* agent host: hydrate snapshot controller for Restore Checkpoint
Currently the AgentHostSnapshotController never has any checkpoints to
restore to when "Restore Checkpoint" is invoked, so the removed request
stays visible in the chat UI. This fix wires up hydration end-to-end and
simplifies the controller's bookkeeping along the way.
- Seed a request-level checkpoint for every historical turn on session
open, not only turns with file edits. Without this, restoreSnapshot
for any turn that lacked tool calls fell through with "No checkpoint
found" and _setDisabledRequests was never called.
- Always populate _pendingHistoryTurns from the protocol state
(previously gated on hasTurnsWithEdits), and stop using Event.once on
onDidCreateModel to wait for the chat model — the once subscription
was being consumed by an unrelated model created first, leaving the
controller un-hydrated. Now we synchronously hydrate when the model
already exists, otherwise listen until the matching session arrives.
- Make ensureRequestCheckpoint advance _currentCheckpointIndex to the
new checkpoint. Previously the cursor stayed put, so requestDisablement
marked the in-flight request as disabled (the new checkpoint sat
"forward" of the cursor) and the next call would splice it away.
- Simplify to one checkpoint per request. Multiple tool calls in the
same request now fold their edits into a single checkpoint via a
seenToolCallIds Set, and restoreSnapshot/getSnapshotUri/
getSnapshotContents ignore the stopId parameter. canUndo/canRedo
derive purely from cursor position — undo/redo is request-level,
available whenever any checkpoint exists.
- Add tests covering: in-flight request isn't disabled, restore of a
no-edit request marks it disabled, stale forward branch is spliced on
new request after restore-to-start, and multi-tool-call edits undo
together.
Fixes https://github.com/microsoft/vscode/issues/318251
(Commit message generated by Copilot)
* agent host: address review feedback
- Fold multiple tool-call edits to the same file in one request into a single net before/after pair (mergeFileEdit). Without this, _writeCheckpointContent applied duplicate writes in parallel and raced.
- Refresh stale 'sentinel' wording in session handler comments.
(Commit message generated by Copilot)
chronicle: per-subcommand telemetry attribution for sessionStoreSql tool
Add a 'subcommand' enum input on copilot_sessionStoreSql so each /chronicle slash command (standup, tips, cost-tips, search, improve, reindex) tags its tool calls. Plumb it through _invokeQuery/_invokeStandup/_invokeReindex and emit it on the chronicle.sqlQuery telemetry event (with 'unknown' for ad-hoc model calls). Also add command/target/success dimensions while preserving the legacy 'source' value so existing dashboards keep working. Update each chronicle-*.prompt.md to instruct the model to set the subcommand on every call.
* chat plugins: add policy-backed enabledPlugins / marketplaces / strictMarketplaces settings
Adds three new chat.plugins.* settings, each policy-backed:
- chat.plugins.enabledPlugins (policy: objectChatEnabledPlugins)
mapping plugin IDs (`<plugin>@<marketplace>`) to enable/disable.
- chat.plugins.marketplaces (policy: array ofChatPluginMarketplaces)
marketplace references (GitHub shorthand or Git URI). User entries
survive alongside policy entries.
- chat.plugins.strictMarketplaces (policy: ChatStrictMarketplaces)
boolean restricting trust to listed marketplaces only.
All three are gated on `tags: ['experimental']`. Consumers (plugin
discovery, install, URL handler, marketplace service, quick-pick action)
now read via `inspect()` so default + user + policy layers all flow
through. A shared `readConfiguredMarketplaces` helper in
marketplaceReference.ts dedups the inspect pattern across 5 sites.
Adds three matching fields to IPolicyData so the policy framework has
slots to fill in once the wiring lands; until then they're undefined and
behave like an empty policy (no-op). Plugin discovery now distinguishes
filesystem-path entries (removable from UI) from enterprise plugin IDs
(non-removable) via a single shared loop; `IAgentPlugin.remove` is
optional accordingly.
build/lib/policies/policyData.jsonc regenerated for the new policy keys.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: implement ADR-002 enterprise managed_settings fetch & policy wiring
Wires the previously-added chat.plugins.* policy slots to the new
`/copilot_internal/managed_settings` endpoint on the authenticated
Copilot host.
