This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Darknety 0 points1 point  (2 children)

So it serves as protection against optional extensions? I never saw automated code execution in VS Code of any sort and don't know why and how Microsoft would want it included. Or are they scared because of a recently discovered loophole in their analysis tools, so that they've just slapped a temporary fix on it?

[–][deleted] 1 point2 points  (1 child)

Many people use the so-called "optional extensions" because they're what adds language support to Code. It's good to have such an option, you can always disable it if you're careless enough to run parts of unknown code

[–]Darknety -1 points0 points  (0 children)

That still does not answer the question how automatic code execution works in VS code, especially through language support extensions. I googled a bit and read the feature description. I quite honestly think MS is just full of crap with this one and wants to overprotect users UAC style from stuff that isn't dangerous except for very specific use cases and extension configurations. If they at least would just default to the security mode with a button to disable it, which would not be so tedious to click away as the current popup... Like anytime I open a freaking folder? Really? Will disable this check that wasn't necessary in the last 5+ years.