top | item 46721538

(no title)

weaksauce | 1 month ago

> I'm curious what would stop you from opening it in restricted mode? Is it because it says browse and not edit under the button?

loss of syntax highlighting and to a lesser extent the neovim plugin. maybe having some kind of more granular permission system or a whitelist is the answer here.

opening a folder in vscode shouldn't be dangerous.

discuss

sbarre|1 month ago

> opening a folder in vscode shouldn't be dangerous.

You're not "opening a folder" though, you're opening a codebase in an IDE, with all the integrations and automations that implies, including running code.

As a developer it's important to understand the context in which you're operating.

If you just want to "open a folder" and browse the contents, that's literally what Restricted mode is for. What you're asking to do is already there.

rsyring|1 month ago

I've been using VS Code for many years and I try pretty hard to be a security aware dev.

I checkout all code projects into ~/projects. I don't recall ever seeing a trust/restricted dialogue box. But, I'm guessing, at some point in the distant past, I whitelisted that folder and everything under it.

I've only just now, reading through this thread, realized how problematic that is. :o/

Tyriar|1 month ago

Syntax highlighting should work if the highlighting is provided by a textmate grammar, it will not work if it's semantic highlighting provided by an extension and that extension requires workspace trust. If it's possible to highlight without executing code, that sounds like an extension issue for whatever language it is. I believe extensions are able to declare whether they should activate without workspace trust and also to query the workspace trust state at runtime.