Conversation
Co-authored-by: Copilot <copilot@github.com>
This should fix a case where the very first reload after a service worker update used the old service worker
…312017) * Cache auth tokens client-side to dedupe agent host authenticate RPCs The local and remote agent host contributions were re-firing 'authenticate' RPCs on every rootState change, every default-account change, and every VS Code auth session even when the token had not changed. Thechange server-side string compare absorbed this, producing repeated '[Copilot] Auth token unchanged' log lines for every redundant call. Add an AgentHostAuthTokenCache that tracks the last token sent per protected-resource URI. Skip the RPC when the token is unchanged. Cache lifetime is per-contribution for the local agent host and per-connection for remote agent hosts (so it's dropped on disconnect). Tests: - 5 unit tests for AgentHostAuthTokenCache (first/repeat/rotate/per-URI/clear) - 3 integration tests against AgentHostContribution exercising the real _authenticateWithServer path (dedupe holds, rotation re-fires, no-token is a no-op) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address Copilot review: cache on success, clear on restart/failure - Seed the auth token cache only after a successful authenticate RPC (not before) so a transient RPC failure doesn't suppress future retries - On RPC failure, evict the per-resource cache entry so the next auth pass will retry that resource - Clear the entire cache when the local agent host process (re)starts, preventing the first post-restart authenticate from being skipped as 'token unchanged' - Same fixes applied to the remote agent host contribution Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…n titles (#312021) * agentHost: add url permission request handling and refine confirmation titles - Add handling for 'url' kind permission requests in getPermissionDisplay, with URL sanitization via the URL constructor for punycode escaping - Add 'url' property to ITypedPermissionRequest interface - Improve confirmation titles to use question format for consistency (e.g. 'Run in terminal?' instead of 'Run in terminal') - Improve custom-tool and default permission display to use markdown invocation messages with the tool name for richer rendering - Refine MCP permission confirmation title to use localized format Fixes #311504 (Commit message generated by Copilot) * address copilot review comments
) The Authorization header was constructed as 'Basic ' + base64(token), which GitHub rejects because Basic auth requires base64(username:password). The malformed header caused all GitHub API requests to fail with HTTP 403, which the fetch wrapper masks with a misleading 'you may be rate limited' message. This was tolerable on GitHub-hosted runners because their IPs aren't aggressively rate limited unauthenticated, but on the new 1ES Azure-hosted runners (shared outbound IPs) the 60 req/hr unauthenticated limit is hit immediately, breaking core-ci on every PR. Switch to the Bearer scheme, which is the correct format for both GITHUB_TOKEN and PATs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Remove upgrade and plan branching for weekly rate limit messaging
…ll tool calls (#312019) * Strip redundant 'cd <workingDirectory> &&' prefix from agent host shell tool calls The Copilot CLI sometimes emits shell commands prefixed with a redundant `cd <` even though the agent already runs in thatworkingDirectory> && directory. The extension-host CLI strips this for display; this change brings the same cleanup to the agent host so all clients see the simplified command. Three live paths needed patching: - mapSessionEvents.ts (history replay via getMessages()) - copilotAgentSession.ts onToolStart (live tool execution) - copilotToolDisplay.ts getPermissionDisplay (shell permission requests) All three share a new helper, stripRedundantCdPrefix, in src/vs/platform/agentHost/common/commandLineHelpers.ts. Tests: 32 new unit tests across commandLineHelpers, copilotToolDisplay, mapSessionEvents, and copilotAgentSession (109 passing total in the agentHost module). Also added an opt-in real-SDK integration test in toolApprovalRealSdk.integrationTest.ts that exercises the full toolCallReady path with a live model (mock-agent integration tests can't reach this code because the mock IAgent bypasses CopilotAgentSession entirely). (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address review: normalize path separators and tighten cd-prefix regex Two Copilot review comments on PR #312019: 1. `commandLineHelpers.ts` `sameDirectory` did string-compare the raw extracted directory against `workingDirectory.fsPath`. On Windows, `URI.file('/repo/project').fsPath` is `\repo\project` while the model often emits `cd / separator mismatch maderepo/` project && the prefix slip through. (This was the root cause of the Windows / Browser + Windows / Electron CI failures: 3 stripRedundantCdPrefix tests asserted on stripping behavior that only worked on POSIX.) Fix: route both sides through `URI.file(...)` (after trimming trailing separators) and compare via `extUriBiasedIgnorePathCase`, which handles separator normalization and case-insensitivity on Windows / macOS. Added two Windows-only test cases (forward-slash extracted vs native backslash wd, and pure-backslash same-direction) to cover the regression. 