mirror of
https://github.com/giancarloerra/socraticode.git
synced 2026-06-01 22:18:57 +02:00
Giancarlo Erra
562a946053
A pass over the extension surface to address review feedback: Safety / hardening: - `graphPanel.ts`: validate `m.path` from the webview before opening files. Reject absolute paths and any path that escapes the workspace root (`..`, `/foo`, `C:/...`). Validate the line number is a positive integer before constructing a `Range`. Surface failures via the output channel rather than letting the rejection bubble up. - `mcpProvider.ts`: defensively check that `vscode.lm.registerMcpServerDefinitionProvider` exists before calling it. The `engines.vscode: ^1.99.0` field already enforces this on install, but some VS Code-derived editors mis-report their engine version. The extension now degrades gracefully (sidebar, commands, status bar still work) instead of failing activation. - `commands.ts` and `graphPanel.ts`: wrap `workbench.action.chat.open` in try/catch. Not every VS Code-compatible editor exposes that command; falling back to the output channel avoids unhandled rejections after the user clicked "Open chat". - `extension.ts`: persist the first-run walkthrough flag only after the walkthrough command resolves successfully, so a transient failure doesn't silently skip the onboarding forever. CI gates: - `extension-ci.yml` and `extension-release.yml`: run `npm test` between typecheck and build, so manifest-level smoke regressions can't slip through to either the PR artefact or the marketplace publishes. Settings copy: - `socraticode.env` description: explicitly call out that the setting is for non-secret config only. Recommend OS environment variables / local `.env` files for API keys, since workspace settings can sync via Settings Sync and end up in committed `.vscode/settings.json`. Quality of life: - `sidebar.ts` `formatRelative`: clamp the computed seconds to zero so a file mtime slightly ahead of the local clock doesn't render "-5s ago". - `walkthroughs/first-index.md`: corrected the embedding model name (`nomic-embed-text`, not `mxbai-embed-large`) to match the engine default in `src/constants.ts`. Lint / docs: - `extension/README.md`: hyphenate "Eclipse Theia-based editors". - `DEVELOPER.md`: add `text` language hint to the directory-tree code fence (markdownlint MD040). Updated the inline comment for `settings.ts` to reflect its current shape. - `README.md`: reflow the "extension vs plugin" callout into a single blockquote (markdownlint MD028). Lint, typecheck, manifest tests and build all clean. Engine unit tests unaffected (706/706 still pass).