code¶
code¶
Warning
This profile is not installed by default as it breaks the POLA principle in the way to will cause some extension to not work: all extension that require privilege access to the system, like docker, kubernetes, remote ssh, VM, etc... will not work with this profile.
Architecture
The code profile stack define a "world" with generic rules of what should be
allowed in an IDE and what is not:
- Allowed: compilation, running code, debugging, git, ssh, network access, etc...
in
@{user_projects_dirs} - Not allowed: access to hardware, access to other users data, etc...
We also ensure vscode can start a shell and we confine this shell to limit it to the same development related tasks. Therefore, tasks such as installing system dependencies will not work.