Core behavior in DefaultAccountProvider:
- Fetches managed_settings alongside entitlements; shares the 1-hour
cache used by other account-policy fetches.
- Silent fallback to local-only policy on any non-2xx, network error,
parse error, or missing managedSettingsUrl.
- Rate-limit-aware: backs off all /copilot_internal/* calls when the
endpoint signals 429, 403 + X-RateLimit-Remaining: 0, or any non-2xx
with Retry-After.
- adaptManagedSettings flattens the API's structured
extraKnownMarketplaces map into the existing string-array shape that
chat.plugins.marketplaces consumes; tolerates malformed entries and
unknown response keys (forward-compatible).
- Telemetry: emits `defaultaccount:managedSettings:fetch` (owner:
joshspicer) with an `outcome` bucket (ok / no-response / parse-error /
status:NNN) and a `rateLimitBackoffActive` flag.
Surface area:
- IDefaultAccountProvider/Service expose managedSettingsFetchStatus and
managedSettingsFetchedAt; ManagedSettingsFetchStatus is a named union.
- Developer: Policy Diagnostics shows a Managed Settings section with
the URL status, last-fetched timestamp, and a JSON dump of the
applied managed-settings policy slice.
- product.json adds a managedSettingsUrl key (populated via distro).
Refactor: `readHeader` and `retryAfterFromHeaders` are moved to
`platform/request/common/request.ts` so githubRepoFetcher.ts and this
new code share one implementation.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* bump distro to 36d906669669f12466c6912bd65d9eeb47c6522d
Pulls in managedSettingsUrl from microsoft/vscode-distro#1422.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policyData
* policy: address PR review feedback
- Restore historical default for chat.plugins.marketplaces
(['github/copilot-plugins', 'github/awesome-copilot#marketplace']) so
existing users don't lose the two built-in marketplaces on update.
Regenerate policyData.jsonc accordingly.
- Seed _managedSettingsFetchStatus = 'ok' on cache-hit so Policy
Diagnostics reports the applied state after a process restart that
warm-starts from cached policyData (instead of stuck at 'not yet
fetched').
- Scope the <plugin>@<marketplace> ID-resolution rule to the enterprise
ChatEnabledPlugins setting only. User-typed entries in
chat.pluginLocations that happen to contain '@' are now treated as
filesystem paths, as a user would expect, not silently rewritten to
~/.copilot/installed-plugins/<x>/<y>/. Split _resolvePluginPath into
a path-only resolver and a dedicated _resolveEnterprisePluginId.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: revert unnecessary _pluginLocationsConfig refactor
chat.pluginLocations has no policy slot, so observableConfigValue
(which uses getValue() under the hood) is functionally equivalent to
the hand-rolled inspect() version. Reverting reduces diff thechurn
inspect-based observable is now used only for _enterpriseEnabledPluginsConfig
where the default+user+policy merge actually matters.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: split managed marketplaces into dedicated policy-only setting
Adds chat.plugins.extraMarketplaces (ChatExtraMarketplaces policy,
included: false so it's hidden from the Settings UI). This receives the
'extraKnownMarketplaces' payload from the managed_settings API.
Restores chat.plugins.marketplaces to its pre-PR shape: no policy slot,
no inspect()-juggling required in consumers, no risk of accidentally
clobbering user data. Users write to chat.plugins.marketplaces; the
enterprise writes to chat.plugins.extraMarketplaces; the effective set
is the union.
Consumer simplifications:
- readConfiguredMarketplaces returns { userValues, extraValues,
two getValue() reads, no inspect() needed.effectiveValues }
- Write-back is now just [...userValues, refValue] in all three sites.
- 'Manage Plugin Marketplaces' still surfaces the 'managed by enterprise
policy' badge by checking ref membership in extraValues.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: tidy managed_settings code paths
- fetchMarketplacePlugins: drop the over-engineered pre-dedup-by-string;
parseMarketplaceReferences already dedups by canonical id.
- agentPluginServiceImpl: pass source.remove directly to _toPlugin instead
of wrapping in a null-asserted closure.
