VS Code 1.123 Adds Two-Hour Extension Auto-Update Delay
Key insights
- VS Code v1.123 holds extension auto-updates for two hours, giving security teams time to pull compromised releases before they reach developers.
- Extensions from Microsoft, GitHub, and OpenAI are designated trusted publishers and bypass the delay, updating immediately.
- npm v11.10.0+, pnpm 10.16+, Yarn Berry 4.10.0+, Bun 1.3+, and RubyGems/Bundler 4.0.13 each add parallel time-based installation delays.
Why this matters
Supply chain attacks targeting developer tooling have escalated as a vector for compromising downstream production systems, making VS Code's extension marketplace a high-value attack surface. The trusted publisher exemption for Microsoft, GitHub, and OpenAI establishes a tiered trust model that marketplace operators across the industry can reference when balancing security friction against developer experience. Parallel adoption of the same mitigation across npm, pnpm, Yarn Berry, Bun, and RubyGems signals that time-based install delays are becoming a baseline expectation for secure package distribution.
Summary
VS Code v1.123 now holds extension auto-updates for two hours, giving security teams time to catch compromised releases before they reach developers.
Extensions from Microsoft, GitHub, and OpenAI bypass the delay. VS Code shows hold timing in the Extensions view; manual updates via the Update button remain available at any time.
Essentially: Microsoft joins npm, pnpm, Yarn, Bun, and RubyGems in adding time-based delays to package install pipelines.
- VS Code v1.123 adds a two-hour buffer before extension auto-updates deploy.
- Microsoft, GitHub, and OpenAI extensions are exempt trusted publishers and update immediately.
- npm v11.10.0+, pnpm 10.16+, Yarn Berry 4.10.0+, Bun 1.3+, and RubyGems/Bundler 4.0.13 each carry parallel delay mechanisms.
Multiple ecosystems independently converging on the same mitigation signals supply-chain attacks on developer tooling are now treated as structural risk.
Potential risks and opportunities
Risks
- Third-party VS Code extension publishers outside the trusted list (Microsoft, GitHub, OpenAI) face a tiered-trust disadvantage that could accelerate developer preference toward large-vendor extensions in enterprise environments.
- Threat actors aware of the two-hour detection window could time malicious publishes to maximize deployment before registries identify and pull them, reducing the mitigation's practical effectiveness.
- Enterprise teams managing VS Code at scale may experience version drift if the new auto-update delay interacts unexpectedly with existing extension management policies, creating untracked inconsistencies across developer machines.
Opportunities
- Package security scanning vendors (Socket.dev, Chainguard, Snyk) gain a natural insertion point by offering real-time analysis of newly published VS Code extensions during the two-hour buffer window.
- The coordinated adoption of time-based delays across npm v11.10.0, pnpm 10.16, Yarn Berry 4.10.0, Bun 1.3, and RubyGems/Bundler 4.0.13 creates demand for unified supply-chain monitoring tools covering the entire developer toolchain rather than single-ecosystem solutions.
- VS Code extension publishers who invest in verifiable build provenance and code-signing can differentiate on trust, particularly if Microsoft expands the trusted publisher program beyond the current three exempted organizations.
What we don't know yet
- Whether the two-hour delay is configurable for enterprise IT policies (extended, shortened, or overridden at org level) is not addressed in the announcement.
- No criteria given for how extension publishers outside Microsoft, GitHub, and OpenAI could attain trusted publisher status, or whether the exempt list will expand.
- No specific supply-chain incident is cited as the trigger for the VS Code v1.123 change, leaving the immediate threat context that prompted the timeline unclear.
Originally reported by thehackernews.com
Read the original article →Original headline: VS Code 1.123 Adds 2-Hour Extension Auto-Update Delay to Blunt Supply Chain Attacks — Trusted Publishers Exempt, Manual Override Preserved