chore(deps-dev): bump @eslint/js from 9.17.0 to 10.0.1 in /webviewUi#425
Closed
dependabot[bot] wants to merge 1011 commits intomainfrom
Closed
chore(deps-dev): bump @eslint/js from 9.17.0 to 10.0.1 in /webviewUi#425dependabot[bot] wants to merge 1011 commits intomainfrom
dependabot[bot] wants to merge 1011 commits intomainfrom
Conversation
* Export class for broader utility. * Strengthen command validation with expanded dangerous command patterns. * Add de-obfuscation logic to improve blocked pattern detection for , backticks, and whitespace. * Implement output buffering limit for to prevent excessive memory usage. * Add comprehensive unit tests for and functionality.
Feature terminal security
* Migrate webview state management to a centralized Zustand store architecture. * Update agent service to use new streaming API () with . * Centralize webview message handling with hook. * Restructure UI styling using component-specific CSS files and . * Add as a new dependency for state management.
* Correct typo in import path. * Correct typo in import path. * Update Groq to return an empty array and log a warning for unsupported functionality.
Feature clean up
feat(cost-tracking): Implement LLM token usage and estimated cost tra…
- Add file mention autocomplete functionality to the chat input. - Replace VSCodeTextArea with a native textarea for better control. - Introduce mention detection, filtering, and selection for files. - Update onSendMessage callback to pass mentioned files. - Standardize font family usage across UI components with a new CSS variable. - Enhance bot loading indicator logic for better user feedback.
…urity tests * Introduce new test suites for agent Human-in-the-Loop (HITL) consent. * Implement comprehensive tests for agent safety limits and tool invocation tracking. * Add tests for agent tool execution, activity lifecycle, and message parsing. * Establish critical filesystem security tests, including path traversal protection and symlink handling. * Configure to include new agent and filesystem test files. * Add script and update CI workflow to use it for test compilation. * Refine test for history storage.
* Introduce to read and interpret files. * Exclude files and directories from workspace indexing and file operations based on rules. * Add command to scaffold a default file.
…hunk-level diff review * Add to enable workspace snapshots and revert functionality. * Integrate automatic checkpoint creation before agent-driven file modifications. * Introduce service for granular line-level diff processing. * Enable hunk-by-hunk review and selective application/rejection of pending changes. * Add new configuration settings for to control semantic search behavior. * Adjust performance profiler and production safeguard monitoring intervals and alerts for better stability. * Introduce a dedicated Checkpoint Panel and enhance the Pending Changes Panel with hunk review UI.
More clean up
…to feature_test_runner
- Prevent shell injection by sanitizing user-supplied test arguments. - Refactor test command execution to use array-based arguments for . - Enhance test result parsing for various frameworks (Jest, Mocha, Pytest, Go, Cargo). - Introduce a for unparseable test output. - Add comprehensive unit tests for the .
* Implement interface for extensible detection, output parsing, and failure extraction. * Create concrete strategies for Jest/Vitest, Mocha, Pytest, Go Test, and Cargo Test. * Refactor , , and to utilize the new strategy pattern. * Export and add comprehensive unit tests for input validation, including shell injection prevention. * Add utility to robustly parse command strings with quoted arguments.
* Implement interface for extensible detection, output parsing, and failure extraction. * Create concrete strategies for Jest/Vitest, Mocha, Pytest, Go Test, and Cargo Test. * Refactor , , and to utilize the new strategy pattern. * Export and add comprehensive unit tests for input validation, including shell injection prevention. * Add utility to robustly parse command strings with quoted arguments.
* Add LangChain tool for atomic, multi-file edits. * Introduce to manage grouped file changes. * Register VS Code commands for reviewing, applying, and rejecting Composer sessions. * Implement webview UI () to display active sessions and their pending changes. * Integrate into agent tool providers and role mappings. * Add comprehensive unit tests for the .
… bookmarks * Introduce a new browser panel component for managing browsing history and bookmarks. * Add functionality to save, retrieve, and remove web page bookmarks. * Enable appending web content directly to the chat as AI context. * Refactor sidebar navigation and button styling for improved user experience. * Update GitHub Actions workflow to run tests across Ubuntu, Windows, and macOS. * Implement code coverage checks in CI for Linux builds with a 30% threshold. * Add a table and index to the SQLite database schema. * Improve accessibility for various UI components with attributes.
* Introduce to manage browser bookmarks (add, remove, get). * Add comprehensive unit tests for bookmark functionalities. * Implement to gracefully handle UI errors in webview panels. * Integrate across various webview panels for improved stability. * Remove deprecated browsing history UI components and state management. * Standardize copy button text from MD to MARKDOWN in the webview. * Add Datadog static analysis configuration with various JavaScript rulesets.
