* Initial attempt. Send dummy user requests every 5 mins
* Modified the probe message
* Modified timeouts
* Removed artificial 2 min delay
* Addressing Copilot suggestions
* Made it configurable
* Make probe limit exp based
* Typo in docstring
* Enabled only for execution subagent
* Changed default number of probes to 1
* Fixed formatting in package.json
* Override userInitiatedRequest to false for probe messages
* Added a subtype keep-alive-probe in telemetry
* Updated telemetry to keep subtype unchanged but use a different source
* Address review: scope keep-alive to Anthropic + current round, constant-1 finishedCb
* Simplify keep-alive endpoint resolution: separate lookup, no flag-off reordering
---------
Co-authored-by: bhavyaus <bhavyau@microsoft.com>
* Live streaming for Task API cloud agent sessions
Adds TaskTurnStreamer to incrementally push v2 Task API events into
vscode.ChatResponseStream for both initial open (mode: 'current') and
follow-up sends (mode: 'next'), mirroring the v1 JobsApiBackend SSE flow.
Key design (modelled after github-ui/agent-sessions):
- Eager tool rendering from assistant.message.toolRequests, since
tool.execution_complete does not fire for many agent-host-synthesised
setup ops (run_setup, run_custom_setup_step).
- Per-messageId content dedup: Task API sends progressive snapshots, not
deltas; only the suffix is fed to the renderer.
- Intermediate assistant.message.content (content + toolRequests in the
same event) is suppressed; only pure-text assistant messages (the final
reply of the turn) are rendered as markdown.
- Default 'Working...' progress label until the first assistant.intent
arrives.
- Bounded poll loop: exits on terminal state, cancellation, or
MAX_CONSECUTIVE_FETCH_FAILURES.
- Follow-up (mode: 'next') only advances when task.sessions.length grows,
to avoid premature exit when trailing prior-turn events arrive between
the snapshot and sendFollowUpToTask resolving.
ChatSessionContentBuilder updates:
- buildTaskHistory: single-pass turn split + bootstrap event suppression.
- buildTaskResponseTurn: mirrors the live rules (eager tool rendering,
intermediate-narration suppression, dedup with live cards) so the
refresh() after streaming is idempotent.
- parseToolCallDetails: friendly cards for run_setup,
run_custom_setup_step, report_intent.
- toFileLabel: handles v1 (/home/runner/work/...) and v2
(/tmp/workspace/..., /workspace/...) layouts.
* Address PR review: parallelize fetches, fix stale comment, add Task API history tests
- Parallelize fetchTask/fetchEvents with Promise.all in both the main
poll loop and _waitForTurnStart so each poll only pays the slower of
the two requests.
- Update StreamBaseline JSDoc to reflect that phase 1 (mode: 'next')
unblocks only on turnCount > priorTurnCount, not 'any unseen event'.
- Add unit tests covering the new Task API history rules:
bootstrap suppression, turn-boundary split, eager tool rendering with
execution_complete dedup, intermediate-narration suppression, and
the synthesised-turn fallback when no user.message has arrived.
* Readme update
* Added gemini in exec subagent description and gated on gemini availability
* Set Gemini as default execution subagent model and enabled by default
* Modified the description of the executionSubagent.enabled setting
Git - throttle initial repository.status() across repositories
Each repository.status() spawns ~10 git subprocesses. With many repos in a workspace, fan-out can saturate the extension host and trigger the IPC unresponsive watcher kill loop. Bound concurrency with a Limiter(5).
Fixes#318279Fixes#318764
Forward GitHub token in createSession/resumeSession RPC (#318693)
The Copilot SDK has two GitHub-token slots:
- Client-level (CopilotClientOptions.gitHubToken): hands the token to
the spawned CLI subprocess via an environment variable. The CLI then
does its own HTTP fetch to api.github.com to turn the bytes into an
AuthInfo. If that fetch fails (slow/proxied network on the SSH host,
transient 401, etc.) the CLI is left permanently unauthenticated
because we also pass useLoggedInUser: false to disable the stored-
OAuth fallback. Sessions created against that CLI inherit no
AuthInfo and fail on first send with 'Session was not created with
authentication info or custom provider'.
- Session-level (SessionConfig.gitHubToken): the token travels inside
the createSession RPC payload itself. The CLI resolves it as part of
the create handler, so the session always carries its own AuthInfo
regardless of whether the env-var bootstrap settled.
Pass the cached _githubToken through _buildSessionConfig so both
client.createSession and client.resumeSession get session-level auth.
This makes session start independent of the fragile env-var bootstrap
that fails for users with slow/proxied paths to api.github.com from the
remote. Add a regression test asserting the token is forwarded.
The client-level env-var path is left in place because client-scoped
SDK calls (listModels, listSessions, etc.) have no per-call token
override; those calls are tolerant of transient auth failures and are
not user-facing.
Fixes#318693
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* feat: add getWorkingDirectory method to agent host session providers and related services for distiguishing local from user customizations + several bug fixes
* update
Fixes two user-facing bugs when forking an agent-host (AHP) chat from the Agents
window, and one underlying turn-id mismatch that made forks target the wrong
SDK event boundary on restored sessions:
- agentService: stamp "Forked: <source title>" onto the forked session's
SessionSummary at create time so the sidebar (which renders from
SessionSummary.title via sessionAdded / sessionSummaryChanged) shows the
prefix instead of the auto-generated summary inherited from the source.
Idempotent so re-forking an already-forked session does not double-prefix.
- agentHostSessionHandler: read the forked title back from the freshly
hydrated session state for the returned IChatSessionItem and drop the
client-side SessionTitleChanged dispatch.
- chatForkActions: route the contributed-session fork path through
ForkConversationAction._openForkedSession so the Agents-window override
applies; inlines the helper to avoid a callback hop.
- localChatSessions.contribution: in the Agents-window override, wait for
the forked resource to appear and then open it via
sessionsManagementService.openSession for every session type (not just
the local VS Code chat type) -- the previous fallback called
chatWidgetService.openSession, which is a no-op in the Agents window
because there is no ChatViewPane.
- mapSessionEvents: when restoring a session from disk, seed the
protocol turn id from the SDK envelope id (the same value
setTurnEventId persists to turns.event_id). This makes the restored
state.turns[].id round-trip back to the SDK boundary id that the
sessions.fork / history.truncate RPCs operate on.
- sessionDatabase: getNextTurnEventId now resolves the source row by
either turns.id (live request_xxx) OR turns.event_id (SDK envelope id),
so fork works for both freshly-dispatched and restored turn ids.
Fixes https://github.com/microsoft/vscode/issues/317839
(Commit message generated by Copilot)
When editing a message in inline mode, a new ChatInputPart is created for the inline editor. It would initialize its model from persisted storage (often 'auto') and on finish that selection was copied back over the user's main-input selection.
Now seed the inline edit input from the edited request's modelId when it is known, and stop copying the inline input's model back to the main input on finishedEditing. Agent host requests don't carry a modelId, so in that case the inline input is left alone and the main input keeps its selection.
* agent host: hydrate snapshot controller for Restore Checkpoint
Currently the AgentHostSnapshotController never has any checkpoints to
restore to when "Restore Checkpoint" is invoked, so the removed request
stays visible in the chat UI. This fix wires up hydration end-to-end and
simplifies the controller's bookkeeping along the way.
- Seed a request-level checkpoint for every historical turn on session
open, not only turns with file edits. Without this, restoreSnapshot
for any turn that lacked tool calls fell through with "No checkpoint
found" and _setDisabledRequests was never called.
- Always populate _pendingHistoryTurns from the protocol state
(previously gated on hasTurnsWithEdits), and stop using Event.once on
onDidCreateModel to wait for the chat model — the once subscription
was being consumed by an unrelated model created first, leaving the
controller un-hydrated. Now we synchronously hydrate when the model
already exists, otherwise listen until the matching session arrives.
- Make ensureRequestCheckpoint advance _currentCheckpointIndex to the
new checkpoint. Previously the cursor stayed put, so requestDisablement
marked the in-flight request as disabled (the new checkpoint sat
"forward" of the cursor) and the next call would splice it away.
- Simplify to one checkpoint per request. Multiple tool calls in the
same request now fold their edits into a single checkpoint via a
seenToolCallIds Set, and restoreSnapshot/getSnapshotUri/
getSnapshotContents ignore the stopId parameter. canUndo/canRedo
derive purely from cursor position — undo/redo is request-level,
available whenever any checkpoint exists.
- Add tests covering: in-flight request isn't disabled, restore of a
no-edit request marks it disabled, stale forward branch is spliced on
new request after restore-to-start, and multi-tool-call edits undo
together.
Fixes https://github.com/microsoft/vscode/issues/318251
(Commit message generated by Copilot)
* agent host: address review feedback
- Fold multiple tool-call edits to the same file in one request into a single net before/after pair (mergeFileEdit). Without this, _writeCheckpointContent applied duplicate writes in parallel and raced.
- Refresh stale 'sentinel' wording in session handler comments.
(Commit message generated by Copilot)
chronicle: per-subcommand telemetry attribution for sessionStoreSql tool
Add a 'subcommand' enum input on copilot_sessionStoreSql so each /chronicle slash command (standup, tips, cost-tips, search, improve, reindex) tags its tool calls. Plumb it through _invokeQuery/_invokeStandup/_invokeReindex and emit it on the chronicle.sqlQuery telemetry event (with 'unknown' for ad-hoc model calls). Also add command/target/success dimensions while preserving the legacy 'source' value so existing dashboards keep working. Update each chronicle-*.prompt.md to instruct the model to set the subcommand on every call.
* chat plugins: add policy-backed enabledPlugins / marketplaces / strictMarketplaces settings
Adds three new chat.plugins.* settings, each policy-backed:
- chat.plugins.enabledPlugins (policy: objectChatEnabledPlugins)
mapping plugin IDs (`<plugin>@<marketplace>`) to enable/disable.
- chat.plugins.marketplaces (policy: array ofChatPluginMarketplaces)
marketplace references (GitHub shorthand or Git URI). User entries
survive alongside policy entries.
- chat.plugins.strictMarketplaces (policy: ChatStrictMarketplaces)
boolean restricting trust to listed marketplaces only.
All three are gated on `tags: ['experimental']`. Consumers (plugin
discovery, install, URL handler, marketplace service, quick-pick action)
now read via `inspect()` so default + user + policy layers all flow
through. A shared `readConfiguredMarketplaces` helper in
marketplaceReference.ts dedups the inspect pattern across 5 sites.
Adds three matching fields to IPolicyData so the policy framework has
slots to fill in once the wiring lands; until then they're undefined and
behave like an empty policy (no-op). Plugin discovery now distinguishes
filesystem-path entries (removable from UI) from enterprise plugin IDs
(non-removable) via a single shared loop; `IAgentPlugin.remove` is
optional accordingly.
build/lib/policies/policyData.jsonc regenerated for the new policy keys.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: implement ADR-002 enterprise managed_settings fetch & policy wiring
Wires the previously-added chat.plugins.* policy slots to the new
`/copilot_internal/managed_settings` endpoint on the authenticated
Copilot host.
Core behavior in DefaultAccountProvider:
- Fetches managed_settings alongside entitlements; shares the 1-hour
cache used by other account-policy fetches.
- Silent fallback to local-only policy on any non-2xx, network error,
parse error, or missing managedSettingsUrl.
- Rate-limit-aware: backs off all /copilot_internal/* calls when the
endpoint signals 429, 403 + X-RateLimit-Remaining: 0, or any non-2xx
with Retry-After.
- adaptManagedSettings flattens the API's structured
extraKnownMarketplaces map into the existing string-array shape that
chat.plugins.marketplaces consumes; tolerates malformed entries and
unknown response keys (forward-compatible).
- Telemetry: emits `defaultaccount:managedSettings:fetch` (owner:
joshspicer) with an `outcome` bucket (ok / no-response / parse-error /
status:NNN) and a `rateLimitBackoffActive` flag.
Surface area:
- IDefaultAccountProvider/Service expose managedSettingsFetchStatus and
managedSettingsFetchedAt; ManagedSettingsFetchStatus is a named union.
- Developer: Policy Diagnostics shows a Managed Settings section with
the URL status, last-fetched timestamp, and a JSON dump of the
applied managed-settings policy slice.
- product.json adds a managedSettingsUrl key (populated via distro).
Refactor: `readHeader` and `retryAfterFromHeaders` are moved to
`platform/request/common/request.ts` so githubRepoFetcher.ts and this
new code share one implementation.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* bump distro to 36d906669669f12466c6912bd65d9eeb47c6522d
Pulls in managedSettingsUrl from microsoft/vscode-distro#1422.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policyData
* policy: address PR review feedback
- Restore historical default for chat.plugins.marketplaces
(['github/copilot-plugins', 'github/awesome-copilot#marketplace']) so
existing users don't lose the two built-in marketplaces on update.
Regenerate policyData.jsonc accordingly.
- Seed _managedSettingsFetchStatus = 'ok' on cache-hit so Policy
Diagnostics reports the applied state after a process restart that
warm-starts from cached policyData (instead of stuck at 'not yet
fetched').
