Update strictKnownMarketplaces managed setting to support rich types#322025
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR evolves the strictKnownMarketplaces enterprise-managed setting from a boolean flag into a rich, JSON-encoded allowlist (array of typed source descriptors), updates the policy/configuration plumbing to support union-typed settings (e.g. ['array','null']), and shifts strict-marketplace enforcement to install-time trust/installation flows.
Changes:
- Teach
PolicyConfigurationto handle union-typed configuration schemas and to parse JSON policy strings unless the setting accepts strings. - Adapt
/copilot_internal/managed_settingsresponse to emitstrictKnownMarketplacesas a canonical JSON string in the managed-settings bag. - Add strict marketplace allowlist matching and wire it into marketplace trust + install flows; add unit tests for parsing/matching.
Show a summary per file
| File | Description |
|---|---|
| src/vs/workbench/services/policies/test/browser/multiplexPolicyService.test.ts | Adds coverage for union-typed (array | null) policy registration + JSON-string parsing. |
| src/vs/workbench/services/accounts/test/browser/managedSettings.test.ts | Updates tests to expect strictKnownMarketplaces carried as a JSON string (including lockdown []). |
| src/vs/workbench/services/accounts/browser/managedSettings.ts | Emits strictKnownMarketplaces into the managed-settings bag as a JSON string when present. |
| src/vs/workbench/contrib/chat/test/common/plugins/strictKnownMarketplaces.test.ts | New tests for coercion + allowlist matching behaviors across source types. |
| src/vs/workbench/contrib/chat/test/browser/plugins/pluginInstallService.test.ts | Updates the marketplace-service stub to include strict-policy state. |
| src/vs/workbench/contrib/chat/common/plugins/strictKnownMarketplaces.ts | New allowlist parsing/matching helpers for strict marketplace policy. |
| src/vs/workbench/contrib/chat/common/plugins/pluginMarketplaceService.ts | Changes trust semantics under strict policy + adds isStrictMarketplacePolicyActive(). |
| src/vs/workbench/contrib/chat/common/plugins/agentPluginServiceImpl.ts | Removes strict-marketplace load-time gating (install-time only). |
| src/vs/workbench/contrib/chat/browser/pluginInstallService.ts | Blocks “trust marketplace” prompts under strict policy and surfaces an enterprise-policy notification. |
| src/vs/workbench/contrib/chat/browser/chat.shared.contribution.ts | Updates chat.plugins.strictMarketplaces schema to array | null and switches managed-settings type to string. |
| src/vs/platform/policy/common/copilotManagedSettings.ts | Documents strictKnownMarketplaces as a JSON-encoded allowlist key. |
| src/vs/platform/configuration/common/configurations.ts | Adds union-type normalization and improved JSON parsing rules for policy-backed settings. |
| src/vs/base/common/managedSettings.ts | Introduces IStrictMarketplaceSource as the shared allowlist entry type. |
Copilot's findings
- Files reviewed: 13/13 changed files
- Comments generated: 4
…ings # Conflicts: # src/vs/platform/configuration/common/configurations.ts
Contributor
Author
|
cc @joshspicer |
connor4312
reviewed
Jun 19, 2026
Comment on lines
+430
to
+441
| if (this._pluginMarketplaceService.isStrictMarketplacePolicyActive()) { | ||
| this._notificationService.notify({ | ||
| severity: Severity.Warning, | ||
| message: localize('strictMarketplaceBlockedInstall', "Plugins from '{0}' are blocked by your organization's policy.", plugin.marketplaceReference.displayLabel), | ||
| actions: { | ||
| primary: [new Action('chat.plugins.viewMarketplacePolicy', localize('viewPolicySettings', "View Policy Settings"), undefined, true, () => { | ||
| return this._commandService.executeCommand('workbench.action.openSettings', ChatConfiguration.StrictMarketplaces); | ||
| })], | ||
| }, | ||
| }); | ||
| return false; | ||
| } |
Member
There was a problem hiding this comment.
Would this prevent the user from ever being able to trust a marketplace for the first time when the policy is active?
Contributor
Author
There was a problem hiding this comment.
Good question - Allowlisted marketplaces aren't affected — when the strict policy is active, isMarketplaceTrusted() is governed by the allowlist (it ignores the user-trust store), so a marketplace on the org allowlist returns true from the earlier check and installs without any prompt. This branch is only reached for marketplaces not on the allowlist, where blocking (rather than offering a trust dialog) is by design — under strict mode the user must not be able to self-grant trust to bypass the enterprise allowlist.
alexr00
approved these changes
Jun 19, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes https://github.com/microsoft/vscode-internalbacklog/issues/8059
Update strictKnownMarketplaces managed setting that restricts which marketplace sources users can add and install plugins from.
This only blocks installation, and does not retroactively prevent loading plugins that are already installed.
Behavior enabled: