This repository was archived by the owner on May 20, 2026. It is now read-only.
Add vscode-chat-response-resource:// URIs to allowlist to fix chat response resource reads#5056
Closed
Bestra wants to merge 1 commit into
Closed
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Bestra
changed the title
vscode-chat-response-resource:// URIs to allowlist to fix chat response resource reads
Author
|
I'll try this out locally before undrafting |
Author
|
I've tested this out on my machine and it works, i've added a screenshot to the description. I think this is ready for review. |
Contributor
There was a problem hiding this comment.
Pull request overview
Centralizes the read-only allowlist logic in assertFileOkForTool and isFileExternalAndNeedsConfirmation into a shared helper, and adds vscode-chat-response-resource:// URIs to the allowlist so chat response resources (e.g. from GitHub MCP server for Copilot Spaces) can be read without requiring an open editor tab.
Changes:
- Extract allowlist checks into a single
isUriAllowedWithoutWorkspaceMembershiphelper used by both access-check functions. - Allow
vscode-chat-response-resourcescheme through read-only access checks. - Add unit tests for the new behavior in
toolUtils.spec.tsandreadFile.spec.tsx.
Show a summary per file
| File | Description |
|---|---|
| src/extension/tools/node/toolUtils.ts | Adds shared allowlist helper and routes both access-check entry points through it; allows vscode-chat-response-resource for read-only. |
| src/extension/tools/node/test/toolUtils.spec.ts | Adds regression tests for chat response resource allowlisting in read-only vs non-read-only mode. |
| src/extension/tools/node/test/readFile.spec.tsx | Adds regression that ReadFileTool.prepareInvocation works for chat response resources without an open tab. |
Copilot's findings
- Files reviewed: 3/3 changed files
- Comments generated: 0
Author
|
Closing this PR, this has been fixed 🙇 microsoft/vscode@19d4617 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In microsoft/vscode#308877 we're running into a problem where the resources from the GitHub MCP server (specifically for copilot spaces) come in under URIs like:
vscode-chat-response-resource://...These aren't part of the allowlist for readonly files so the model can't access them.
Summary
vscode-chat-response-resourceURIs through both read-file access checksTesting
I also tested this locally in my Insiders instance using the launch copilot extension run and debug.
and it works swimmingly.