2. `toolApprovalRealSdk.integrationTest.ts` used a substring check miss quoted variants like `cd "<` or pwsh-stylewd>" && `cd <`. Replaced with an anchored regex that tolerateswd>; optional surrounding quotes and either chain operator. (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Restore 'Run in terminal?' title (lost during merge) The merge of origin/main into the branch accidentally reverted the title change from main ("Run in terminal" -> "Run in terminal?"). Restore both occurrences in getPermissionDisplay's shell + custom-tool branches. (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Borrows more detailed descriptions for terminal/shell tools from the core implementation to provide LLMs with better guidance on how to use shell commands effectively. This reduces confusion about shell-specific behaviors like command chaining, escaping, and proper syntax. - Updates shell tool descriptions to use detailed model descriptions for bash and PowerShell, providing comprehensive guidance on: * Command execution patterns and chaining * Directory management and context preservation * Program execution and module installation * Output management and filtering * Interactive input handling - Enriches shell command results with shell ID for better tracking and debugging - Includes platform-specific guidance for Windows PowerShell vs modern PowerShell, and sandbox-aware documentation Fixes #312009 (Commit message generated by Copilot)
* sessions: simplify titlebar session actions Remove the remaining titlebar separators and extra spacing around the session picker and session action groups. Also drop the command-center Mark as Done button and rename the Add Chat tooltip to New Sub-Session to better match the sub-session workflow. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * sessions: align titlebar CSS comment with spacing reset Agent-Logs-Url: https://github.com/microsoft/vscode/sessions/c18ac022-43b9-4f2b-bd4c-e6a85a1ac931 Co-authored-by: hawkticehurst <39639992+hawkticehurst@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
…et (#312012) Increases the avatar image in the titlebar account widget from 16×16px to 18×18px. The surrounding 22×22px control footprint and 1px circular border treatment are unchanged. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
`onDidAuthenticationChange`seems to be getting fired very often in some cases, but that doesn't mean we should always make requests Co-authored-by: Copilot <copilot@github.com>
…de and disabled in agents app (#310903)
Try avoiding extra refreshes of github repos
* Enable testing Co-authored-by: Copilot <copilot@github.com> * feedback update Co-authored-by: Copilot <copilot@github.com> --------- Co-authored-by: Copilot <copilot@github.com>
The stable safari and firefox release should both support this now This lets up clean up a fair amount of manual layout logic Co-authored-by: Copilot <copilot@github.com>
Try better approach to ensuring webview service worker is up to date
…311817) * feat(copilotcli): add lazy loading for chat session items Co-authored-by: Copilot <copilot@github.com> * Update extensions/copilot/src/extension/chatSessions/vscode-node/copilotCLIChatSessions.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update extensions/copilot/package.nls.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Updates Co-authored-by: Copilot <copilot@github.com> --------- Co-authored-by: Copilot <copilot@github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
The reasoning effort wasn't really getting passed down properly. This ensures that it does and if a model only has 1 reasoning value then we use that. Co-authored-by: Copilot <copilot@github.com>
Remove fallback for anchor positioning
* sessions: restore terminal after editor maximize Restore the terminal panel when the sessions maximize editor flow hid it, so maximize and restore behave symmetrically. Add regression coverage for the maximize and restore command behavior and update the sessions layout spec. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * sessions: fix editor contribution test cleanup Dispose the per-test instantiation service in the editor contribution regression tests and assert the maximize call order described by the test. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * sessions: fix editor contribution test disposal Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* sessions: show pointer cursor on new session button (#311982) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * sessions: preserve disabled new session cursor (#311982) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…anges in chat sessions (#312043) * feat(claude): implement workspace folder service for tracking file changes in chat sessions For now, we implement a Claude specific workspace folder service... although there is nothing Claude specific about it. This gets changes to show up in Claude sessions in the Agents App. * docs * feedback
