Skip to content

Commit

Permalink
Merged PR posit-dev/positron-python#14: Merge upstream of vscode pyth…
Browse files Browse the repository at this point in the history
…on main

Merge pull request #14 from posit-dev/merge_upstream

Merge upstream of vscode python main
--------------------
Commit message for posit-dev/positron-python@098389e026b7e405b604b0c9184346901bb44077:

Ignore package-lock.json in favor of yarn

--------------------
Commit message for posit-dev/positron-python@65bbcb1fe923cb9e110669c5fc048870a9ebfe59:

Merge remote-tracking branch 'upstream/main'

--------------------
Commit message for microsoft/vscode-python@04753c4d8c5f0443f57c69ad2a4fcfe4df07c740:

Ensure editable install is triggered if `pyproject.toml` is found. (microsoft/vscode-python#20572)

No-changelog because this feature is not in stable yet.
--------------------
Commit message for microsoft/vscode-python@80ef35f7e1e83ffec09e5475c492fe8beaaad12b:

Log as error in case we're unable to detect the active terminal shell type (microsoft/vscode-python#20545)


--------------------
Commit message for microsoft/vscode-python@34414c8ef6ef9fd24986eeb3f5856fd370bf397d:

Remove telemetry proposal + implicit activations (microsoft/vscode-python#20542)

Removes the telemetryLogger proposal as it is finalized.

Also removes the command activation events as vscode now automatically
generates though so that information is redudant.

Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@fe40195db24a0f5d574b6744218cc472b2a36fa6:

Switch to a different toml library. (microsoft/vscode-python#20544)


--------------------
Commit message for microsoft/vscode-python@e9edfc01435ed37699c75b56c2681e4475f86861:

Detect if VSCode is launched from an activated environment and select it (microsoft/vscode-python#20526)

Closes https://github.com/microsoft/vscode-python/issues/10668

In case of base conda environments, show a prompt to select it instead,
as getting configs is required in that case which can take time.
--------------------
Commit message for microsoft/vscode-python@bebf05da6f5e7f29f3b41e4827743004612ca220:

Create env shows requirements files or `pyproject.toml` extras when available (microsoft/vscode-python#20524)

Closes https://github.com/microsoft/vscode-python/issues/20277
Closes https://github.com/microsoft/vscode-python/issues/20278
--------------------
Commit message for microsoft/vscode-python@c545a366318b0852b970703b8da8c9ffe65d86bf:

Add GDPR tag for new pylance property (microsoft/vscode-python#20501)

`packages` has become `packagesBitArray`
--------------------
Commit message for microsoft/vscode-python@e92c1248b138a6eb2914a2392ffc1d1cce715edf:

Update to new l10n (microsoft/vscode-python#20484)

Following
https://github.com/microsoft/vscode-engineering/wiki/Extensions-Localization

This onboards vscode-python to the new localization API which enables
localization for the web.

It's a large PR ... but pretty boring since it's just replacing one
syntax with another.

Co-authored-by: Tyler Leonhardt <[email protected]>
--------------------
Commit message for microsoft/vscode-python@0f4e6ae49df32113ed5672ae6fd85f7a2bc16ecb:

Stop suggesting the MS Python Discord server for help (microsoft/vscode-python#20499)


--------------------
Commit message for microsoft/vscode-python@f7d732eb244755de21b1526679774671adca0d4a:

Bump json5 from 2.2.1 to 2.2.3 (microsoft/vscode-python#20448)

Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/json5/json5/releases">json5's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.3</h2>
<ul>
<li>Fix: [email protected] is now the 'latest' release according to npm
instead of v1.0.2. (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to
objects and arrays.
(<a
href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>)
This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's
changelog</a>.</em></p>
<blockquote>
<h3>v2.2.3 [<a
href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a
href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3>
<ul>
<li>Fix: [email protected] is now the 'latest' release according to npm
instead of
v1.0.2. (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h3>v2.2.2 [<a
href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a
href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to
objects and arrays.
(<a
href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>)
This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776"><code>c3a7524</code></a>
2.2.3</li>
<li><a
href="https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39"><code>94fd06d</code></a>
docs: update CHANGELOG for v2.2.3</li>
<li><a
href="https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce"><code>3b8cebf</code></a>
docs(security): use GitHub security advisories</li>
<li><a
href="https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c"><code>f0fd9e1</code></a>
docs: publish a security policy</li>
<li><a
href="https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0"><code>6a91a05</code></a>
docs(template): bug -&gt; bug report</li>
<li><a
href="https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650"><code>14f8cb1</code></a>
2.2.2</li>
<li><a
href="https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46"><code>10cc7ca</code></a>
docs: update CHANGELOG for v2.2.2</li>
<li><a
href="https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8"><code>7774c10</code></a>
fix: add <strong>proto</strong> to objects and arrays</li>
<li><a
href="https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d"><code>edde30a</code></a>
Readme: slight tweak to intro</li>
<li><a
href="https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16"><code>97286f8</code></a>
Improve example in readme</li>
<li>Additional commits viewable in <a
href="https://github.com/json5/json5/compare/v2.2.1...v2.2.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
--------------------
Commit message for microsoft/vscode-python@b7e949009455ec23521a7ab63f1a11d1e2b0c906:

Bump mheap/github-action-required-labels from 2 to 3 (microsoft/vscode-python#20447)

Bumps
[mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mheap/github-action-required-labels/releases">mheap/github-action-required-labels's
releases</a>.</em></p>
<blockquote>
<h2>v3</h2>
<p>Tag that always points to the latest commit in the v3.x.x series of
releases</p>
<h2>v3.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Switch to using <code>@​actions/core</code> by <a
href="https://github.com/mheap"><code>@​mheap</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/44">mheap/github-action-required-labels#44</a></li>
<li>Custom messages by <a
href="https://github.com/mheap"><code>@​mheap</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/46">mheap/github-action-required-labels#46</a></li>
<li>Bump json5 from 2.2.1 to 2.2.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/45">mheap/github-action-required-labels#45</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.2.3...v3.0.0">https://github.com/mheap/github-action-required-labels/compare/v2.2.3...v3.0.0</a></p>
<h2>v2.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix add_comment input by <a
href="https://github.com/mheap"><code>@​mheap</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/40">mheap/github-action-required-labels#40</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.2.2...v2.2.3">https://github.com/mheap/github-action-required-labels/compare/v2.2.2...v2.2.3</a></p>
<h2>v2.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action.yml by <a
href="https://github.com/jeff-miller-cfa"><code>@​jeff-miller-cfa</code></a>
in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/37">mheap/github-action-required-labels#37</a></li>
<li>Bump <code>@​actions/core</code> from 1.2.6 to 1.9.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/34">mheap/github-action-required-labels#34</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.2.1...v2.2.2">https://github.com/mheap/github-action-required-labels/compare/v2.2.1...v2.2.2</a></p>
<h2>v2.2.1</h2>
<ul>
<li>Adding <code>node16</code> support</li>
</ul>
<h2>v2.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add comment on failure by <a
href="https://github.com/mheap"><code>@​mheap</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/36">mheap/github-action-required-labels#36</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.1.0...v2.2.0">https://github.com/mheap/github-action-required-labels/compare/v2.1.0...v2.2.0</a></p>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for output status by <a
href="https://github.com/mheap"><code>@​mheap</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/32">mheap/github-action-required-labels#32</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.0.1...v2.1.0">https://github.com/mheap/github-action-required-labels/compare/v2.0.1...v2.1.0</a></p>
<h2>v2.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action.yml by <a
href="https://github.com/yannickm95"><code>@​yannickm95</code></a> in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/30">mheap/github-action-required-labels#30</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/yannickm95"><code>@​yannickm95</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/mheap/github-action-required-labels/pull/30">mheap/github-action-required-labels#30</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/mheap/github-action-required-labels/compare/v2.0.0...v2.0.1">https://github.com/mheap/github-action-required-labels/compare/v2.0.0...v2.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mheap/github-action-required-labels/commit/179af849240d834567e1a3d6dc781575eede757c"><code>179af84</code></a>
Automatic compilation</li>
<li><a
href="https://github.com/mheap/github-action-required-labels/commit/e49d4bee708a114e73d1dd790d354c109e0cfe12"><code>e49d4be</code></a>
Bump json5 from 2.2.1 to 2.2.2</li>
<li><a
href="https://github.com/mheap/github-action-required-labels/commit/6008ef38d7350168a91dab200a9d48ae21b42676"><code>6008ef3</code></a>
Add ability to customise comment / error message</li>
<li><a
href="https://github.com/mheap/github-action-required-labels/commit/43f0d746ccf0990f7dec9fb7f4322d55bce51ab0"><code>43f0d74</code></a>
Bump README to v3</li>
<li><a
href="https://github.com/mheap/github-action-required-labels/commit/6831eb28b639f195899c3c6422fc0ca08d84c2e0"><code>6831eb2</code></a>
Move from actions-toolkit to <code>@​actions/core</code></li>
<li>See full diff in <a
href="https://github.com/mheap/github-action-required-labels/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mheap/github-action-required-labels&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
--------------------
Commit message for microsoft/vscode-python@074ffb60de55b27285262f7968f7ddaa75b600ef:

Re-revert "Update to proposed telemetry logger" (microsoft/vscode-python#20482)

The telemetry issue has been fixed by
https://github.com/microsoft/vscode/pull/170740, so we're re-reverting
the changes.
--------------------
Commit message for microsoft/vscode-python@90cb8296d6f139102850c087c3dfd83bb15399ad:

Make auto indent depend on formatOnType setting value (microsoft/vscode-python#20480)

For https://github.com/microsoft/vscode-python/issues/20479
--------------------
Commit message for microsoft/vscode-python@e6b27521746af44e26f054122c0f22efbf80ce73:

Update debugpy to 1.6.5 (microsoft/vscode-python#20477)


--------------------
Commit message for microsoft/vscode-python@e8e7d8899bb3093895408cc3480d8d5393aad3d9:

Revert "Update to proposed telemetry logger" (microsoft/vscode-python#20469)

This reverts commit 03e53538955e58a0e7f3f2cce144c4398483815b.

To temporarily fix telemetry issues.

Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@2211996979342e5cd9bb31a7ca0ece637779da18:

Make sure we do not use or execute the default `python` on `PATH` if there is any other known interpreter (microsoft/vscode-python#20457)


--------------------
Commit message for microsoft/vscode-python@4e1f79c08e0497bcaca725e400cd9e407d2dcfa9:

Bump the major version to 2023 (microsoft/vscode-python#20465)

For microsoft/vscode-python#20456
--------------------
Commit message for microsoft/vscode-python@f6a0d456c99c1eac8e9564f14823752397d600e0:

Bump extension/telemetry dependency version (microsoft/vscode-python#20462)

Corresponds to
https://github.com/microsoft/vscode/commit/4acf2d9b46b75748ae687cf3b2952a0799679873
.

Closes microsoft/vscode-python#20456
--------------------
Commit message for microsoft/vscode-python@9461f4abc43e0e75f6a6b6eac3f3e83d3b294bd9:

Enables successful running of python file even when parentheses are present in the path (microsoft/vscode-python#20414)


--------------------
Commit message for microsoft/vscode-python@32f55109c976e66bf39e8da6aae0c9b6f5115df2:

Do not remove envs which are provided by the consumer (microsoft/vscode-python#20424)

For https://github.com/microsoft/vscode-python/issues/20292

We currently remove environments from cache which aren't part of the
latest discovery run. This is not correct as consumers can still select
envs not reported by discovery run, which we shouldn't remove.
--------------------
Commit message for microsoft/vscode-python@65cf0fbb88ad839f1f41e5dc16fad0086f9cc871:

Drop telemetry CI (microsoft/vscode-python#20393)

Downloading the ripgrep dependency is a bit flaky.

Part of microsoft/vscode-python#20390
--------------------
Commit message for microsoft/vscode-python@6d0aaa7fc577d3b1fbe7352ba37d9df0e39c441a:

Add description on hover to interpreter status bar item (microsoft/vscode-python#20411)

Closes https://github.com/microsoft/vscode-python/issues/16480
--------------------
Commit message for microsoft/vscode-python@804e65608f4d2a1a3b6e0bb7cde3aeefa6757340:

Update link to A/B experiments description (microsoft/vscode-python#20409)

Closes https://github.com/microsoft/vscode-python/issues/15635
--------------------
Commit message for microsoft/vscode-python@2d4f34ad1712f6a201d7c1056349de8606caed1a:

Use isolated flag when gathering environment information (microsoft/vscode-python#20403)

Closes https://github.com/microsoft/vscode-python/issues/20382
--------------------
Commit message for microsoft/vscode-python@5b7e040886defce82a363d714f60a2d25f9e9fa1:

Stop asking which package manager to use for installing tools (microsoft/vscode-python#20405)

Closes https://github.com/microsoft/vscode-python/issues/11739
--------------------
Commit message for microsoft/vscode-python@5b6c99b08108aee8eca8a8e0d7043427067f4812:

Remove poetry watcher (microsoft/vscode-python#20404)

Closes https://github.com/microsoft/vscode-python/issues/17087
--------------------
Commit message for microsoft/vscode-python@5e83629cae7cd408fdba483513d00a05e13fb995:

Update release_plan.md (microsoft/vscode-python#20351)

 went through and made edits to try and help clarify the release
process and all the different branches and PRs that we are
creating/keeping track of in this process. Thanks!

Co-authored-by: Brett Cannon <[email protected]>
Co-authored-by: Kartik Raj <[email protected]>
--------------------
Commit message for microsoft/vscode-python@1bf055880019e42a0cf2eca3307925846016f5fc:

Bump VS Code engine in `package.json` (microsoft/vscode-python#20392)

Accidentally left out of
https://github.com/microsoft/vscode-python/commit/cb124e7b408af2afa3e074e541ddf8c09b95e2ff
.

As it pertains to a change made in VS Code insiders today, we are
setting the engine to a specific date. This requires updating the
`getChannel()` code, so took the opportunity to factor it out.
--------------------
Commit message for microsoft/vscode-python@cb124e7b408af2afa3e074e541ddf8c09b95e2ff:

Update telemetry package (microsoft/vscode-python#20388)

There has been breaking changes in the proposed telemetry surface so we
must update the package to prevent breaking the python extension
--------------------
Commit message for microsoft/vscode-python@07e334af8ad631da01c21ce339366f907006520c:

Display user friendly path when displaying create environment notification (microsoft/vscode-python#20387)

Closes https://github.com/microsoft/vscode-python/issues/19934
--------------------
Commit message for microsoft/vscode-python@e72ca977f52b063a56c1408978e2fee401d566cb:

Use `uniqueItems` for settings (microsoft/vscode-python#20375)

Leaves string arrays alone that are used as arguments to external tools
as we can't know if unique values are valid or not.

Closes microsoft/vscode-python#7881
--------------------
Commit message for microsoft/vscode-python@69e9625b84788bcb319e3b232bcffd9b7834fecd:

Stop installing pre-release version of black when using poetry or pipenv environments (microsoft/vscode-python#20381)

Release version is now available on pypi, so this should no longer be
needed.

Closes https://github.com/microsoft/vscode-python/issues/10696
--------------------
Commit message for microsoft/vscode-python@118643290db172566b145bd14cb3ab08c0c9cf86:

Merge `release/2022.20` into `main` (microsoft/vscode-python#20374)

Co-authored-by: Eleanor Boyd <[email protected]>
--------------------
Commit message for microsoft/vscode-python@15b9815a30c1483f5913b56c788f8de061cd521d:

Remove `python.pythonPath` deprecation prompt (microsoft/vscode-python#20371)

Closes https://github.com/microsoft/vscode-python/issues/20340
--------------------
Commit message for microsoft/vscode-python@32ab2f1e3bb8bf6e9998a493238cc099eddda034:

Do not allow use of discovery API in an untrusted workspace (microsoft/vscode-python#20372)


--------------------
Commit message for microsoft/vscode-python@eb66e81f0b053d1f499f8be14ba613f53c069860:

Re-register API for jupyter integration once trust is granted (microsoft/vscode-python#20370)

Closes https://github.com/microsoft/vscode-python/issues/20261
--------------------
Commit message for microsoft/vscode-python@2afda3f3f03f31646e2464c78c5e0120aa156a2a:

Bump qs from 6.5.2 to 6.5.3 (microsoft/vscode-python#20332)

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's
changelog</a>.</em></p>
<blockquote>
<h2><strong>6.5.3</strong></h2>
<ul>
<li>[Fix] <code>parse</code>: ignore <code>__proto__</code> keys (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/428">#428</a>)</li>
<li>[Fix]<code> </code>utils.merge`: avoid a crash with a null target
and a truthy non-array source</li>
<li>[Fix] correctly parse nested arrays</li>
<li>[Fix] <code>stringify</code>: fix a crash with
<code>strictNullHandling</code> and a custom
<code>filter</code>/<code>serializeDate</code> (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/279">#279</a>)</li>
<li>[Fix] <code>utils</code>: <code>merge</code>: fix crash when
<code>source</code> is a truthy primitive &amp; no options are
provided</li>
<li>[Fix] when <code>parseArrays</code> is false, properly handle keys
ending in <code>[]</code></li>
<li>[Fix] fix for an impossible situation: when the formatter is called
with a non-string value</li>
<li>[Fix] <code>utils.merge</code>: avoid a crash with a null target and
an array source</li>
<li>[Refactor] <code>utils</code>: reduce observable [[Get]]s</li>
<li>[Refactor] use cached <code>Array.isArray</code></li>
<li>[Refactor] <code>stringify</code>: Avoid arr = arr.concat(...), push
to the existing instance (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/269">#269</a>)</li>
<li>[Refactor] <code>parse</code>: only need to reassign the var
once</li>
<li>[Robustness] <code>stringify</code>: avoid relying on a global
<code>undefined</code> (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/427">#427</a>)</li>
<li>[readme] remove travis badge; add github actions/codecov badges;
update URLs</li>
<li>[Docs] Clean up license text so it’s properly detected as
BSD-3-Clause</li>
<li>[Docs] Clarify the need for &quot;arrayLimit&quot; option</li>
<li>[meta] fix README.md (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/399">#399</a>)</li>
<li>[meta] add FUNDING.yml</li>
<li>[actions] backport actions from main</li>
<li>[Tests] always use <code>String(x)</code> over
<code>x.toString()</code></li>
<li>[Tests] remove nonexistent tape option</li>
<li>[Dev Deps] backport from main</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077"><code>298bfa5</code></a>
v6.5.3</li>
<li><a
href="https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f"><code>ed0f5dc</code></a>
[Fix] <code>parse</code>: ignore <code>__proto__</code> keys (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/428">#428</a>)</li>
<li><a
href="https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab"><code>691e739</code></a>
[Robustness] <code>stringify</code>: avoid relying on a global
<code>undefined</code> (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/427">#427</a>)</li>
<li><a
href="https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2"><code>1072d57</code></a>
[readme] remove travis badge; add github actions/codecov badges; update
URLs</li>
<li><a
href="https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64"><code>12ac1c4</code></a>
[meta] fix README.md (<a
href="https://github-redirect.dependabot.com/ljharb/qs/issues/399">#399</a>)</li>
<li><a
href="https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a"><code>0338716</code></a>
[actions] backport actions from main</li>
<li><a
href="https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1"><code>5639c20</code></a>
Clean up license text so it’s properly detected as BSD-3-Clause</li>
<li><a
href="https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d"><code>51b8a0b</code></a>
add FUNDING.yml</li>
<li><a
href="https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977"><code>45f6759</code></a>
[Fix] fix for an impossible situation: when the formatter is called with
a no...</li>
<li><a
href="https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3"><code>f814a7f</code></a>
[Dev Deps] backport from main</li>
<li>Additional commits viewable in <a
href="https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eleanor Boyd <[email protected]>
Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@a30b7711847f83fa5b9d8c7a0cda436b2c5968a5:

Bump dessant/lock-threads from 3 to 4 (microsoft/vscode-python#20318)

Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dessant/lock-threads/releases">dessant/lock-threads's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<p>Learn more about this release from the <a
href="https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md#changelog">changelog</a>.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md">dessant/lock-threads's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/dessant/lock-threads/compare/v3.0.0...v4.0.0">4.0.0</a>
(2022-12-04)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>the action now requires Node.js 16</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>update dependencies (<a
href="https://github.com/dessant/lock-threads/commit/38e918558115222435d26c0639870cdbe3572929">38e9185</a>)</li>
<li>update docs (<a
href="https://github.com/dessant/lock-threads/commit/32986e26965060a85db09e98ef7e5958c961ae84">32986e2</a>)</li>
</ul>
<h2><a
href="https://github.com/dessant/lock-threads/compare/v2.1.2...v3.0.0">3.0.0</a>
(2021-09-27)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>
<p>input parameter names have changed</p>
<p>Rename the following input parameters when upgrading from v2 to
v3:</p>
<ul>
<li><code>issue-lock-inactive-days</code> --&gt;
<code>issue-inactive-days</code></li>
<li><code>issue-exclude-created-before</code> --&gt;
<code>exclude-issue-created-before</code></li>
<li><code>issue-exclude-labels</code> --&gt;
<code>exclude-any-issue-labels</code></li>
<li><code>issue-lock-labels</code> --&gt;
<code>add-issue-labels</code></li>
<li><code>issue-lock-comment</code> --&gt;
<code>issue-comment</code></li>
<li><code>pr-lock-inactive-days</code> --&gt;
<code>pr-inactive-days</code></li>
<li><code>pr-exclude-created-before</code> --&gt;
<code>exclude-pr-created-before</code></li>
<li><code>pr-exclude-labels</code> --&gt;
<code>exclude-any-pr-labels</code></li>
<li><code>pr-lock-labels</code> --&gt; <code>add-pr-labels</code></li>
<li><code>pr-lock-comment</code> --&gt; <code>pr-comment</code></li>
</ul>
</li>
</ul>
<h3>Features</h3>
<ul>
<li>add new filtering and labeling options, update input parameter names
(<a
href="https://github.com/dessant/lock-threads/commit/26fd836f96f46625de24663c4dc2b84c8408fcb1">26fd836</a>)</li>
<li>allow manual triggering (<a
href="https://github.com/dessant/lock-threads/commit/a0c7da306555d946273957477018fe178130ccf9">a0c7da3</a>)</li>
</ul>
<h3><a
href="https://github.com/dessant/lock-threads/compare/v2.1.1...v2.1.2">2.1.2</a>
(2021-08-17)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>ignore error when commenting on issue converted to discussion (<a
href="https://github.com/dessant/lock-threads/commit/60d2a1a4bee140c0408a057fdb025155cdba18dd">60d2a1a</a>),
closes <a
href="https://github-redirect.dependabot.com/dessant/lock-threads/issues/24">#24</a></li>
</ul>
<h3><a
href="https://github.com/dessant/lock-threads/compare/v2.1.0...v2.1.1">2.1.1</a>
(2021-07-09)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>update GitHub API calls (<a
href="https://github.com/dessant/lock-threads/commit/a3ccc71fffa8f16e865eb3661cf8852e11d0a289">a3ccc71</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dessant/lock-threads/commit/c1b35aecc5cdb1a34539d14196df55838bb2f836"><code>c1b35ae</code></a>
chore(release): 4.0.0</li>
<li><a
href="https://github.com/dessant/lock-threads/commit/32986e26965060a85db09e98ef7e5958c961ae84"><code>32986e2</code></a>
fix: update docs</li>
<li><a
href="https://github.com/dessant/lock-threads/commit/b677b85bbb81f02cbd6ee8c7d64b627d9a0d98eb"><code>b677b85</code></a>
chore: update workflows</li>
<li><a
href="https://github.com/dessant/lock-threads/commit/dc42875c063d607b02f82ac2f4fd962f620cf459"><code>dc42875</code></a>
chore: update package</li>
<li><a
href="https://github.com/dessant/lock-threads/commit/38e918558115222435d26c0639870cdbe3572929"><code>38e9185</code></a>
fix: update dependencies</li>
<li><a
href="https://github.com/dessant/lock-threads/commit/08e671be8ac8944d0e132aa71d0ae8ccfb347675"><code>08e671b</code></a>
chore: add upgrade guide</li>
<li>See full diff in <a
href="https://github.com/dessant/lock-threads/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dessant/lock-threads&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eleanor Boyd <[email protected]>
Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@3a2e9430af852742af09eb181bcc637335c7282e:

Bump decode-uri-component from 0.2.0 to 0.2.2 (microsoft/vscode-python#20308)

Bumps
[decode-uri-component](https://github.com/SamVerschueren/decode-uri-component)
from 0.2.0 to 0.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/SamVerschueren/decode-uri-component/releases">decode-uri-component's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.2</h2>
<ul>
<li>Prevent overwriting previously decoded tokens  980e0bf</li>
</ul>
<p><a
href="https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2">https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2</a></p>
<h2>v0.2.1</h2>
<ul>
<li>Switch to GitHub workflows  76abc93</li>
<li>Fix issue where decode throws - fixes <a
href="https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6">#6</a>
746ca5d</li>
<li>Update license (<a
href="https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1">#1</a>)
486d7e2</li>
<li>Tidelift tasks  a650457</li>
<li>Meta tweaks  66e1c28</li>
</ul>
<p><a
href="https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1">https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb"><code>a0eea46</code></a>
0.2.2</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152"><code>980e0bf</code></a>
Prevent overwriting previously decoded tokens</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33"><code>3c8a373</code></a>
0.2.1</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3"><code>76abc93</code></a>
Switch to GitHub workflows</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9"><code>746ca5d</code></a>
Fix issue where decode throws - fixes <a
href="https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6">#6</a></li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30"><code>486d7e2</code></a>
Update license (<a
href="https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1">#1</a>)</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134"><code>a650457</code></a>
Tidelift tasks</li>
<li><a
href="https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02"><code>66e1c28</code></a>
Meta tweaks</li>
<li>See full diff in <a
href="https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component&package-manager=npm_and_yarn&previous-version=0.2.0&new-version=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eleanor Boyd <[email protected]>
Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@713cd4e0eff38dcc5cdd5b5656c7c4377e4a4670:

Bump loader-utils from 2.0.3 to 2.0.4 (microsoft/vscode-python#20241)

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.3
to 2.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/loader-utils/releases">loader-utils's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.4</h2>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4">2.0.4</a>
(2022-11-11)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>ReDoS problem (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/225">#225</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb">ac09944</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md">loader-utils's
changelog</a>.</em></p>
<blockquote>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4">2.0.4</a>
(2022-11-11)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>ReDoS problem (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/225">#225</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb">ac09944</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/webpack/loader-utils/commit/6688b5028106f144ee9f543bebc8e6a87b57829f"><code>6688b50</code></a>
chore(release): 2.0.4</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb"><code>ac09944</code></a>
fix: ReDoS problem (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/225">#225</a>)</li>
<li>See full diff in <a
href="https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=loader-utils&package-manager=npm_and_yarn&previous-version=2.0.3&new-version=2.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brett Cannon <[email protected]>
--------------------
Commit message for microsoft/vscode-python@b754904baa22c7a103a7d59c14e850033de04624:

2022.21.0 version bump (microsoft/vscode-python#20342)


--------------------
Commit message for microsoft/vscode-python@88c5709d0f2bf94fcadd5507a3bc1e09394b0a5f:

create RC for 2022.20 (microsoft/vscode-python#20328)


--------------------
Commit message for microsoft/vscode-python@f9e98fc35f24bd48f4c7910e403f0864dc5d4bd0:

Simplify launch debug (microsoft/vscode-python#20286)

Closed: microsoft/vscode-python#19770
--------------------
Commit message for microsoft/vscode-python@71766e3385b09ed2902c4e44cb52734024fc9249:

Upgrade debugpy to 1.6.4 (microsoft/vscode-python#20291)

Also ship CPython 3.10 wheels instead of 3.9.
--------------------
Commit message for microsoft/vscode-python@4ee6050b023716a1537240feb469c8db6f4b8b4e:

Catch exceptions when changing `formatOnType` setting (microsoft/vscode-python#20285)


--------------------
Commit message for microsoft/vscode-python@133a8e877aa3755eaf101f1f1edf446432770b40:

Fix CI tests (microsoft/vscode-python#20273)

Fix Ci test using the insiders version of vscode in tests. Remove old
insider tests.
--------------------
Commit message for microsoft/vscode-python@a2aa1fb9274ca6c515ca7c2fdea0f8df7f287198:

Merge Getting Started walkthrough to include Create Environment Tile  (microsoft/vscode-python#20258)

Merging create environment tile into main walkthrough and deleted create
environment walkthrough used in the experiment
--------------------
Commit message for microsoft/vscode-python@a9e299f49c3ab8d9bdb5e16193e9e9098be11934:

Drop the `-insiders` suffix from the VS Code engine (microsoft/vscode-python#20256)


--------------------
Commit message for microsoft/vscode-python@9893a0cdd1b9465c9ae9b750705cd78ef8d3cc55:

Bump VS Code engine to `1.74.0-insiders` (microsoft/vscode-python#20255)

Closes microsoft/vscode-python#20247
--------------------
Commit message for microsoft/vscode-python@b8f9b1d3b453fbabf166ff6b4f9a54e0f08d1a17:

Add button to open folder from venv failure message (microsoft/vscode-python#20243)

Closes https://github.com/microsoft/vscode-python/issues/20242 

cc/ @cwebster-99
--------------------
Commit message for microsoft/vscode-python@c78ef060810cc452a4b336787466479337627094:

Notify Pylance on `jupyter.runStartupCommands` config change (microsoft/vscode-python#20237)


--------------------
Commit message for microsoft/vscode-python@ad46fb3a5888804d39582fe044bfdf07ac3e5804:

Show user deprecated message for unsupported Python versions when launching the debugger (microsoft/vscode-python#20172)

