On Windows + Firefox the integration test runner intermittently hits NS_ERROR_CONNECTION_REFUSED on page.goto right after launching a fresh code-server. The server prints 'Web UI available at <url>' before the HTTP listener is fully accepting connections, causing a race when sub-suites (e.g. Git tests) start a new server back-to-back.
Add a small retry loop around the initial page.goto to absorb the transient connection-refused error and reduce CI flakiness.
* Force-kill Electron app if close hangs in sanity tests
When a renderer crash occurs mid-test, app.close() can hang for the entire mocha timeout (~10 min), turning a single failed test into a partially-succeeded build. Add a closeElectronApp helper that races close() with a 60s timeout and falls back to killProcessTree.
* Address review: clear timeout, guard force-kill
Clear the race timeout when app.close() resolves quickly so it does not keep the event loop alive, and wrap killProcessTree in try/catch so a failure during force-kill does not mask the original test failure.
* feat(agent-host): gate inbound filesystem RPCs with a permission service
Reverse `resource{Read,List,Write,Delete,Move}` from remote agent hosts
were routed straight to `IFileService` with no authorization. Add a
permission service that gates each reverse RPC, returns typed
`PermissionDenied` with `data.request`, handles negotiation via the new
`resourceRequest` reverse RPC, and surfaces a Deny / Allow / Always Allow
prompt above the chat input.
URIs are canonicalized through `IFileService.realpath` before comparison
so `..` and symlinks can't escape grants. Implicit read grants are
auto-registered for customization URIs the client sends to the host, so
plugin sync remains friction-free. Always-Allow grants persist into a
new user setting, `chat.agentHost.localFilePermissions`.
* comments and tests
* fix: avoid TOCTOU race in smoke test click by using page.click
The smoke test for statusbar 'quick input' was flaky because click() in
PlaywrightDriver used two separate operations:
1. getElementXY( CDP round-trip to get {x, y}selector)
2. page.mouse.click(x, another CDP commandy)
Between these two steps, the page's JS event loop is free to process
queued tasks (~1ms window). In the failing case, the markdown-language-
features extension registers a Language Status '{}' item in the status
bar during this window, shifting the EOL item's x position. The click
then lands on '{}' instead of EOL.
Clicking '{}' invokes ShowTooltipCommand which calls hover.show(true),
trapping keyboard focus in a hover so the EOL quick input neverwidget
opens and the test times out.
Fix: use page.click(selector) for the common no-offset case. Playwright's
native click waits for the element's bounding box to be stable across
multiple frames before dispatching the click, eliminating the race.
Validated with 50 consecutive runs (0 failures vs. ~1-in-22 before).
Also delete ELECTRON_RUN_AS_NODE from the environment before launching
the test binary. When this env var is set, Electron acts as a plain
Node.js binary and rejects Chromium flags like --remote-debugging-port
that Playwright injects, preventing dev-mode smoke tests from launching.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* address review: fix double-offset bug and reduce page.click timeout
- Fix pre-existing double offset: getElementXY already incorporates both
xoffset/yoffset into the returned coordinates, so don't add them again
in mouse.click when both offsets are provided.
- Reduce page.click timeout from 2000ms to 100ms so each poll attempt
in waitAndClick's retry loop (200 100ms = 20s budget) stays within
its intended time budget.
- Use xoffset ?? 0 / yoffset ?? 0 instead of falsy checks.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: fall back to legacy click for elements with degenerate bounding box
The previous attempt to use page.click() for all clicks broke smoke tests that
target elements like Monaco's hidden .native-edit-context contenteditable, which
Playwright refuses to interact with (even with force: true) because the element
has a degenerate bounding box. Try page.click first (preserves the TOCTOU fix
for status bar items), then fall back to getElementXY + mouse.click on failure.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: don't skip Playwright actionability checks on click
Removing 'force: true' from page.click - the actionability checks (specifically
the 'stable' check that waits for the bounding box to be unchanged across 2
frames) are exactly what fixes the original TOCTOU race. Skipping them caused
clicks to fire during layout shifts and not register their handlers properly,
breaking unrelated tests like the Problems View statusbar click.