- adaptManagedSettings: use a Set for flatten-and-dedup (insertion order
is preserved).
- getDefaultAccountFromAuthenticatedSessions: spread merge instead of
three explicit field assignments.
- developerActions: collapse the 'ok' branch into the catch-all backtick
wrap; same behavior, less code.
- marketplaceReference.ts: tighter JSDoc on IConfiguredMarketplaces.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: enforce ChatEnabledPlugins and strict-marketplace gates at discovery
Previously the enterprise-managed policy values were delivered into the
policy framework but not a plugin already installed locallyenforced
(e.g. via the marketplace discovery path) would remain active even when
the policy excluded it or strict-marketplace mode rejected its source.
Adds policy enforcement on AgentPluginService.plugins, applied after
discovery dedup/sort and gated by two observables:
- ChatEnabledPlugins policy: when set, filters the surfaced plugin set
to only those whose '<name>@<marketplace>' ID appears in the policy
map with value true. Plugins without a marketplace provenance
(filesystem entries from chat.pluginLocations) are unaffected.
- ChatStrictMarketplaces: when on, filters out plugins whose source
marketplace is not trusted. Trust is sourced ONLY from
chat.plugins.extraMarketplaces (the policy-only user-setslot)
entries in chat.plugins.marketplaces do NOT grant trust under strict
mode. This matches the ADR-002 semantics: strict mode hands full
marketplace control to the enterprise.
Also updates the chat.plugins.strictMarketplaces description text to
match the new behavior (was still pointing at the user setting).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract managed_settings adapter to dedicated helper
Moves IManagedSettingsResponse and adaptManagedSettings out of
defaultAccount.ts and into a new managedSettings.ts in the same folder.
Adapter is a pure transformation function with no service dependencies,
so it belongs in its own file alongside the HTTP/wiring code.
Renames the test file to managedSettings.test.ts to match what it
actually tests and tightens the suite name.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: tidy enforcement filter and sync strict-marketplace policy description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: show policy-blocked plugins as disabled instead of hiding them
Blocked plugins (ChatEnabledPlugins / strict marketplaces) now stay
visible but are forced disabled via their enablement observable, and the
enable affordance notifies the user instead of re-enabling.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: enforce enabledPlugins/strictMarketplaces for Copilot-CLI plugins
CLI-installed plugins under `~/.copilot/installed-plugins/<marketplace>/<plugin>/`
have no `fromMarketplace` metadata, so they previously bypassed enterprise
policy. Derive their identity from the install-path bucket (matching the
convention used by `_resolveEnterprisePluginId`) so enabledPlugins gating
applies, and add a bucket-name heuristic for strict marketplaces.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* log raw managed_settings response at trace level
Helps debug schema drift / unknown server fields that get dropped by
adaptManagedSettings(). Trace-only so it's off by default.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* improve managed_settings warning for missing repo/url
When a github source is missing 'repo' or a git source is missing 'url',
emit a specific warning naming the missing field instead of the misleading
'unknown source type' message.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* preserve marketplace name through managed_settings policy delivery
The managed_settings adapter previously flattened extraKnownMarketplaces
entries to bare "<owner>/<repo>" or "<url>" strings, losing the marketplace
name. That broke enabledPlugins matching because plugin IDs are keyed as
"<plugin>@<marketplace-name>" but our parsed reference's displayLabel was
derived from the URL/repo instead.