…contrast * Refactor handling for directory to a single exclusion rule. * Improve readability and contrast of various UI elements by adjusting color opacities. * Standardize paragraph margins within message content.
…contrast * Refactor handling for directory to a single exclusion rule. * Improve readability and contrast of various UI elements by adjusting color opacities. * Standardize paragraph margins within message content.
Feature multiple file update
…nd add core path tests - Extract , , and into standalone service classes - Replace monolithic with , , , and sub-generators - Add to scope per-stream mutable state; eliminate shared map - Introduce thread-keyed consent management () with timeout auto-denial and boolean grant/deny resolution - Replace with lazy for persistent checkpoints; fall back to in-memory if workspace unavailable - Add agent-instance caching keyed by provider/model; invalidate cache on model change - Add Anthropic provider support to ; refactor LLM routing into helper - Pass through webview consent messages () for correct per-thread HITL resolution - Add with 60+ tests covering , , , , , and stream lifecycle - Bump version to
- Add InputGuard (src/services/input-guard.ts): ref/key parameter validation with SAFE_REF_PATTERN and SAFE_KEY_PATTERN to prevent injection via crafted page snapshot content - Wire assertSafeRef into click, type, hover, selectOption; assertSafeKey into pressKey - Fix withTimeout: use timerId | undefined, remove non-null assertion - Add DANGEROUS_EXPRESSION_PATTERNS blocklist for evaluate(): blocks fetch, XMLHttpRequest, WebSocket, sendBeacon, import(), cookie, localStorage, sessionStorage - Add post-navigation DNS rebinding check in navigate() - Extract BROWSER_ACTIONS constant as single source of truth - Optimise parseResult with array accumulation - DRY tabNew into single code path - Add BrowserService.dispose() for extension deactivation cleanup - Add StructuredTool<any> rationale comment (TS2589) - Add 16 new test cases + input-guard.test.ts (12 tests)
…n-tool feat: add Browser Automation Tool (#11)
…udit documentation * Add for a comprehensive WebviewUI deep-dive. * Implement to expose team intelligence data from the extension. * Develop webview component for visualizing team members, relationships, and recurring blockers. * Integrate into the main webview UI with a new sidebar toggle button. * Create Zustand store to manage team graph UI state and interactions.
feat(team-graph, webview-ui): Introduce team intelligence graph and a…
* Implement backend to process cost summary and reset commands. * Introduce new webview panel () to display estimated AI usage costs. * Show total estimated cost, token usage, request counts, and conversation count. * Provide cost breakdowns by provider and for individual conversations. * Add a new sidebar button () to open the cost dashboard. * Integrate for managing cost data state in the webview UI.
…to feature/cost_tracking
* Add method to for comprehensive cost aggregation. * Refactor to utilize the new method. * Introduce new interfaces (, , ) for structured cost data. * Add extensive unit tests for and . * Round aggregated estimated costs to 6 decimal places in the summary.
Feature/cost tracking
- Fix typo in filename to in .
…to feature/dead_code_cleanup
Feature/dead code cleanup
…eepTerminalServiceWEBVIEW_UI_AUDIT.md
* Refactor and to return for missing sessions. * Introduce to manage terminal-related webview commands. * Add validation for session IDs and handle missing sessions in , sending messages. * Display terminal session errors in using a new error banner. * Add comprehensive unit tests for .
* Remove ConnectorHandler from webview providers and handlers. * Remove Connectors section, components, and types from settings UI. * Display dynamic username and initials in Account Settings. * Update documentation and changelog links to GitHub URLs.
* Add to various UI panels for better responsiveness. * Enable horizontal scrolling for code blocks, tables, and chat content. * Adjust code block styling to improve width handling.
TerminalViewerPanelTerminalViewerHandleruseTerminalStorelistSessionsD…
general updates
chore(project): Enhance project metadata, compliance, and contributio…
Bumps [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) from 9.17.0 to 10.0.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js) --- updated-dependencies: - dependency-name: "@eslint/js" dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/webviewUi/eslint/js-10.0.1
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps @eslint/js from 9.17.0 to 10.0.1.
Release notes
Sourced from
@eslint/js's releases.... (truncated)
Commits
84fb885chore: package.json update for@eslint/jsrelease1f66734chore: addeslinttopeerDependenciesof@eslint/js(#20467)f3fbc2fchore: set@eslint/jsversion to 10.0.0 to skip releasing it (#20466)b4b3127chore: package.json update for@eslint/jsrelease0b14059chore: package.json update for@eslint/jsreleasefa31a60feat!: addnameto configs (#20015)1e2cad5chore: package.json update for@eslint/jsrelease454a292feat!: updateeslint:recommendedconfiguration (#20210)c6358c3feat!: Require Node.js^20.19.0 || ^22.13.0 || >=24(#20160)c7ebefcchore: package.json update for@eslint/jsreleaseDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)