It is not humanly possible to check each one, and a huge number of different authors may be involved. Modern JavaScript projects, for example, often have thousands of files, many buried under a directory called node_modules. But the notion that all the source code on a developer's PC is suddenly untrusted by default is an odd one, and modal dialogs are a blunt instrument that developers may confirm simply in order to get on with their work. Workspace Trust does have a use case: safely browsing suspect code. "When you ask #microsoft to make #vscode secure this is the stuff they come up with. "It has all the subtlety of a GDPR cookie banner and the charm of clippy," said another. "I was very happy to figure out how to disable the new 'Workspace Trust' feature in #vscode … if I didn't trust the code it wouldn't be on my system," said one. The feature is problematic, as VS Code users were quick to observe. The consequences of not trusting a folder: many features do not work In user studies, we watched people spend all their time thinking they had broken something."
0 Comments
Leave a Reply. |