The fallback to legacy getElementXY + mouse.click still handles elements that
genuinely fail actionability checks (e.g. Monaco's hidden .native-edit-context).
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: narrow TOCTOU guard in statusbar.clickOn instead of broad click() change
Revert the playwrightDriver.click() change (which regressed multiple unrelated CI
tests) and instead add a narrowly-scoped fix in statusbar.clickOn(): for
editor-area status items, poll getElementXY until two consecutive samples are
identical before clicking. This guards against the language status ({}) item
shifting EOL/encoding/etc. between position lookup and click dispatch, without
affecting any other test surface.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use page.click with stable-coords fallback to eliminate statusbar TOCTOU
Use Playwright's page.click (which re-verifies elementFromPoint immediately
before dispatching, closing the TOCTOU window) for editor-area status bar
items. Fall back to a stable-coordinates click when page.click's actionability
check the known case is Monaco's .native-edit-context overlayfails
(z-index: -10) which elementFromPoint returns instead of the intended target.
Before the fallback, input state is reset (mouse.move to 0,0 + small wait)
so partial hover/mousedown from the failed attempt don't corrupt subsequent
events.
The stable-coordinates fallback polls getElementXY until two consecutive
samples match, then clicks at those exact minimising (thoughcoordinates
not eliminating) the TOCTOU window in the fallback path too.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* address review: narrow fallback to pointer-intercept errors, use wait() helper, clarify robustClick docs
- robustClick now only falls back on 'intercepts pointer events' errors;
all other errors are rethrown so real failures aren't silently masked
- Wrap fallback error to preserve both the original and fallback messages
- Replace raw setTimeout with existing wait() helper
- Clarify Code.robustClick JSDoc: not a polling replacement for waitAndClick
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* simplify: remove unnecessary input-state reset before fallback click
The 'intercepts pointer events' error fires at Playwright's actionability
check phase, before any mouse events are dispatched to the so therepage
is no partial hover/mousedown state to reset.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Only dismiss the welcome dialog in sanity tests if it is shown
Co-authored-by: Copilot <copilot@github.com>
* Remove Agents app validation on Linux
* Don't run Agents app tests on stable
Co-authored-by: Copilot <copilot@github.com>
* Keep Agents app testing, but disable validation instead.
* Disable agents app test for stable builds
---------
Co-authored-by: Copilot <copilot@github.com>
* Try to make multiroot smoke test less flaky
The 'Multiroot > shows results from all folders' smoke test on macOS
browser was failing because openFileQuickAccessAndWait() retries 9 times
in ~160ms with no backoff when it sees 'No matching results'. On a fresh
remote/browser server start, the workspace folders may not have been
attached yet (extension host still starting), so file search legitimately
returns 'No matching results' and all 9 retries fire before the workspace
is ready.
Add an incremental backoff between retries so slow workspace/file-search
initialization on CI has a chance to catch up.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update test/automation/src/quickaccess.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* chronicle
* local and cloud store
* upload vscode events to remote store
* few updates
* consent ui and settings
* few optimizations
* test fix
* feedback updates
* test fix
* check setting to enable cmd
* fix test
* Settings update and tool update
* command update
* Settings update
* merge main
* feedback updates
* setting and test update
* few updates
* updates
* test update
* blocks ci update
* feedback updates
* comment update
* fix: restrict onboarding to first-launch users and fix sanity tests
- Add isNew(StorageScope.APPLICATION) guard to only show onboarding for
genuinely new users, not existing users upgrading
- Move all guard conditions into tryShowOnboarding() for clarity
- Change ONBOARDING_STORAGE_KEY scope from PROFILE to APPLICATION
- Add --skip-welcome to sanity test Electron launch args to prevent
onboarding overlay from blocking workspace trust dialog
Fixes onboarding showing for existing users and sanity test timeouts
introduced by PR #307262.
* use getBoolean for ONBOARDING_STORAGE_KEY check
dependabot[bot]
Dmitriy Vasyura
Robo
Raymond Zhao
Henning Dieterichs
Connor Peet
dileepyavan
Rob Lourens
Johannes Rieken
Vijay Upadya
Josh Spicer
João Moreno
Benjamin Pasero
Henning Dieterichs