Positron-optimized SVN extension with enhanced features for data science workflows.
Original extension: JohnstonCode/svn-scm
Note: This extension leverages your machine's SVN installation,
so you need to install SVN first.
If you use TortoiseSVN, make sure the option
Command Line Tools is checked during installation and
C:\Program Files\TortoiseSVN\bin is available in PATH.
- Please report any bugs, suggestions or documentation requests via the Issues
- Feel free to submit pull requests
Want to contribute? Great! See our CONTRIBUTING.md for:
- Development environment setup
- Testing & TDD workflow
- Code style guidelines
- Pull request process
For comprehensive guides, see:
- Developer Setup Guide - Environment configuration
- Documentation Priority Matrix - For maintainers
- Lessons Learned - Architecture insights
When comparing file versions, SVN uses these keywords:
| Term | Meaning | Example |
|---|---|---|
| BASE | Your last updated version | What you had after your last svn update |
| HEAD | Server's latest version | The newest revision on the repository |
| PREV | Previous committed version | The revision before HEAD |
Common scenarios:
- "Open Changes with BASE" - Compare your edits to what you downloaded
- "Open Changes with HEAD" - See if server has newer changes
- "Open File (HEAD)" - View the server's latest without changing your local copy
You can checkout a SVN repository with the SVN: Checkout command in the Command Palette (Ctrl+Shift+P). You will be asked for the URL of the repository and the parent directory under which to put the local repository.
- Source Control View
- Quick Diffs in gutter
- Status Bar
- Create changelists
- Add files
- Revert edits
- Remove files
- Create branches
- Switch branches
- Create patches
- Diff changes
- Diff with external tools (Beyond Compare, etc.)
- Commit changes/changelists
- See commit messages
This extension simulates Git's staging area using SVN changelists, enforcing a "stage before commit" workflow.
Files must be staged (or in a changelist) before committing:
- Stage files - Click the
+button or use "Stage" from context menu - Review staged - Files appear in "Staged for Commit" group
- Commit - Press
Ctrl+Enteror click the checkmark button
If no files are staged, you'll be prompted to "Stage All" before committing.
- Staging uses a hidden SVN changelist (
__staged__) - Files in custom changelists can also be committed directly
- Original changelist membership is restored when unstaging
- SVN automatically clears changelist membership after commit
- Intentional commits - Forces you to review what you're committing
- Partial commits - Commit only specific files, not everything
- Familiar UX - Works like Git for developers switching from Git
- Non-destructive - Original changelists preserved on unstage
| Action | Shortcut/Button |
|---|---|
| Stage file | + button or context menu |
| Stage all | + on Changes group header |
| Unstage file | - button or context menu |
| Unstage all | - on Staged group header |
| Commit staged | Ctrl+Enter or checkmark button |
Configure external diff tools like Beyond Compare for large files (e.g., CSVs) where built-in diff is insufficient.
Setup:
- Set
svn.diff.toolto path of wrapper batch file (e.g.,bcsvn.bat) - Right-click file in Source Control → Diff with External Tool
- For Beyond Compare setup, see: https://www.scootersoftware.com/kb/vcs#svn
The extension displays status badges and icons on files in the Explorer and Source Control views.
| Badge | Meaning |
|---|---|
| A | Added - new file scheduled for commit |
| M | Modified - file has local changes |
| D | Deleted - file scheduled for removal |
| R | Renamed/Replaced - file moved or replaced |
| C | Conflicted - merge conflict needs resolution |
| U | Unversioned - new file not yet added to SVN |
| ! | Missing - file deleted outside SVN |
| I | Ignored - file matches ignore pattern |
Folders show the same status with a folder prefix:
- 📁A - Folder added
- 📁M - Folder with modified contents
- 📁D - Folder deleted
| Icon | Meaning |
|---|---|
| 🔒 | File is locked (by you or others) |
| 🔓 | File has svn:needs-lock property (unlocked, read-only) |
| 🔒M | Locked and modified |
| 🔒A | Locked and added |
Tooltip: Hover over the lock icon to see who owns the lock.
