profile
viewpoint

Ask questionsTweak settings to prevent accidental execution of code from within a workspace

We want to prevent the chance of someone opening a fresh workspace on a repository to explore the code and then accidentally triggering the execution of code from within that repository. This is possible if you specify certain settings in a certain way, e.g.:

  • python.pythonPath
  • python.linting.pylintPath
  • python.formatting.blackPath
  • python.testing.pytestPath

The expected solution to all of this is:

  • Store a workspace's Python path internally and require the user to select a path/virtual environment manually if it exists within the workspace (#2125)
  • Make tool paths be user-only, so that installation into an environment still works, but can be overridden only system-wide

By requiring a user action to set the Python path to e.g. an virtual environment within the workspace it forces the user to choose to trust that interpreter. And by only running paths to tools as specified at the user level then it doesn't allow a repository to override that location.

microsoft/vscode-python

Answer questions luabud

@kynan we already have an API that allows for extensions to retrieve the value of the selected environment, but we're making some final updates on it: https://github.com/microsoft/vscode-python/issues/12596

useful!

Related questions

Auto Scroll in the Jupyter output hot 3
Workspace contains pipfile but pipenv --venv failed hot 2
Can you turn off the Microsoft Python Language Server? hot 2
Unable to debug Python tests (duplicate entries in "env") hot 2
Jupyter server crashed. Unable to connect. Cannot assign requested address hot 2
Auto Scroll in the Jupyter output hot 2
Unable to run launch targets with newest VS Code Python extension hot 2
Unable to start jupyter python interactive window hot 1
HBox output is not shown correctly in the interactive window hot 1
Debug -> Add Debug Configuration 'Cannot read property openConfigFile' hot 1
VSCode cannot connect to jupyter server; with browser this works fine hot 1
Linux arm64/aarch64 support hot 1
Add setting to disable icon for "Run Python File In Terminal" hot 1
Extension Host keeps crashing hot 1
Activate environment before debugging tests hot 1
Github User Rank List