Workspace Trust in VS Code (opens in new tab)

(code.visualstudio.com)

50 pointsItalyPaleAle4y ago24 comments

24 comments

23 comments · 11 top-level

duped4y ago· 3 in thread

Total anecdata but I don't appreciate the nag screen every time I've opened repos that I have either authored or contributed heavily to... I default to "yes I accept in this directory and all directories" which seems very sketchy in general, but is the easiest for me to get my work done.

sergiomattei4y ago

This happens even in files I just created or when doing `code ~./zshrc`.

It's pretty annoying. I'm a developer, I know what I'm doing. I don't need to be asked whether I trust a Python notebook or not.

incrudible4y ago

> I'm a developer, I know what I'm doing.

famous last words

duped4y ago

Which is kind of ridiculous because .zshrc isn't a workspace. My understanding of this feature was to calm fears of untrusted code running due to some configuration in .vscode configurations or with plugins.

Basically the files and folders are usually innocuous, it's the particular configuration of the workspace or plugins that may run code on them that need to be "trusted" or designed to request permission before executing code

sdiq4y ago· 3 in thread

Based on the first four comments, I see some do not appreciate this unlike me, at least. Just last-night, I was forced to download a zipped folder with source code from a site I was new to. Well, I did appreciate using this new feature because I wasn't sure what I of the 'trustworthiness' of the folder.

74B54y ago

>I see some do not appreciate this

It is the same approach to defend off phishing attacks in large corporations: shift the responsibility to the user.

In my opinion, this is just another scream for codified capabilities. Which would be a real solution and not just repeatedly a click away from disaster.

swiley4y ago

If I had to download source in zip format I probably wouldn't touch it outside a VM.

ItalyPaleAleOP4y ago

I don't think a ZIP is that much different from a random Git repo...

1 more reply

nathanaldensr4y ago· 2 in thread

Ah, the classic tug of war continues between the principle of least privilege and convenience/productivity. It's safe to say people's opinions are all over the spectrum.

Despite favoring "least privilege" myself, I find the new nag screens overbearing. I think some basic UI reworking can help to alleviate that, though. It's a new feature; they'll get it right within a couple of iterations.

franga20004y ago

There is a third approach, which is both safe and convenient, but unfortunately it's not universal and well supported on modern systems - segregation. The vast majority of applications don't actually need access to your operating system. My entire development environment for each project I work on could run in its own container or even VM and I'd simply connect my interface into it.

Builds, tests and the app itself could easily run inside a container - web apps can simply expose a TCP port and GUI apps can use X forwarding or the platform equivalent. Other programs that need external devices (like a serial connection to an MCU) could have those and only those passed in.

And if we're even more paranoid and worried about code exploiting our editor and tools, the editor could also be just a simple thin client with all the linters, language servers and everything else running in the container. For VS Code, this already exists for cloud development services (Che, etc.).

ItalyPaleAleOP4y ago

This makes sense. Remote-Containers (without bond-mounted volumes) or Codespaces may help here.

conceptme4y ago· 2 in thread

It's usually a bit silly, yes i trust the author of this directory but I have no clue about the authors under node_modules.

krono4y ago

Yeah I think people really underestimate how massive of a security liability node modules are in the way the system currently works.

Fixing it should really be given top priority, but doesn't look to be a very popular subject when you compare it to some of the others such as whether or not ESLint should become a NodeJS core module ...

franga20004y ago

NPM is one of the most dangerous implementations, but the whole concept of pulling in thousands of unknown dependencies is dangerous on its own, even in other languages.

logbiscuitswave4y ago· 1 in thread

> Now, I'm sure many of you will agree, VS Code suffers from a bit of what we call "Notification Fatigue"

Yup.

I love VS Code but the sheer amount of chatty notifications especially when browsing a large code base can be simply overwhelming. I just start reflexively ignoring them. There’s no “just shut up already and let me work” button.

I’m glad this is something they are working on improving.

franga20004y ago

Being verbose isn't bad, but VS Code is actively spammy. "Hey, this extension just updated, want to read the changelog?", "hey, we've added this new feature", "hey, want to star our extensions on github?"... It's like WordPress plugins all over again.

thiht4y ago· 1 in thread

I don’t like this feature. It’s annoying and I just don’t see the benefits.

amanzi4y ago

Did you read the linked article? I don't like it either, but I can understand the reasoning behind it after reading the post.

swiley4y ago

This is why I don't use editor configurations that execute code from files I open.

I prefer zero trust.

gushie4y ago

I'm likely going to blindly say yes every time I get the dialog out of habit. Making it useless.

lathiat4y ago

This feature clearly needs to be a non-modal popup and just silently disables those features until you click to enable it. Makes much more sense.

siproprio4y ago

DO I HEAR THE WORDS ORGANIZATION-WIDE BAN????

nsonha4y ago

so what's the alternative? Just run things silently?

j / k navigate · click thread line to collapse

24 comments

23 comments · 11 top-level

duped4y ago· 3 in thread

sergiomattei4y ago

This happens even in files I just created or when doing `code ~./zshrc`.

It's pretty annoying. I'm a developer, I know what I'm doing. I don't need to be asked whether I trust a Python notebook or not.

incrudible4y ago

> I'm a developer, I know what I'm doing.

famous last words

duped4y ago

sdiq4y ago· 3 in thread

74B54y ago

>I see some do not appreciate this

It is the same approach to defend off phishing attacks in large corporations: shift the responsibility to the user.

In my opinion, this is just another scream for codified capabilities. Which would be a real solution and not just repeatedly a click away from disaster.

swiley4y ago

If I had to download source in zip format I probably wouldn't touch it outside a VM.

ItalyPaleAleOP4y ago

I don't think a ZIP is that much different from a random Git repo...

1 more reply

nathanaldensr4y ago· 2 in thread

Ah, the classic tug of war continues between the principle of least privilege and convenience/productivity. It's safe to say people's opinions are all over the spectrum.

franga20004y ago

ItalyPaleAleOP4y ago

This makes sense. Remote-Containers (without bond-mounted volumes) or Codespaces may help here.

conceptme4y ago· 2 in thread

It's usually a bit silly, yes i trust the author of this directory but I have no clue about the authors under node_modules.

krono4y ago

Yeah I think people really underestimate how massive of a security liability node modules are in the way the system currently works.

franga20004y ago

NPM is one of the most dangerous implementations, but the whole concept of pulling in thousands of unknown dependencies is dangerous on its own, even in other languages.

logbiscuitswave4y ago· 1 in thread

> Now, I'm sure many of you will agree, VS Code suffers from a bit of what we call "Notification Fatigue"

Yup.

I’m glad this is something they are working on improving.

franga20004y ago

thiht4y ago· 1 in thread

I don’t like this feature. It’s annoying and I just don’t see the benefits.

amanzi4y ago

Did you read the linked article? I don't like it either, but I can understand the reasoning behind it after reading the post.

swiley4y ago

This is why I don't use editor configurations that execute code from files I open.

I prefer zero trust.

gushie4y ago

I'm likely going to blindly say yes every time I get the dialog out of habit. Making it useless.

lathiat4y ago

This feature clearly needs to be a non-modal popup and just silently disables those features until you click to enable it. Makes much more sense.

siproprio4y ago

DO I HEAR THE WORDS ORGANIZATION-WIDE BAN????

nsonha4y ago

so what's the alternative? Just run things silently?

j / k navigate · click thread line to collapse