[Gigachad]

The problem is not VS code itself. It's the fact extensions can access things outside of the editor. As far as I am aware, no editor sandboxes extensions.

[stephenr]

Part of the problem is that people are adding a metric fuck ton of extensions onto a text editor trying to make it into an IDE.

If you start with an IDE first you likely need far fewer extensions.

[aa-jv]

How about just don't become dependent on an IDE and don't use technologies which require that dependency...

[stephenr]

Good point. Any editor is a needless dependency.

True developers just scream at the universe and it responds with cosmic radiation that flips the correct bits to form the binary code they intended.

[tmtvl]

Ah, good old 'M-x scream-into-void'. My most-used Emacs feature after 'M-x butterfly'.

[aa-jv]

True developers don't leak the keys to their sources just because they need convenience-features from a "free IDE with tons of sexy bells and whistles" ..

Features that would, incidentally, be obviated by making just a bit of a better effort to be better managers of the filesystem and ones' source code - and thus: become more competent developers.

There is a limit to the positive impact of convenience features in any tools, not just IDE's. We are seeing that limit being broached with every exfiltration of repo keys attributed to VSCodes' crap anti-user architecture ...

You'll scream at the universe when it happens to you.

[stephenr]

Your comment implies that you've somehow misunderstood my comments and thus think that I am using Microsoft's hot garbage text editor with a million plugins.

I can assure you I am not.

[rigonkulous]

Your comment came across as sarcasm directed at aa-jv's position that folks are lured into the VSCode abyss and stay there because their comfort level won't let them leave, while VSCode - meanwhile - continues to be a huge security liability for any project where it is used.