Visual Studio Code 1.109.1 finally blocks the terminal auto‑replies bug that let commands replay themselves across trusted folders, a flaw that showed up as phantom “npm install” prompts when switching projects. The fix works only after restarting the window, so the safest interim measure is to disable terminal.integrated.autoReplies in Settings. After updating, confirming the version number and launching a terminal in an untouched folder should reveal no lingering auto‑executed commands. For long‑term stability, keep the option off unless a specific extension explicitly needs it, and re‑enable it on a per‑workspace basis.

Fix the VS Code Terminal Auto Replies Security Issue in 1.109.1

The newest VS Code build patches a nasty bug that let the terminal auto‑replies feature keep firing commands across projects. This article shows how to verify the fix is active and what steps to take if the problem lingers after updating.

What went wrong with Terminal Auto Replies

Versions up through 1.109 allowed the setting terminal.integrated.autoReplies to persist once a folder earned trust. The trouble started when an extension or a mis‑typed reply triggered a command that kept looping each time a new terminal opened, even in unrelated workspaces. Users who switched between JavaScript and Python projects reported seeing repeated “npm install” prompts appear out of nowhere after the first run. The behavior only stopped once the entire window was closed and reopened, which is hardly a fix for anyone on a tight deadline.

Disabling VS Code Terminal Auto Replies Safely

The quickest way to dodge future headaches is to turn the feature off outright. Open Settings, search for “autoReplies”, and set the value to false. This tells the integrated terminal to ignore any stored reply patterns, effectively cutting the attack surface. After changing the toggle, close all open terminals and launch a fresh one; no lingering commands should appear. If an extension still tries to inject replies, disabling or uninstalling that extension removes the last foothold.

Verify the security patch is in place

After updating to 1.109.1, open the Command Palette, type “Developer: Show Running Extensions”, and confirm the version number displayed matches the latest build. Then fire up a terminal in a newly created folder that has never been opened before. If no auto‑reply prompts surface, the patch is doing its job. For extra peace of mind, run code --version from an external command prompt; the output should read 1.109.1 or higher.

Keep the auto‑reply feature under control in the future

Even with the bug fixed, the setting remains a potential annoyance for anyone who relies on quick prompts. Consider keeping it disabled unless a specific workflow genuinely benefits from automatic responses. When an extension truly needs it, enable the setting just for that workspace and remember to revert when you’re done. This habit prevents accidental command loops from creeping back in after future updates.

Release January 2026 Recovery 1

The update addresses these issues, including a fix for a security vulnerability. For the complete release notes go to Updates on code.visualstudio.com.

Release January 2026 Recovery 1 · microsoft/vscode