[ande-mnoc]

Will they revisit the decision to not add a permission model to VSCode extensions?

https://news.ycombinator.com/item?id=43181789

[pas]

how would that be enforced? unless extensions now be required to be WASM blobs, or otherwise using some very simple runtime. (ie. not JS/Node) I think we learned this with the JVM (applets) and the Flash player.

[hard_times]

Is there no setfenv-like functionality in JavaScript (setfenv is Lua's way to set a sandboxed execution environment)? That's surprising. TIL.