Commit graph

5 commits

Author SHA1 Message Date
xyJen
52da795902
fix(vscode): upgrade minimatch to >=9.0.7 for CVE-2026-27903 (#220)
Add yarn resolution for minimatch and refresh yarn.lock to resolve
Dependabot alert #11 (ReDoS in minimatch <9.0.7).
2026-06-25 21:04:48 +08:00
xyJen
b6da4e214f
feat(vscode): add full-width BYOK provider config panel (#204)
Some checks are pending
CI / test (push) Waiting to run
* feat(vscode): add full-width BYOK provider config panel

Align VS Code extension provider setup with ocr config provider CLI:
editor panel for official/custom providers, custom provider manager,
in-memory connection test via isolated temp config, active provider
status bar, and OCR CLI version display. Add OCR_CONFIG_PATH support
for draft config testing in the CLI.

* fix(vscode): address PR #204 review comments (batch 1)

* fix(vscode): polish PR #204 review follow-ups

Add readonly ENV_CACHE_TTL_MS, responsive custom-provider URL width,
remove config-panel-only messages from HostToWebview, fix App spacing.

---------

Co-authored-by: xyJen <24266963+xyJen@users.noreply.github.com>
2026-06-25 10:37:25 +08:00
kite
bad29fc9b9 fix: normalize repository.url with git+ prefix to suppress npm publish warnings 2026-06-23 20:29:45 +08:00
kite
ca3b03dfc9 fix(vscode): upgrade minimatch to 9.0.9 to resolve CVE-2026-27903 ReDoS vulnerability 2026-06-23 16:30:19 +08:00
kite
dc4bf69854 feat(vscode): add VSCode extension for AI code review with security fixes
Add VSCode extension providing sidebar-based AI code review integration,
including CLI/Git/Config services, webview UI with file diff viewer,
inline comment provider, and comprehensive test coverage.

Fix 9 Dependabot security vulnerabilities by adding yarn resolutions
for undici, form-data, js-yaml, and minimatch.

Co-authored-by: lizhengfeng <lizhengfeng.lzf@alibaba-inc.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-23 14:33:31 +08:00