When a file has both a status and lock, badges combine:
- 🔒M - Locked + Modified
- 🔒A - Locked + Added
When you rename tracked files in the Explorer, the extension automatically uses svn move to preserve file history.
How it works:
- Rename a tracked file via Explorer → extension intercepts and converts to
svn move - File history is preserved across the rename
- Untracked files are renamed normally (no SVN involvement)
What you get:
- Use the normal "Rename" command - no separate "SVN Rename" needed
svn logshows full history including before the rename- No "missing + unversioned" status after renaming
Limitations:
- Only intercepts renames within VS Code/Positron
- External tools (command line, file manager) won't trigger auto-conversion
- For external renames, manually use
svn moveor delete + add (loses history)
When you delete tracked files in the Explorer, the extension automatically runs svn delete to preserve proper version control.
Default behavior:
- Delete a tracked file via Explorer → extension runs
svn delete - File is immediately marked for deletion (D status)
- Untracked files are deleted normally (no SVN involvement)
Setting: svn.delete.actionForDeletedFiles
remove(default) - Automatically runsvn deleteprompt- Ask what to do each timenone- Do nothing (file shows as "missing" status)
View commit history for your repository in the dedicated History pane.
- Commit list - Browse all commits with author, date, and message
- File changes - Expand commits to see which files were modified
- BASE indicator - Purple B badge marks your working copy's BASE revision
- Diff view - Click files to see changes in that commit
| Button | Action | Description |
|---|---|---|
| ↻ Refresh | Refresh from cache | Quick refresh using cached log data |
| ↓ Fetch | Fetch from server | Get latest commits from server, update cache |
| ↓↓ Pull | Fetch + Update | Fetch latest AND update working copy to HEAD |
When to use each:
- Refresh - Just redraw the UI (instant, no server contact)
- Fetch - See new commits without changing your files
- Pull - Get new commits AND update your working copy
The B badge (purple) indicates your working copy's BASE revision - the revision you last updated to.
- Commits above BASE = newer changes on server (not in your working copy yet)
- BASE commit = what your working copy is based on
- Commits below BASE = older history
Tip: If you see commits above BASE, use "Pull" or svn update to get them.
Right-click a file → Show File History to see commits that modified that specific file.
From file history, you can:
- Go to Repository History - Jump to that revision in the full repo log
- Open file at revision - View file contents at that point in time
- Compare revisions - Diff between any two versions
View line-by-line revision history directly in the editor.
Features:
- Gutter annotations: colored revision indicators (enabled by default)
- Inline messages: commit details at end of line, GitLens-style (enabled by default)
- Status bar: blame info for current line
- Auto-blame: automatically show blame when files open (enabled by default)
- Hover tooltips: detailed commit info on hover
Configuration: See all 19 configuration options in Settings → search "svn.blame"
For advanced configuration, see Blame System Documentation.
Enhanced integration with Posit's Positron IDE for data science workflows.
Connections Pane:
- View SVN repositories alongside database connections
- Quick checkout wizard with URL and directory inputs
- Repository metadata display (branch, revision, remote URL)
Setup: Automatically enabled when running in Positron. No configuration needed.
Privacy: All operations are local. No data sent to Posit or external services. See PRIVACY.md for details.
What is Positron? A next-generation IDE for data science by Posit PBC (creators of RStudio). Fork of VS Code optimized for R, Python, and Julia workflows.
Learn more: https://posit.co/products/ide/positron/
For technical details, see docs/POSITRON_INTEGRATION.md.
The extension provides secure authentication with multiple methods and comprehensive credential protection.
⚠️ CRITICAL: Versions prior to v2.17.230 expose passwords in process listings. Upgrade immediately to v2.17.230+ to eliminate this security risk.
Recommended (in priority order):
-
SSH Key Authentication ⭐ BEST PRACTICE
- Repository URL:
svn+ssh://[email protected]/repo - Security: Public key cryptography, zero credential exposure
- Setup:
ssh-keygen -t ed25519 -C "[email protected]" ssh-copy-id [email protected]
- When to use: Production environments, shared servers, automated systems
- Repository URL:
-
Password Authentication (Secure with Credential Cache)
- Repository URL:
https://svn.example.com/repo - Security: Credentials stored in SVN cache (
~/.subversion/auth/, mode 600) - Setup: Extension prompts for password, automatically caches securely
- When to use: Quick testing, HTTPS-only repositories, personal projects
- Repository URL:
-
Public Repository (No Authentication)
- Repository URL:
http://svn.example.com/public-repo - Security: No credentials needed
- When to use: Open-source projects, publicly accessible repositories
- Repository URL:
v2.17.230+ uses SVN's native credential cache for maximum security:
- You enter username/password in VS Code UI prompt
- Extension writes credentials to
~/.subversion/auth/svn.simple/<uuid>(file mode 600) - SVN commands executed without
--passwordflag - SVN reads credentials from cache automatically
- ✅ Result: No password exposure in process list, container logs, or CI/CD logs
Before v2.17.230:
$ ps aux | grep svn
user 12345 svn update --password "MyPassword123" # ❌ EXPOSEDAfter v2.17.230:
$ ps aux | grep svn
user 12345 svn update --username alice # ✅ SECURE (no password)Extension shows which auth method is active in the Output panel:
[auth: SSH key]- SSH key authentication (most secure)[auth: password via credential cache]- Cached password (secure)[auth: none - public repository]- No authentication required
Example output:
[my-project]$ svn update --username alice [auth: password via credential cache]
At revision 1234.
This helps verify your authentication is configured correctly.
- Open Command Palette (
Ctrl+Shift+P/Cmd+Shift+P) - Run:
SVN: Show Output - Check authentication method indicators in logs
Problem: "Authentication failed" but credentials are correct
[repo]$ svn update --username alice [auth: password via credential cache]
svn: E170001: Authentication failed
Solutions:
- Clear credential cache:
rm -rf ~/.subversion/auth/ - Re-enter credentials when prompted
- Verify repository URL is correct
- Check SVN server is accessible:
svn info <repo-url>
Problem: Extension prompts for password repeatedly
ℹ No credentials configured - will prompt if needed
Solutions:
- Ensure credentials are being cached (check
~/.subversion/auth/) - Verify file permissions:
ls -la ~/.subversion/auth/svn.simple/(should be 600) - Try manual SVN command:
svn update(should not prompt if cache works)
Problem: Want to see raw error messages for debugging
Solution: Enable debug mode (
{
"svn.debug.disableSanitization": true
}- Debug mode exposes credentials in logs
- Extension shows prominent warning when enabled
- Only enable temporarily for troubleshooting
- Disable immediately after debugging
When enabled, you'll see:
⚠️⚠️⚠️ SECURITY WARNING ⚠️⚠️⚠️
Error sanitization is DISABLED
Credentials WILL BE VISIBLE in logs
Disable: svn.debug.disableSanitization = false
⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Plus a dialog with [Disable Now] button.
Check credential cache:
# List cached credentials
ls -la ~/.subversion/auth/svn.simple/
# Should show files with permissions: -rw------- (600)Check SVN version:
svn --version
# Requires SVN 1.6+ for credential cacheTest repository access:
svn info <your-repo-url>
# Should show repository information without prompting- ✅ Use SSH keys (
svn+ssh://) - ✅ Enable MFA on SVN server
- ✅ Keep SVN client updated
- ❌ Never use
svn.debug.disableSanitizationin production - ❌ Avoid HTTP URLs (use HTTPS or svn+ssh://)
- ✅ Use HTTPS with credential cache for personal projects
- ✅ Use SSH keys for shared/company repositories
- ✅ Protect
~/.subversion/auth/directory (mode 700) - ✅ Regularly update extension and SVN client
- ✅ Use SSH keys stored in CI/CD secrets
- ✅ Use repository access tokens (if supported by SVN server)
- ❌ Never pass passwords via environment variables
- ❌ Never commit credentials to
.vscode/settings.json
Example GitHub Actions:
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SVN_SSH_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- run: svn checkout svn+ssh://svn.example.com/repo-
Error Sanitization
- Automatic redaction of passwords, tokens, paths, URLs
- Active by default in all logs and error messages
- Protects against accidental credential exposure
-
SecretStorage Integration
- Passwords stored in OS keychain (encrypted)
- macOS: Keychain Access
- Windows: Credential Manager
- Linux: Secret Service (gnome-keyring, KWallet)
- Never stored in plaintext in extension settings
- Passwords stored in OS keychain (encrypted)
-
Credential Cache Protection
- Files stored with mode 600 (user-only access)
- Automatic cleanup of old credentials
- Isolated per repository/realm
-
Audit Trail
- All auth operations logged (credentials redacted)
- Authentication method always visible
- Debug mode warnings prevent accidental exposure
- Check authentication method indicator in Output panel
- Verify repository URL is correct (HTTPS vs svn+ssh://)
- Test SVN access outside VS Code:
svn info <repo-url> - Check credential cache:
ls ~/.subversion/auth/svn.simple/ - Verify SVN version:
svn --version(requires 1.6+) - Review error messages in Output panel
- Try clearing cache:
rm -rf ~/.subversion/auth/and re-enter credentials - For persistent issues, enable debug mode temporarily (see above)
- SECURITY.md - Security policy and vulnerability reporting
- SVN Security Best Practices
- Issue Tracker - Report bugs (not security vulnerabilities)
For security vulnerabilities, use GitHub Security Advisories.
The extension supports multiple credential storage modes via svn.auth.credentialMode:
| Mode | Description |
|---|---|
auto (default) |
System keyring locally, extension storage remotely |
systemKeyring |
Always use OS credential manager |
extensionStorage |
Always use VS Code SecretStorage |
prompt |
Never store credentials |
The default auto mode automatically selects the best storage:
- Local development: Uses system keyring (macOS Keychain, Windows Credential Manager, gnome-keyring)
- Remote SSH/WSL/Containers: Uses VS Code SecretStorage (works without keyring setup)
Uses native credential managers:
- macOS: Keychain
- Windows: Credential Manager
- Linux: gnome-keyring, gpg-agent
For gpg-agent in SSH sessions, set GPG_TTY:
# Add to ~/.bashrc or ~/.zshrc
export GPG_TTY=$(tty)If password prompts cycle endlessly:
- Try
extensionStoragemode:{ "svn.auth.credentialMode": "extensionStorage" } - Restart extension host (Ctrl+Shift+P → "Developer: Restart Extension Host")
- Re-enter credentials when prompted
Watch the Output panel (SVN) for current mode:
[auth: system keyring (local)]- Using OS credential manager[auth: extension storage (remote)]- Using VS Code SecretStorage
Here are all of the extension settings with their default values. To change any of these, add the relevant Config key and value to your VSCode settings.json file. Alternatively search for the config key in the settings UI to change its value.
{
// Whether auto refreshing is enabled
"svn.autorefresh": true,
// Select all files when commit changes
"svn.commit.changes.selectedAll": true,
// Check empty message before commit
"svn.commit.checkEmptyMessage": true,
// Set file to status resolved after fix conflicts
"svn.conflicts.autoResolve": null,
// Encoding of svn output if the output is not utf-8. When this parameter is null, the encoding is automatically detected. Example: 'windows-1252'.
"svn.default.encoding": null,
// The default location to checkout a svn repository.
"svn.defaultCheckoutDirectory": null,
// Action when tracked files are deleted in Explorer: `none` - Do nothing, `prompt` - Ask, `remove` - Auto svn delete
"svn.delete.actionForDeletedFiles": "remove" // values: ["none","prompt","remove"],
// Ignored files/rules for `svn.delete.actionForDeletedFiles`(Ex.: file.txt or **/*.txt)
"svn.delete.ignoredRulesForDeletedFiles": [],
// Controls whether to automatically detect svn externals.
"svn.detectExternals": true,
// Controls whether to automatically detect svn on ignored folders.
"svn.detectIgnored": true,
// Path to external diff tool wrapper (e.g., batch file for Beyond Compare). Used with 'Diff with External Tool' command
"svn.diff.tool": null,
// Show diff changes using latest revision in the repository. Set false to use latest revision in local folder
"svn.diff.withHead": true,
// Whether svn is enabled
"svn.enabled": true,
// Try the experimental encoding detection
"svn.experimental.detect_encoding": null,
// Priority of encoding
"svn.experimental.encoding_priority": [],
// Url for the gravitar icon using the <AUTHOR>, <AUTHOR_MD5> and <SIZE> placeholders
"svn.gravatar.icon_url": "https://www.gravatar.com/avatar/<AUTHOR_MD5>.jpg?s=<SIZE>&d=robohash",
// Use garavatar icons in log viewers
"svn.gravatars.enabled": true,
// Ignores the warning when SVN is missing
"svn.ignoreMissingSvnWarning": null,
// List of SVN repositories to ignore.
"svn.ignoreRepositories": null,
// Ignores the warning when working copy is too old
"svn.ignoreWorkingCopyIsTooOld": null,
// Regex to detect path for 'branches' in SVN URL, 'null' to disable. Subpath use 'branches/[^/]+/([^/]+)(/.*)?' (Ex.: 'branches/...', 'versions/...')
"svn.layout.branchesRegex": "branches/([^/]+)(/.*)?",
// Regex group position for name of branch
"svn.layout.branchesRegexName": 1,
// Set true to show 'branches/<name>' and false to show only '<name>'
"svn.layout.showFullName": true,
// Regex group position for name of tag
"svn.layout.tagRegexName": 1,
// Regex to detect path for 'tags' in SVN URL, 'null' to disable. Subpath use 'tags/[^/]+/([^/]+)(/.*)?'. (Ex.: 'tags/...', 'stamps/...')
"svn.layout.tagsRegex": "tags/([^/]+)(/.*)?",
// Regex to detect path for 'trunk' in SVN URL, 'null' to disable. (Ex.: '(trunk)', '(main)')
"svn.layout.trunkRegex": "(trunk)(/.*)?",
// Regex group position for name of trunk
"svn.layout.trunkRegexName": 1,
// Number of commit messages to log
"svn.log.length": 50,
// Maximum depth to find subfolders using SVN
"svn.multipleFolders.depth": 4,
// Allow to find subfolders using SVN
"svn.multipleFolders.enabled": null,
// Folders to ignore using SVN
"svn.multipleFolders.ignore": ["**/.git","**/.hg","**/vendor","**/node_modules"],
// Path to the svn executable
"svn.path": null,
// Only show previous commits for a given user. Requires svn >= 1.8
"svn.previousCommitsUser": null,
// Refresh remote changes on refresh command
"svn.refresh.remoteChanges": null,
// Set the interval in seconds to check changed files on remote repository and show in statusbar. 0 to disable
"svn.remoteChanges.checkFrequency": 300,
// Show the output window when the extension starts
"svn.showOutput": null,
// Show the update message when update is run
"svn.showUpdateMessage": true,
// Set left click functionality on changes resource state
"svn.sourceControl.changesLeftClick": "open diff" // values: ["open","open diff"],
// Combine the svn external in the main if is from the same server.
"svn.sourceControl.combineExternalIfSameServer": null,
// Allow to count unversioned files in status count
"svn.sourceControl.countUnversioned": true,
// Hide unversioned files in Source Control UI
"svn.sourceControl.hideUnversioned": null,
// Ignore unversioned files like .gitignore, Configuring this will overlook the default ignore rule
"svn.sourceControl.ignore": [],
// Changelists to ignore on commit
"svn.sourceControl.ignoreOnCommit": ["ignore-on-commit"],
// Changelists to ignore on status count
"svn.sourceControl.ignoreOnStatusCount": ["ignore-on-commit"],
// Set to ignore externals definitions on update (add --ignore-externals)
"svn.update.ignoreExternals": true
}