Add GitHub Actions workflow for VSCode extension publishing

[Copilot]

Implements automated publishing pipeline for the ObjectQL VSCode extension to the Visual Studio Code Marketplace.

Workflow Features

Trigger Methods:

• Manual dispatch with optional version override and dry-run mode
• Automatic on git tags matching vscode-v*.*.*

Pipeline:

• Builds monorepo and compiles extension
• Packages as .vsix using @vscode/vsce
• Publishes to marketplace (requires VSCE_PAT secret)
• Creates GitHub releases with artifacts

Extension Fixes

• Generated 128x128 PNG icon from SVG (marketplace requirement)
• Added icon field to package.json
• Added LICENSE file to extension directory
• Updated .vscodeignore to exclude build artifacts (tsconfig.tsbuildinfo, CONTRIBUTING.md)
• Fixed README SVG reference (marketplace restricts SVGs)

Usage

Manual publish:

# GitHub Actions UI → Run workflow → Configure options

Tag-based publish:

git tag vscode-v2.0.1
git push origin vscode-v2.0.1

Setup: Repository admin must add VSCE_PAT secret with VSCode Marketplace Personal Access Token (Marketplace: Manage scope).

See packages/tools/vscode-objectql/PUBLISHING.md for PAT generation and detailed instructions.

Original prompt

如何用工作流发布VSCOde的插件？

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[github-actions]

⚠️ No Changeset Found

This PR does not include a changeset file.
If this PR includes user-facing changes, please add a changeset by running:

pnpm changeset

[Copilot]

Pull request overview

This PR implements a complete automated publishing pipeline for the ObjectQL VSCode extension to the Visual Studio Code Marketplace. It adds GitHub Actions workflow automation, necessary marketplace requirements (PNG icon, LICENSE file), and comprehensive documentation for maintainers.

Changes:

• Added GitHub Actions workflow with manual dispatch and tag-based triggers for extension publishing
• Generated PNG icon from SVG and updated package.json to reference it
• Added LICENSE file and comprehensive PUBLISHING.md documentation
• Updated .vscodeignore to exclude build artifacts and internal documentation

Reviewed changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
.github/workflows/publish-vscode-extension.yml	New workflow for building, packaging, and publishing the VSCode extension to marketplace
.github/WORKFLOWS.md	Documents the new publish-vscode-extension workflow
packages/tools/vscode-objectql/package.json	Added icon field pointing to PNG file
packages/tools/vscode-objectql/images/icon.png	Generated 128x128 PNG icon for marketplace
packages/tools/vscode-objectql/images/icon.png.placeholder	Removed placeholder file (no longer needed)
packages/tools/vscode-objectql/images/icon-generation.md	Removed generation guide (icon now exists)
packages/tools/vscode-objectql/README.md	Updated icon reference from SVG to PNG, added publishing section
packages/tools/vscode-objectql/PUBLISHING.md	Comprehensive guide for publishing the extension
packages/tools/vscode-objectql/LICENSE	MIT license file required for marketplace
packages/tools/vscode-objectql/.vscodeignore	Updated to exclude tsconfig.tsbuildinfo and internal docs

[Copilot]

The workflow permissions include 'issues: write' and 'pull-requests: write', but the workflow does not interact with issues or pull requests. These permissions should be removed to follow the principle of least privilege. Only 'contents: write' is needed for creating releases.

Suggested change

	issues: write
	pull-requests: write

[Copilot]

Using 'ls *.vsix' to capture the filename can fail if multiple .vsix files exist in the directory. Consider using a more robust approach such as specifying the exact filename based on the package.json name and version, or using 'ls -1 *.vsix | head -n 1' to ensure only one file is captured.

Suggested change

	echo "VSIX_FILE=$(ls *.vsix)" >> $GITHUB_ENV
	echo "VSIX_FILE=$(ls -1 *.vsix | head -n 1)" >> $GITHUB_ENV

[Copilot]

The version input is not validated before being passed to 'npm version'. If a user provides an invalid version string, the command will fail. Consider adding validation to ensure the version follows semantic versioning format (e.g., X.Y.Z) or is one of the npm version keywords (patch, minor, major, prepatch, preminor, premajor, prerelease).

Suggested change

	echo "Updating version to ${{ inputs.version }}"
	npm version ${{ inputs.version }} --no-git-tag-version
	VERSION="${{ inputs.version }}"
	# Allow npm version keywords and semantic version strings (X.Y.Z with optional pre-release/build)
	if [[ "$VERSION" == "patch" || "$VERSION" == "minor" || "$VERSION" == "major" || \
	"$VERSION" == "prepatch" || "$VERSION" == "preminor" || "$VERSION" == "premajor" || \
	"$VERSION" == "prerelease" ]]; then
	echo "Updating version using npm keyword: $VERSION"
	elif [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?(\+[0-9A-Za-z.-]+)?$ ]]; then
	echo "Updating version to semantic version: $VERSION"
	else
	echo "::error::Invalid version input '$VERSION'. Expected a semantic version (e.g., 1.2.3) or one of: patch, minor, major, prepatch, preminor, premajor, prerelease."
	exit 1
	fi
	npm version "$VERSION" --no-git-tag-version

[Copilot]

The VSCE_PAT secret is properly quoted when passed to the vsce command, which is good for security. However, consider using the environment variable approach instead of passing it via command line argument. The vsce tool automatically reads from the VSCE_PAT environment variable, so you could simplify line 100 to just 'npx @vscode/vsce publish --no-yarn' and rely on the env block on line 94.

Suggested change

	npx @vscode/vsce publish --no-yarn --pat "$VSCE_PAT"
	npx @vscode/vsce publish --no-yarn