Workspace Trust has been significantly adjusted. VisualStudioCode 1.5.8 released

2021.08.11

Web system development

table of contents

1 As expected, adjustments were made to Workspace Trust
2 What are transient workspaces?
3 The day has come when you can use the terminal as an editor
4 Scrollbar size can now be adjusted
5 Markdown preview now supports math expressions
6 summary
7 lastly

Hello.
This is Mandai, the wild one on the development team.
Visual Studio Code (VSCode) suddenly started displaying the question "Do you trust the creators of the files in this folder?" after the last update, but version 1.58 was released the other day. It
's been a while, but I'd like to introduce the main updates in 1.58 from the release notes.

As expected, adjustments were made to Workspace Trust

It's not surprising, but you can now adjust the behavior of whether or not to display the "Do you trust the creator of the files in this folder?" prompt mentioned at the beginning

For those wondering what this is all about, the Visual Studio Code Workspace Trust security documentation, but the VS Code developers seem to firmly believe that this feature plays a role in reducing our security risks, with statements like "we believe it is important that developers can safely browse code." However, it's
easy to imagine that there are a certain number of people who don't want to see this dialog every time they open a new project, so they've created an option to adjust it!

By the way, it seems that you can read and write code without any problems even if you open it in restricted mode, but there are the following restrictions

Task execution (cannot be executed)
Debug execution (Debugging cannot be started)
Some workspace settings are disabled
Some extensions are disabled

If you are doing something like cloning unknown open source code from GitHub, I think opening it in restricted mode will reduce the risk

If you search for "trust" from the settings screen, several items will appear, so let's take a look at them

This setting controls whether the dialog box that allows you to choose whether to enter restricted mode is displayed

The default is untilDismissed, so if you choose to trust it or not, the dialog will not be displayed again
If you select always, the dialog will be displayed every time you select Don't trust
If you select never, the dialog will not be displayed

The dialog box will no longer appear, but the function will remain enabled

Empty Window

This setting determines whether to enable Workspace Trust for empty windows that are not workspaces.
By enabling this option and using it in conjunction with Untrusted Files (described later), empty windows can be treated the same as trusted workspaces without displaying a dialog box.

Enabled

Enables/disables Workspace Trust functionality.
A restart is required for the changes to take effect.

Startup Prompt

Adjust when the Workspace Trust dialog appears at startup

always

When opening an untrusted workspace, a confirmation dialog will be displayed every time you start it

once

The dialog will be displayed only the first time, and will not be displayed from the second time onwards

never

No dialog is displayed

Untrusted Files

It's a bit complicated, but this setting determines how files from outside the workspace (which are considered untrusted files) are opened on a trusted workspace.
The default is "prompt," which opens the Workspace Trust dialog box. There are also "open," which opens the file without displaying a dialog box, and "newWindow," which opens the file in a new window.

Support Untrusted Workspace

controls extensions in untrusted workspaces.
This requires directly editing the settings.json file, where you'll need to specify settings for each extension to enable based on whether the workspace is trusted.
Depending on the number of extensions you have installed, this can be quite a lot of work, and you might get discouraged.

"eamodio.gitlens": { "supported": true "version": "11.6.0" },

The JSON above is an excerpt from settings.json, and each extension has a configuration object that takes two values with the extension's Unique Identifier as the key. `
supported` determines how the extension is launched in untrusted workspaces; `true` enables it unconditionally, while `false` disables it.
There is also a value `limited`, which enables the extension itself, but hides its trust-requiring features (such as file execution) based on the file extension.

What are transient workspaces?

The unfamiliar word "Transient" has come up, but it seems that "Transient workspaces" are also a type of workspace.
There appear to be two differences between them and regular workspaces.

When you restart or reload VSCode, the workspace will not be reopened
Workspaces marked as transient workspaces do not appear in the most recently used items

Although its use is limited to a specific area, I thought it could be used like a private tab in a browser, preventing embarrassing workspaces from appearing in the history

The day has come when you can use the terminal as an editor

The terminal can now be moved to the editor area, allowing for more flexible layouts.
Previously, the terminal could only be adjusted within the panel, such as by maximizing or splitting the panel layout, but now it can move into the editor area.

To do this, right-click on the open terminal on the right side of the terminal panel and select "Move into Editor Area," or drag and drop it into the editor.
The layout and operation of the moved terminal will feel the same as a regular editor, and the operation within the terminal will also feel the same as before, so you can use it naturally.

You can display multiple terminals side by side as editors, but please be careful not to make any mistakes when using them

Scrollbar size can now be adjusted

This is a setting that I thought was previously impossible, but now you can adjust the scroll bar to make it thicker or thinner

I tried adjusting it a bit, but making it too thick narrows the display area, and making it too thin makes mouse operation stressful.
In the end, I think the default is best.

Markdown preview now supports math expressions

KaTeX equations written in Markdown are now correctly previewed

summary

I regret not being able to give a detailed introduction to Workspace Trust in the previous version update, but I think it's good that I can introduce it now, as there have been various adjustments made. I used to think,
"What does security in an editor even mean?", but the more I looked into the history of its introduction, the more I realized that malicious programs "can now exist not only by clicking on suspicious links, but also on GitHub."

I've spent quite a bit of space on Workspace Trust, but from a server-side engineer's perspective, the fact that the terminal can now be used as an editor is something that can't be overlooked. And
since it can now function as an editor, perhaps floating interfaces will be available soon... maybe.

lastly

I have launched "SEKARAKU Lab," a service site for the system development company I belong to.
Beyond offers a one-stop service for everything from server design and construction to operation, so please feel free to contact us if you have any problems with server-side development.
SEKARAKU Lab:[https://sekarakulab.beyondjapan.com/](https://sekarakulab.beyondjapan.com/)

That's all

If you found this article helpful,please give it a "Like"!

The person who wrote this article

About the author

Yoichi Bandai

My main job is developing web APIs for social games, but thankfully I'm also given the opportunity to work on various other tasks, including marketing.
My image rights within Beyond are treated as CC0.

Why do first-year web engineers hold daily coding sessions ? A summary of the convenient features of the EDISONE reservation system that addresses even the smallest needs.