* Added option for Proxy exec subagent endpoint * New prompt * Small gating change in prompts * Update extensions/copilot/src/extension/prompt/node/executionSubagentToolCallingLoop.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update extensions/copilot/src/platform/endpoint/node/proxyAgenticExecutionEndpoint.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Merged ProxyAgenticExecutionEndpoint with Search * Use ToolName in prompt and remove unnecessary logging statement * Fixed type error * Removed extra line --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…org sign-in (#311487) * Implement account policy gate for AI features - Introduced AccountPolicyGateContribution to manage account policy state and notifications. - Added support for "Require Approved Account" policy, restricting AI features based on account approval. - Enhanced AccountPolicyService to handle gate state and reasons for unsatisfaction. - Updated configuration for chat features to include policy definitions. - Added tests to validate gate behavior under various account scenarios. * Refactor account policy gate logic to focus on approved organizations and update related descriptions * Add Account Policy Gate service and integrate with existing policy services * Add account policy gate information to PolicyDiagnosticsAction * Fix CI: layer violation, ESLint, i18n entry, policyData export - Move ChatAccountPolicyGateActiveContext to services/policies/common to avoid services-layer import from contrib (chatContextKeys re-exports). - Replace 'in' operator in test helper with explicit undefined check. - Add vs/workbench/services/policies entry to i18n.resources.json. - Append ChatDisableAIFeatures and ChatApprovedAccountOrganizations to build/lib/policies/policyData.jsonc. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add account policy settings for approved organizations and AI feature control * Switch ChatApprovedAccountOrganizations to type:'array' Use the platform's array-typed policy contract instead of a custom comma-separated string format. Mirrors PolicyConfiguration's existing normalisation: PolicyValue is always string|number|boolean, so array policies arrive at the policy service as JSON-stringified arrays. - chat.contribution.ts: type:'string' -> type:'array', items:string - accountPolicyService: simpler parser (JSON.parse + Array.isArray) - tests: pass arrays via JSON.stringify in setupGate helper Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Don't restrict policies during policyNotResolved boot window When the user IS signed into an approved org but account-side policy data hasn't loaded yet (policyNotResolved), skip applying restricted values. Policies with `value` callbacks naturally return undefined when policyData is null, so no account-level overrides slip through. This eliminates: - Transient 'Unable to write chat.disableAIFeatures' error on boot - Flash of the gate notification that auto-dismisses seconds later - Brief UI hide/show cycle as ChatDisableAIFeatures toggles For stable restricted reasons (noAccount, wrongProvider, orgNotApproved) restrictions still apply immediately. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add Contact Administrator and Learn More links to gate notification Replace the 'Don't Show Again' button with: - 'Contact Your informational guidanceAdministrator' - 'Learn opens enterprise docs overview pageMore' Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Show approved organizations in gate notification Add approved org list to IAccountPolicyGateInfo so the notification can display which organizations the admin requires. Shown as a suffix like 'Approved organizations: github, microsoft.' when the list is concrete (not the wildcard '*'). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Move 'contact your administrator' from button to message text Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix: check org membership before policyData resolution Move the org-membership check before the policyData null check in computeGateInfo. This ensures users NOT in an approved org are restricted immediately (orgNotApproved), even while policy data is loading. The policyNotResolved reason now only applies to users who ARE in an approved making it safe to skip restrictions for thatorg transient state without leaving a security gap. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Directly set chatSetupHidden context key when gate is restricted entitlement pipeline to force chat.disableAIFeatures=true (which has timing issues in the multiplex policy service), directly toggle the chatSetupHidden context key from the gate contribution. This is the same key that drives sentiment.hidden across the entire chat UI. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use IChatEntitlementService.setForceHidden to hide chat when gate restricted Add setForceHidden(hidden) API to IChatEntitlementService so the gate contribution can cleanly force the hidden state without fighting with the entitlement context's own update cycle. The gate contribution calls setForceHidden(true) when restricted and setForceHidden(false) when satisfied/inactive. Inside ChatEntitlementContext, _forceHidden is checked in withConfiguration alongside the existing chat.disableAIFeatures either one forces hidden: true on the state.setting Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix setForceHidden fallback when no ChatEntitlementContext In Code OSS Dev (and any build without productService.defaultChatAgent), ChatEntitlementContext is never created, so setForceHidden was a no-op. Fall back to directly setting the chatSetupHidden context key when the context is unavailable. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add trace logging to AccountPolicyGateContribution Logs state, reason, and isRestricted on every gate apply so we can diagnose why setForceHidden might not be taking effect. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Gate chat view on accountPolicyGateActive context key The chat view's `when` clause had an OR with panelParticipantRegistered that bypassed the hidden state once the Copilot extension registered. Wrap the entire condition with accountPolicyGateActive.negate() so the chat view is hidden whenever the gate is restricted, regardless of extension registration state. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Re-show notification on account swap, include account name and org list - Track dismissal by reason+account combo so swapping to a different account (while still blocked) triggers a fresh notification. - Show the current account name in the orgNotApproved message so the user knows which account is being evaluated. - Format approved org list as bulleted lines for readability. - Vary message text by reason (noAccount vs orgNotApproved). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Generalize sessions blocked overlay for account policy gate The sessions (Agents) app now shows a full-screen blocking overlay when the account policy gate restricts access, reusing the same pattern as the existing 'agent disabled' overlay. - SessionsPolicyBlockedOverlay now accepts ISessionsBlockedOverlayOptions with a reason enum (AgentDisabled | AccountPolicyGate) and optional account name / approved organizations - AccountPolicyGate variant shows 'Sign-In Required' title, approved org list, contact admin text, and Sign In + Open VS Code buttons - SessionsPolicyBlockedContribution listens to both ChatConfiguration and IAccountPolicyGateService, prioritizing agent-disabled over gate - Added CSS for org list and footer sections - Updated component fixture with new variants for screenshot testing Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix notification formatting: use inline comma-separated org list Notifications render as plain inline text, so the bullet-point and newline formatting was collapsing into a single unreadable line. Switch to a parenthesized comma-separated list instead. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix sessions overlay: remove workbench notification, handle gate natively The workbench-layer AccountPolicyGateContribution (which shows a notification toast) was imported in sessions.common.main.ts, causing a notification to appear instead of the full-screen blocking overlay. - Remove accountPolicyGate.contribution.js import from sessions - SessionsPolicyBlockedContribution now handles context key, setForceHidden, and telemetry directly (same as the workbench contribution, but with an overlay instead of a notification) - Overlay properly recreates on account changes Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Defer notification until account service has settled On startup, computeGateInfo fires with reason=noAccount before the default account service has loaded the persisted session. This caused the notification to show 'Sign in...' even when the user was already signed in but the account just hadn't loaded yet. Fix: set context key + setForceHidden immediately (fail-closed), but defer the notification until the first onDidChangeGateInfo event, which fires after the account service has had time to resolve. A 5-second fallback timer ensures the notification still appears if the gate never transitions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix gate stuck on noAccount: re-evaluate after account init barrier DefaultAccountService.setDefaultAccountProvider sets currentDefaultAccount via provider.refresh() but does NOT fire onDidChangeDefaultAccount for the initial load. This caused computeGateInfo() to permanently stay on noAccount even though the user was signed in. Fix: await getDefaultAccount() (which waits for the init barrier) then re-evaluate the gate. This ensures the gate transitions from noAccount to the correct state once the persisted session loads. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add 'Sign into an approved GitHub account' to notification messages Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Regenerate policyData.jsonc to match array type for ChatApprovedAccountOrganizations Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove ChatDisableAIFeatures policy registration This policy was dead enforcement is handled by setForceHiddencode and the accountPolicyGateActive context key, not the policy pipeline. Regenerated policyData.jsonc. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address code review: fix duplicate IPC, remove unused import - Remove duplicate updatePolicyDefinitions call on managed policy service. AccountPolicyService now uses a read-only reference (managedPolicyReader) for getPolicyValue/onDidChange only. MultiplexPolicyService handles pushing definitions to all child services. (Reviews #1 & #4) - Remove unused Emitter import and void workaround in test file (Review #2) - Removed the fail-closed try/catch that was guarding the now-removed updatePolicyDefinitions call (Review # the duplicate call that could3 fail-open is gone entirely) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove JSDoc from currentDefaultAccount interface addition Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Revert sessions overlay will revisit approachchanges Reverts all changes to the sessions (Agents) policyBlocked overlay, CSS, fixture, and contribution. Re-adds the workbench-layer accountPolicyGate.contribution import so sessions still gets the notification + context key + telemetry. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Restore sessions overlay with loading state for transient restrictions Bring back the generalized sessions overlay with three states: - AgentDisabled: existing 'Agents Disabled' message (unchanged) - Loading: just the logo + animated progress bar for transient states (noAccount before account loads, policyNotResolved) blocks the UI without showing an incorrect message - AccountPolicyGate: 'Sign-In Required' with sign-in button, org list, and contact admin footer for stable restrictions (orgNotApproved, wrongProvider) The loading state uses the same progress bar animation as the welcome/walkthrough overlay. This avoids the flash of 'Agents Disabled' that appeared during the fail-closed transient window when the user IS actually in an approved org. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Don't show overlay for noAccount/ let welcome screen handle sign-inwrongProvider When the user hasn't signed in yet (noAccount) or is signed into the wrong provider (wrongProvider), the sessions welcome/walkthrough screen already handles the sign-in flow. Showing our 'Agents Disabled' or loading overlay on top would block the user from signing in. Only show the overlay for: - orgNotApproved: user signed in but wrong org (stable restriction) - policyNotResolved: loading bar while waiting for policy data Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove 'Open VS Code' button from account policy gate overlay Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix: don't show 'Agents Disabled' when gate is forcing restrictedValue When the account policy gate is active, it forces chat.agent.enabled to false via restrictedValue. The overlay was checking that config first and incorrectly showing 'Agents Disabled'. Now we skip the agent-disabled check when the gate is active, since the value is being artificially restricted by our own not by an admingate explicitly disabling agents. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Defer all stable gate-blocked states to welcome screen When the account policy gate is unsatisfied for any user-actionable reason (noAccount, wrongProvider, orgNotApproved), don't show the policy-blocked overlay. Instead, defer to the sessions welcome/walkthrough screen so the user can sign in or switch accounts via the standard sign-in flow. The Loading overlay is still shown during the transient PolicyNotResolved state to prevent flashing the welcome screen while data is in flight. Removes the now-dead AccountPolicyGate overlay variant and its supporting code (organizations list, footer styles, fixtures). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Show AccountPolicyGate overlay for orgNotApproved only When the user is definitively signed into a non-approved org, show the custom Sign-In Required overlay with org list and switch-account button. noAccount/wrongProvider still defer to the welcome screen. PolicyNotResolved still shows the loading bar. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix boot-race test to match managed policy reader pattern The test was relying on AccountPolicyService calling updatePolicyDefinitions on the managed service, but that no longer happens (the MultiplexPolicyService handles it). Updated the test to explicitly seed the managed service and Restricted after seeding. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR review feedback - Fix setForceHidden signature in test mocks to match interface - Include approvedOrganizations in gateInfoChanged detection - Replace raw setTimeout with disposableTimeout for proper cleanup - Fix AgentDisabled overlay: suppress only when gate forces the value, not when gate is merely active (handles Satisfied+AgentDisabled case) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Polish ChatApprovedAccountOrganizations policy description Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Trim self-explanatory comments Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Launch agent host terminals as login shells on macOS On macOS, the agent host terminal manager was spawning zsh/bash without --login, resulting in /etc/zprofile and ~/.zprofile not being sourced. This could cause missing PATH entries (e.g. homebrew, nvm, pyenv) since macOS relies on path_helper in /etc/zprofile for standard PATH setup. The regular VS Code terminal already handles this via the profile resolver, but the agent host bypasses that layer and spawns shells directly via node-pty. This adds the same --login logic inline. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use regex match and reuse getSystemShell from base layer Address review feedback: - Use regex match /(zsh|bash)/ instead of strict equality to handle versioned shell names like bash-5.2 (matching the profile resolver) - Reuse getSystemShell() from src/vs/base/node/shell.ts instead of a custom _getDefaultShell(), which handles edge cases like /bin/false fallback and userInfo().shell when $SHELL is unset Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * remove comment, explained in desc --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Distinguish local agent host harness in customizations view
The local agent host registered its customizations harness with the bare
agent displayName ('Copilot CLI'), making it visually identical to the
extension-host Copilot CLI harness. Append '[Local]' to match the
existing convention used by workspace labels and agent session provider
names.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Localize [Local] suffix in agent host harness label
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Gray out remembered folders for offline agent hosts In the session workspace picker, remembered folders belonging to a disconnected remote agent host are now rendered as disabled, matching the offline host row. Selection of these items was already a no-op via _isProviderUnavailable; this just brings the visual state in line. (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use 'Unavailable' instead of 'Offline' for unreachable provider group label '_isProviderUnavailable' returns true for both Disconnected and Connecting states, so '(Offline)' was inaccurate when a host is still connecting. '(Unavailable)' is correct for both states. (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Only gray out remembered folders when provider is Disconnected, not Connecting Use the exact connection status rather than the binary isProviderUnavailable check so that: - Disconnected: folders are grayed out + group label shows '(Offline)' - Connecting: folders are still enabled + group label shows '(Connecting)' - Connected: no change to label or disabled state (Written by Copilot) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add 'Collapse All Groups' action to sessions filter menu Add a new menu action in the sessions view filter submenu that collapses all section groups (time-based or workspace-based). This adds: - collapseAllSections() to ISessionsList interface and SessionsList class - CollapseAllGroupsAction registered in SessionsViewFilterSubMenu Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Batch collapse state persistence to avoid per-section storage churn Suspend the onDidChangeCollapseState listener during collapseAll and persist all section states in a single write via saveBulkCollapseState. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…2055) Tapping a tool confirmation button on mobile (iOS) was popping the on-screen keyboard because the click handler unconditionally called focusInput() on the chat widget. Expose isTouchClick on IChatConfirmationButtonClickEvent so callers can skip focus restoration when the click came from a touch tap, while preserving the existing behavior for mouse/keyboard activations. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Show line range in agent host file-read tool display
When the Copilot CLI's `view` tool is called with a `view_range`, surface
the line range in the invocation and past-tense messages so users see e.g.
"Reading file.ts, lines 10 to 20" instead of just "Reading file.ts".
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Match Copilot Chat extension's view_range validation
Drop the EOF-sentinel handling and require a strictly valid two-element
range (`length === 2`, integers, `start >= 0`, `end >= start`); fall back
to the path-only display otherwise. Mirrors `formatViewToolInvocation`
in the Copilot Chat extension and addresses review feedback on the
`-1` end-of-file sentinel and the stale doc comment.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Handle view_range `-1` end-of-file sentinel
The Copilot CLI uses `-1` as the documented "to end of file" sentinel
for the second element of `view_range`. The Copilot Chat extension
doesn't handle this and either drops the range or renders "-1"
literally; do better here by rendering "from line {n} to the end".
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Tweak EOF view_range wording
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ures (#312013) * Skip fallback privateKey when SSH agent socket is present When using Agent auth, _connectSSH was loading the first default key file (~/.ssh/id_ed25519, etc.) as a fallback privateKey alongside the agent socket. ssh2 parses privateKey eagerly before attempting agent auth, so if the key is passphrase-encrypted the connection fails immediately with "Cannot parse privateKey: Encrypted private OpenSSH key detected, but no passphrase even though the key is already loaded in thegiven" agent and would work fine. Keep the fallback key logic for cases where no SSH agent is available (SSH_AUTH_SOCK unset), so publickey auth can still be attempted via the raw key file. But skip it when an agent socket is in that casepresent the agent should have the keys loaded, and passing an encrypted key file alongside the agent can only cause problems. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add chat.agentHost.forwardSSHAgent setting for SSH agent forwarding Add a new boolean setting that enables OpenSSH agent forwarding (auth-agent@openssh.com) on SSH agent host connections. When enabled and the connection uses Agent auth, sets agentForward=true in the ssh2 connect config so the remote machine can use the local SSH agent. - Add agentForward field to ISSHAgentHostConfig - Register chat.agentHost.forwardSSHAgent setting (default: false) - Read the setting in the renderer-side _augmentConfig - Apply agentForward in _connectSSH when agent socket is present Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Address code review comments - Add security warning to chat.agentHost.forwardSSHAgent setting description - Pass error object to warn() instead of stringifying it - Prompt for auth method when non-default IdentityFile is configured (so users without an SSH agent can still choose KeyFile) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Refactor _augmentConfig to use if statements instead of spread tricks Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Revert unnecessary changes to remoteAgentHostActions.ts The encrypted key fix is handled server-side in _connectSSH and reconnect. No need to change the UI connect flow. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
16 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )