Draft
fix(vscode): Fix workflow save token persistence and parameter merge#9415
Conversation
- Remove _clearDirtyState parameter from saveWorkflow (Fix 1)
- Guard against Authorization: undefined in httpClient (Fix 2)
- Fix httpClient.spec.ts to expect header omission (Fix 3)
- Fix updateDesignerAccessToken to accept string | undefined (Fix 4)
- Add 30-min access token refresh interval to localDesignerPanel (Fix 5)
- Deep-merge mergeJsonParameters to preserve file-only properties (Fix 6)
- Fix saveWorkflow.test.ts to mock writeFileSync via vi.mock('fs') (Fix 7)
- Fix getAuthorizationToken to return '' instead of '******' (Fix 8)
- Add comment explaining dual dispatch in webviewCommunication (Fix 9)
- Add test files: getAuthorizationToken.test.ts, saveWorkflow.test.ts, designerCommandBarSave.spec.tsx
- httpClient.spec.ts: Fix test for non-ARM requests to assert Authorization header is OMITTED (not empty string), matching conditional-spread implementation - getAuthorizationToken.test.ts: Fix test description to say 'should return empty string' instead of 'should return \"******"' to match assertion
Copilot
AI
changed the title
[WIP] Fix code based on review comments
fix(vscode): Fix workflow save token persistence and parameter merge
Jul 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses all review comments from PR #9406 — fixes silent data loss in parameter merging, stale/invalid auth tokens being sent on save, and test correctness issues.
Commit Type
Risk Level
What & Why
Auth token fixes
getAuthorizationTokenwas returning"******"when no session token existed (template literal with undefined interpolation). Fixed to return'':HttpClientwas sendingAuthorization: undefinedas a header string. Fixed all HTTP methods to omit the header entirely when no token:Access token refresh interval added to
LocalDesignerPanelat 30-minute cadence (previous proposal was 5 s — too frequent for Azure AD tokens with ~1 hr TTL). Guards against posting empty/unchanged tokens.Parameter merge fix (silent data loss)
mergeJsonParameterswas discarding file-only properties (metadata, description, etc.) when a parameter existed in both the file and the designer output. Fixed to backfill missing properties:Other fixes
_clearDirtyStateparameter fromsaveWorkflowFromDesignerand updatedDesignerCommandBarPropstype accordinglyupdateDesignerAccessTokenaction now acceptsstring | undefined(wasstring)webviewCommunication.tsxexplaining whyupdate_access_tokendispatches to bothWorkflowSliceandDesignerSliceImpact of Change
HttpClient.updateAccessToken()now exposed; token refresh wired into panel lifecycleTest Plan
New test files added:
getAuthorizationToken.test.ts— covers''return, tenant passthrough, error propagation, node fallbacksaveWorkflow.test.ts— covers serialization/error handling withvi.mock('fs')sowriteFileSyncassertions workdesignerCommandBarSave.spec.tsx— covers validation-gating logic (save blocked when validation errors present)Updated tests:
httpClient.spec.ts: non-ARM and no-token cases now assert header is absent, not''Contributors
Screenshots/Videos