The previous reverts only changed the spec to ^1.0.34, but the resolved entries in the lockfiles still pointed at 1.0.38 (with 1.0.38 tarballs and integrity hashes). Since ^1.0.34 satisfies 1.0.38, npm ci would still install the broken version. Pin to exact 1.0.34 in all three package.json files and regenerate the lockfiles.
* agents: bump @github/copilot to 1.0.38
Tracks the version pinned in extensions/copilot/package.json. Updates
both root and remote/ package.json + lockfiles. Verified by re-running
the real-SDK 'listModels returns well-shaped model entries' integration
test (AGENT_HOST_REAL_SDK=1).
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: skip electron re-download when correct version already present
The macOS/Electron CI job was failing because `electron.ts` unconditionally
deletes `.build/electron` and re-downloads Electron on every invocation.
When integration tests run CSS/HTML tests via `node-electron.sh`, they call
`npm run electron` which triggers this re-download. This can fail due to
transient network errors (e.g. 502 Bad Gateway from GitHub), causing the
integration test step to fail even though Electron was already downloaded
successfully in the dedicated "Download Electron and Playwright" CI step.
Fix: add a `.version` marker file inside `.build/electron` that records the
Electron version, MS build ID, and architecture. On the next invocation,
`main()` reads this marker and returns early if it matches the expected
version, skipping the unnecessary delete-and-re-download cycle.
Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/8d0b4207-2616-497e-9a4f-bf8a39671934
Co-authored-by: roblourens <323878+roblourens@users.noreply.github.com>
* Revert "fix: skip electron re-download when correct version already present"
This reverts commit e1811ece5b. That
commit was pushed to this PR by another agent and is unrelated to the
@github/copilot bump that this PR is for.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: roblourens <323878+roblourens@users.noreply.github.com>
* Share secrets between Code and Agents app via macOS Keychain
Add a shared keychain service that stores secrets directly in the macOS
Keychain, allowing Code and its embedded Agents app to share auth tokens
without re-authentication.
Architecture:
- ISharedKeychainService (common interface) with ISharedKeychainMainService
running in the Electron main process, exposed to renderer via IPC
- SharedKeychainMainService wraps @vscode/macos-keychain native addon
- NativeSecretStorageService now writes to both the shared keychain and
the legacy safeStorage+SQLite pipeline (for rollback safety)
- On read, shared keychain is tried first, falling back to legacy
Product configuration:
- darwinSharedKeychainServiceName: per-flavor service name for data
isolation between Stable/Insiders/Exploration
- Access group auto-detected from entitlements by the native addon
Key design decisions:
- Shared keychain only used when type is 'persisted' (not in-memory)
- BaseSecretStorageService refactored to expose protected _doGet/_doSet/
_doDelete/_doGetKeys for use by subclasses within sequencer tasks
- Native addon is an optional dependency (macOS-only)
Files:
- build/azure-pipelines/darwin/app-entitlements.plist (keychain-access-groups)
- src/vs/platform/secrets/common/sharedKeychainService.ts (interface)
- src/vs/platform/secrets/electron-main/sharedKeychainMainService.ts (impl)
- src/vs/workbench/services/secrets/electron-browser/sharedKeychainService.ts (IPC proxy)
- src/vs/workbench/services/secrets/electron-browser/secretStorageService.ts (wiring)
Issue: #308028
* Address review feedback
* Add one-time migration of legacy secrets to shared keychain
On first secret operation, migrate all existing secrets from the legacy
safeStorage+SQLite pipeline into the shared macOS Keychain. This ensures
the Agents app can read secrets that were stored before the shared
keychain was introduced.
- Migration is lazy (triggered on first get/set/delete/keys)
- Guarded by a 'sharedKeychain.migrationDone' storage flag
- Idempotent: keychain writes are upserts, re-running is safe
- Best-effort per key: individual failures don't block the rest
- Skipped when type is 'in-memory'
- Also: make set() in SharedKeychainMainService best-effort (log, don't throw)
* update the current implementation
* restrict shared keychain to CROSS_APP_SHARED_SECRET_KEYS
* kick off shared keychain migration eagerly in constructor
* update @vscode/macos-keychain to 0.0.1
* Use provisioning profile for keychain access groups when available
During signing, check for build/darwin/distribution.provisionprofile.
If present, use it as the provisioning profile and keep the
keychain-access-groups entitlement in app-entitlements.plist.
If not present (e.g. OSS builds), strip the keychain-access-groups
section from a temp copy of the entitlements plist to avoid signing
failures. The shared keychain still works via the app's default
keychain without access-group isolation.
* Add entitlements diagnostic dump after signing
Dump the actual entitlements from the signed binary to validate
whether $(TeamIdentifierPrefix) is being expanded by codesign.
