Missing Source Code – Security and Transparency Concerns #12
Description
Hi, this repository does not contain the source code (TypeScript or JavaScript) for the extension. The only way to inspect the logic is by extracting code from the VSCode Marketplace package. This is not standard and it prevents community auditing or contributions.
I am particularly concerned that the lack of published source makes it difficult to verify the extension is not malicious. For the security of users, transparency is essential, especially for extensions with access to the filesystem or code execution.
I'd like to ask you to
- Please publish the actual source used to build the extension.
- If this project is not intended to be open source, please state this explicitly in the README and extension description. Just linking this repo gives the misleading impression that the extension is OpenSource.
Thank you.