Changes:
- adapter now emits { name, source } objects preserving the full shape
- IPolicyData.extraKnownMarketplaces accepts string | object entries
- parseMarketplaceReferences gains object-handling, using name as displayLabel
- workspacePluginSettingsService shares the object parser
- policy schema relaxed to allow object items
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: clarify chat.plugins.enabledPlugins description
The previous 'Merged with entries from chat.pluginLocations' was misleading:
the two settings use different key namespaces (plugin IDs vs filesystem paths)
and the enabledPlugins policy also acts as an allowlist that gates
marketplace-discovered not a symmetric merge.plugins
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: add description for chat.plugins.extraMarketplaces
The setting was missing a markdownDescription, so the Settings UI card
rendered empty when shown under 'Managed by organization'. Also updated
the policy localization to mention the new { name, source } object form.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: shorten chat.plugins.extraMarketplaces description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: drop policy name from extraMarketplaces description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: re-fetch plugin marketplaces when ExtraMarketplaces policy changes
pluginMarketplaceService.onDidChangeMarketplaces only listened for
PluginsEnabled and PluginMarketplaces config changes, so the
ExtraMarketplaces values delivered by the ChatExtraMarketplaces policy
never triggered a the union was stale until the next user editrefetch
to chat.plugins.marketplaces or a workspace-trust change.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract IExtraKnownMarketplaceEntry to base/common/managedSettings
Move the enterprise-managed marketplace entry type out of defaultAccount.ts
into a dedicated managedSettings.ts so the type lives alongside other
managed-settings-specific code.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: cleanup pass
- Sync policyData.jsonc ChatExtraMarketplaces description with the
source declaration in chat.shared.contribution.ts (object-form
entries were missing from the policy artifact).
- Reorder Event import in agentPluginServiceImpl.ts to keep base/common
imports alphabetical.
- Fix stale doc reference (COPILOT_CLI_INSTALLED_PLUGINS_DIR -> the
function it actually mirrors).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: accept host-only git URLs in extraKnownMarketplaces
ADR-002 describes the `git` source `url` as a free-form `(string)`
the example happens to be a full clone URL, but the schema doesn't
require a repo path. Our marketplace-URI parser was rejecting host-only
HTTPS endpoints (e.g. `https://plugins.internal.example.com`), so
enterprise policy entries with marketplace-registry-style URLs were
silently dropped before they ever reached the UI.
Relax `parseUriMarketplaceReference` to accept host-only URLs and
treat them as a marketplace endpoint identified by host alone. The
canonical id becomes `git:<host>/` so distinct hosts still dedupe
correctly. Existing path-aware behavior is preserved unchanged.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: fix string entry guard in extraKnownMarketplaces policy.value; fix test cloneUrl expectation
- Handle string-typed entries in extraKnownMarketplaces (IPolicyData allows string | IExtraKnownMarketplaceEntry)
- Fix test expectation: URI.parse normalizes host-only URLs to include trailing slash
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: read extraMarketplaces dict and convert to nested entry shape
The setting schema is now `{ [name]: url-or-shorthand }` (object), so
readConfiguredMarketplaces must convert each entry to the nested
IExtraMarketplaceObjectEntry shape that parseMarketplaceReferences expects.
Uses a regex to detect GitHub shorthand (owner/repo[#ref]) vs URI.
TypeError in CI:
'extraValues is not iterable' on [...userValues, ...extraValues].
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract extraKnownMarketplacesToConfigDict helper + add regression tests for Settings Editor display
Extract the policy.value conversion for ChatExtraMarketplaces out of
chat.shared.contribution.ts into a reusable, unit-testable helper. The
helper converts the IExtraKnownMarketplaceEntry[] policy payload into the
{ [name]: url-or-shorthand } dict that:
- the Settings Editor's ComplexObject renderer can display inline as
key/value rows (instead of just 'Edit in settings.json'), and
- readConfiguredMarketplaces reverses back into IExtraMarketplaceObjectEntry[]
so parseMarketplaceReferences preserves displayLabel = name.
Tests added:
undefined
owner/repo
owner/repo#ref
raw URL (+ optional #ref)
parseMarketplaceReferences flow (the regression test that catches the
'extraValues is not iterable' bug we just hit in CI)
- schema-shape: chat.plugins.extraMarketplaces is registered with
type=object + additionalProperties.type=['string'], the exact shape
the Settings Editor requires to render as ComplexObject
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: stop spurious 'invalid marketplace entry' warnings for object-form entries
url dict, policy
entries always reach the marketplace fetcher as IExtraMarketplaceObjectEntry
objects (not strings). The validation loop was only accepting strings,
producing a 'Ignoring invalid marketplace entry: [object Object]' debug log
for every valid policy entry.
Validate using parseMarketplaceObjectEntry for object values so the warning
fires only for genuinely-unparseable entries.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: drop schema-shape test that double-registered chat contribution commands
The schema-shape test for chat.plugins.extraMarketplaces imported the full
chat.shared.contribution module to populate the configuration registry.
This re-registered commands (already registered by the workbench under
test), producing 'Cannot register two commands with the same id:
workbench.action.chat.markHelpful' and cascading disposable leaks in
unrelated suites (EditorService, WorkingCopyBackupTracker).
The other 5 tests (extraKnownMarketplacesToConfigDict + end-to-end round
trip) cover the actual behavior that broke; the schema shape is exercised
implicitly by the round-trip test.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: normalize github.com URI/SSH refs to the GitHub shorthand canonical id
Plugin marketplace trust under strict mode compares canonicalId. A plugin
discovered from 'https://github.com/microsoft/vscode-team-kit.git' was
being blocked even though 'microsoft/vscode-team-kit' was in the trusted
list, because the URI parser produced 'git:github.com/microsoft/vscode-team-kit.git'
while the shorthand parser produced 'github:microsoft/vscode-team-kit'.
When parseUriMarketplaceReference / parseScpMarketplaceReference detect a
github.com authority, emit the same canonical id form the shorthand parser
uses so all three forms (shorthand, https URI, SCP) collapse to a single
trusted reference.
Existing dedup test now expects 1 entry instead of 2; ref-distinction test
collapses the https+#ref entry with its shorthand sibling. Added a focused
regression test asserting all four forms produce identical canonical ids.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policy
* fix dupe policy export
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix system notification command rendering as literal backtick (#318601)
Terminal background-execution system notification labels wrapped the raw
command in a single-backtick inline code span. Multi-line commands contain
blank lines, which break an inline code span and cause the leading backtick
to render literally instead of as code.
Reuse the existing safe pattern (buildCommandDisplayText to collapse newlines
and truncate, appendEscapedMarkdownInlineCode to fence safely) so the command
always renders as inline code.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Simplify command display to first line + ellipsis (#318601)
Replace newline-to-space collapsing in buildCommandDisplayText with
first-line-only behavior: keep only the first line and append an
ellipsis when the command spans multiple lines (or when the first line
itself exceeds 80 characters). This is cleaner for UI labels than
joining multi-line commands into a single long line of spaces.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Scope first-line truncation to system notification site
Revert the change to buildCommandDisplayText (it's used by other
callers that expect the prior collapse-newlines behavior). Do the
first-line + ellipsis truncation locally in _registerCompletionNotification
where the system notification label is built.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Extract buildCompletionNotificationCommand helper + tests (#318601)
Move the first-line + ellipsis logic into a small exported helper next
to the call site so it can be tested directly. Restore the trim/escape-
artifact cleanup and 80-character truncation by running the first line
through buildCommandDisplayText (which is a no-op for newlines once the
input is already a single line).
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Use horizontal ellipsis character in completion notification
Replace the three-dot "..." with the proper horizontal ellipsis
character (U+2026) in buildCompletionNotificationCommand. Updated the
truncation path to slice to 79 chars + 1-char ellipsis so the total
length remains 80.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost: batch AHP log writes and skip URI deep clone
Two perf fixes for AhpJsonlLogger, the per-message JSONL transport
logger. CPU traces of the agents window under heavy AHP traffic showed
~23% of wall time in MajorGC, dominated by VSBuffer allocations from
renderer-side writeFile IPCs and the recursive _replaceUris deep clone
applied to every message before JSON.stringify.
- log() now appends to a pending buffer list and schedules a single
drain on the write queue. While a writeFile is in flight, all
subsequent log() calls accumulate and land in the next drain via
VSBuffer.concat, capped at 1 MiB per write. Rotation is still
checked per entry, and flush()/ordering semantics are preserved
via a _drainScheduled invariant.
- stringifyAhpLogEntry() now uses a JSON.stringify replacer instead
of a tree-walking deep clone. URI.toJSON() stamps the output with
$mid: MarshalledId.Uri, which the replacer detects (guarded by
isUriComponents) and rewrites to the canonical URI string. This
removes per-message allocation of a clone of the entire message
payload.
Adds tests for batching, flush ordering across drains, and URI
replacer edge cases (nested URIs, raw UriComponents from prior
toJSON, URI-shaped objects without $mid, and non-URI objects that
happen to carry $mid: 1).
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost: tighten batching test to assert exactly one write
Addresses review feedback: the previous `writeCount < messageCount`
assertion would pass even with a near-pathological 49-writes-for-50-logs
regression. All 50 log() calls are queued synchronously and must land in
the very first drain, so assert writeCount === 1.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add /research slash command to agent host
Add /research as a recognized slash command alongside /plan and /compact.
The command passes through to the Copilot CLI runtime which handles
topic validation, research directory creation, and orchestration prompt
injection via its built-in /research handler.
Changes:
- copilotSlashCommandCompletionProvider: add 'research' to type union,
command list, regex, description, and insertText (with trailing space)
- copilotAgentSession.send: pass /research through to session.send()
so the runtime recognizes and handles it
- Tests: add /research parsing, filtering, and completion tests
* fix: update JSDoc to include /research in command list
* Do not close agents window terminal on re-emit
* Don't kill Agents window terminals when session is archived
* Strengthen re-emit test to exercise the archive transition guard
Refocus the /other terminal before re-firing the archived session so the
newly-opened /worktree terminal is protected only by the transition guard,
not the active-instance guard. Addresses PR review feedback.
* Fix floating promise, log ordering , await disposal in session terminal cleanup
* agentHost (ssh): commit-pin remote CLI on fresh start
Mirrors Remote-SSH's exec-server installer for the agent-host CLI: install
at ~/<serverDataFolderName>/<archive>-<commit> (shared with Remote-SSH),
reuse on file existence, download the commit-pinned artifact on miss, and
prune old commit-keyed CLIs (keep last 5). On every fresh start we push the
CLI that matches the desktop's commit, so users stop ending up with a stale
CLI when the supervisor never self-updates.
Softer fallback than Remote-SSH: agent host has no strict commit-lock with
the desktop, so when the commit-pinned download fails we reuse any other
usable CLI on the box (other commit-keyed binary or legacy ~/.vscode-cli{,-<quality>}/<archive>)
rather than refusing to connect. The renderer<->AH handshake catches real
incompatibilities.
A live agent host found via the lockfile is still reused as-is; the install
only runs on AH cold-start. Dev/OSS builds with no productService.commit
keep the old non-pinned loose-install behaviour.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost (ssh): address Copilot review on commit-pinned CLI install
Four fixes from the PR review (#318496):
- Lazy CLI install: skip uname/install entirely when a running agent
host is reused via the lockfile. Install only runs immediately before
we spawn a fresh agent host (introduces an ensureCliResolved closure
in connect()).
- Cleanup-after-reuse in _ensureCLIInstalledPinned: test -x first, then
touch the in-use binary so the keep-newest-5 prune cannot evict the
CLI we're about to run.
- Hex-only glob ([0-9a-f]{40}) in buildCleanupOldCLIsCommand and
buildFindFallbackCLICommand, plus safer xargs -I{} rm -f -- form.
- Validate _findFallbackCLI candidates through a new exported
isValidFallbackCLIPath helper before invoking them; reject anything
that isn't a commit-keyed path under the install root or a legacy
~/.vscode-cli{,-<quality>}/<archive> path.
Tests:
- New isValidFallbackCLIPath suite (7 cases).
- New AH-reuse regression test asserting uname/test-x/--version/curl
never run on the reuse path.
- All affected service-test execResponses arrays reshaped for the new
ordering; 67 service tests and 81 helper tests passing.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost (ssh): pass --cli-data-dir on agent host spawn
Mirrors Remote-SSH by anchoring the CLI launcher's data dir under
~/<serverDataFolderName>/cli (e.g. ~/.vscode-server/cli) instead of
letting it default to ~/.vscode-cli{,-<quality>}. The supervisor
spawned by 'agent host' propagates --cli-data-dir to the detached
child (cli/src/commands/agent_host.rs), so the whole AH process tree
agrees on one launcher root. The lockfile path is it isunaffected
anchored on serverDataFolderName directly in the Rust state code.
