Is that something people really expect of their IDEs these days?
In my mind, an IDE needs to be able to read all the files I can read myself, it needs to be able run arbitary tools like compilers and linkers then run the resulting compiled code, it needs a debugger that can attach to running processes and mess with them, it needs to be able to pull from the language's package repository when you ask it to, it needs to talk to your git server when needed, it needs access to your SSH keys to do that. About the only thing the IDE doesn't need is to run as root - and if you're working with Docker it basically needs that too.
The idea of an IDE with pluggable language support safely running plugins from untrusted sources? I can't imagine how such a thing could even be possible?
I'm a data scientist, intrinsic to my job is to work with private data that is usually vital to the company or 3rd party, the thought of running any plugins/software from untrusted sources is just insane in this environment.
Basically anything that isn't in the internal repository is a big no, so that rules out the pulling from the language package repository.
Access to the git server is handled at network level outside the workstation, I can only access a few services anyway, not regular internet access, the ssh keys are only valid for a period of time & current project, preconfigured in an image.
Having network access from within the IDE so I can use tools that reach out to package managers and remote git servers - yes, of course that is expected behavior.
If I want to install an extension that gives me syntax highlighting and code intelligence for an obscure template language, why should I expect that extension to have unfettered network access to exfiltrate my ptivate files?
Like the dead guy said, when working with private customer data it's just not on the table to take the risk, I am stuck running vanilla vs code.
A different (Visual Studio Code) example that uses network access and runs executables from untrusted sources: embedded development. You have everything from tools like PlatformIO, that manages the toolchain for microcontrollers from multiple vendors; to ESP-IDF, that manages the toolchain for microcontrollers based upon multiple architectures; to Raspberry Pi Pico, which uses the IDE as a simplified installer for their toolchain.
With some compilers leaning on user side, rather than system side, toolchain management (e.g. Rust), I would imagine that plugins managing that would be desirable as well.
Keep in mind, computers are about automation. We should be able to reap the benefits of that automation to the greatest degree possible. Alas, we can't due to bad actors.
Well a permission model is one way, like OSes have. Another is something like elm with controlled effects, so you can just search the source code and see if something is off.
In my mind, an IDE needs to be able to read all the files I can read myself, it needs to be able run arbitary tools like compilers and linkers then run the resulting compiled code, it needs a debugger that can attach to running processes and mess with them, it needs to be able to pull from the language's package repository when you ask it to, it needs to talk to your git server when needed, it needs access to your SSH keys to do that. About the only thing the IDE doesn't need is to run as root - and if you're working with Docker it basically needs that too.
The idea of an IDE with pluggable language support safely running plugins from untrusted sources? I can't imagine how such a thing could even be possible?