[false-mirror]

1. One less setting to configure, lest the Default monsters gets you

2. VSCodium is just a FLOSS VSCode binary. You could build it yourself from the available VSCode source. However, the VSCode binary is not FLOSS so you cannot be sure what it is running.

It's not like VS code is the next PRISM-- I'm sure MS has better ways to spy on users ;). The real pull is whether you prefer FLOSS by default.

[wongarsu]

> However, the VSCode binary is not FLOSS so you cannot be sure what it is running.

That's equally true of the VSCodium binary. It's not a reproducible build, I have no way of knowing from which source code the binary was generated.

Of course I could build from source, but VSCodium is just VSCode built from source with a build flag set. So in this regard it's not contributing anything notable (and doesn't claim so either).

[xyproto]

Why is it not possible to build VSCodium in a reproducible way? Does it download packages while building?

[O_H_E]

I think this kind of reproducible:

* https://reproducible-builds.org

* https://en.wikipedia.org/wiki/Reproducible_builds

Sorry, but I don't think I am qualified to explain clearly

[cortesoft]

How do we know the build of VSCodium is what they say it is? Aren't we in the exact same situation as with using the MS version, except we know even LESS about the maintainers?

[h1d]

It's kind of funny because now you're trusting some third party not to inject unwanted code when you just blindly download binary on every release anyway.

Seems to just bring another problem by trying to solve one.