Closed: https://github.com/microsoft/vscode-python/issues/19799 Closes
https://github.com/microsoft/vscode-python/issues/19988
--------------------
Commit message for microsoft/vscode-python@78e136f52dcf45ed0c911065a6bc224195a5f8ad:

Update to proposed telemetry logger (microsoft/vscode-python#20238)

This updates to the proposed telemetry logger to gain support for output
channels
--------------------
Commit message for microsoft/vscode-python@9701c53ccf046c9dd2753f9ee2c2b538d63007b5:

Remove DI from config launch (microsoft/vscode-python#20226)

closed: https://github.com/microsoft/vscode-python/issues/19769
--------------------
Commit message for microsoft/vscode-python@ad0286c9c44884c6d43a7648b14ca69bec9ae989:

Fix venv tests (microsoft/vscode-python#20230)

Closes https://github.com/microsoft/vscode-python/issues/19859
--------------------
Commit message for microsoft/vscode-python@c70a0bccaac31a04b7c85080fc191f56f2192194:

Update cached list of extensions correctly (microsoft/vscode-python#20229)


--------------------
Commit message for microsoft/vscode-python@8fe4d0b9f687f6393a5e26687481df22602b4e50:

Improve doc string for description of environment argument in API (microsoft/vscode-python#20223)

Closes https://github.com/microsoft/vscode-python/issues/20220
--------------------
Commit message for microsoft/vscode-python@db5e96c68757e6f7fb981d1ec9481a4ebf29223a:

Cache the value of `extensions.all` (microsoft/vscode-python#20222)

Fixes microsoft/vscode-python#20221

@karrtikr Please feel free to make necessary changes to this PR to get
this through the tests.

Co-authored-by: Kartik Raj <[email protected]>
--------------------
Commit message for microsoft/vscode-python@29a72b4fca446eeb8629213f7128dd6cdb33e812:

Extend scope of "python.tensorBoard.logDirectory" and support variable substitution (microsoft/vscode-python#20103)

Fixes https://github.com/microsoft/vscode-jupyter/issues/8802

Credit: @PillarsZhang
[patch-by-zhang](https://github.com/PillarsZhang/vscode-python/tree/patch-by-zhang)

Co-authored-by: Evan Philip <[email protected]>
--------------------
Commit message for microsoft/vscode-python@f671b9bb7f932d465b2b9a7891185d89bf961ed9:

Ensure we don't use the same interpreter for equally named project on different hosts (microsoft/vscode-python#20212)

Closes https://github.com/microsoft/vscode-python/issues/19859

Include remote name in path keys for fetch interpreter setting value
--------------------
Commit message for microsoft/vscode-python@f2ca5b9c4130e036c6c75835e5f61d9328aa7c44:

Improve description for `python.terminal.focusAfterLaunch` setting (microsoft/vscode-python#20195)

Closes https://github.com/microsoft/vscode-python/issues/19914
--------------------
Commit message for microsoft/vscode-python@885733e5a3c941e46f23bbb51f6f6a6c93c4bfd2:

Bump loader-utils from 2.0.0 to 2.0.3 (microsoft/vscode-python#20177)

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.0
to 2.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/loader-utils/releases">loader-utils's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.3</h2>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3">2.0.3</a>
(2022-10-20)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> prototype pollution exploit (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/217">#217</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c">a93cf6f</a>)</li>
</ul>
<h2>v2.0.2</h2>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2">2.0.2</a>
(2021-11-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>base64 generation and unicode characters (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/197">#197</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f">8c2d24e</a>)</li>
</ul>
<h2>v2.0.1</h2>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1">2.0.1</a>
(2021-10-29)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>md4 support on Node.js v17 (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/193">#193</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a">1069f61</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/loader-utils/blob/v2.0.3/CHANGELOG.md">loader-utils's
changelog</a>.</em></p>
<blockquote>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3">2.0.3</a>
(2022-10-20)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> prototype pollution exploit (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/217">#217</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c">a93cf6f</a>)</li>
</ul>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2">2.0.2</a>
(2021-11-04)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>base64 generation and unicode characters (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/197">#197</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f">8c2d24e</a>)</li>
</ul>
<h3><a
href="https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1">2.0.1</a>
(2021-10-29)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>md4 support on Node.js v17 (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/193">#193</a>)
(<a
href="https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a">1069f61</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/webpack/loader-utils/commit/7162619fb982c394ed75098a0a0ed7e7f3177c70"><code>7162619</code></a>
chore(release): 2.0.3</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c"><code>a93cf6f</code></a>
fix(security): prototype polution exploit (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/217">#217</a>)</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/90c7c4be17e3e0b2f6091a69c67db7a6df9fd044"><code>90c7c4b</code></a>
chore(release): 2.0.2</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f"><code>8c2d24e</code></a>
fix: base64 generation and unicode characters (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/197">#197</a>)</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/5fb556208426d281a18dfbf6f45dca24bfb24e96"><code>5fb5562</code></a>
chore(release): 2.0.1</li>
<li><a
href="https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a"><code>1069f61</code></a>
fix: md4 support on Node.js v17 (<a
href="https://github-redirect.dependabot.com/webpack/loader-utils/issues/193">#193</a>)</li>
<li>See full diff in <a
href="https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=loader-utils&package-manager=npm_and_yarn&previous-version=2.0.0&new-version=2.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/vscode-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
--------------------
Commit message for microsoft/vscode-python@f9bb14a9d45be9bac664cfc06d7afe08f26ba28e:

Do not replace discovered python executable using `sys.executable` (microsoft/vscode-python#20197)

For https://github.com/microsoft/vscode-python/issues/20189
--------------------
Commit message for microsoft/vscode-python@d9ff1763f0923520dfe083e30bf0791b3784cb57:

Remove pr-chat.yml (microsoft/vscode-python#20193)

It should be safe to remove this now that we switched to webhooks
--------------------
Commit message for microsoft/vscode-python@d17ebcec3a4f202ceb4715040343e97adbd103fe:

Fix errors related to `python.envFile` setting (microsoft/vscode-python#20192)

Closes https://github.com/microsoft/vscode-python/issues/20179
--------------------
Commit message for microsoft/vscode-python@96927c73734722509252d40872ba74bc8d5dcb8b:

Only use environment cache to resolve environment if it has complete information (microsoft/vscode-python#20186)


--------------------
Commit message for microsoft/vscode-python@cff8a97d46465f66fb6f09fd488f43db77bcff3f:

Fix issue with extension prompt being shown to users after install (microsoft/vscode-python#20158)

Fixes https://github.com/microsoft/vscode-python/issues/20157
--------------------
Commit message for microsoft/vscode-python@bdd9a4b67935a30244c9d286d03fdeddd5bc0cc8:

Fix poetry discovery (microsoft/vscode-python#20181)


--------------------
Commit message for microsoft/vscode-python@5bfc6d57338ad7c6c85427e2cef393c067b5d650:

Add more logging and only retry once if fetching interpreter information fails (microsoft/vscode-python#20180)

For https://github.com/microsoft/vscode-python/issues/20147
--------------------
Commit message for microsoft/vscode-python@08417adf5f01ee01db32124ee1114b2390eacd1b:

Do not cache result if running an interpreter fails (microsoft/vscode-python#20178)

For https://github.com/microsoft/vscode-python/issues/20147
--------------------
Commit message for microsoft/vscode-python@8e5ec71e3d4af87e2b8ca09ad55f85445d587870:

Monkeypatch terminals created to log commands sent (microsoft/vscode-python#20173)


--------------------
Commit message for microsoft/vscode-python@c6ad0f8af08ae21abda4d14aa379b31f3c92eb29:

