Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Command plugin whitelist? #1277

Open
MahdiBM opened this issue Dec 13, 2024 · 0 comments
Open

Command plugin whitelist? #1277

MahdiBM opened this issue Dec 13, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@MahdiBM
Copy link
Contributor

MahdiBM commented Dec 13, 2024
edited
Loading

Running a command plugin asks for permission everytime.
This is specially annoying since the extension can't tell that a plugin requires perms ahead of time, so it can't just switch the panel where the cursor is, to the terminal panel, so i can at least quickly write yes and move on.

I think optimally the extension should maintain a whitelist of plugins with the permissions we've allowed them, and if a plugin has been whitelisted, then run it with one of those "allow this perm" SwiftPM plugin flags.
@MahdiBM MahdiBM added the enhancement New feature or request label Dec 13, 2024
plemarquand added a commit to plemarquand/vscode-swift that referenced this issue Jan 3, 2025
@plemarquand
Configurable Command Plugin Permissions
189e0f9 
Packages can define their own plugins either directly or through their
dependencies. These plugins define commands, and the extension exposes a
list of these when you use `> Swift: Run Command Plugin`.

If a command requires special permissions to write to disk or use the
network the user is prompted in the integrated terminal to type "yes".
This can be bypassed by passing a permission flag to the command such as
`--allow-writing-to-package-directory`. The extension does supply
permission flags for a small list of well known package plugins, however
if the user creates their own or uses one not on this list they must
enter "yes" every time they run the command plugin.

This patch introduces a new setting that can be specified globally or on
a per workspace folder basis that allows users to configure which
permission flags should be used when running the command.

The setting is defined under `swift.pluginPermissions`, and is specified
as an object in the following form:

```json
{
	"PluginName:intent-name": {
		"allowWritingToPackageDirectory": true,
		"allowWritingToDirectory: "/some/path",
		"allowNetworkConnections: "all",
		"disableSandbox": true,
	}
}
```

- The top level string key is the command id in the form
  `command_name:intent_name`. For instance, swift-format's
  format-source-code command would be specified as
  `swift-format:format-source-code`
- Each permission in the permissions lookup is optional.
- `allowWritingToDirectory` can also be specified as an array of paths.
- The valid values for `allowNetworkConnections` can be found here:
  https://github.com/swiftlang/swift-package-manager/blob/0401a2ae55077cfd1f4c0acd43ae0a1a56ab21ef/Sources/Commands/PackageCommands/PluginCommand.swift#L62

Issue: swiftlang#1277
@plemarquand plemarquand mentioned this issue Jan 3, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Swift Extension for Visual Studio Code
Status: Unscreened
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MahdiBM