AIInfoQabout 5 hours ago

VS Code 1.123 Delays Extension Updates by Two Hours

1 min read

VS Code 1.123, shipped June 3, delays auto-updates for new extension versions by two hours to limit supply chain attacks. Users can manually update anytime. The delay does not apply to trusted publishers like Microsoft, GitHub, and OpenAI. The two-hour window is shorter than cooldowns in other package ecosystems.

Level

Hype check

Tap to vote and see what everyone thinks.

#vscode #supply chain #security

VS Code 1.123 Delays Extension Updates by Two Hours

More to chew on!

More to chew on!