debt - use URI.from for untrusted command arguments

src/vs/workbench/browser/actions/workspaceCommands.ts

@@ -18,7 +18,7 @@ import { getIconClasses } from 'vs/editor/common/services/getIconClasses';
 import { IModelService } from 'vs/editor/common/services/model';
 import { ILanguageService } from 'vs/editor/common/languages/language';
 import { IFileDialogService, IPickAndOpenOptions } from 'vs/platform/dialogs/common/dialogs';
-import { URI } from 'vs/base/common/uri';
+import { URI, UriComponents } from 'vs/base/common/uri';
 import { Schemas } from 'vs/base/common/network';
 import { IOpenEmptyWindowOptions, IOpenWindowOptions, IWindowOpenable } from 'vs/platform/window/common/window';
 import { IRecent, IWorkspacesService } from 'vs/platform/workspaces/common/workspaces';
@@ -161,7 +161,7 @@ interface IOpenFolderAPICommandOptions {
 
 CommandsRegistry.registerCommand({
 	id: 'vscode.openFolder',
-	handler: (accessor: ServicesAccessor, uri?: URI, arg?: boolean | IOpenFolderAPICommandOptions) => {
+	handler: (accessor: ServicesAccessor, uriComponents?: UriComponents, arg?: boolean | IOpenFolderAPICommandOptions) => {
 		const commandService = accessor.get(ICommandService);
 
 		// Be compatible to previous args by converting to options
@@ -170,7 +170,7 @@ CommandsRegistry.registerCommand({
 		}
 
 		// Without URI, ask to pick a folder or workspace to open
-		if (!uri) {
+		if (!uriComponents) {
 			const options: IPickAndOpenOptions = {
 				forceNewWindow: arg?.forceNewWindow
 			};
@@ -183,7 +183,7 @@ CommandsRegistry.registerCommand({
 			return commandService.executeCommand('_files.pickFolderAndOpen', options);
 		}
 
-		uri = URI.revive(uri);
+		const uri = URI.from(uriComponents, true);
 
 		const options: IOpenWindowOptions = {
 			forceNewWindow: arg?.forceNewWindow,

src/vs/workbench/browser/parts/activitybar/activitybarPart.ts

@@ -862,7 +862,7 @@ export class ActivitybarPart extends Part implements IPaneCompositeSelectorPart
 				state.push({
 					id: compositeItem.id,
 					name: viewContainerModel.title,
-					icon: URI.isUri(viewContainerModel.icon) && this.environmentService.remoteAuthority ? undefined : viewContainerModel.icon, /* Donot cache uri icons with remote connection */
+					icon: URI.isUri(viewContainerModel.icon) && this.environmentService.remoteAuthority ? undefined : viewContainerModel.icon, // Do not cache uri icons with remote connection
 					views,
 					pinned: compositeItem.pinned,
 					order: compositeItem.order,
@@ -888,7 +888,7 @@ export class ActivitybarPart extends Part implements IPaneCompositeSelectorPart
 					cachedViewContainer.icon = placeholderViewContainer.themeIcon ? placeholderViewContainer.themeIcon :
 						placeholderViewContainer.iconUrl ? URI.revive(placeholderViewContainer.iconUrl) : undefined;
 					if (URI.isUri(cachedViewContainer.icon) && this.environmentService.remoteAuthority) {
-						cachedViewContainer.icon = undefined; /* Donot cache uri icons with remote connection */
+						cachedViewContainer.icon = undefined; // Do not cache uri icons with remote connection
 					}
 					cachedViewContainer.views = placeholderViewContainer.views;
 					cachedViewContainer.isBuiltin = placeholderViewContainer.isBuiltin;

src/vs/workbench/browser/parts/editor/editorCommands.ts

@@ -518,7 +518,7 @@ function registerOpenEditorAPICommands(): void {
 		const pathService = accessor.get(IPathService);
 		const configurationService = accessor.get(IConfigurationService);
 
-		const resourceOrString = typeof resourceArg === 'string' ? resourceArg : URI.revive(resourceArg);
+		const resourceOrString = typeof resourceArg === 'string' ? resourceArg : URI.from(resourceArg, true);
 		const [columnArg, optionsArg] = columnAndOptions ?? [];
 
 		// use editor options or editor view column or resource scheme
@@ -590,8 +590,8 @@ function registerOpenEditorAPICommands(): void {
 		}
 
 		await editorService.openEditor({
-			original: { resource: URI.revive(originalResource) },
-			modified: { resource: URI.revive(modifiedResource) },
+			original: { resource: URI.from(originalResource, true) },
+			modified: { resource: URI.from(modifiedResource, true) },
 			label,
 			description,
 			options
@@ -605,7 +605,7 @@ function registerOpenEditorAPICommands(): void {
 
 		const [columnArg, optionsArg] = columnAndOptions ?? [];
 
-		return editorService.openEditor({ resource: URI.revive(resource), options: { ...optionsArg, pinned: true, override: id } }, columnToEditorGroup(editorGroupsService, configurationService, columnArg));
+		return editorService.openEditor({ resource: URI.from(resource, true), options: { ...optionsArg, pinned: true, override: id } }, columnToEditorGroup(editorGroupsService, configurationService, columnArg));
 	});
 }