This PR adds support for a new encryption format for exchanging access
tokens during the authentication flow.
The new format uses Optimal Asymmetric Encryption Padding (OAEP) instead
of PKCS#1 v1.5, which is known to be vulnerable to side-channel attacks.
**Note: We are not yet encrypting access tokens using the new format, as
this is a breaking change between the client and the server. This PR
only adds support for it, and makes it so the client and server can
decrypt either format moving forward.**
This required bumping the RSA key size from 1024 bits to 2048 bits. This
is necessary to be able to encode the access token into the ciphertext
when using OAEP.
This also follows OWASP recommendations:
> If ECC is not available and RSA must be used, then ensure that the key
is at least 2048 bits.
>
> —
[source](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)
Release Notes:
- N/A
This PR upgrades the `rsa` crate to v0.9.6.
The version we were using was rather old, and for something
security-sensitive we should be using a recent version.
No behavioral changes have been made, just updates to account for
changes in the crate's API.
Release Notes:
- N/A
This PR adds some tests to ensure we don't regress in our public key
encoding/decoding capabilities when making changes in this area.
Release Notes:
- N/A
This PR adds a global `Fs` instance to the app context.
This will make it easier to access the filesystem in some cases instead
of having to thread it around.
Release Notes:
- N/A
cbindgen pulled that in, but we don't really need it (Plus it pulls in a
dep with an advisory)
Release Notes:
- N/A
---------
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
This pulls in https://github.com/kvark/blade#144 to see if it results in
fewer bad GPU configurations selected
Release Notes:
- linux: Improved graphics card detection
... on all platforms.
`ctrl-shift-enter` for the repl, `cmd-enter` for the assistant. People
can override this behavior as they desire in their own keymaps.
Release Notes:
- N/A
Fixes#4822
- [x] Release note
- [ ] Surface formatting errors via a toast
- [x] Doc updates
- [x] Have "language-server" accept an optional name of the server.
Release Notes:
- `format` and `format_on_save` now accept an array of formatting
actions to run.
- `language_server` formatter option now accepts the name of a language
server to use (e.g. `{"language_server": {"name: "ruff"}}`); when not
specified, a primary language server is used.
---------
Co-authored-by: Thorsten <thorsten@zed.dev>
Keeps the background the same as the output area background by making
the terminal background be `Hsla::transparent_black()`.
Release Notes:
- N/A
---------
Co-authored-by: Nathan Sobo <nathan@zed.dev>
Co-authored-by: Antonio Scandurra <me@as-cii.com>
<img width="624" alt="image"
src="https://github.com/user-attachments/assets/f492b0bd-14c3-49e2-b2ff-dc78e52b0815">
- [x] Correctly set custom model token count
- [x] How to count tokens for Gemini models?
- [x] Feature flag zed.dev provider
- [x] Figure out how to configure custom models
- [ ] Update docs
Release Notes:
- Added support for quickly switching between multiple language model
providers in the assistant panel
---------
Co-authored-by: Antonio <antonio@zed.dev>
When the evaluation range ends at the start of a line, back it up to the
end of the previous line. This avoids inserting extra newlines below the
evaluation range when they already exist.
Release Notes:
- N/A
Co-authored-by: Nathan <nathan@zed.dev>
This PR adds a placeholder view for the settings UI. It does not contain
any functionality, as of yet.
This view is staff-shipped behind a feature flag.
Release Notes:
- N/A
Release Notes:
- linux: Added GPU information to `editor: Copy System Specs to
Clipboard`
- linux: Show a prominant warning before running under llvmpipe and
similar.
The current Astro Extension fails to load properly if it can't find a
`tsserver.js` file in the current workspaces' `node_modules` folder.
This happens pretty frequently, either if `typescript` is not installed
in the project (which it isn't by default), or if `node_modules` is not
in the workspace root.
This PR adds a fallback method of installing `typescript` alongside the
extensions' language server if it is not found in the workspaces'
`node_modules`, as well as correctly setting the `tsdk` path in the
initialization options.
Release Notes:
- N/A
---------
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
### Summary
This PR adds support for count and object motions to the toggle comments
action in Vim mode. The relevant issue is
[#14337](https://github.com/zed-industries/zed/issues/14337).
For example, `2 g c j` will toggle comments three lines downward. `g c g
g` will toggle comments from the current cursor position up to the start
of the file.
Notably missing from this PR are `g c b` (toggle comments for the
current block) as well as `g c p` (toggle comments for the current
paragraph). These seem to be non-standard.
The new module `normal/toggle_comments.rs` has been copied almost
verbatim from `normal/indent.rs`. Maybe that ought to be abstracted over
but I feel I lack the overview.
Release Notes:
- vim: Added support for count and object motion to the toggle comments
action ([#14337](https://github.com/zed-industries/zed/issues/14337)).
Enables the jupyter feature by default, which is shown only when we have
a kernelspec or know that we (can) support it well (Python,
Deno/TypeScript).
Release Notes:
- N/A
---------
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
This PR adds a new menu entry in the REPL item in the quick action bar
to open up the REPL sessions view:
<img width="232" alt="Screenshot 2024-07-22 at 4 54 36 PM"
src="https://github.com/user-attachments/assets/acc60a25-7722-4331-9b80-fab9cca65842">
This makes this more discoverable than having to know that the command
exists.
Release Notes:
- N/A