Skip to content

feat: untrusted workspace policy for binary execution #110

Description

@SebTardif

Problem

In untrusted workspaces (vscode.workspace.isTrusted === false), the extension currently discovers and executes binaries from PATH or user settings without restriction. A malicious workspace could include a patchloom binary that gets executed with the user's privileges.

Proposed Solution

When the workspace is untrusted:

  1. Skip PATH discovery entirely
  2. Ignore the patchloom.path setting (it could point to a workspace-relative path)
  3. Only use the managed install binary (extension-controlled, verified checksum)
  4. Show a warning if no managed install exists: "Patchloom CLI is not available in untrusted workspaces. Install via the managed installer or grant workspace trust."

Register a workspace trust handler:

vscode.workspace.onDidGrantWorkspaceTrust(() => {
  // Re-resolve binary with full discovery order
  refreshStatus();
});

Competitive Reference

astral-sh/ruff-vscode restricts to the bundled/managed binary in untrusted workspaces. This is a security best practice for any extension that executes external binaries.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions