![]() ![]() For this reason, debugging extensions generally do not need to require trust and should select true for the supported property. VS Code will prevent debugging in Restricted Mode. When trust is granted, a configuration change event will fire in addition to the Workspace Trust event. Your extension then doesn't need to make any additional code changes to handle the setting. When you add a setting ID to the restrictedConfigurations array, VS Code will only return the user-defined value of the setting in Restricted Mode. If you identify settings that are vulnerable, you should use 'limited' for the supported property and list the setting ID in the restrictedConfigurations array. As described above, a workspace may define a value for a setting that your extension consumes that is malicious to the use. Configurations (settings)įirst, you should review your settings to determine if they need to take trust into account. A command can still be called even if it is not presented in the UI, so you should block execution or not register a command based on the API above in your extension code. This can be done via when clause contexts and the context key isWorkspaceTrusted. Any features that you disable in Restricted Mode should be hidden from the user. When the user has not trusted the workspace, they will be operating in Restricted Mode with limited functionality geared towards browsing code. Contribution points Commands, views, or other UI VS Code also exposes a context key isWorkspaceTrusted for use in when clauses as described below. You can use this API to block specific code paths and perform any necessary registrations once the workspace has been trusted. Use the isTrusted property to determine if the current workspace is trusted and the onDidGrantWorkspaceTrust event to listen for when trust has been granted to the workspace. In your extension's package.json, VS Code supports the following new capabilities property untrustedWorkspaces: capabilities: untrustedWorkspaces: VS Code offers static declaration and API support to onboard extensions quickly without the need to duplicate code across extensions. Workspace Trust centralizes this decision within VS Code and supports a Restricted Mode to protect against automatic code execution so that extension authors do not have to handle this infrastructure themselves. In this scenario, the user should trust that the contents of the workspace are not malicious. For example, consider that a language extension, in order to provide functionality, may execute code from the currently loaded workspace. Workspace Trust is a feature driven by the security risks associated with unintended code execution when a user opens a workspace in VS Code. args: Optional option bag passed to the command's implementation.īelow is an example of a tasks.Edit Workspace Trust Extension Guide What is Workspace Trust?. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |