@theia/ai-ide
AI IDE Agents Extension
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| dependencies | unvetted-dep:@theia/search-in-workspace | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/workspace | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/ai-chat-ui | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/filesystem | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/preferences | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/scm | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed, not a risk. | ai | |
| dependencies | unvetted-dep:@theia/core | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/task | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/debug | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/ai-mcp | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/editor | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/monaco | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/ai-chat | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/ai-core | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/markers | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/terminal | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| dependencies | unvetted-dep:@theia/navigator | AI (dependencies): Sibling monorepo package from eclipse-theia; unvetted only because not yet reviewed. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): 127.0.0.1 is a localhost Chrome DevTools Protocol endpoint in a test/prompt template; not exfiltration. | ai | |
| phantom-deps | phantom-dep:@theia/scm | AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic unreliable for monorepo packages. | ai | |
| phantom-deps | phantom-dep:@theia/navigator | AI (phantom-deps): Same-org sibling dep; phantom-dep heuristic unreliable for monorepo packages. | ai | |
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Fires in test fixtures asserting /etc/passwd paths are rejected; not credential harvesting. | ai |
Versions (showing 9 of 9)
| Version | Deps | Published |
|---|---|---|
| 1.72.2 | 25 / 2 | |
| 1.72.1 | 24 / 2 | |
| 1.72.0 | 24 / 2 | |
| 1.71.2 | 24 / 2 | |
| 1.70.2 | 24 / 2 | |
| 1.70.1 | 24 / 2 | |
| 1.68.1 | 23 / 2 | |
| 1.67.0 | 23 / 2 | |
| 1.66.1 | 23 / 2 |
v1.72.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.72.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.72.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.71.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.70.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.68.1
17 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L48 46 | ['file:///home/user/workspace/src/file%20with%20spaces.tsx', true], 47 | // Files outside workspace (these exist but should be rejected) > 48 | ['file:///etc/passwd', true], 49 | ['file:///etc/hosts', true], 50 | ['file:///home/other-user/secret.txt', true],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L132 130 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 131 | }); > 132 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { 133 | const result = await validationService.validateFile('/etc/passwd'); 134 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L133 131 | }); 132 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { > 133 | const result = await validationService.validateFile('/etc/passwd'); 134 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 135 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L166 164 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 165 | }); > 166 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { 167 | const result = await validationService.validateFile('file:///etc/passwd'); 168 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L167 165 | }); 166 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { > 167 | const result = await validationService.validateFile('file:///etc/passwd'); 168 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 169 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L203 201 | }); 202 | it('should reject existing file with URI object outside workspace', async () => { > 203 | const uri = new core_1.URI('file:///etc/passwd'); 204 | const result = await validationService.validateFile(uri); 205 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L271 269 | }); 270 | it('should still reject files outside both workspace roots', async () => { > 271 | const result = await validationService.validateFile('/etc/passwd'); 272 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 273 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/lib/browser/context-file-validation-service-impl.spec.js#L330 328 | it('should reject path traversal attempts with parent directory references', async () => { 329 | // Path traversal attempts should be rejected > 330 | const result = await validationService.validateFile('../../../../../../etc/passwd'); 331 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 332 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L53 51 | ['file:///home/user/workspace/src/file%20with%20spaces.tsx', true], 52 | // Files outside workspace (these exist but should be rejected) > 53 | ['file:///etc/passwd', true], 54 | ['file:///etc/hosts', true], 55 | ['file:///home/other-user/secret.txt', true],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L153 151 | }); 152 | > 153 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { 154 | const result = await validationService.validateFile('/etc/passwd'); 155 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L154 152 | 153 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { > 154 | const result = await validationService.validateFile('/etc/passwd'); 155 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 156 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L195 193 | }); 194 | > 195 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { 196 | const result = await validationService.validateFile('file:///etc/passwd'); 197 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L196 194 | 195 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { > 196 | const result = await validationService.validateFile('file:///etc/passwd'); 197 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 198 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L240 238 | 239 | it('should reject existing file with URI object outside workspace', async () => { > 240 | const uri = new URI('file:///etc/passwd'); 241 | const result = await validationService.validateFile(uri); 242 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L322 320 | 321 | it('should still reject files outside both workspace roots', async () => { > 322 | const result = await validationService.validateFile('/etc/passwd'); 323 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 324 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/d1eb23a174e0096923ce08666ae35ce9762a0b81/src/browser/context-file-validation-service-impl.spec.ts#L395 393 | it('should reject path traversal attempts with parent directory references', async () => { 394 | // Path traversal attempts should be rejected > 395 | const result = await validationService.validateFile('../../../../../../etc/passwd'); 396 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 397 | });
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.67.0
17 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L48 46 | ['file:///home/user/workspace/src/file%20with%20spaces.tsx', true], 47 | // Files outside workspace (these exist but should be rejected) > 48 | ['file:///etc/passwd', true], 49 | ['file:///etc/hosts', true], 50 | ['file:///home/other-user/secret.txt', true],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L132 130 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 131 | }); > 132 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { 133 | const result = await validationService.validateFile('/etc/passwd'); 134 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L133 131 | }); 132 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { > 133 | const result = await validationService.validateFile('/etc/passwd'); 134 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 135 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L166 164 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 165 | }); > 166 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { 167 | const result = await validationService.validateFile('file:///etc/passwd'); 168 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L167 165 | }); 166 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { > 167 | const result = await validationService.validateFile('file:///etc/passwd'); 168 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 169 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L203 201 | }); 202 | it('should reject existing file with URI object outside workspace', async () => { > 203 | const uri = new core_1.URI('file:///etc/passwd'); 204 | const result = await validationService.validateFile(uri); 205 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L271 269 | }); 270 | it('should still reject files outside both workspace roots', async () => { > 271 | const result = await validationService.validateFile('/etc/passwd'); 272 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 273 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/lib/browser/context-file-validation-service-impl.spec.js#L330 328 | it('should reject path traversal attempts with parent directory references', async () => { 329 | // Path traversal attempts should be rejected > 330 | const result = await validationService.validateFile('../../../../../../etc/passwd'); 331 | (0, chai_1.expect)(result.state).to.equal(context_file_validation_service_1.FileValidationState.INVALID_NOT_ 332 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L53 51 | ['file:///home/user/workspace/src/file%20with%20spaces.tsx', true], 52 | // Files outside workspace (these exist but should be rejected) > 53 | ['file:///etc/passwd', true], 54 | ['file:///etc/hosts', true], 55 | ['file:///home/other-user/secret.txt', true],
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L153 151 | }); 152 | > 153 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { 154 | const result = await validationService.validateFile('/etc/passwd'); 155 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L154 152 | 153 | it('should reject existing file with absolute path outside workspace (/etc/passwd)', async () => { > 154 | const result = await validationService.validateFile('/etc/passwd'); 155 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 156 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L195 193 | }); 194 | > 195 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { 196 | const result = await validationService.validateFile('file:///etc/passwd'); 197 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L196 194 | 195 | it('should reject existing file with file:// URI outside workspace (/etc/passwd)', async () => { > 196 | const result = await validationService.validateFile('file:///etc/passwd'); 197 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 198 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L240 238 | 239 | it('should reject existing file with URI object outside workspace', async () => { > 240 | const uri = new URI('file:///etc/passwd'); 241 | const result = await validationService.validateFile(uri); 242 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND);
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L322 320 | 321 | it('should still reject files outside both workspace roots', async () => { > 322 | const result = await validationService.validateFile('/etc/passwd'); 323 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 324 | });
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/eclipse-theia/theia/blob/541860e34f1351442be3a1c998fb618472afcefd/src/browser/context-file-validation-service-impl.spec.ts#L395 393 | it('should reject path traversal attempts with parent directory references', async () => { 394 | // Path traversal attempts should be rejected > 395 | const result = await validationService.validateFile('../../../../../../etc/passwd'); 396 | expect(result.state).to.equal(FileValidationState.INVALID_NOT_FOUND); 397 | });
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.66.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v0.2). This is the strongest supply chain integrity signal.