Skip to content

add option to disable local configuration #14626

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

add option to disable local configuration #14626

wants to merge 4 commits into from

Conversation

@usering-around
Copy link

@usering-around usering-around commented Oct 19, 2025

Related to #2697. Similarly to what was suggested in #9545, I've added a load-workspace-config option which can be either "always" or "never", with the default being never.
This could be a base to adding trusted workspaces (I'm currently working on https://github.com/usering-around/helix/tree/trusted-workspaces ; if this get accepted and there is interest, I'll try to tidy it up and merge it)

@usering-around usering-around force-pushed the disable-local-configuration branch from 6eea178 to e477fb2 Compare October 20, 2025 22:22
@pascalkuthe
Copy link
Member

pascalkuthe commented Oct 26, 2025

I would be interested in seeing workspace trust implemented but I wouldn't focus so much on the local config. Helix uses language server and formatter and any of them read a wide variety of config files (or even compile and execute build scripts) that allow arbitrary code execution. In practice these are bigger issues than the helix condig.

I would probably just add workspace trust and have an enable=true/false for that.

Took a quick look at the branch and I think we would be looking for something a bit simpler:

  • As I said the helix local config isn't even the biggest issue so I don't think hashing it carries its weight.
  • As the trustdb I was thinking of an append-only file where each line is the path of one trusted workspace folder.

@usering-around
Copy link
Author

usering-around commented Oct 27, 2025
edited
Loading

Thinking it over, hashing the config files is not particularly important when the entire workspace can change anyways, which poses much more risk as you said. I'll remove it.

I would probably just add workspace trust and have an enable=true/false for that.

I think there's still merit in having configuration for loading workspace config, for example if a git repo has workspace config in .helix, you'd need to add it to .gitignore or delete it each time you pull/clone. It isn't that big of a deal, but personally I would find it nice to have a "manual" option to decide explicitly that I want to use workspace config. I see it as more of a functionality of the editor rather than a security feature.

As the trustdb I was thinking of an append-only file where each line is the path of one trusted workspace folder.

There needs to be a way to distinguish between files which are untrusted/trusted in order to not display the trust pop up each time you open a document. Unless you want to not have a pop up at all?

Since there is interest workspace trust, I'll simplify things and send a PR for it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@usering-around @pascalkuthe