Fix functional issues and update dependencies#3001
Open
g2vinay wants to merge 3 commits into
Open
Conversation
Upgrades @microsoft/vscode-azext-utils from ~2 (locked at 2.6.8) to ~4 (locked at 4.1.1) across all three VS Code extensions: - servers/Azure.Mcp.Server/vscode - servers/Fabric.Mcp.Server/vscode - servers/Template.Mcp.Server/vscode Compile, build, and eng/scripts/Build-Local.ps1 -VerifyNpx all pass. Closes microsoft#2632 Closes microsoft#2633
The switch in CreateDefaultCredential had a silent default: case that fell back to the full default credential chain with no indication that the supplied value was unrecognized. A typo such as AZURE_TOKEN_CREDENTIALS=AzuerCliCredential would silently use the default chain, making the misconfiguration invisible. Fix: emit a LogWarning in the default: case before falling back, listing the recognized values so the user can identify and correct the typo immediately. Changes: - Add AcceptedTokenCredentialValues static array (single source of truth for the warning message). - Add optional ILogger parameter to CreateDefaultCredential and thread it through from CreateCredential, which already held the logger. - Emit LogWarning in default: with the unrecognized value and the list of accepted values. - Add UnknownCredentialValue_LogsWarning_AndFallsBackToDefaultChain test with CapturingLoggerProvider/CapturingLogger helpers. Closes microsoft#399
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates VS Code extension dependencies across the Azure/Fabric/Template MCP servers and fixes two functional issues in Azure authentication credential selection: (1) warning on unknown AZURE_TOKEN_CREDENTIALS values instead of silently falling back, and (2) thread-safe, single-initialization of the credential chain under concurrent access, with added tests and changelog entries.
Changes:
- Bumped
@microsoft/vscode-azext-utilsand@vscode/vsceversions across all three VS Code extensions (and updated lockfiles accordingly). - Updated
CustomChainedCredentialto useLazy<TokenCredential>and to log warnings for unrecognizedAZURE_TOKEN_CREDENTIALSvalues. - Added unit tests and changelog-entry YAMLs documenting these updates/fixes.
Reviewed changes
Copilot reviewed 9 out of 12 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| servers/Template.Mcp.Server/vscode/package.json | Update VS Code extension dependency versions. |
| servers/Template.Mcp.Server/vscode/package-lock.json | Lockfile updates for the dependency bumps. |
| servers/Fabric.Mcp.Server/vscode/package.json | Update VS Code extension dependency versions (plus JSON formatting change). |
| servers/Fabric.Mcp.Server/vscode/package-lock.json | Lockfile updates for the dependency bumps. |
| servers/Fabric.Mcp.Server/changelog-entries/1783387640737.yaml | Changelog entry for Fabric VS Code dependency updates. |
| servers/Azure.Mcp.Server/vscode/package.json | Update VS Code extension dependency versions. |
| servers/Azure.Mcp.Server/vscode/package-lock.json | Lockfile updates for the dependency bumps. |
| servers/Azure.Mcp.Server/changelog-entries/1783400773627.yaml | Changelog entry for CustomChainedCredential thread-safety fix. |
| servers/Azure.Mcp.Server/changelog-entries/1783387640512.yaml | Changelog entry for warning on unrecognized AZURE_TOKEN_CREDENTIALS. |
| servers/Azure.Mcp.Server/changelog-entries/1783387640306.yaml | Changelog entry for Azure VS Code dependency updates. |
| core/Microsoft.Mcp.Core/src/Services/Azure/Authentication/CustomChainedCredential.cs | Implement Lazy<T> initialization + add warning for unknown env var values. |
| core/Azure.Mcp.Core/tests/Azure.Mcp.Core.Tests/Services/Azure/Authentication/CustomChainedCredentialTests.cs | Add tests for warning behavior and concurrent initialization behavior. |
Files not reviewed (3)
- servers/Azure.Mcp.Server/vscode/package-lock.json: Generated file
- servers/Fabric.Mcp.Server/vscode/package-lock.json: Generated file
- servers/Template.Mcp.Server/vscode/package-lock.json: Generated file
338e32f to
9cca07d
Compare
…zation The ??= compound assignment is not atomic in C#. Under concurrent GetToken / GetTokenAsync calls before the credential chain was initialized (e.g. parallel tool calls on server startup in HTTP mode), two threads could both observe _credential == null, construct separate ChainedTokenCredential instances, and have one silently discarded. The two chains may hold diverged MSAL token cache handles, causing intermittent authentication failures. Fix: replace the nullable field + ??= pattern with Lazy<TokenCredential> using LazyThreadSafetyMode.ExecutionAndPublication, which provides guaranteed single initialization under concurrent access with no manual locking required. Also adds GetToken_ConcurrentCalls_InitializesCredentialExactlyOnce test to verify the Lazy<T>.IsValueCreated post-concurrent access. Closes microsoft#398
9cca07d to
0684f6f
Compare
KarishmaGhiya
approved these changes
Jul 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses following issues:
#2632 / #2633 — VS Code extension dependency updates
@microsoft/vscode-azext-utilsfrom~2(2.6.8) to~4(4.1.1) across all three VS Code extensions (Azure.Mcp.Server,Fabric.Mcp.Server,Template.Mcp.Server)@vscode/vscefrom3.7.1to3.9.2across the same extensionstsccompile, webpack build, andeng/scripts/Build-Local.ps1 -VerifyNpxall pass#399 — Silent fallback on unrecognized
AZURE_TOKEN_CREDENTIALSvaluedefault:case inCreateDefaultCredentialpreviously fell back to the full default credential chain with no indication the supplied value was unrecognized (e.g. a typo likeAzuerCliCredential)LogWarninglisting the recognized values before falling backAcceptedTokenCredentialValuesstatic array as single source of truth for the warning messageUnknownCredentialValue_LogsWarning_AndFallsBackToDefaultChaintest#398 — Thread-safety race in
CustomChainedCredentiallazy initialization??=is not atomic in C#; concurrentGetToken/GetTokenAsynccalls before initialization could construct duplicate credential chains with diverged MSAL token cachesTokenCredential? _credential+??=withLazy<TokenCredential>(ExecutionAndPublication) for guaranteed single initialization under concurrent accessGetToken_ConcurrentCalls_InitializesCredentialExactlyOncetestCloses #2632, #2633, #399, #398