This is an audit of the extension registry (GraphQL and content download) APIs. Here's a list of all commands that have been audited:
CLI:
copy (This uses the same GQL API as publish)
list
get
delete
Web:
Download URL e.g. https://sourcegraph.test:3443/-/static/extension/1-sourcegraph-test-3443-philippspiess-lisp.js
GraphQL:
query extension
query extensions
mutation createExtension
mutation updateExtension
mutation publishExtension
mutation deleteExtension
GraphQL APIs that were not changed (these seemed relatively harmless):
query viewerPublishers
query publishers
query featuredExtensions
The new gating that was added has a special case for dotcom which needs to be stay in read-only mode even after 4.0 and the enableLegacyExtensions flag is set to false.
Note: We can't make the gating dynamic yet because we're still waiting for #40085 (closed). The change after we have a fix for #40085 (closed) is trivial though, I'll create a follow-up issue for that.
Test plan
Here's a bunch of screenshots that show that the error is properly propagated:
