VS Code 1.123 Adds Two-Hour Extension Update Delay to Limit Supply Chain Attacks
VS Code 1.123 adds a two-hour delay before auto-updating extensions to newly published versions, creating a revocation window against supply chain attacks. The delay does not apply to trusted publishers like Microsoft, GitHub, and OpenAI. Similar cooldown mechanisms have now spread across pip, RubyG
⚡
Key Insights
10 editorial insights.
AiFeed24 Team·⏱ 1 min read·News
Deep Analysis
Multi-Source Intelligence
Found this useful? Share it!