Hypothesis: the variable is passed literally to the entitlements
plist without expansion, causing a mismatch with the provisioning
profile and resulting in Killed: 9 on launch.
* Exclude provisioning profile from unicode hygiene check
* update package-lock.json
* Adopt multiple provision profiles
* fix: expand teamidentifier in the entitlement
* Re-sign without provisioning profile for tests
Run the entitlements step twice in CI:
1. First with provisioning profile (keychain-access-groups) for codesign/notarize
2. Then without provisioning profile for tests (in parallel with codesign)
This avoids making codesign sequential with tests while still
supporting the keychain-access-groups entitlement that requires
a provisioning profile.
- Add --skip-provisioning-profile flag to sign.ts
- Add 'Set Hardened Entitlements (for tests)' pipeline step
* Skip plist modifications when re-signing for tests
The plutil -insert calls fail on the second sign pass because the
keys already exist from the first pass. Skip plist modifications
when --skip-provisioning-profile is set since they are not needed.
* Move shared keychain migration from renderer to main process
Replace crossAppIPC-based secret handshake with direct shared keychain
writes in the main process:
- MacOSCrossAppSecretSharing now reads safeStorage+SQLite and writes to
shared keychain via SharedKeychainMainService (no crossAppIPC needed)
- Code.app migrates on startup; Agents app spawns Code.app once if
keychain is incomplete
- NativeSecretStorageService no longer does migration — just reads/writes
shared keychain for cross-app keys
* Add isMacintosh guards before using the shared keychain service
Co-authored-by: Copilot <copilot@github.com>
* Remove spec
* Tweak comments
---------
Co-authored-by: deepak1556 <hop2deep@gmail.com>
Co-authored-by: Copilot <copilot@github.com>
* adding allowRead and testing with defaults
* Rename terminal sandbox read allow list
* Remove Copilot settings change from sandbox PR
* changes
* changes
* Updating sandbox runtime package
* Updating tests
* Add macOS test cases for denyRead/allowRead behavior and ~ path handling
Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/ec5cf3c2-6c7b-4577-bdbb-8ac3d42bdfb0
Co-authored-by: dileepyavan <52841896+dileepyavan@users.noreply.github.com>
* changes for readonly home dir
* skipping integrated tests for sandbox
* running srt in tmp_dir for linux
* running srt in tmp_dir for linux
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
* Fix broken sessions list
From #311751
Co-authored-by: Copilot <copilot@github.com>
* fix tests
* agentHost: settings followups
- Unrelated: fix local agent host being broken on main following
some overnight cleanups
- Register a JSON schema for agent session settings (only when they're
open since it has a perf cost)
- When there are multiple custom approval buttons, show them in a
dropdown similar to other tool calls.
* Add tests for agent session settings schema registration
* Bump @github/copilot from ^1.0.28 to ^1.0.34
Matches the version used in extensions/copilot.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost: tolerate synthetic Copilot models with empty capabilities
After bumping @github/copilot to 1.0.34, listModels() returns a synthetic
'auto' router entry shaped like { id: 'auto', name: 'Auto', capabilities: {} }.
The SDK's ModelInfo type still declares capabilities.limits.max_context_window_tokens
as required, so reading it crashed _listModels and zeroed out the model list.
Wrap the SDK type in a local ICopilotModelInfo with the actually-optional
fields marked optional, and skip entries lacking max_context_window_tokens
with a warn log instead of throwing.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost: surface synthetic 'auto' model with optional maxContextWindow
Instead of dropping the synthetic 'auto' router model, make
IAgentModelInfo.maxContextWindow optional and pass it through as
undefined when the SDK doesn't report a fixed context window. The
agentHostLanguageModelProvider already handles undefined via '?? 0',
and the protocol state type already had the field optional.
Update the real-SDK listModels test to allow undefined maxContextWindow
and to assert the 'auto' entry is present.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Connor Peet <connor@peet.io>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Bump @github/copilot in root and remote package.json to ^1.0.28 to match
the version pinned by the bundled copilot extension (extensions/copilot).
Also adds a real-SDK integration test for listModels that subscribes to
the root state, authenticates, and asserts every model has a well-formed
shape (id, name, numeric maxContextWindow). This guards against SDK
schema drift like the issue in 1.0.34, where the server returned models
with optional capabilities.limits, causing _listModels to throw a
TypeError that _refreshModels silently swallowed (resulting in no models
in the UI).
Drive-by: fix stale provider id 'copilot' -> 'copilotcli' in the same
test file.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Bump version to 1.118.0
* Fix engine version in lock file
* npm i
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Bump version to 1.117.0
* npm i
* wait to do engine version bump
* Revert "wait to do engine version bump"
This reverts commit 9db1c0feb6.
