Skip to content

Live Share SDK 2.0.0#794

Draft
huntj88 wants to merge 57 commits intomainfrom
mainv2
Draft

Live Share SDK 2.0.0#794
huntj88 wants to merge 57 commits intomainfrom
mainv2

Conversation

@huntj88
Copy link
Copy Markdown
Contributor

@huntj88 huntj88 commented Aug 29, 2024

No description provided.

huntj88 and others added 29 commits February 26, 2024 16:20
@huntj88
Beginning migration to Fluid V2 (#765)
7059ce7 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
Update package-lock.json
a663f32
fixed test-runtime-utils usage
5879aa6
@ryanbliss
updated version to 2.0.0-internal.2
ecbeaf8
@huntj88
Live Share unit tests now use Fluid v2 (#771)
0611b48 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
publish v 2.0.0-internal.3
fd17ce9
@ryanbliss
remove NodeJS.Timeout types for node compatibility
887393c
@ryanbliss
Replaced EventEmitter with TypedEventEmitter
e424043
@ryanbliss
updated versions
0066390
@ryanbliss
Fixed InkingManager ES compatibility issues, SharedMap v2 clear()…
f6651da 
… bug in `LiveCanvas`, and upgraded Fluid version (#775)
@ryanbliss
Updated versions to 2.0.0-internal.5
df65822
@huntj88
Updated FluidFramework packages (#779)
1956dff 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88 @ryanbliss
Merged main into mainv2 (#780)
40957e9 
Co-authored-by: Ryan Bliss <smile@ryanbliss.me>
Co-authored-by: James Hunt <jameshunt@microsoft.com>
update imports in tests
d605f1e
@huntj88 @ryanbliss
Integrating turbo into base live-share package, delete live-share-tur…
e2b33a7 
…bo package (#781)

Co-authored-by: James Hunt <jameshunt@microsoft.com>
Co-authored-by: Ryan Bliss <smile@ryanbliss.me>
@huntj88
Cleanup Live Share folder structure (#782)
bbde862 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
deleted old host decorators
640def5
@huntj88
Provide CommonJS and ESM implementations (#785)
a875776 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
React SDK useSharedTree and useTreeNode (#783)
e5821ee 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88
Delete deprecated docs (#787)
f0edcbf 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88
Improved Build performance, Improved build durability of auto build a…
0050369 
…fter npm install, other V2 prep (#786)

Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88
When running 'npm run doctor', Prettier now also invoked (#788)
37f09ca 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88
Use a param object for LiveObjectSynchronizer.start method (#789)
6957598 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88 @ryanbliss
Use Audience in LivePresence for setting online/offline state (#790)
811ee43 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
Co-authored-by: Ryan Bliss <smile@ryanbliss.me>
@huntj88
Better dual ESM/CJS support, tsconfig module now Node16, improved pnp…
217519d 
…m support (#791)

Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
Changed TData generic to support undefined and null (#792)
cacda7f
@ryanbliss
mainv2 docs & samples updates (#793)
0655416
Merge branch 'mainv2'
4681998
update live share package version to 2.0.0, change test package to 1.…
d40306f 
…0.0, removed references to live-share-turbo
@ryanbliss ryanbliss linked an issue Aug 29, 2024 that may be closed by this pull request
[Feature Request]: Use param objects where they make sense for named variables. #750
Open
ryanbliss and others added 22 commits September 4, 2024 14:26
@ryanbliss
Change versions to 2.0.0-internal.6
a3e0b20
Presence update change status of user to Online
cbb4ab7
@ryanbliss
Return onlineUsers from useLivePresence
dddcf28
@ryanbliss
Published 2.0.0-internal.7
01a704e
@ryanbliss
maxPlaybackDrift and positionUpdateInterval scaling by audience s…
e80c59b 
…ize (#796)
@huntj88
Update .npmignore, no unnecessary files in published package (#799)
ebf6a44 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
Publish v2.0.0-internal.8
c2e4bd5
@ryanbliss
update fluid imports to use /legacy > /internal when possible
6b0babb
@ryanbliss
Added video js sample (#801)
ac366c8
@ryanbliss
Update typedocs
34b8084
@ryanbliss
remove createDataObjectKind (#802)
f2a6105
@huntj88
InsecureTokenProvider usage change (#804)
4eb0ab9 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@huntj88
Fix JS sample 22 (#806)
c3e537f 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
2.0.0-internal.9 release (#805)
6a57441
@huntj88
Fix pipeline timeout (#809)
8e96a09 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss @huntj88
Remove legacy assert and re-add azure-client as peer dep (#807)
89bfabe 
Co-authored-by: huntj88 <huntj88@gmail.com>
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@jason-ha
build: fix path to support Windows (#820)
bcc9659
@jason-ha
improvement: use public imports where possible (#822)
e6cb0f5
@jason-ha @huntj88 @ryanbliss
improvement: typed result Containers (#808)
3b03a0b 
Co-authored-by: huntj88 <huntj88@gmail.com>
Co-authored-by: Ryan Bliss <smile@ryanbliss.me>
@huntj88
Update compatibility with FluidFramework to >=2.40 <2.70 (#824)
9de0002 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
@ryanbliss
update to version 2.0.0-internal.12 (#825)
fdc04c7
@ryanbliss
update fluid versions + v2.0.0-internal.13 release (#826)
54bf1c5
github-advanced-security[bot]
github-advanced-security AI found potential problems Oct 28, 2025
View reviewed changes
Comment thread .github/workflows/live-share-build-samples.yaml Fixed
Comment thread .github/workflows/live-share-formatting.yaml Fixed
Comment thread .github/workflows/live-share-test-packages.yaml Fixed
Comment thread .github/workflows/live-share-test-usage.yaml Fixed
huntj88 and others added 2 commits January 8, 2026 15:25
@huntj88
Update to version 2.0.0-internal.14 (#827)
319b323 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: huntj88 <10103298+huntj88@users.noreply.github.com>
@huntj88
2.0.0-internal.15 (#830)
2bbd52f 
Co-authored-by: James Hunt <jameshunt@microsoft.com>
github-advanced-security[bot]
github-advanced-security AI found potential problems Mar 4, 2026
View reviewed changes
Comment thread .github/workflows/live-share-build-samples.yaml Fixed
Comment thread .github/workflows/live-share-formatting.yaml Fixed
Comment thread .github/workflows/live-share-test-packages.yaml Fixed
Comment thread .github/workflows/live-share-test-usage.yaml Fixed
huntj88 and others added 3 commits April 2, 2026 15:22
@huntj88
V2: Harden live cursor profile rendering and picture URL handling in …
9907d2b 
…canvas package (#848)

Co-authored-by: James Hunt <jameshunt@microsoft.com>
make exponential backoff slightly less aggressive
401584c
@huntj88
Update live share versions to 2.0.0-internal.17 / fluid versions to >…
655f64d 
…=2.40 <2.110 (#863)

Co-authored-by: James Hunt <jameshunt@microsoft.com>
github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 29, 2026
View reviewed changes
Comment thread .github/workflows/live-share-build-samples.yaml
Comment on lines +12 to +39
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [22.x, 24.x]

steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
- run: npm --loglevel verbose ci --ignore-scripts
timeout-minutes: 20

- run: npm install jest
working-directory: samples/javascript/02.react-video

- name: "build packages and samples"
run: npm run build

# TODO: get scenario_test.sh working

# - name: "test 02.react-video sample"
# shell: "bash"
# run: sh ../../../.github/workflows/scenario_test.sh
# working-directory: samples/javascript/02.react-video

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 2 days ago

Add an explicit permissions block to the workflow so the GITHUB_TOKEN is constrained to least privilege. The best fix here is to add it at the workflow root (top-level), since there is only one job and no sign of differing permission needs per job.

In .github/workflows/live-share-build-samples.yaml, insert:

permissions:
    contents: read

right after the trigger section (on: block) and before jobs:. This preserves existing behavior while explicitly limiting token access to read-only repository contents, which is sufficient for checkout/build in this snippet.

Suggested changeset 1
.github/workflows/live-share-build-samples.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/live-share-build-samples.yaml b/.github/workflows/live-share-build-samples.yaml
--- a/.github/workflows/live-share-build-samples.yaml
+++ b/.github/workflows/live-share-build-samples.yaml
@@ -7,6 +7,9 @@
         branches: [main, mainv2, "user/**", "copilot/**"]
     workflow_dispatch:
 
+permissions:
+    contents: read
+
 jobs:
     build:
         runs-on: ubuntu-latest
EOF
@@ -7,6 +7,9 @@
branches: [main, mainv2, "user/**", "copilot/**"]
workflow_dispatch:

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest
Copilot is powered by AI and may make mistakes. Always verify output.
Comment thread .github/workflows/live-share-formatting.yaml
Comment on lines +12 to +31
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [22.x, 24.x]

steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: "npm"

- run: npm --loglevel verbose ci --ignore-scripts
timeout-minutes: 20

- name: "check formatting"
run: "bash checkFormatting.sh"
working-directory: .github/workflows

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 2 days ago

Add an explicit permissions block to the workflow, ideally at the root so it applies to all jobs unless overridden. For this workflow, the minimal and appropriate permission is:

  • contents: read

This preserves current functionality (actions/checkout and reading repository content) while enforcing least privilege.
Edit .github/workflows/live-share-formatting.yaml by inserting the permissions block between the trigger section and jobs:.

No imports, methods, or dependency changes are needed.

Suggested changeset 1
.github/workflows/live-share-formatting.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/live-share-formatting.yaml b/.github/workflows/live-share-formatting.yaml
--- a/.github/workflows/live-share-formatting.yaml
+++ b/.github/workflows/live-share-formatting.yaml
@@ -7,6 +7,9 @@
         branches: [main, mainv2, "user/**", "copilot/**"]
     workflow_dispatch:
 
+permissions:
+    contents: read
+
 jobs:
     build:
         runs-on: ubuntu-latest
EOF
@@ -7,6 +7,9 @@
branches: [main, mainv2, "user/**", "copilot/**"]
workflow_dispatch:

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest
Copilot is powered by AI and may make mistakes. Always verify output.
Comment thread .github/workflows/live-share-test-packages.yaml
Comment on lines +12 to +40
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [22.x, 24.x]

steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
- run: npm --loglevel verbose ci --ignore-scripts
timeout-minutes: 20

- run: npm run prepare # will trigger a build of all packages

- name: "test live-share"
run: npm run test
working-directory: packages/live-share

- name: "test live-share-canvas"
run: npm run test
working-directory: packages/live-share-canvas

- name: "test live-share-media"
run: npm run test
working-directory: packages/live-share-media

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 2 days ago

Add an explicit permissions block at the workflow root so it applies to all jobs (including build) unless overridden. For this workflow, the minimal required scope is:

  • contents: read

This preserves existing functionality while preventing unintended broader token privileges if defaults change.

Change needed in:

  • .github/workflows/live-share-test-packages.yaml
  • Insert permissions: between the on: section and jobs: section.

No new imports, methods, or dependencies are required.

Suggested changeset 1
.github/workflows/live-share-test-packages.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/live-share-test-packages.yaml b/.github/workflows/live-share-test-packages.yaml
--- a/.github/workflows/live-share-test-packages.yaml
+++ b/.github/workflows/live-share-test-packages.yaml
@@ -7,6 +7,9 @@
         branches: [main, mainv2, "user/**", "copilot/**"]
     workflow_dispatch:
 
+permissions:
+    contents: read
+
 jobs:
     build:
         runs-on: ubuntu-latest
EOF
@@ -7,6 +7,9 @@
branches: [main, mainv2, "user/**", "copilot/**"]
workflow_dispatch:

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest
Copilot is powered by AI and may make mistakes. Always verify output.
Comment thread .github/workflows/live-share-test-usage.yaml
Comment on lines +12 to +45
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [22.x, 24.x]

steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
- run: npm --loglevel verbose ci --ignore-scripts
timeout-minutes: 20

- run: npm run prepare # will trigger a build of all packages

- name: "test live-share with cjs app"
run: npm run test
working-directory: internal/usage-test/cjs-test

- name: "test live-share with esm app"
run: npm run test
working-directory: internal/usage-test/esm-test

- uses: pnpm/action-setup@v4
name: Install pnpm for next step
with:
version: 9
run_install: false
- name: "test live-share with pnpm typescript esm app"
run: pnpm run test
working-directory: internal/usage-test/pnpm-test

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 2 days ago

Add an explicit permissions block in .github/workflows/live-share-test-usage.yaml at the workflow root (top-level, alongside name and on) so it applies to all jobs unless overridden.
For this workflow, the minimal required permission is:

  • contents: read

This preserves current behavior (checkout and test execution) while ensuring the token cannot gain broader rights from external defaults.

Suggested changeset 1
.github/workflows/live-share-test-usage.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/live-share-test-usage.yaml b/.github/workflows/live-share-test-usage.yaml
--- a/.github/workflows/live-share-test-usage.yaml
+++ b/.github/workflows/live-share-test-usage.yaml
@@ -7,6 +7,9 @@
         branches: [main, mainv2, "user/**", "copilot/**"]
     workflow_dispatch:
 
+permissions:
+    contents: read
+
 jobs:
     build:
         runs-on: ubuntu-latest
EOF
@@ -7,6 +7,9 @@
branches: [main, mainv2, "user/**", "copilot/**"]
workflow_dispatch:

permissions:
contents: read

jobs:
build:
runs-on: ubuntu-latest
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment