Visual Studio Code 1.30 Released

The solution has received new features, as well as improved support for JavaScript and TypeScript
14 December 2018   521

Microsoft has released the development environment Visual Studio Code 1.30. The tool has received new features, as well as improved support for JavaScript and TypeScript.

The search tool in the new version of the editor allows you to make multi-line queries. You can add a new line to the query by pressing Shift + Enter or simply by pasting text from the clipboard.

Custom headers and menu items in Linux are now activated by default. Since some menus may go beyond the boundaries of the screen, the developers added the ability to scroll.

Menu items designed to work with the settings have been moved to the title bar of the editor.

In the snippet, new comment variables are implemented, allowing to leave lines or blocks of notes based on the language of the code.

Also, the developers added the Go to Declaration and Peek Declaration commands to Visual Studio Code 1.30 in addition to the existing Go to Definition and Peek Definition. This is due to the fact that in some languages ​​the concepts of definition and declaration are fundamentally different.

In Visual Studio Code 1.30, you can work with TypeScript 3.2.2. Display of callbacks in JavaScript and TypeScript is improved. The new version of the editor displays which function they belong to.

The developers have improved the integration with the repository. In the new version of the program, you can change the tool that opens the file by clicking on the version control panel.

The Visual Studio Code 1.30 error detection and removal tool allows you to delete debug consoles for inactive sessions. Improved concept of variable substitution in launch.json configuration. The initial debug configuration itself has been simplified by hiding minor elements and adding a Quick Pick interface.

You can set the task to run automatically when you open the project folder. In addition, several new tasks have been added to the task management command section, for example, Tasks: Rerun Last Task, which allows you to restart the previous process.

Third Party Apps Could Read Twitter Messaging

According to the company, no one used this vulnerability and the issues is now solved
18 December 2018   698

Until the beginning of December, third-party applications could access Twitter private messages. According to the company, no one took advantage of this vulnerability. Terence Eden, who found it, was paid almost $ 3,000 under the Bug Bounty program.

In 2013, there was a leak of keys to the Twitter API - so applications could access the interface bypassing the social network. To protect users, Twitter implemented an application authorization mechanism through predefined addresses (Callback URL), but it didn’t suit everyone.

Applications that do not support Callback URLs could authenticate using PIN codes. With this authorization, a window pops up that lists which data the user opens to access. The window did not request access to private messages, but in fact the application received it.

On December 6, Twitter reported that it had solved the problem. Judging by the statement of the company on the HackerOne website, no one had time to take advantage of this vulnerability.

This is not the first social network security error related to the API. In September, Twitter discovered a bug in AAAPI (Account Activity API): the system sent a copy of the user's personal message to a random recipient.