added CSS for org list and footer sections
- Updated component fixture with new variants for screenshot testing
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix notification formatting: use inline comma-separated org list
Notifications render as plain inline text, so the bullet-point and
newline formatting was collapsing into a single unreadable line.
Switch to a parenthesized comma-separated list instead.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix sessions overlay: remove workbench notification, handle gate natively
The workbench-layer AccountPolicyGateContribution (which shows a
notification toast) was imported in sessions.common.main.ts, causing
a notification to appear instead of the full-screen blocking overlay.
- Remove accountPolicyGate.contribution.js import from sessions
- SessionsPolicyBlockedContribution now handles context key,
setForceHidden, and telemetry directly (same as the workbench
contribution, but with an overlay instead of a notification)
- Overlay properly recreates on account changes
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Defer notification until account service has settled
On startup, computeGateInfo fires with reason=noAccount before the
default account service has loaded the persisted session. This caused
the notification to show 'Sign in...' even when the user was already
signed in but the account just hadn't loaded yet.
Fix: set context key + setForceHidden immediately (fail-closed), but
defer the notification until the first onDidChangeGateInfo event, which
fires after the account service has had time to resolve. A 5-second
fallback timer ensures the notification still appears if the gate
never transitions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix gate stuck on noAccount: re-evaluate after account init barrier
DefaultAccountService.setDefaultAccountProvider sets currentDefaultAccount
via provider.refresh() but does NOT fire onDidChangeDefaultAccount for
the initial load. This caused computeGateInfo() to permanently stay on
noAccount even though the user was signed in.
Fix: await getDefaultAccount() (which waits for the init barrier) then
re-evaluate the gate. This ensures the gate transitions from noAccount
to the correct state once the persisted session loads.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add 'Sign into an approved GitHub account' to notification messages
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Regenerate policyData.jsonc to match array type for ChatApprovedAccountOrganizations
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Remove ChatDisableAIFeatures policy registration
This policy was dead enforcement is handled by setForceHiddencode
and the accountPolicyGateActive context key, not the policy pipeline.
Regenerated policyData.jsonc.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address code review: fix duplicate IPC, remove unused import
- Remove duplicate updatePolicyDefinitions call on managed policy service.
AccountPolicyService now uses a read-only reference (managedPolicyReader)
for getPolicyValue/onDidChange only. MultiplexPolicyService handles
pushing definitions to all child services. (Reviews #1 & #4)
- Remove unused Emitter import and void workaround in test file (Review #2)
- Removed the fail-closed try/catch that was guarding the now-removed
updatePolicyDefinitions call (Review # the duplicate call that could3
fail-open is gone entirely)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Remove JSDoc from currentDefaultAccount interface addition
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Revert sessions overlay will revisit approachchanges
Reverts all changes to the sessions (Agents) policyBlocked overlay,
CSS, fixture, and contribution. Re-adds the workbench-layer
accountPolicyGate.contribution import so sessions still gets the
notification + context key + telemetry.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Restore sessions overlay with loading state for transient restrictions
Bring back the generalized sessions overlay with three states:
- AgentDisabled: existing 'Agents Disabled' message (unchanged)
- Loading: just the logo + animated progress bar for transient
states (noAccount before account loads, policyNotResolved)
blocks the UI without showing an incorrect message
- AccountPolicyGate: 'Sign-In Required' with sign-in button,
org list, and contact admin footer for stable restrictions
(orgNotApproved, wrongProvider)
The loading state uses the same progress bar animation as the
welcome/walkthrough overlay. This avoids the flash of 'Agents
Disabled' that appeared during the fail-closed transient window
when the user IS actually in an approved org.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Don't show overlay for noAccount/ let welcome screen handle sign-inwrongProvider
When the user hasn't signed in yet (noAccount) or is signed into the
wrong provider (wrongProvider), the sessions welcome/walkthrough screen
already handles the sign-in flow. Showing our 'Agents Disabled' or
loading overlay on top would block the user from signing in.
Only show the overlay for:
- orgNotApproved: user signed in but wrong org (stable restriction)
- policyNotResolved: loading bar while waiting for policy data
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Remove 'Open VS Code' button from account policy gate overlay
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix: don't show 'Agents Disabled' when gate is forcing restrictedValue
When the account policy gate is active, it forces chat.agent.enabled
to false via restrictedValue. The overlay was checking that config
first and incorrectly showing 'Agents Disabled'. Now we skip the
agent-disabled check when the gate is active, since the value is
being artificially restricted by our own not by an admingate
explicitly disabling agents.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Defer all stable gate-blocked states to welcome screen
When the account policy gate is unsatisfied for any user-actionable reason
(noAccount, wrongProvider, orgNotApproved), don't show the policy-blocked
overlay. Instead, defer to the sessions welcome/walkthrough screen so the
user can sign in or switch accounts via the standard sign-in flow.
The Loading overlay is still shown during the transient PolicyNotResolved
state to prevent flashing the welcome screen while data is in flight.
Removes the now-dead AccountPolicyGate overlay variant and its supporting
code (organizations list, footer styles, fixtures).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Show AccountPolicyGate overlay for orgNotApproved only
When the user is definitively signed into a non-approved org, show the
custom Sign-In Required overlay with org list and switch-account button.
noAccount/wrongProvider still defer to the welcome screen.
PolicyNotResolved still shows the loading bar.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix boot-race test to match managed policy reader pattern
The test was relying on AccountPolicyService calling updatePolicyDefinitions
on the managed service, but that no longer happens (the MultiplexPolicyService
handles it). Updated the test to explicitly seed the managed service and
Restricted after seeding.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review feedback
- Fix setForceHidden signature in test mocks to match interface
- Include approvedOrganizations in gateInfoChanged detection
- Replace raw setTimeout with disposableTimeout for proper cleanup
- Fix AgentDisabled overlay: suppress only when gate forces the value,
not when gate is merely active (handles Satisfied+AgentDisabled case)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Polish ChatApprovedAccountOrganizations policy description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Trim self-explanatory comments
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Sandeep Somavarapu
dependabot[bot]
Rob Lourens
Alexandru Dima
Dmitriy Vasyura
Henning Dieterichs
Benjamin Christopher Simmonds
BeniBenj
Henning Dieterichs
Don Jayamanne
Bryan Chen
Bryan Chen
Johannes Rieken
Ladislau Szomoru
Raymond Zhao
Zhichao Li
Zhichao Li
Matt Bierner
Michael Lively
Tyler James Leonhardt
Joaquín Ruales
Osvaldo Ortega
Megan Rogge
Peng Lyu
Josh Spicer