fix(vscode): Guard against bundle download corruption (#9294) [hotfix/v5.961]#9347
Merged
lambrianmsft merged 1 commit intoJul 1, 2026
Merged
Conversation
Cherry-pick of PR Azure#9294 (4fb4602) onto hotfix/v5.961. Scope limited to the shippable vs-code-designer runtime fix and its unit tests. Excludes graphify-out artifacts, .squad knowledge, E2E test-infra/new E2E tests, CI workflow, and docs churn that the hotfix branch does not carry. (cherry picked from commit 4fb4602) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
🤖 AI PR Validation ReportPR Review ResultsThank you for your submission! Here's detailed feedback on your PR title and body compliance:✅ PR Title
✅ Commit Type
|
| Section | Status | Recommendation |
|---|---|---|
| Title | ✅ | |
| Commit Type | ✅ | |
| Risk Level | Raise from Medium to High | |
| What & Why | ✅ | |
| Impact of Change | ✅ | |
| Test Plan | ✅ | |
| Contributors | ✅ | Optional credit only |
| Screenshots/Videos | ✅ |
Overall: the PR body passes, but the advised risk is higher than the submitter estimated. Please update the Risk Level to High (and the corresponding label if applicable).
Last updated: Wed, 01 Jul 2026 22:11:33 GMT
andrew-eldridge
approved these changes
Jul 1, 2026
This was referenced Jul 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry-pick of #9289's predecessor — #9294 fix(vscode): Guard against bundle download corruption — into
hotfix/v5.961.Source PR: #9294
Source commit:
4fb46025c19936049f5174ec83fdb4d6b613ad5dTarget branch:
hotfix/v5.961Commit Type
Risk Level
What & Why
Microsoft.Azure.Functions.ExtensionBundle.Workflowsis downloaded from a CDN at extension activation. When the CDN occasionally returns a truncated zip, the extension cached the partial file and failed later in opaque ways. There was also no way to test against an unreleased bundle locally, no fallback when a private/experimental CDN was misconfigured, and no user-visible signal during activation downloads.This PR adds end-to-end integrity verification (size + MD5), opt-in experimental bundle settings with a public-CDN safety net, and
withProgressnotifications so the user sees what is happening (and why a redownload is occurring).Impact of Change
Content-LengthandContent-MD5on download, and against an MD5 sidecar on every activation. Corrupt local copies are detected and replaced automatically. Users see a progress notification during downloads and a warning toast immediately before a corruption-triggered redownload, so silent activation hangs are gone. Three new VS Code settings (useExperimentalExtensionBundle,experimentalExtensionBundleSourceUri,experimentalExtensionBundleVersion) let users point at unreleased bundle builds without losing the public-CDN safety net. Bundles are now verified and repaired automatically for users.downloadFileWithVerification,verifyLocalBundleHash,fetchExpectedMd5, andisMissingPackageErrorhelpers inintegrity.ts.bundleFeed.tsgains aDownloadReason-drivenwithProgresswrapper used at every download call site, plus a private-to-public CDN fallback chain that only triggers on "package missing" errors (4xx / DNS), never on integrity failures. New E2E phasebundleintegrityonlyexercised viarun-e2e.js.Test Plan
bundleintegrityonlylive E2E phase 4/4 passing.Contributors
Screenshots/Videos