Skip to content

fix(vscode): Guard against bundle download corruption (#9294) [hotfix/v5.970]#9348

Merged
lambrianmsft merged 1 commit into
Azure:hotfix/v5.970from
lambrianmsft:cherry-pick/v5.970/9294
Jul 1, 2026
Merged

fix(vscode): Guard against bundle download corruption (#9294) [hotfix/v5.970]#9348
lambrianmsft merged 1 commit into
Azure:hotfix/v5.970from
lambrianmsft:cherry-pick/v5.970/9294

Conversation

@lambrianmsft

@lambrianmsft lambrianmsft commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Cherry-pick of #9289's predecessor — #9294 fix(vscode): Guard against bundle download corruption — into hotfix/v5.970.

Source PR: #9294
Source commit: 4fb46025c19936049f5174ec83fdb4d6b613ad5d
Target branch: hotfix/v5.970

Commit Type

  • feature - New functionality
  • fix - Bug fix
  • refactor - Code restructuring without behavior change
  • perf - Performance improvement
  • docs - Documentation update
  • test - Test-related changes
  • chore - Maintenance/tooling

Risk Level

  • Low - Minor changes, limited scope
  • Medium - Moderate changes, some user impact
  • High - Major changes, significant user/system impact

What & Why

Microsoft.Azure.Functions.ExtensionBundle.Workflows is downloaded from a CDN at extension activation. When the CDN occasionally returns a truncated zip, the extension cached the partial file and failed later in opaque ways. There was also no way to test against an unreleased bundle locally, no fallback when a private/experimental CDN was misconfigured, and no user-visible signal during activation downloads.

This PR adds end-to-end integrity verification (size + MD5), opt-in experimental bundle settings with a public-CDN safety net, and withProgress notifications so the user sees what is happening (and why a redownload is occurring).

Impact of Change

  • Users: Bundles are verified against Content-Length and Content-MD5 on download, and against an MD5 sidecar on every activation. Corrupt local copies are detected and replaced automatically. Users see a progress notification during downloads and a warning toast immediately before a corruption-triggered redownload, so silent activation hangs are gone. Three new VS Code settings (useExperimentalExtensionBundle, experimentalExtensionBundleSourceUri, experimentalExtensionBundleVersion) let users point at unreleased bundle builds without losing the public-CDN safety net. Bundles are now verified and repaired automatically for users.
  • Developers: New downloadFileWithVerification, verifyLocalBundleHash, fetchExpectedMd5, and isMissingPackageError helpers in integrity.ts. bundleFeed.ts gains a DownloadReason-driven withProgress wrapper used at every download call site, plus a private-to-public CDN fallback chain that only triggers on "package missing" errors (4xx / DNS), never on integrity failures. New E2E phase bundleintegrityonly exercised via run-e2e.js.
  • System: One extra HEAD request per activation to validate the local sidecar. No change to the public CDN contract. The MD5 sidecar lives next to the bundle so a manually-deleted bundle directory self-heals.

Test Plan

  • Unit tests added/updated
  • E2E tests added/updated
  • Manual testing completed
  • Tested in: VS Code extension host (Windows), public Azure CDN, simulated experimental source override. 66 bundleFeed unit tests + 1065 vscode-designer extension-unit tests passing. New bundleintegrityonly live E2E phase 4/4 passing.

Contributors

Screenshots/Videos

Cherry-pick of PR Azure#9294 (4fb4602) onto hotfix/v5.961.
Scope limited to the shippable vs-code-designer runtime fix and its unit tests.
Excludes graphify-out artifacts, .squad knowledge, E2E test-infra/new E2E tests,
CI workflow, and docs churn that the hotfix branch does not carry.

(cherry picked from commit 4fb4602)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

🤖 AI PR Validation Report

PR Review Results

Thank you for your submission! Here's detailed feedback on your PR title and body compliance:

PR Title

  • Current: fix(vscode): Guard against bundle download corruption (#9294) [hotfix/v5.970]
  • Issue: No compliance issue found. The title is specific, descriptive, and clearly communicates the scope and intent.
  • Recommendation: No change needed.

Commit Type

  • Properly selected (fix).
  • Only one commit type is selected, which is correct.

⚠️ Risk Level

  • The submitted label is risk:medium, but the change set is broader and more operationally sensitive than medium: it touches download integrity, fallback behavior, onboarding/activation flow, and bundle repair logic.
  • Advised risk level: risk:high
  • Recommendation: Update the PR body risk selection to High and, if necessary, ensure the PR label matches this level.

What & Why

  • Current: Clear and sufficiently detailed.
  • Issue: None blocking. The explanation is strong and provides the necessary context.
  • Recommendation: No change needed.

⚠️ Impact of Change

  • The section is present and informative, but it is very long and could be tightened for readability.
  • Recommendation:
    • Users: Consider shortening to the user-facing behavior changes and recovery flow.
    • Developers: Keep the new helpers and validation flow, but trim implementation-level detail.
    • System: Summarize the extra network request / verification overhead more concisely.

Test Plan

  • Automated tests are present in the diff: unit tests were added/updated and E2E coverage is also included.
  • This satisfies the test plan requirements.

Contributors

  • Blank is acceptable.
  • Recommendation: Optional only; add contributors if there were PM/design/review contributors worth crediting.

Screenshots/Videos

  • Blank is acceptable here because the change is not primarily visual.
  • Recommendation: None required.

Summary Table

Section Status Recommendation
Title
Commit Type
Risk Level ⚠️ Update to risk:high
What & Why
Impact of Change ⚠️ Trim for readability
Test Plan
Contributors Optional
Screenshots/Videos Optional

Passed, but the advised risk level is higher than the submitter’s selection. Please update the risk level to High (and matching label, if needed) before merging.


Last updated: Wed, 01 Jul 2026 22:11:33 GMT

@lambrianmsft lambrianmsft added risk:medium Medium risk change with potential impact and removed needs-pr-update labels Jul 1, 2026
@lambrianmsft lambrianmsft enabled auto-merge (squash) July 1, 2026 22:41
@lambrianmsft lambrianmsft merged commit f6f41a5 into Azure:hotfix/v5.970 Jul 1, 2026
50 of 61 checks passed
lambrianmsft added a commit to lambrianmsft/LogicAppsUX that referenced this pull request Jul 2, 2026
…ore dropped files)

The prior Azure#9294 cherry-pick (Azure#9348) was over-scoped and dropped files that PR Azure#9294 changed.
This restores them byte-for-byte from squash-merge 4fb4602
(the vscode-e2e workflow, E2E bundle-integrity tests + shared harness, run-e2e settings, docs,
.squad knowledge, instructions, and the codeful.ts lint fix), so hotfix/v5.970 matches Azure#9294
exactly. Only graphify-out artifacts are omitted per policy.

Co-authored-by: Brian Lam <lambrian@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
lambrianmsft added a commit that referenced this pull request Jul 2, 2026
…#9353)

fix(vscode): Complete #9294 cherry-pick into hotfix/v5.970 (restore dropped files)

The prior #9294 cherry-pick (#9348) was over-scoped and dropped files that PR #9294 changed.
This restores them byte-for-byte from squash-merge 4fb4602
(the vscode-e2e workflow, E2E bundle-integrity tests + shared harness, run-e2e settings, docs,
.squad knowledge, instructions, and the codeful.ts lint fix), so hotfix/v5.970 matches #9294
exactly. Only graphify-out artifacts are omitted per policy.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

pr-validated risk:medium Medium risk change with potential impact

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants