Skip to content

Complete #9294 cherry-pick into hotfix/v5.961 (restore dropped files)#9352

Merged
lambrianmsft merged 1 commit into
Azure:hotfix/v5.961from
lambrianmsft:revert/v5.961/9294
Jul 2, 2026
Merged

Complete #9294 cherry-pick into hotfix/v5.961 (restore dropped files)#9352
lambrianmsft merged 1 commit into
Azure:hotfix/v5.961from
lambrianmsft:revert/v5.961/9294

Conversation

@lambrianmsft

@lambrianmsft lambrianmsft commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Completes the #9294 cherry-pick into hotfix/v5.961.

The original cherry-pick (#9347) was over-scoped and dropped 12 files that PR #9294 actually changed. This PR restores them byte-for-byte from the squash-merge 4fb46025c19936049f5174ec83fdb4d6b613ad5d:

  • .github/workflows/vscode-e2e.yml (CI wiring for the new bundle-integrity shard)
  • .github/instructions/vs-code-designer.instructions.md
  • E2E: bundleCdnHealth.test.ts, bundleRepair.test.ts, createWorkspace.fixtures.test.ts, createWorkspaceShared.ts, run-e2e.js
  • Docs/knowledge: apps/vs-code-designer/CLAUDE.md, apps/vs-code-designer/src/test/ui/SKILL.md, docs/ai-setup/packages/vs-code-designer.md, .squad/knowledge/INDEX.md, .squad/knowledge/review-patterns.md

Applied as a real git cherry-pick 4fb46025 onto the current tip (the already-present 23 files merge as no-ops; only the dropped files change). Only graphify-out artifacts are omitted per policy. codeful.ts's one-line quote fix was already present in this base, so it needs no change here.

After this merges, hotfix/v5.961 contains #9294 in full (minus graphify-out).

Commit Type

  • feature - New functionality
  • fix - Bug fix
  • refactor - Code restructuring without behavior change
  • perf - Performance improvement
  • docs - Documentation update
  • test - Test-related changes
  • chore - Maintenance/tooling

Risk Level

  • Low - Minor changes, limited scope
  • Medium - Moderate changes, some user impact
  • High - Major changes, significant user/system impact

What & Why

Microsoft.Azure.Functions.ExtensionBundle.Workflows is downloaded from a CDN at extension activation. When the CDN occasionally returns a truncated zip, the extension cached the partial file and failed later in opaque ways. There was also no way to test against an unreleased bundle locally, no fallback when a private/experimental CDN was misconfigured, and no user-visible signal during activation downloads.

This PR adds end-to-end integrity verification (size + MD5), opt-in experimental bundle settings with a public-CDN safety net, and withProgress notifications so the user sees what is happening (and why a redownload is occurring).

Impact of Change

  • Users: Bundles are verified against Content-Length and Content-MD5 on download, and against an MD5 sidecar on every activation. Corrupt local copies are detected and replaced automatically. Users see a progress notification during downloads and a warning toast immediately before a corruption-triggered redownload, so silent activation hangs are gone. Three new VS Code settings (useExperimentalExtensionBundle, experimentalExtensionBundleSourceUri, experimentalExtensionBundleVersion) let users point at unreleased bundle builds without losing the public-CDN safety net. Bundles are now verified and repaired automatically for users.
  • Developers: New downloadFileWithVerification, verifyLocalBundleHash, fetchExpectedMd5, and isMissingPackageError helpers in integrity.ts. bundleFeed.ts gains a DownloadReason-driven withProgress wrapper used at every download call site, plus a private-to-public CDN fallback chain that only triggers on "package missing" errors (4xx / DNS), never on integrity failures. New E2E phase bundleintegrityonly exercised via run-e2e.js.
  • System: One extra HEAD request per activation to validate the local sidecar. No change to the public CDN contract. The MD5 sidecar lives next to the bundle so a manually-deleted bundle directory self-heals.

Test Plan

  • Unit tests added/updated
  • E2E tests added/updated
  • Manual testing completed
  • Tested in: VS Code extension host (Windows), public Azure CDN, simulated experimental source override. 66 bundleFeed unit tests + 1065 vscode-designer extension-unit tests passing. New bundleintegrityonly live E2E phase 4/4 passing.

Contributors

Screenshots/Videos

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

🤖 AI PR Validation Report

PR Review Results

Thank you for your submission! Here's detailed feedback on your PR title and body compliance:

PR Title

  • Current: Complete #9294 cherry-pick into hotfix/v5.961 (restore dropped files)
  • Issue: No blocking issue. The title is specific and describes the cherry-pick/restoration clearly.
  • Recommendation: None required.

Commit Type

  • Properly selected (fix).
  • Only one commit type is checked, which matches the change.

Risk Level

  • The selected label/body risk alignment is consistent at medium. The PR is a targeted hotfix restore with CI/test wiring and E2E coverage, so medium is appropriate.

What & Why

  • Current: Clearly explains the restored files, the over-scoped prior cherry-pick, and why the change is being applied.
  • Issue: None blocking.
  • Recommendation: If you want to make it even easier to scan, you could shorten the long file list into grouped bullets, but this is not required.

Impact of Change

  • The impact section is detailed and maps changes to users, developers, and system behavior.
  • Recommendation:
    • Users: Good as-is.
    • Developers: Good as-is.
    • System: Good as-is.

Test Plan

  • Unit tests, E2E tests, and manual testing are all checked, and the body includes a clear explanation of the test coverage.
  • This satisfies the template requirements.

⚠️ Contributors

  • Assessment: Section is present but empty.
  • Recommendation: Add contributor mentions if anyone materially helped with the implementation, review, or design. If there were none, this can remain blank.

Screenshots/Videos

  • Assessment: No visual change indicated, so leaving this blank is acceptable.

Summary Table

Section Status Recommendation
Title
Commit Type
Risk Level
What & Why
Impact of Change
Test Plan
Contributors ⚠️ Add names only if there were material contributors
Screenshots/Videos

PR passes. The advised risk level matches the submitter’s selection, so no correction is needed there. If you want to improve the PR further, the only optional cleanup is adding contributor credits where applicable.


Last updated: Thu, 02 Jul 2026 01:02:43 GMT

@lambrianmsft lambrianmsft enabled auto-merge (squash) July 1, 2026 23:51
…ore dropped files)

The prior Azure#9294 cherry-pick (Azure#9347) was over-scoped and dropped 12 files that PR Azure#9294 changed.
This restores them byte-for-byte from squash-merge 4fb4602
(the vscode-e2e workflow, E2E bundle-integrity tests + shared harness, run-e2e settings, docs,
.squad knowledge, and instructions), so hotfix/v5.961 matches Azure#9294 exactly. Only graphify-out
artifacts are omitted per policy.

Co-authored-by: Brian Lam <lambrian@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@lambrianmsft lambrianmsft changed the title Revert over-scoped #9294 cherry-pick (#9347) from hotfix/v5.961 Complete #9294 cherry-pick into hotfix/v5.961 (restore dropped files) Jul 2, 2026
@lambrianmsft lambrianmsft merged commit c3e2232 into Azure:hotfix/v5.961 Jul 2, 2026
34 of 36 checks passed
@lambrianmsft lambrianmsft added the risk:medium Medium risk change with potential impact label Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

pr-validated risk:medium Medium risk change with potential impact

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants