Sentinel finding (SNT-2025-0722-002, Yellow #1)
release-vscode.yml:42 uses unquoted *.vsix glob in the Open VSX publish command. If multiple .vsix files exist (stale artifacts, build debris), all would be published. Quote the glob or use an explicit filename.
Also consider quoting secret variables on lines 39 and 42 as defensive best practice.
Sentinel finding (SNT-2025-0722-002, Yellow #1)
release-vscode.yml:42uses unquoted*.vsixglob in the Open VSX publish command. If multiple.vsixfiles exist (stale artifacts, build debris), all would be published. Quote the glob or use an explicit filename.Also consider quoting secret variables on lines 39 and 42 as defensive best practice.