- Scope the <plugin>@<marketplace> ID-resolution rule to the enterprise
ChatEnabledPlugins setting only. User-typed entries in
chat.pluginLocations that happen to contain '@' are now treated as
filesystem paths, as a user would expect, not silently rewritten to
~/.copilot/installed-plugins/<x>/<y>/. Split _resolvePluginPath into
a path-only resolver and a dedicated _resolveEnterprisePluginId.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: revert unnecessary _pluginLocationsConfig refactor
chat.pluginLocations has no policy slot, so observableConfigValue
(which uses getValue() under the hood) is functionally equivalent to
the hand-rolled inspect() version. Reverting reduces diff thechurn
inspect-based observable is now used only for _enterpriseEnabledPluginsConfig
where the default+user+policy merge actually matters.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: split managed marketplaces into dedicated policy-only setting
Adds chat.plugins.extraMarketplaces (ChatExtraMarketplaces policy,
included: false so it's hidden from the Settings UI). This receives the
'extraKnownMarketplaces' payload from the managed_settings API.
Restores chat.plugins.marketplaces to its pre-PR shape: no policy slot,
no inspect()-juggling required in consumers, no risk of accidentally
clobbering user data. Users write to chat.plugins.marketplaces; the
enterprise writes to chat.plugins.extraMarketplaces; the effective set
is the union.
Consumer simplifications:
- readConfiguredMarketplaces returns { userValues, extraValues,
two getValue() reads, no inspect() needed.effectiveValues }
- Write-back is now just [...userValues, refValue] in all three sites.
- 'Manage Plugin Marketplaces' still surfaces the 'managed by enterprise
policy' badge by checking ref membership in extraValues.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: tidy managed_settings code paths
- fetchMarketplacePlugins: drop the over-engineered pre-dedup-by-string;
parseMarketplaceReferences already dedups by canonical id.
- agentPluginServiceImpl: pass source.remove directly to _toPlugin instead
of wrapping in a null-asserted closure.
- adaptManagedSettings: use a Set for flatten-and-dedup (insertion order
is preserved).
- getDefaultAccountFromAuthenticatedSessions: spread merge instead of
three explicit field assignments.
- developerActions: collapse the 'ok' branch into the catch-all backtick
wrap; same behavior, less code.
- marketplaceReference.ts: tighter JSDoc on IConfiguredMarketplaces.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: enforce ChatEnabledPlugins and strict-marketplace gates at discovery
Previously the enterprise-managed policy values were delivered into the
policy framework but not a plugin already installed locallyenforced
(e.g. via the marketplace discovery path) would remain active even when
the policy excluded it or strict-marketplace mode rejected its source.
Adds policy enforcement on AgentPluginService.plugins, applied after
discovery dedup/sort and gated by two observables:
- ChatEnabledPlugins policy: when set, filters the surfaced plugin set
to only those whose '<name>@<marketplace>' ID appears in the policy
map with value true. Plugins without a marketplace provenance
(filesystem entries from chat.pluginLocations) are unaffected.
- ChatStrictMarketplaces: when on, filters out plugins whose source
marketplace is not trusted. Trust is sourced ONLY from
chat.plugins.extraMarketplaces (the policy-only user-setslot)
entries in chat.plugins.marketplaces do NOT grant trust under strict
mode. This matches the ADR-002 semantics: strict mode hands full
marketplace control to the enterprise.
Also updates the chat.plugins.strictMarketplaces description text to
match the new behavior (was still pointing at the user setting).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract managed_settings adapter to dedicated helper
Moves IManagedSettingsResponse and adaptManagedSettings out of
defaultAccount.ts and into a new managedSettings.ts in the same folder.
Adapter is a pure transformation function with no service dependencies,
so it belongs in its own file alongside the HTTP/wiring code.
Renames the test file to managedSettings.test.ts to match what it
actually tests and tightens the suite name.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: tidy enforcement filter and sync strict-marketplace policy description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: show policy-blocked plugins as disabled instead of hiding them
Blocked plugins (ChatEnabledPlugins / strict marketplaces) now stay
visible but are forced disabled via their enablement observable, and the
enable affordance notifies the user instead of re-enabling.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: enforce enabledPlugins/strictMarketplaces for Copilot-CLI plugins
CLI-installed plugins under `~/.copilot/installed-plugins/<marketplace>/<plugin>/`
have no `fromMarketplace` metadata, so they previously bypassed enterprise
policy. Derive their identity from the install-path bucket (matching the
convention used by `_resolveEnterprisePluginId`) so enabledPlugins gating
applies, and add a bucket-name heuristic for strict marketplaces.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* log raw managed_settings response at trace level
Helps debug schema drift / unknown server fields that get dropped by
adaptManagedSettings(). Trace-only so it's off by default.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* improve managed_settings warning for missing repo/url
When a github source is missing 'repo' or a git source is missing 'url',
emit a specific warning naming the missing field instead of the misleading
'unknown source type' message.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* preserve marketplace name through managed_settings policy delivery
The managed_settings adapter previously flattened extraKnownMarketplaces
entries to bare "<owner>/<repo>" or "<url>" strings, losing the marketplace
name. That broke enabledPlugins matching because plugin IDs are keyed as
"<plugin>@<marketplace-name>" but our parsed reference's displayLabel was
derived from the URL/repo instead.
Changes:
- adapter now emits { name, source } objects preserving the full shape
- IPolicyData.extraKnownMarketplaces accepts string | object entries
- parseMarketplaceReferences gains object-handling, using name as displayLabel
- workspacePluginSettingsService shares the object parser
- policy schema relaxed to allow object items
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: clarify chat.plugins.enabledPlugins description
The previous 'Merged with entries from chat.pluginLocations' was misleading:
the two settings use different key namespaces (plugin IDs vs filesystem paths)
and the enabledPlugins policy also acts as an allowlist that gates
marketplace-discovered not a symmetric merge.plugins
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: add description for chat.plugins.extraMarketplaces
The setting was missing a markdownDescription, so the Settings UI card
rendered empty when shown under 'Managed by organization'. Also updated
the policy localization to mention the new { name, source } object form.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: shorten chat.plugins.extraMarketplaces description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: drop policy name from extraMarketplaces description
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: re-fetch plugin marketplaces when ExtraMarketplaces policy changes
pluginMarketplaceService.onDidChangeMarketplaces only listened for
PluginsEnabled and PluginMarketplaces config changes, so the
ExtraMarketplaces values delivered by the ChatExtraMarketplaces policy
never triggered a the union was stale until the next user editrefetch
to chat.plugins.marketplaces or a workspace-trust change.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract IExtraKnownMarketplaceEntry to base/common/managedSettings
Move the enterprise-managed marketplace entry type out of defaultAccount.ts
into a dedicated managedSettings.ts so the type lives alongside other
managed-settings-specific code.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: cleanup pass
- Sync policyData.jsonc ChatExtraMarketplaces description with the
source declaration in chat.shared.contribution.ts (object-form
entries were missing from the policy artifact).
- Reorder Event import in agentPluginServiceImpl.ts to keep base/common
imports alphabetical.
- Fix stale doc reference (COPILOT_CLI_INSTALLED_PLUGINS_DIR -> the
function it actually mirrors).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: accept host-only git URLs in extraKnownMarketplaces
ADR-002 describes the `git` source `url` as a free-form `(string)`
the example happens to be a full clone URL, but the schema doesn't
require a repo path. Our marketplace-URI parser was rejecting host-only
HTTPS endpoints (e.g. `https://plugins.internal.example.com`), so
enterprise policy entries with marketplace-registry-style URLs were
silently dropped before they ever reached the UI.
Relax `parseUriMarketplaceReference` to accept host-only URLs and
treat them as a marketplace endpoint identified by host alone. The
canonical id becomes `git:<host>/` so distinct hosts still dedupe
correctly. Existing path-aware behavior is preserved unchanged.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: fix string entry guard in extraKnownMarketplaces policy.value; fix test cloneUrl expectation
- Handle string-typed entries in extraKnownMarketplaces (IPolicyData allows string | IExtraKnownMarketplaceEntry)
- Fix test expectation: URI.parse normalizes host-only URLs to include trailing slash
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: read extraMarketplaces dict and convert to nested entry shape
The setting schema is now `{ [name]: url-or-shorthand }` (object), so
readConfiguredMarketplaces must convert each entry to the nested
IExtraMarketplaceObjectEntry shape that parseMarketplaceReferences expects.
Uses a regex to detect GitHub shorthand (owner/repo[#ref]) vs URI.
TypeError in CI:
'extraValues is not iterable' on [...userValues, ...extraValues].
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: extract extraKnownMarketplacesToConfigDict helper + add regression tests for Settings Editor display
Extract the policy.value conversion for ChatExtraMarketplaces out of
chat.shared.contribution.ts into a reusable, unit-testable helper. The
helper converts the IExtraKnownMarketplaceEntry[] policy payload into the
{ [name]: url-or-shorthand } dict that:
- the Settings Editor's ComplexObject renderer can display inline as
key/value rows (instead of just 'Edit in settings.json'), and
- readConfiguredMarketplaces reverses back into IExtraMarketplaceObjectEntry[]
so parseMarketplaceReferences preserves displayLabel = name.
Tests added:
undefined
owner/repo
owner/repo#ref
raw URL (+ optional #ref)
parseMarketplaceReferences flow (the regression test that catches the
'extraValues is not iterable' bug we just hit in CI)
- schema-shape: chat.plugins.extraMarketplaces is registered with
type=object + additionalProperties.type=['string'], the exact shape
the Settings Editor requires to render as ComplexObject
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: stop spurious 'invalid marketplace entry' warnings for object-form entries
url dict, policy
entries always reach the marketplace fetcher as IExtraMarketplaceObjectEntry
objects (not strings). The validation loop was only accepting strings,
producing a 'Ignoring invalid marketplace entry: [object Object]' debug log
for every valid policy entry.
Validate using parseMarketplaceObjectEntry for object values so the warning
fires only for genuinely-unparseable entries.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: drop schema-shape test that double-registered chat contribution commands
The schema-shape test for chat.plugins.extraMarketplaces imported the full
chat.shared.contribution module to populate the configuration registry.
This re-registered commands (already registered by the workbench under
test), producing 'Cannot register two commands with the same id:
workbench.action.chat.markHelpful' and cascading disposable leaks in
unrelated suites (EditorService, WorkingCopyBackupTracker).
The other 5 tests (extraKnownMarketplacesToConfigDict + end-to-end round
trip) cover the actual behavior that broke; the schema shape is exercised
implicitly by the round-trip test.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* policy: normalize github.com URI/SSH refs to the GitHub shorthand canonical id
Plugin marketplace trust under strict mode compares canonicalId. A plugin
discovered from 'https://github.com/microsoft/vscode-team-kit.git' was
being blocked even though 'microsoft/vscode-team-kit' was in the trusted
list, because the URI parser produced 'git:github.com/microsoft/vscode-team-kit.git'
while the shorthand parser produced 'github:microsoft/vscode-team-kit'.
When parseUriMarketplaceReference / parseScpMarketplaceReference detect a
github.com authority, emit the same canonical id form the shorthand parser
uses so all three forms (shorthand, https URI, SCP) collapse to a single
trusted reference.
Existing dedup test now expects 1 entry instead of 2; ref-distinction test
collapses the https+#ref entry with its shorthand sibling. Added a focused
regression test asserting all four forms produce identical canonical ids.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* update policy
* fix dupe policy export
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix system notification command rendering as literal backtick (#318601)
Terminal background-execution system notification labels wrapped the raw
command in a single-backtick inline code span. Multi-line commands contain
blank lines, which break an inline code span and cause the leading backtick
to render literally instead of as code.
Reuse the existing safe pattern (buildCommandDisplayText to collapse newlines
and truncate, appendEscapedMarkdownInlineCode to fence safely) so the command
always renders as inline code.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Simplify command display to first line + ellipsis (#318601)
Replace newline-to-space collapsing in buildCommandDisplayText with
first-line-only behavior: keep only the first line and append an
ellipsis when the command spans multiple lines (or when the first line
itself exceeds 80 characters). This is cleaner for UI labels than
joining multi-line commands into a single long line of spaces.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Scope first-line truncation to system notification site
Revert the change to buildCommandDisplayText (it's used by other
callers that expect the prior collapse-newlines behavior). Do the
first-line + ellipsis truncation locally in _registerCompletionNotification
where the system notification label is built.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Extract buildCompletionNotificationCommand helper + tests (#318601)
Move the first-line + ellipsis logic into a small exported helper next
to the call site so it can be tested directly. Restore the trim/escape-
artifact cleanup and 80-character truncation by running the first line
through buildCommandDisplayText (which is a no-op for newlines once the
input is already a single line).
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Use horizontal ellipsis character in completion notification
Replace the three-dot "..." with the proper horizontal ellipsis
character (U+2026) in buildCompletionNotificationCommand. Updated the
truncation path to slice to 79 chars + 1-char ellipsis so the total
length remains 80.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
