{"id":283693,"date":"2021-06-25T14:20:48","date_gmt":"2021-06-25T11:20:48","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/"},"modified":"2021-06-25T14:20:48","modified_gmt":"2021-06-25T11:20:48","slug":"what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/","title":{"rendered":"#What is \u201cWorkspace Trust\u201d in Visual Studio Code? \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a299d8aa37a9\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a299d8aa37a9\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#What_Gets_Disabled_In_Restricted_Mode\" >What Gets Disabled In Restricted Mode?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#Why_Bother\" >Why Bother?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#Disabling_Workspace_Trust\" >Disabling Workspace Trust<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#Customizing_Workspace_Trust\" >Customizing Workspace Trust<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#Managing_Trusted_Folders\" >Managing Trusted Folders<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-workspace-trust-in-visual-studio-code-cloudsavvy-it\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#What is \u201cWorkspace Trust\u201d in Visual Studio Code? \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage aligncenter size-full wp-image-12163\" src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/06\/74e5b6c0.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Graphic showing the Visual Studio Code icon\" width=\"1602\" height=\"902\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Visual Studio Code v1.57 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/code.visualstudio.com\/updates\/v1_57\">launched<\/a> in May 2021 with a new \u201cWorkspace Trust\u201d feature. This is a security mechanism which helps you avoid accidental code execution when you can\u2019t trust a repository\u2019s origins.<\/p>\n<p><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/code.visualstudio.com\/docs\/editor\/workspace-trust\">Workspace Trust<\/a> is active by default. When you open a new folder, Code will display a dialog asking you to trust the files within. If you say yes, the editor will function normally. If you press no, Code will enter a new \u201crestricted mode\u201d with reduced functionality.<\/p>\n<h2 id=\"what-gets-disabled-in-restricted-mode\"><span class=\"ez-toc-section\" id=\"What_Gets_Disabled_In_Restricted_Mode\"><\/span>What Gets Disabled In Restricted Mode?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Restricted Mode is meant to prevent untrusted code from running. Visual Studio features which execute files will be disabled to help protect you against threats you\u2019ve not fully vetted.<\/p>\n<p>Debugging features are turned off, preventing you from accidentally launching a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">download<\/a>ed executable. Visual Studio will also disable tasks defined in the workspace file. Tasks in a <code>.vscode<\/code> file can run binaries and scripts, so a repo containing one is a security risk.<\/p>\n<p>Any user extensions which could run code will be disabled or placed into a limited functionality state. Some workspace settings might be overridden too, to limit the reach of downloaded <code>.vscode<\/code> files.<\/p>\n<p>Using Restricted Mode lets you inspect critical portions of a newly downloaded project. You get an opportunity to verify there\u2019s no suspect behaviors, without risking actual code execution. Once you exit Restricted Mode, your regular settings will be applied and debugging will be reactivated.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12165\" src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/06\/b580c874.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"535\" height=\"334\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>When Workspace Trust is enabled, you\u2019ll see a prompt each time you open a new folder in an untrusted location. You\u2019ll need to choose whether to enable all features or open the workspace in Restricted Mode.<\/p>\n<h2 id=\"why-bother\"><span class=\"ez-toc-section\" id=\"Why_Bother\"><\/span>Why Bother?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Visual Studio Code has evolved into a powerful code editor with support for thousands of extensions. Many of these third-party tools run automatically and add themselves into your workspace settings file. This file is often committed to source control so it can be shared with team members.<\/p>\n<p>It\u2019s conceivable that a crafty bad actor could create a repository that looks genuine but which runs malicious code when it\u2019s loaded into the editor. Workspace Trust is a response to this possibility. It gives you greater safety when you\u2019re inspecting open-source software and other code received from third parties.<\/p>\n<h2 id=\"disabling-workspace-trust\"><span class=\"ez-toc-section\" id=\"Disabling_Workspace_Trust\"><\/span>Disabling Workspace Trust<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Workspace Trust helps you avoid potentially dangerous unintended code executions. Using the feature gives you an extra defense layer against unfamiliar repositories. Nonetheless, you might find the prompts annoying if you regularly consume code from new sources.<\/p>\n<p>You can disable Workspace Trust entirely by setting the <code>security.workspace.trust.enabled<\/code> setting to <code>false<\/code>. You can find this in the UI by clicking File &gt; Preferences &gt; Settings and searching for \u201cworkspace trust\u201d. The checkbox will show up as \u201cSecurity &gt; Workspace &gt; Trust: Enabled\u201d. If you only want a one-time launch without Workspace Trust, add the <code>--disable-workspace-trust<\/code> command line flag.<\/p>\n<h2 id=\"customizing-workspace-trust\"><span class=\"ez-toc-section\" id=\"Customizing_Workspace_Trust\"><\/span>Customizing Workspace Trust<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Workspace Trust offers a few settings to let you fine-tune its behavior. Use the procedure described above to view the Workspace Trust settings in the UI.<\/p>\n<p>\u201cEmpty Window\u201d controls what happens when you\u2019re using a window with no open folders. When the checkbox is filled, the window will be treated as trusted by default. Otherwise, you\u2019ll need to manually trust it like a regular folder.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12167\" src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/06\/f22f52ea.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"990\" height=\"648\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The \u201cUntrusted Files\u201d setting defines what happens if you File &gt; Open a file from an untrusted location while in a trusted window. The default behavior is to prompt before continuing. You can change this to always open the file or force it into a new window that\u2019s automatically untrusted.<\/p>\n<p>Another setting lets you override how extensions respond to Workspace Trust. This must be set manually in your <code>settings.json<\/code> file. Add an <code>extensions.supportUntrustedWorkspaces<\/code> key with a JSON object as its value. Add extension IDs as keys in this object. Each extension can have <code>true<\/code>, <code>limited<\/code> or <code>false<\/code> as its value.<\/p>\n<div class=\"wp-geshi-highlight-wrap5\">\n<div class=\"wp-geshi-highlight-wrap4\">\n<div class=\"wp-geshi-highlight-wrap3\">\n<div class=\"wp-geshi-highlight-wrap2\">\n<div class=\"wp-geshi-highlight-wrap\">\n<div class=\"wp-geshi-highlight\">\n<div class=\"json\">\n<pre class=\"de1\">{&#13;\n    \"extensions\": {&#13;\n        \"supportUntrustedWorkspaces\": {&#13;\n            \"my-extension\": true&#13;\n        }&#13;\n    }&#13;\n}<\/pre>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>An extension listed as <code>true<\/code> will <em>always<\/em> be enabled, even in an untrusted workspace. Extensions with <code>false<\/code> will only load in trusted workspaces. <code>limited<\/code> extensions will be added to untrusted workspaces but with \u201ctrusted\u201d functionality disabled. You won\u2019t be able to use tasks provided by these extensions.<\/p>\n<h2 id=\"managing-trusted-folders\"><span class=\"ez-toc-section\" id=\"Managing_Trusted_Folders\"><\/span>Managing Trusted Folders<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>You can view and manage folders you\u2019ve marked as trusted from within Visual Studio Code. Press Ctrl+Shift+P to bring up the Command Palette. Search for \u201cworkspace trust\u201d and select the \u201cWorkspaces: Manage Workspace Trust\u201d item from the menu.<\/p>\n<p>This screen shows the trust status of your current window. You can switch to Restricted Mode by pressing \u201cDon\u2019t Trust.\u201d Alternatively, press the \u201cTrust\u201d button to enable all features if you\u2019re currently in a restricted state.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12166\" src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/06\/2c106440.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"\" width=\"1103\" height=\"661\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>The \u201cTrusted Folders &amp; Workspaces\u201d section enumerates all the directories which you\u2019ve marked as trusted. You can revoke a location\u2019s trust by clicking it and pressing the delete \u201cX\u201d button on the right.<\/p>\n<p>Trust is inherited by all sub-directories. Trusting a top-level folder such as <code>\/home\/me\/projects<\/code> will mean all your repositories are automatically trusted. This compromises the effectiveness of the Workspace Trust system.<\/p>\n<h2 id=\"conclusion\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Workspace Trust is a promising new security protection for Visual Studio Code users. The dangers of unintentional code execution by IDEs are only just starting to gain visibility. While some might find trust prompts frustrating, they could help protect your machine from dangerous sources.<\/p>\n<p>It\u2019s unlikely you\u2019ll want a workspace to stay in Restricted Mode for an extended time. Although you can still view and edit files, you\u2019ll lose many of Visual Studio Code\u2019s most powerful features. It\u2019s best to review executables, build scripts and <code>.vscode<\/code> files in a repository, check for any hazards, and then trust the location once you\u2019re sure it\u2019ll behave as expected.\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/12162\/what-is-workspace-trust-in-visual-studio-code\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#What is \u201cWorkspace Trust\u201d in Visual Studio Code? \u2013 CloudSavvy IT&#8221; Visual Studio Code v1.57 launched in May 2021 with a new \u201cWorkspace Trust\u201d feature. This is a security mechanism which helps you avoid accidental code execution when you can\u2019t trust a repository\u2019s origins. Workspace Trust is active by default. When you open a new&#8230;<\/p>\n","protected":false},"author":1,"featured_media":283694,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/06\/74e5b6c0.jpg","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-283693","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/283693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=283693"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/283693\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/283694"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=283693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=283693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=283693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}