* Add Copilot extension tests to Linux/Windows Electron integration test runs
* Remove failing step that we moved to the main build
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* feat: welcome onboarding walkthrough variations A/B/C/D
* improve onboarding: sign-in CTA, keyboard mapping, skeleton themes, extensions step
* fix theme colors, keyboard mapping hint, clickable session cards, extension styling in B
* feat: add Variation E - in-context UI tour with spotlight overlay
* polish: cleaner theme skeletons, keyboard mapping pills, and session cards
* fix tour alignment: ID-based targeting, centered popovers, welcome tab setup
* tour: add sign-in as final step
* removed variations
* updated layout to match sessions experience
* refined
* Feature clean up and polish
* Refactor onboarding layout and styles for improved user experience
* updated ghe button
* removed other variations. changed command to Welcome Onboarding 2026
* removed keyboard maps for cursor and windsurf, added more theme options
* added support for other ides
* Add telemetry
* Addressing code review comments
* Remove 2 extension reccs and add setting to control onboarding
* Remove button click from feature cards and update command category
* - Removed the preview properties from IOnboardingThemeOption and related theme options.
- Deleted IOnboardingKeymapOption interface and ONBOARDING_KEYMAP_OPTIONS array.
- Consolidated AI collaboration preferences into a single enum and options array.
- Added new SVG files for theme previews: dark 2026, high contrast dark, high contrast light, light 2026, solarized dark, and solarized light.
* Refine agent sessions step and footer layout
- Rename Background Agents to Copilot CLI
- Move video tutorials link to bottom of content area (above footer)
- Move sign-in nudge button to footer left with visible border
- Remove agents tutorial link and sessions-docs separator
- Add footerLeft container for last-step footer elements
- Remove unused _renderSignInNudge method
- Make doc-link icon inherit link color
* Refactor onboarding service and update startup page
* Resolve merge conflicts, move theme options to product.json, default onboarding setting to false
Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/da410dab-8ffb-4cc5-9afd-6e968b0c5ed6
Co-authored-by: cwebster-99 <60238438+cwebster-99@users.noreply.github.com>
* Update src/vs/workbench/contrib/welcomeGettingStarted/browser/gettingStarted.contribution.ts
* Update src/vs/workbench/contrib/welcomeGettingStarted/browser/startupPage.ts
Co-authored-by: Josh Spicer <23246594+joshspicer@users.noreply.github.com>
* Fix timing for onboarding widget on startup
* update distro to https://github.com/microsoft/vscode-distro/commit/84f56fc18b7c65a62bf54eb70db2d4d24378a0d2
* pass --skip-welcome
---------
Co-authored-by: cwebster-99 <cowebster@microsoft.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: cwebster-99 <60238438+cwebster-99@users.noreply.github.com>
Co-authored-by: Josh Spicer <23246594+joshspicer@users.noreply.github.com>
During signing, check for build/darwin/distribution.provisionprofile.
If present, use it as the provisioning profile and keep the
keychain-access-groups entitlement in app-entitlements.plist.
If not present (e.g. OSS builds), strip the keychain-access-groups
section from a temp copy of the entitlements plist to avoid signing
failures. The shared keychain still works via the app's default
keychain without access-group isolation.
Add a shared keychain service that stores secrets directly in the macOS
Keychain, allowing Code and its embedded Agents app to share auth tokens
without re-authentication.
Architecture:
- ISharedKeychainService (common interface) with ISharedKeychainMainService
running in the Electron main process, exposed to renderer via IPC
- SharedKeychainMainService wraps @vscode/macos-keychain native addon
- NativeSecretStorageService now writes to both the shared keychain and
the legacy safeStorage+SQLite pipeline (for rollback safety)
- On read, shared keychain is tried first, falling back to legacy
Product configuration:
- darwinSharedKeychainServiceName: per-flavor service name for data
isolation between Stable/Insiders/Exploration
- Access group auto-detected from entitlements by the native addon
Key design decisions:
- Shared keychain only used when type is 'persisted' (not in-memory)
- BaseSecretStorageService refactored to expose protected _doGet/_doSet/
_doDelete/_doGetKeys for use by subclasses within sequencer tasks
- Native addon is an optional dependency (macOS-only)
Files:
- build/azure-pipelines/darwin/app-entitlements.plist (keychain-access-groups)
- src/vs/platform/secrets/common/sharedKeychainService.ts (interface)
- src/vs/platform/secrets/electron-main/sharedKeychainMainService.ts (impl)
- src/vs/workbench/services/secrets/electron-browser/sharedKeychainService.ts (IPC proxy)
- src/vs/workbench/services/secrets/electron-browser/secretStorageService.ts (wiring)
Issue: #308028