Complete #9294 cherry-pick into hotfix/v5.970 (restore dropped files)#9353
Merged
Merged
Conversation
Contributor
🤖 AI PR Validation ReportPR Review ResultsThank you for your submission! Here's detailed feedback on your PR title and body compliance:✅ PR Title
✅ Commit Type
|
| Section | Status | Recommendation |
|---|---|---|
| Title | ✅ | |
| Commit Type | ✅ | |
| Risk Level | Keep Medium; it matches the diff well. |
|
| What & Why | ✅ | |
| Impact of Change | ✅ | |
| Test Plan | ✅ | |
| Contributors | ✅ | Optional to add names if applicable. |
| Screenshots/Videos | ✅ |
The PR passes validation. The advised risk level remains medium, so it does not exceed the submitter’s estimate.
Last updated: Thu, 02 Jul 2026 00:37:46 GMT
…ore dropped files) The prior Azure#9294 cherry-pick (Azure#9348) was over-scoped and dropped files that PR Azure#9294 changed. This restores them byte-for-byte from squash-merge 4fb4602 (the vscode-e2e workflow, E2E bundle-integrity tests + shared harness, run-e2e settings, docs, .squad knowledge, instructions, and the codeful.ts lint fix), so hotfix/v5.970 matches Azure#9294 exactly. Only graphify-out artifacts are omitted per policy. Co-authored-by: Brian Lam <lambrian@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
f0641c3 to
a88cde1
Compare
andrew-eldridge
approved these changes
Jul 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Completes the #9294 cherry-pick into
hotfix/v5.970.The original cherry-pick (#9348) was over-scoped and dropped files that PR #9294 actually changed. This PR restores them byte-for-byte from the squash-merge
4fb46025c19936049f5174ec83fdb4d6b613ad5d:.github/workflows/vscode-e2e.yml(CI wiring for the new bundle-integrity shard).github/instructions/vs-code-designer.instructions.mdbundleCdnHealth.test.ts,bundleRepair.test.ts,createWorkspace.fixtures.test.ts,createWorkspaceShared.ts,run-e2e.jsapps/vs-code-designer/src/app/utils/codeful.ts(lint fix)apps/vs-code-designer/CLAUDE.md,apps/vs-code-designer/src/test/ui/SKILL.md,docs/ai-setup/packages/vs-code-designer.md,.squad/knowledge/INDEX.md,.squad/knowledge/review-patterns.mdApplied as a real
git cherry-pick 4fb46025onto the current tip (the already-present files merge as no-ops; only the dropped files change). Onlygraphify-outartifacts are omitted per policy.After this merges,
hotfix/v5.970contains #9294 in full (minus graphify-out).Commit Type
Risk Level
What & Why
Microsoft.Azure.Functions.ExtensionBundle.Workflowsis downloaded from a CDN at extension activation. When the CDN occasionally returns a truncated zip, the extension cached the partial file and failed later in opaque ways. There was also no way to test against an unreleased bundle locally, no fallback when a private/experimental CDN was misconfigured, and no user-visible signal during activation downloads.This PR adds end-to-end integrity verification (size + MD5), opt-in experimental bundle settings with a public-CDN safety net, and
withProgressnotifications so the user sees what is happening (and why a redownload is occurring).Impact of Change
Content-LengthandContent-MD5on download, and against an MD5 sidecar on every activation. Corrupt local copies are detected and replaced automatically. Users see a progress notification during downloads and a warning toast immediately before a corruption-triggered redownload, so silent activation hangs are gone. Three new VS Code settings (useExperimentalExtensionBundle,experimentalExtensionBundleSourceUri,experimentalExtensionBundleVersion) let users point at unreleased bundle builds without losing the public-CDN safety net. Bundles are now verified and repaired automatically for users.downloadFileWithVerification,verifyLocalBundleHash,fetchExpectedMd5, andisMissingPackageErrorhelpers inintegrity.ts.bundleFeed.tsgains aDownloadReason-drivenwithProgresswrapper used at every download call site, plus a private-to-public CDN fallback chain that only triggers on "package missing" errors (4xx / DNS), never on integrity failures. New E2E phasebundleintegrityonlyexercised viarun-e2e.js.Test Plan
bundleintegrityonlylive E2E phase 4/4 passing.Contributors
Screenshots/Videos