[no-name-here]

Sublime also has packages. https://packagecontrol.io

Sublime's de facto package control repository is handled by an Uber engineer and father of 5 in his spare time, not someone currently at Sublime per https://packagecontrol.io/about / https://packagecontrol.io/say_thanks and his linked site.

VS Code Marketplace seems to have a number of protections in place: https://code.visualstudio.com/docs/configure/extensions/exte... / https://code.visualstudio.com/api/advanced-topics/extension-...

It also appears that Sublime doesn't have sandboxing: https://github.com/sublimehq/sublime_text/issues/6915

> I love to see …

Be kind to others. https://news.ycombinator.com/newsguidelines.html

> "VSCode is perfect"

Is the claim "VSCode is perfect" one that you've regularly run across, that you specifically called it out?

(I'm personally happy that multiple editor options exist.)

[brabel]

I was feeling like sneering as well about how my emacs setup never caused any issues until I remembered emacs packages have zero protection whatsoever and can run anything anywhere, are ALL authored by some guy in Nebraska or Slovakia or something in their spare time :) but we don’t see any attacks since there’s so few of us still using emacs.