I'm surprised that we have a lot of comments but still no alternative which would be secure by design. Meaning, not downloading stuff shadily in the background like Zed, or allowing extensions to roam free like VSCode...
I understand not wanting to ship a single IDE package with support for everyting by default. But in that case the IDE vendor should build and audit enough extensions themselves so you can have a working product without relying on untrusted/unaudited ones.
We aren't talking about a single dev developing an IDE on their spare time. We are talking about a company with expenses and revenues in billions. They could develop and support replacement for every single extension in the vscode marketplace (most are redundants) and it would still be an invisible blip in their financial numbers.
We aren't talking about a single dev developing an IDE on their spare time. We are talking about a company with expenses and revenues in billions. They could develop and support replacement for every single extension in the vscode marketplace (most are redundants) and it would still be an invisible blip in their financial numbers.