vscode: endless loop while updating extension
- VSCode Version: 1.46.0-insider
- OS Version: Ubuntu 20.04
Steps to Reproduce:
- Install Version Lens
- Version Lens tries to update 1.0.1 (even though latest version seems to be 1.0.0)
- Endless loop
Does this issue occur when all extensions are disabled? No
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 30
- Comments: 22 (8 by maintainers)
@joaomoreno
The problem seems to be how vscode is handling the api results from the marketplace
When version lens is not installed the json results from https://marketplace.visualstudio.com/_apis/public/gallery/extensionquery shows
v1.0.0 and
flags=verified
(screenshots from fiddler)Once version lens is installed then the json shows v1.0.4 with
flags=none
This is when I see
In the marketplace
After publishing the extension since v1.0.0 I see this error (screenshot from 2 days ago):
The error popup says this:
I get a log file emailed to me and that shows the same high level message.
To add I have’nt actually included anything unsafe, in fact since v1.0.0 I’ve reduced the amount of production node_modules to less than half the file size.
There are 0 security issues reported by npm audit and github, so god knows what marketplace is falling over on.
When running vscode/vsce it packages and publishes to marketplace with no errors.
I emailed marketplace support 2 days ago and I’m just waiting to get more information about what the problem is.
The short term workaround is to install manually from the generated releases -> https://github.com/vscode-contrib/vscode-versionlens/releases
The issue is also being tracked at https://github.com/vscode-contrib/vscode-versionlens/issues/211
@isidorn , I see the fix in 667142d is to filter the extensions provided by the Marketplace to prevent getting unvalidated extensions. It’s a great mitigation, but consider this: servers have bugs, so can you really trust them? If the Marketplace starts sending unvalidated extension versions again we will be in the same situation. I recommend an additional fix, that will make the client resilient to server bugs. For example, if an auto-update fails, don’t try again for X minutes.
//cc @fiveisprime , @xavierdecoster
I’m thinking this has something to do with #98375, which was mitigated last night. I’ll reach out to the marketplace team.
We initially released v1.0.29 on Thursday which was when we first saw the update loop problem.
Tried again with v1.0.30, which had a small change, on Friday quite quickly after everything was reported to be working fine here - https://status.dev.azure.com/_event/189079011 I suspect we did it too soon and that there was a backlog or something.
Then tried v1.0.31 (same as v1.0.30, minus a change to our changelog) which worked earlier.
Analysis
The valid version available for installing this extension is
1.0.0
and it seems Marketplace also has a non validated version1.0.4
of this extension.VS Code is not excluding non validated extensions while querying market place for latest versions but excluding while installing. Hence an update to
1.0.4
is seen always but while trying to install, it installs1.0.0
version and this is going in auto update loop.Removing the candidate tag as there is a new valid version of
Version Lens
extension is published and available in Marketplace which fixes existing clients.Over at https://github.com/IBM-Blockchain/blockchain-vscode-extension, we published a new version of our extension earlier and all seems to be working now. @pflannery
I am sorry that I do not know about how validation is being done.
CCing @fiveisprime @joaomoreno
This issue is causing fan in MacPro spin at highest rate