Block Extension Access to Sensitive Files in the Project

[erfanium]

related to #52116

Currently, VSCode extensions have access to all files within a project by default. This poses a potential security risk, as projects may include files containing sensitive information, such as .env files.

To enhance security, it would be valuable to allow developers to explicitly mark certain files or patterns as sensitive in .vscode/settings.json. Files marked as sensitive would remain invisible to all third-party code, including extensions.

Proposed Feature:
Introduce a files.sensitive setting in the workspace configuration to define sensitive files. Example:

{
  "files.sensitive": {
    "**/.env": true
  }
}

This feature would:

• Ensure extensions cannot access or read marked files.
• Improve trust and security when using third-party extensions.

[RedCMD]

extensions can modify the settings file

[vs-code-engineering]

This feature request is now a candidate for our backlog. The community has 60 days to upvote the issue. If it receives 20 upvotes we will move it to our backlog. If not, we will close it. To learn more about how we handle feature requests, please see our documentation.

Happy Coding!

[starball5]

IIRC extensions can use the NodeJS API...

[vs-code-engineering]

This feature request has not yet received the 20 community upvotes it takes to make to our backlog. 10 days to go. To learn more about how we handle feature requests, please see our documentation.

Happy Coding!

[vs-code-engineering]

🙁 In the last 60 days, this feature request has received less than 20 community upvotes and we closed it. Still a big Thank You to you for taking the time to create this issue! To learn more about how we handle feature requests, please see our documentation.

Happy Coding!