Accept pytest exit code 1 for some tests cannot be collected (microsoft/vscode-python#20074)

In case you have some tests where not successfully collected (e.g. 10 ok
and 1 fail) vscode display only an error in the test explorer. For
pytest it is possible to set the flag `--continue-on-collection-errors`
but also vscode only display an error and not the other successfully
collected tests.
Pytest has a specific exit code for this behaviour (1)
[https://docs.pytest.org/en/7.1.x/reference/exit-codes.html](https://docs.pytest.org/en/7.1.x/reference/exit-codes.html)

Co-authored-by: Eleanor Boyd <[email protected]>
--------------------
Commit message for microsoft/vscode-python@f62e96c39fe9e15cc5422184dac36f4f1a6a1eb7:

Fix linting in debugger (microsoft/vscode-python#20152)

For https://github.com/microsoft/vscode-python/issues/17181
--------------------
Commit message for microsoft/vscode-python@e65775a6befb1d1a6b426a74382c204bdd775695:

Add tests for active environment API (microsoft/vscode-python#20166)

For https://github.com/microsoft/vscode-python/issues/20147
--------------------
Commit message for microsoft/vscode-python@e5412bcc6f37d0257ec6ec3d241d847a6ad5a50b:

Add more logging when resolving environments (microsoft/vscode-python#20165)

For https://github.com/microsoft/vscode-python/issues/20147
--------------------
Commit message for microsoft/vscode-python@0e633edd27ad1bf943f99df0ea9a4cf22e4afdfb:

Remove DI from factory (microsoft/vscode-python#20057)

Closed: microsoft/vscode-python#19768
--------------------
Commit message for microsoft/vscode-python@f1dcf94fcfdd329dfaafc3f5479f2983454de387:

Merge back from release (microsoft/vscode-python#20156)

Co-authored-by: Kartik Raj <[email protected]>
--------------------
Commit message for microsoft/vscode-python@6eed80ad690d7a3557e137e2739663fbd4352be0:

Fix GDPR tagging for package failure event (microsoft/vscode-python#20136)

Great catch by @cwebster-99!
--------------------
Commit message for microsoft/vscode-python@f82e73cae4964714335320f3a707cac637df92cf:

Update Jedi to latest (microsoft/vscode-python#20134)


--------------------
Commit message for microsoft/vscode-python@eb49b2df6c44e4de20b2dee05deabbff26b77b37:

Update engine to upcoming VS Code version (microsoft/vscode-python#20128)

Cherry picking https://github.com/microsoft/vscode-python/pull/20058

Co-authored-by: Karthik Nadig <[email protected]>
--------------------
Commit message for microsoft/vscode-python@1205270cc554ea9e947c296d6b8ace000b146399:

Don't show certain python commands in command palette when you don't have a python file open (microsoft/vscode-python#19977)

Closes microsoft/vscode-python#10441
--------------------
Commit message for microsoft/vscode-python@723126b67015db59643c078cb893dde1b1294c28:

Post release (microsoft/vscode-python#20126)


--------------------
Commit message for microsoft/vscode-python@9e263dc0f367a25eb63689b88b45bc16e62fe1a0:

Update `package.json` for release (microsoft/vscode-python#20125)


-------…
  • Loading branch information
17 people committed Jan 31, 2023
1 parent 96ba831 commit 57caa65
Show file tree
Hide file tree
Showing 182 changed files with 4,516 additions and 3,525 deletions.
34 changes: 1 addition & 33 deletions extensions/positron-python/.eslintignore
Original file line number Diff line number Diff line change
Expand Up @@ -108,17 +108,6 @@ src/test/common/interpreterPathService.unit.test.ts

src/test/pythonFiles/formatting/dummy.ts

src/test/debugger/extension/configuration/debugConfigurationService.unit.test.ts
src/test/debugger/extension/configuration/providers/fileLaunch.unit.test.ts
src/test/debugger/extension/configuration/providers/providerFactory.unit.test.ts
src/test/debugger/extension/configuration/providers/pidAttach.unit.test.ts
src/test/debugger/extension/configuration/resolvers/base.unit.test.ts
src/test/debugger/extension/configuration/resolvers/common.ts
src/test/debugger/extension/configuration/resolvers/attach.unit.test.ts
src/test/debugger/extension/configuration/resolvers/launch.unit.test.ts
src/test/debugger/extension/configuration/launch.json/updaterServer.unit.test.ts
src/test/debugger/extension/configuration/launch.json/completionProvider.unit.test.ts
src/test/debugger/extension/configuration/launch.json/interpreterPathCommand.unit.test.ts
src/test/debugger/extension/banner.unit.test.ts
src/test/debugger/extension/adapter/adapter.test.ts
src/test/debugger/extension/adapter/outdatedDebuggerPrompt.unit.test.ts
Expand Down Expand Up @@ -183,7 +172,6 @@ src/client/formatters/baseFormatter.ts
src/client/testing/serviceRegistry.ts
src/client/testing/main.ts
src/client/testing/configurationFactory.ts
src/client/testing/common/debugLauncher.ts
src/client/testing/common/constants.ts
src/client/testing/common/testUtils.ts
src/client/testing/common/socketServer.ts
Expand Down Expand Up @@ -272,38 +260,18 @@ src/client/common/process/pythonProcess.ts
src/client/common/process/pythonEnvironment.ts
src/client/common/process/decoder.ts

src/client/debugger/extension/configuration/providers/moduleLaunch.ts
src/client/debugger/extension/configuration/providers/fastapiLaunch.ts
src/client/debugger/extension/configuration/providers/flaskLaunch.ts
src/client/debugger/extension/configuration/providers/fileLaunch.ts
src/client/debugger/extension/configuration/providers/remoteAttach.ts
src/client/debugger/extension/configuration/providers/djangoLaunch.ts
src/client/debugger/extension/configuration/providers/providerFactory.ts
src/client/debugger/extension/configuration/providers/pyramidLaunch.ts
src/client/debugger/extension/configuration/providers/pidAttach.ts
src/client/debugger/extension/configuration/resolvers/base.ts
src/client/debugger/extension/configuration/resolvers/helper.ts
src/client/debugger/extension/configuration/resolvers/launch.ts
src/client/debugger/extension/configuration/resolvers/attach.ts
src/client/debugger/extension/configuration/debugConfigurationService.ts
src/client/debugger/extension/configuration/launch.json/updaterService.ts
src/client/debugger/extension/configuration/launch.json/interpreterPathCommand.ts
src/client/debugger/extension/configuration/launch.json/completionProvider.ts
src/client/debugger/extension/banner.ts
src/client/debugger/extension/serviceRegistry.ts

src/client/debugger/extension/adapter/remoteLaunchers.ts
src/client/debugger/extension/adapter/outdatedDebuggerPrompt.ts
src/client/debugger/extension/adapter/factory.ts
src/client/debugger/extension/adapter/activator.ts
src/client/debugger/extension/adapter/logging.ts
src/client/debugger/extension/types.ts
src/client/debugger/extension/hooks/eventHandlerDispatcher.ts
src/client/debugger/extension/hooks/childProcessAttachService.ts
src/client/debugger/extension/attachQuickPick/wmicProcessParser.ts
src/client/debugger/extension/attachQuickPick/factory.ts
src/client/debugger/extension/attachQuickPick/psProcessParser.ts
src/client/debugger/extension/attachQuickPick/picker.ts
src/client/debugger/extension/helpers/protocolParser.ts

src/client/application/serviceRegistry.ts
src/client/application/diagnostics/surceMapSupportService.ts
Expand Down
3 changes: 0 additions & 3 deletions extensions/positron-python/.github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,3 @@ contact_links:
- name: Help/Support
url: https://github.com/microsoft/vscode-python/discussions/categories/q-a
about: 'Having trouble with the extension? Need help getting something to work?'
- name: 'Chat'
url: https://aka.ms/python-discord
about: 'You can ask for help or chat in the `#vscode` channel of our microsoft-python Discord server'
125 changes: 72 additions & 53 deletions extensions/positron-python/.github/release_plan.md
Original file line number Diff line number Diff line change
@@ -1,66 +1,85 @@
All dates should align with VS Code's [iteration](https://github.com/microsoft/vscode/labels/iteration-plan) and [endgame](https://github.com/microsoft/vscode/labels/endgame-plan) plans.

# Feature freeze (Monday @ 17:00 America/Vancouver, XXX XX)
Feature freeze is Monday @ 17:00 America/Vancouver, XXX XX.


NOTE: the number of this release is in the issue title and can be substituted in wherever you see [YYYY.minor].

- [ ] Announce the feature freeze on both Teams and e-mail, leave enough time for teams to surface any last minute issues that need to get in before freeze. Make sure debugger and Language Server teams are looped in as well.

# Release candidate (Monday, XXX XX)

NOTE: Third Party Notices are automatically added by our build pipelines using https://tools.opensource.microsoft.com/notice.

- [ ] Update `main` for the release
- [ ] Change the version in [`package.json`](https://github.com/Microsoft/vscode-python/blob/main/package.json) to the next **even** number and switch the `-dev` to `-rc` (🤖)
- [ ] Run `npm install` to make sure [`package-lock.json`](https://github.com/Microsoft/vscode-python/blob/main/package.json) is up-to-date, you should now see changes to the`package.json` and `package-lock.json` (🤖)
- [ ] Check [`pypi.org`](https://pypi.org/search/?q=debugpy) and update the version of `debugpy` in `install_debugpy.py` if necessary.
- [ ] Update [`ThirdPartyNotices-Repository.txt`](https://github.com/Microsoft/vscode-python/blob/main/ThirdPartyNotices-Repository.txt) as appropriate. This file is manually edited so you can check with the teams if anything needs to be added here.
- [ ] Get approval on PR then merge pull request into `main`
- [ ] Create the [`release` branch](https://github.com/microsoft/vscode-python/branches)
- [ ] If there are `release` branches that are two versions old you can delete them at this time
- [ ] Click `draft new release` then create a tag for this release matching the `release/YYYY.XX` format
- [ ] Click `generate release notes`
- [ ] Create a new `release/YYYY.XX` branch from `main`
- [ ] Create a draft [GitHub release](https://github.com/microsoft/vscode-python/releases) for the release notes (🤖)
- [ ] Update `main` post-release (🤖)
- [ ] Bump the minor version number to the next ("YYYY.[minor+1]") release in the `main` branch to an **odd** number and switch the `-rc` to `-dev`(🤖)
- [ ] Run `npm install` to make sure [`package-lock.json`](https://github.com/Microsoft/vscode-python/blob/main/package.json) is up-to-date, you should now see changes to the`package.json` and `package-lock.json` (🤖)
- [ ] Create a pull request against `main`
- [ ] Get approval on PR then merge pull request into `main`
- [ ] Announce the code freeze is over on the same channels, not required if this occurs on normal release cadence
- [ ] Update Component Governance (Notes are in the team OneNote under Python VS Code → Dev Process → Component Governance).
- [ ] Check pipeline on Azure DevOps under [`monacotools/Monaco/Compliance/Component Governance`](https://dev.azure.com/monacotools/Monaco/_componentGovernance/192726?_a=alerts&typeId=11825783&alerts-view-option=active)
- [ ] Make sure there are no active alerts
- [ ] Manually add any repository/embedded/CG-incompatible dependencies
- [ ] Open appropriate [documentation issues](https://github.com/microsoft/vscode-docs/issues?q=is%3Aissue+is%3Aopen+label%3Apython)
- [ ] Begin drafting a [blog](http://aka.ms/pythonblog) post. Contact the PM team for this.
NOTE: Third Party Notices are automatically added by our build pipelines using https://tools.opensource.microsoft.com/notice.

### Step 1:
##### Bump the version of `main` to be a release candidate (also updating debugpy dependences, third party notices, and package-lock.json).❄️ (steps with ❄️ will dictate this step happens while main is frozen 🥶)

- [ ] checkout to `main` on your local machine and run `git fetch` to ensure your local is up to date with the remote repo.
- [ ] Create a new branch called **`bump-release-[YYYY.minor]`**.
- [ ] Change the version in `package.json` to the next **even** number and switch the `-dev` to `-rc`. (🤖)
- [ ] Run `npm install` to make sure `package-lock.json` is up-to-date _(you should now see changes to the `package.json` and `package-lock.json` at this point which update the version number **only**)_. (🤖)
- [ ] Check [debugpy on PyPI](https://pypi.org/project/debugpy/) for a new release and update the version of debugpy in [`install_debugpy.py`](https://github.com/microsoft/vscode-python/blob/main/pythonFiles/install_debugpy.py) if necessary.
- [ ] Update `ThirdPartyNotices-Repository.txt` as appropriate. You can check by looking at the [commit history](https://github.com/microsoft/vscode-python/commits/main) and scrolling through to see if there's anything listed there which might have pulled in some code directly into the repository from somewhere else. If you are still unsure you can check with the team.
- [ ] Create a PR from your branch **`bump-release-[YYYY.minor]`** to `main`. Add the `"no change-log"` tag to the PR so it does not show up on the release notes before merging it.

NOTE: this PR will fail the test in our internal release pipeline called `VS Code (pre-release)` because the version specified in `main` is (temporarily) an invalid pre-release version. This is expected as this will be resolved below.


### Step 2: Creating your release branch ❄️
- [ ] Create a release branch by creating a new branch called **`release/YYYY.minor`** branch from `main`. This branch is now the candidate for our release which will be the base from which we will release.

NOTE: If there are release branches that are two versions old you can delete them at this time.

### Step 3 Create a draft GitHub release for the release notes (🤖) ❄️

- [ ] Create a new [GitHub release](https://github.com/microsoft/vscode-python/releases/new).
- [ ] Specify a new tag called `YYYY.minor.0`.
- [ ] Have the `target` for the github release be your release branch called **`release/YYYY.minor`**.
- [ ] Create the release notes by specifying the previous tag for the last stable release and click `Generate release notes`. Quickly check that it only contain notes from what is new in this release.
- [ ] Click `Save draft`.

### Step 4: Return `main` to dev and unfreeze (❄️ ➡ 💧)
NOTE: The purpose of this step is ensuring that main always is on a dev version number for every night's 🌃 pre-release. Therefore it is imperative that you do this directly after the previous steps to reset the version in main to a dev version **before** a pre-release goes out.
- [ ] Create a branch called **`bump-dev-version-YYYY.[minor+1]`**.
- [ ] Bump the minor version number in the `package.json` to the next `YYYY.[minor+1]` which will be an odd number, and switch the `-rc` to `-dev`.(🤖)
- [ ] Run `npm install` to make sure `package-lock.json` is up-to-date _(you should now see changes to the `package.json` and `package-lock.json` only relating to the new version number)_ . (🤖)
- [ ] Create a PR from this branch against `main` and merge it.

NOTE: this PR should make all CI relating to `main` be passing again (such as the failures stemming from step 1).

