- Add detection for awk system() calls and file operations
- Add detection for sed execute/write/read commands
- Prevent execution of arbitrary commands via awk 'BEGIN {system("...")}'
- Prevent file operations via awk '{print > "file"}' and sed 'w file'
- Add comprehensive test coverage for security fixes
Fixes security vulnerability where awk and sed side-effects were not
properly detected, allowing arbitrary command execution without user
confirmation.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Re-enable macOS x64 CI builds using macos-15-intel runner
- Remove generic node-pty dependency in favor of platform-specific @lydell/node-pty-* packages
- Add ripgrep binary pruning for platform-specific builds to reduce VSIX size
- Add Windows workaround to remove npm junction self-references during packaging
- Remove redundant version update from prepare job (only needed before packaging)
- Use npm run release:version to update all package versions consistently
- Add build and bundle step before packaging
- Fix report-failure job by adding --repo flag to gh issue create
- Temporarily disable darwin-x64 build (macos-latest-large) due to billing
- Update client.test.ts to mock config.getContentGeneratorConfig() instead of tokenLimit()
- Remove unused tokenLimit import
- Fix compression tests by adding contextWindowSize mock to ensure compression is triggered
- Update config.test.ts to match new getTruncateToolOutputThreshold() calculation logic
- Update dashscope.test.ts to adapt to maxOutputTokens configuration
- Remove obsolete buildRuntimeFetchOptions mock
- All 3438 tests now pass (100% pass rate)
Add 'Fine' and 'Dismiss' options to feedback dialogs that allow temporary
dismissal without permanently closing the feedback request. Only numerical
ratings (0, 1, 2, 3) will permanently close feedback dialogs, while all
other inputs result in temporary dismissal with persistent re-prompting.
This ensures feedback collection reliability while respecting user workflow
by allowing users to temporarily dismiss prompts when busy and providing
feedback when ready.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Initialize contextWindowSize and maxOutputTokens in contentGeneratorConfig during config resolution
- Remove third parameter from tokenLimit() function for cleaner API
- Replace all tokenLimit() calls with direct config property access for better performance
- Add maxOutputTokens field to ContentGeneratorConfig type
- Update dashscope provider to use config.maxOutputTokens
- Auto-detect token limits from model during initialization if not user-configured
- Update settingsSchema: set contextWindowSize default to undefined and showInDialog to false
Benefits:
- Token limits calculated once during initialization instead of repeatedly
- Cleaner API with fewer parameters
- Better performance by caching computed values
- User configuration takes precedence over auto-detection
- All 72 unit tests passing
Resolved conflicts in:
- packages/cli/src/ui/components/ContextUsageDisplay.tsx
- packages/cli/src/ui/components/Footer.tsx
- packages/cli/src/ui/components/Footer.test.tsx
- docs/users/configuration/settings.md
Changes:
- Merged main branch UI improvements with rightItems architecture
- Updated contextWindowSize documentation to be more concise
- Preserved all main branch features and functionality
- Fix yaml lint errors by properly quoting conditional expressions
- Update package version step to use correct working directory
- Modify test execution to run in the correct directory (packages/vscode-ide-companion)
- Enhance version retrieval logic to use actual package version for preview releases
- Add working directory to all relevant steps for consistency
- Simplify package version update command by removing redundant workspace flag
These changes ensure the release workflow runs correctly and follows
consistent directory structure practices.
- Add /extensions detail command to show extension details
- Allow underscores and dots in extension names
- Fix contextFileName empty array handling to use default QWEN.md
- Fix marketplace extension clone to use correct source URL
- Add inline parameter to extensionToOutputString
- Add comprehensive tests for all changes
