Workspace Trust has been significantly adjusted. VisualStudioCode 1.5.8 released

2021.08.11

Web system development

table of contents

1 As expected, adjustments were made to Workspace Trust
2 What are transient workspaces?
3 The day has come when you can use the terminal as an editor
4 Scrollbar size can now be adjusted
5 Markdown preview now supports math expressions
6 summary
7 lastly

Hello,
I'm Mandai, the Wild Team member.
Visual Studio Code (VSCode) suddenly started asking "Do you trust the creator of the files in this folder?" after the last update, and recently released version 1.58. It's
been a while, but I'd like to introduce the major updates in 1.58 from the release notes.

As expected, adjustments were made to Workspace Trust

It's not surprising, but you can now adjust the behavior of whether or not to display the "Do you trust the creator of the files in this folder?" prompt mentioned at the beginning

If you're wondering what this is, Visual Studio Code Workspace Trust security. VSCode developers are convinced that this feature helps reduce security risks, saying, "We believe it is important that developers can safely browse code." However, it's easy to
imagine that there are a certain number of people who don't want to see this dialog every time they open a new project, so we've created an adjustment option!

By the way, it seems that you can read and write code without any problems even if you open it in restricted mode, but there are the following restrictions

Task execution (cannot be executed)
Debug execution (Debugging cannot be started)
Some workspace settings are disabled
Some extensions are disabled

If you are doing something like cloning unknown open source code from GitHub, I think opening it in restricted mode will reduce the risk

If you search for "trust" from the settings screen, several items will appear, so let's take a look at them

This setting controls whether the dialog box that allows you to choose whether to enter restricted mode is displayed

The default is untilDismissed, so if you choose to trust it or not, the dialog will not be displayed again
If you select always, the dialog will be displayed every time you select Don't trust
If you select never, the dialog will not be displayed

The dialog box will no longer appear, but the function will remain enabled

Empty Window

For empty windows that are not workspaces, this option enables or disables Workspace Trust.
By enabling this option and using it in conjunction with Untrusted Files (described later), you can treat empty windows in the same way as trusted workspaces without displaying a dialog.

Enabled

Enables/disables the Workspace Trust feature.
A reboot is required for changes to take effect.

Startup Prompt

Adjust when the Workspace Trust dialog appears at startup

always

When opening an untrusted workspace, a confirmation dialog will be displayed every time you start it

once

The dialog will be displayed only the first time, and will not be displayed from the second time onwards

never

No dialog is displayed

Untrusted Files

It's a bit complicated, but this sets the behavior when opening a file outside the workspace (which is an untrusted file) on a trusted workspace.
The default is "prompt", which opens the Workspace Trust dialog, and there are also "open", which opens without displaying the dialog, and "newWindow", which opens the file in a new window.

Support Untrusted Workspace

Control extensions in untrusted workspaces.
This option requires you to edit settings.json directly and specify the settings to enable for each extension depending on whether the workspace is trusted.
Depending on the number of extensions you have installed, this can require a fair amount of work, so it may seem daunting.

"eamodio.gitlens": { "supported": true "version": "11.6.0" },

The above JSON is an excerpt from settings.json, and the settings for a single extension are an object that takes two values, with the extension's Unique Identifier as the key.
supported determines how the extension will be launched in an untrusted workspace; true will enable it unconditionally, and false will disable it.
There is also a value called limited , which means the extension itself will be enabled, but any features of the extension that require trust (such as executing files) will be hidden depending on the file extension.

What are transient workspaces?

Transient is an unfamiliar word, but it seems that transient workspaces are also a type of workspace.
There are two differences between them and regular workspaces.

When you restart or reload VSCode, the workspace will not be reopened
Workspaces marked as transient workspaces do not appear in the most recently used items

Although its use is limited to a specific area, I thought it could be used like a private tab in a browser, preventing embarrassing workspaces from appearing in the history

The day has come when you can use the terminal as an editor

The terminal can now be moved to the editor area, allowing for more flexible layouts.
Until now, the terminal could only be adjusted within the panel, such as maximizing the panel or splitting the layout, but now it has entered the editor area.

To do this, right-click on an open terminal on the right side of the terminal panel and select Move into Editor Area, or drag and drop it into the editor.
The layout of the moved terminal feels the same as a normal editor, and the operation inside the terminal feels the same as before, so it's natural to use.

You can display multiple terminals side by side as editors, but please be careful not to make any mistakes when using them

Scrollbar size can now be adjusted

This is a setting that I thought was previously impossible, but now you can adjust the scroll bar to make it thicker or thinner

I tried adjusting it a bit, but if it was too thick the display area would be narrowed, and if it was too thin it would be stressful to use the mouse.
In the end I decided the default was best.

Markdown preview now supports math expressions

KaTeX equations written in Markdown are now correctly previewed

summary

It's a shame that I wasn't able to provide a detailed introduction to Workspace Trust when it was introduced in the previous version update, but I thought it was good that I was able to introduce it at the same time as various adjustments were made. I wondered
what security in an editor meant, but the more I looked into the history of its introduction, the more I realized that we live in an age where malicious programs don't just happen by clicking on suspicious links, but can also be found on GitHub.

I've devoted a lot of space to Workspace Trust, but from a server-side engineer's perspective, it's important to note that the terminal can now be used as an editor. This
means that floating may soon be possible...

lastly

I have opened the system development service site "SEKARAKU Lab" to which I belong.
Beyond is a one-stop service for everything from server design and construction to operation, so if you have any trouble with server-side development, please feel free to contact us.
SEKARAKU Lab: [https://sekarakulab.beyondjapan.com/](https://sekarakulab.beyondjapan.com/)

That's it.

If you found this article helpful , please give it a like!

The person who wrote this article

About the author

Yoichi Bandai

My main job is developing web APIs for social games, but I'm also fortunate to be able to do a lot of other work, including marketing.
Furthermore, my portrait rights in Beyond are treated as CC0 by him.

Why do first-year web engineers hold morning meetings ? A summary of the useful features of the EDISONE reservation system.