### Step 5: Notifications and Checks on External Release Factors
- [ ] Check [Component Governance](https://dev.azure.com/monacotools/Monaco/_componentGovernance/192726?_a=alerts&typeId=11825783&alerts-view-option=active) to make sure there are no active alerts.
- [ ] Manually add/fix any 3rd-party licenses as appropriate based on what the internal build pipeline detects.
- [ ] Open appropriate [documentation issues](https://github.com/microsoft/vscode-docs/issues?q=is%3Aissue+is%3Aopen+label%3Apython).
- [ ] Contact the PM team to begin drafting a blog post.


# Release (Wednesday, XXX XX)

## Preparation

- [ ] Make sure the [appropriate pull requests](https://github.com/microsoft/vscode-docs/pulls) for the [documentation](https://code.visualstudio.com/docs/python/python-tutorial) -- including the [WOW](https://code.visualstudio.com/docs/languages/python) page -- are ready
- [ ] Final updates to the `release-YYYY.minor` branch
- [ ] Create a branch against `release-YYYY.minor` for a pull request
- [ ] Update the version in [`package.json`](https://github.com/Microsoft/vscode-python/blob/main/package.json) to remove the `-rc` (🤖)
- [ ] Run `npm install` to make sure [`package-lock.json`](https://github.com/Microsoft/vscode-python/blob/main/package.json) is up-to-date (the only update should be the version number if `package-lock.json` has been kept up-to-date) (🤖)
- [ ] Update [`ThirdPartyNotices-Repository.txt`](https://github.com/Microsoft/vscode-python/blob/main/ThirdPartyNotices-Repository.txt) manually if necessary
- [ ] Create pull request against `release/YYYY.minor` (🤖)
- [ ] Merge pull request into `release/YYYY.minor`

## Release

- [ ] Make sure [CI](https://github.com/microsoft/vscode-python/actions?query=workflow:%22Build%22) is passing for Release branch (🤖).
- [ ] Run the [CD](https://dev.azure.com/monacotools/Monaco/_build?definitionId=299) pipeline on the `release/yyyy.minor` branch.
- [ ] Check to ensure VS Code release has gone out before moving onto publishing the python extension
- [ ] Press the approve button if everything looks good to publish to market place.
- [ ] Create a [GitHub release](https://github.com/microsoft/vscode-python/releases) (🤖)
- [ ] Update the release notes
- [ ] Take the release out of draft
- [ ] Publish [documentation changes](https://github.com/Microsoft/vscode-docs/pulls?q=is%3Apr+is%3Aopen+label%3Apython)
- [ ] Publish the [blog](http://aka.ms/pythonblog) post
- [ ] Determine if a hotfix is needed
- [ ] Merge the release branch back into `main`. Don't overwrite the main branch version. (🤖)
### Step 6: Take the release branch from a candidate to the finalized release
- [ ] Make sure the [appropriate pull requests](https://github.com/microsoft/vscode-docs/pulls) for the [documentation](https://code.visualstudio.com/docs/python/python-tutorial) -- including the [WOW](https://code.visualstudio.com/docs/languages/python) page -- are ready.
- [ ] Check to make sure any final updates to the **`release/YYYY.minor`** branch have been merged.
- [ ] Create a branch against **`release/YYYY.minor`** called **`finalized-release-[YYYY.minor]`**.
- [ ] Update the version in `package.json` to remove the `-rc` (🤖) from the version.
- [ ] Run `npm install` to make sure `package-lock.json` is up-to-date _(the only update should be the version number if `package-lock.json` has been kept up-to-date)_. (🤖)
- [ ] Update `ThirdPartyNotices-Repository.txt` manually if necessary.
- [ ] Create a PR from **`finalized-release-[YYYY.minor]`** against `release/YYYY.minor` and merge it.


### Step 7: Execute the Release
- [ ] Make sure CI is passing for **`release/YYYY.minor`** release branch (🤖).
- [ ] Run the [CD](https://dev.azure.com/monacotools/Monaco/_build?definitionId=299) pipeline on the **`release/YYYY.minor`** branch.
- [ ] Click `run pipeline`.
- [ ] for `branch/tag` select the release branch which is **`release/YYYY.minor`**.
- NOTE: Please opt to release the python extension close to when VS Code is released to align when release notes go out. When we bump the VS Code engine number, our extension will not go out to stable until the VS Code stable release but this only occurs when we bump the engine number.
- [ ] 🧍🧍 Get approval on the release on the [CD](https://dev.azure.com/monacotools/Monaco/_build?definitionId=299).
- [ ] Click "approve" in the publish step of [CD](https://dev.azure.com/monacotools/Monaco/_build?definitionId=299) to publish the release to the marketplace. 🎉
- [ ] Take the Github release out of draft.
- [ ] Publish documentation changes.
- [ ] Contact the PM team to publish the blog post.
- [ ] Determine if a hotfix is needed.
- [ ] Merge the release branch **`release/YYYY.minor`** back into `main`. (This step is only required if changes were merged into the release branch. If the only change made on the release branch is the version, this is not necessary. Overall you need to ensure you DO NOT overwrite the version on the `main` branch.)

## Prep for the _next_ release

- [ ] Create a new [release plan](https://raw.githubusercontent.com/microsoft/vscode-python/main/.github/release_plan.md) (🤖)
- [ ] Create a new [release plan](https://raw.githubusercontent.com/microsoft/vscode-python/main/.github/release_plan.md). (🤖)
- [ ] [(Un-)pin](https://help.github.com/en/articles/pinning-an-issue-to-your-repository) [release plan issues](https://github.com/Microsoft/vscode-python/labels/release%20plan) (🤖)
1 change: 0 additions & 1 deletion extensions/positron-python/.github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ env:
# Use the mocha-multi-reporters and send output to both console (spec) and JUnit (mocha-junit-reporter).
# Also enables a reporter which exits the process running the tests if it haven't already.
MOCHA_REPORTER_JUNIT: true
DISABLE_TRANSLATIONS: true

jobs:
setup:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
lock-issues:
runs-on: ubuntu-latest
steps:
- uses: dessant/lock-threads@v3
- uses: dessant/lock-threads@v4
with:
github-token: ${{ github.token }}
issue-inactive-days: '30'
Expand Down
25 changes: 0 additions & 25 deletions extensions/positron-python/.github/workflows/pr-chat.yml

This file was deleted.

1 change: 0 additions & 1 deletion extensions/positron-python/.github/workflows/pr-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ env:
ARTIFACT_NAME_VSIX: ms-python-insiders-vsix
VSIX_NAME: ms-python-insiders.vsix
TEST_RESULTS_DIRECTORY: .
DISABLE_TRANSLATIONS: true
# Force a path with spaces and to test extension works in these scenarios
# Unicode characters are causing 2.7 failures so skip that for now.
special-working-directory: './path with spaces'
Expand Down
2 changes: 1 addition & 1 deletion extensions/positron-python/.github/workflows/pr-labels.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'PR impact specified'
uses: mheap/github-action-required-labels@v2
uses: mheap/github-action-required-labels@v3
with:
mode: exactly
count: 1
Expand Down
26 changes: 0 additions & 26 deletions extensions/positron-python/.github/workflows/telemetry.yml

This file was deleted.

1 change: 1 addition & 0 deletions extensions/positron-python/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -46,4 +46,5 @@ dist/**
*.xlf
*.nls.*.json
*.i18n.json
l10n/
tags
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,7 @@ resources:
extends:
template: azure-pipelines/extension/pre-release.yml@templates
parameters:
locTsConfigs: $(Build.SourcesDirectory)/tsconfig.json
locBundleDestination: $(Build.SourcesDirectory)/out/client
l10nSourcePaths: ./src/client
buildSteps:
- task: NodeTool@0
inputs:
Expand Down
Loading

0 comments on commit 57caa65

Please sign in to comment.