termux-packages/x11-packages/code-oss/0009-openvsx-extension-signature.patch

https://github.com/eclipse/openvsx/issues/543
https://github.com/termux/termux-packages/issues/24739

--- a/package.json
+++ b/package.json
@@ -104,6 +104,7 @@
     "native-is-elevated": "0.7.0",
     "native-keymap": "file:./node-native-keymap-src",
     "native-watchdog": "^1.4.1",
+    "node-ovsx-sign": "^1.2.0",
     "node-pty": "^1.1.0-beta33",
     "open": "^8.4.2",
     "tas-client-umd": "0.2.0",
--- a/src/vs/platform/extensionManagement/node/extensionSignatureVerificationService.ts
+++ b/src/vs/platform/extensionManagement/node/extensionSignatureVerificationService.ts
@@ -35,7 +35,7 @@
 }
 
 declare module vsceSign {
-	export function verify(vsixFilePath: string, signatureArchiveFilePath: string, verbose: boolean): Promise<ExtensionSignatureVerificationResult>;
+	export function verify(vsixFilePath: string, signatureArchiveFilePath: string, verbose: boolean): Promise<boolean>;
 }
 
 /**
@@ -67,7 +67,7 @@
 	}
 
 	private async resolveVsceSign(): Promise<typeof vsceSign> {
-		const mod = '@vscode/vsce-sign';
+		const mod = 'node-ovsx-sign';
 		return import(mod);
 	}
 
@@ -87,7 +87,21 @@
 
 		try {
 			this.logService.trace(`Verifying extension signature for ${extensionId}...`);
-			result = await module.verify(vsixFilePath, signatureArchiveFilePath, this.logService.getLevel() === LogLevel.Trace);
+			let isSignatureValid =
+				await module.verify(vsixFilePath, signatureArchiveFilePath, this.logService.getLevel() === LogLevel.Trace);
+			if (isSignatureValid) {
+				result = {
+					code: ExtensionSignatureVerificationCode.Success,
+					didExecute: true,
+					output: "The extension signature is valid."
+				};
+			} else {
+				result = {
+					code: ExtensionSignatureVerificationCode.SignatureIsNotValid,
+					didExecute: true,
+					output: "The extension signature is invalid."
+				};
+			}
 		} catch (e) {
 			result = {
 				code: ExtensionSignatureVerificationCode.UnknownError,