Adds two helpers:
- getRemoteCLIDataDir(serverDataFolderName)
- buildAgentHostBaseCommand(cliBin, cliDataDir)
Plumbs cliDataDir through startRemoteAgentHost / _startRemoteAgentHost
and both fresh-spawn call sites in connect(). commandOverride callers
remain responsible for their own --cli-data-dir.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* agentHost (ssh): tighten commit validation + guard CLI retention on touch
Addresses Copilot review feedback on the commit-pinned CLI install:
1) validateCommit: the cleanup glob, fallback discovery glob, and
commit-pinned download URL all assume a 40-char lowercase hex SHA.
The old getRemoteCLIBin / buildCLIDownloadUrl ran the broader
validateShellToken regex, which would have accepted e.g. uppercase
hex and split state across two commit-keyed paths (cleanup glob
would miss the uppercase one and the URL would 404). Add a strict
validateCommit that normalizes to lowercase and enforces the
40-hex shape, and call it from both helpers.
2) Reuse-path touch + cleanup race: the reuse path bumps the chosen
binary's mtime so retention keeps it in the 5-newest window, then
runs cleanup. cleanup was unconditional, so if touch failed
(permission, weird filesystem, etc.) we'd risk pruning the binary
we just decided to reuse. Gate cleanup on touch's exit code and
warn-log when we next reconnect will retry retention.skip
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: normalize extension-provided CancellationToken in _findFilesBase (fixes#318999)
Extensions that bundle their own CancellationToken module produce
tokens that fail the RPC protocol's instanceof check in
isCancellationToken(). When this happens, the token is serialized
over the wire as a plain object (without functions/getters), causing
'onCancellationRequested is not a function' on the main thread.
Fix by validating the token before passing it to the RPC proxy. If
it fails isCancellationToken(), create a linked CancellationTokenSource
with a properly recognized token.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix
---------
Co-authored-by: vs-code-engineering[bot] <122617954+vs-code-engineering[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Rob Lourens <roblourens@gmail.com>
getOrCreateChatSession returns the cached session object when one already
exists, so the concurrent-creation guards in ChatService#loadRemoteSession
and ChatSessionsService#getOrCreateChatSession were disposing the shared,
live session instead of a throwaway. This left the session unavailable when
its options were later read or updated (e.g. while sending a request). The
session lifecycle is owned by ContributedChatSessionData, so drop the
incorrect dispose() calls.
Fixes#318849
* extensions: add delayed auto-update mode to extensions.autoUpdate
Folds a 6-hour delayed auto-update mode into the existing
`extensions.autoUpdate` setting, which is now a string enum
('on' | 'delayed' | 'off') and policy-controllable via the
ExtensionsAutoUpdate policy.
When set to 'delayed', an extension whose newer version was published
less than 6 hours ago is treated as outdated-but-delayed: it is excluded
from auto-update and the activity badge, and surfaces an info status
explaining when it will be auto updated. Manual updates still work.
Includes startup migration from legacy values (true/'all'/
'onlyEnabledExtensions' -> 'on'; false/'none'/'onlySelectedExtensions'
-> 'off') plus defensive read-time normalization, and unit tests for the
new logic.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policy file
* extensions: address code review feedback for delayed auto-update
- Type IExtensionsConfiguration.autoUpdate as AutoUpdateConfigurationValue
- Keep ExtensionStatusAction.update() returning void; add recomputeStatus()
for callers that need to await the computed status
- Preserve the higher-priority warning CSS class when the delayed info status
is also applied to an outdated extension
- Hover awaits recomputeStatus() instead of update()
- Update pluginAutoUpdate doc comment to the on/delayed/off enum values
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policies data
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Prevents layout breakage in Chinese locale where labels wrap
and cause the emulation toolbar to expand unexpectedly.
Fixes#318929
Co-authored-by: goingforstudying-ctrl <goingforstudying-ctrl@users.noreply.github.com>
* Revert "Agent Picker is not pre-selected when creating a new Agent Host session with specific Agent in Agent Window (#318506)"
This reverts commit 25c42be9db.
* fix compilation
* set progress in the beginning
* additional fix
