package.json: use the updated workspace trust API

The workspace trust API has changed. Update to use the new API and utilize 'limited' + 'restrictedConfigurations' capability. If VSCode has a version that supports this new API and the user opted in to this experimental feature using security.workspace.trust.enable setting, we disable our hacky workaround using the Configuration in src/config.ts, and make our workspace toggle command trigger VSCode's trusted workspace configuration command. I wanted to add some of gopls.build.* configuration, but that doesn't seem to work as I expected. More experiments with it is necessary. Updates golang#1469 Change-Id: Ie192063bfaf151427688da747dd44758afdc2565 Reviewed-on: https://go-review.googlesource.com/c/vscode-go/+/317049 Trust: Hyang-Ah Hana Kim <[email protected]> Trust: Suzy Mueller <[email protected]> Run-TryBot: Hyang-Ah Hana Kim <[email protected]> TryBot-Result: kokoro <[email protected]> Reviewed-by: Suzy Mueller <[email protected]>
dekimsey · May 17, 2021 · 646faec · 646faec
1 parent e8dc6c4
commit 646faec
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 3 deletions.
diff --git a/package.json b/package.json
@@ -89,7 +89,6 @@
   "engines": {
     "vscode": "^1.52.0"
   },
-  "requiresWorkspaceTrust": "onStart",
   "activationEvents": [
     "workspaceContains:**/*.go",
     "onLanguage:go",
@@ -103,6 +102,19 @@
     "onWebviewPanel:welcomeGo"
   ],
   "main": "./dist/goMain.js",
+  "capabilities": {
+    "untrustedWorkspaces": {
+      "supported": "limited",
+      "restrictedConfigurations": [
+        "go.alternateTools",
+        "go.gopath",
+        "go.goroot",
+        "go.inferGopath",
+        "go.toolsGopath",
+        "go.toolsEnvVars"
+      ]
+    }
+  },
   "contributes": {
     "languages": [
       {

diff --git a/src/config.ts b/src/config.ts
@@ -17,15 +17,29 @@ const SECURITY_SENSITIVE_CONFIG: string[] = [
 	'toolsEnvVars'
 ];
 
+// Set true only if the vscode is the recent version that has the workspace trust API AND
+// if the security.workspace.trust is enabled. Change of this configuration requires restart
+// of VSCode, so we don't need to set up the configuration change listener.
+// TODO(hyangah): remove this and Configuration & WrappedConfiguration when we update
+// our extension to require 2021 June VSCode engine.
+const isVscodeWorkspaceTrustAPIAvailable =
+	'boolean' === typeof (vscode.workspace as any).isTrusted &&
+	vscode.workspace.getConfiguration('security.workspace.trust')?.get('enabled') === true;
+
 // Initialize the singleton defaultConfig and register related commands.
 // Prompt if workspace configuration was found but had to be ignored until
 // the user has to explicitly opt in to trust the workspace.
 export async function initConfig(ctx: vscode.ExtensionContext) {
+	ctx.subscriptions.push(vscode.commands.registerCommand('go.workspace.isTrusted.toggle', toggleWorkspaceIsTrusted));
+
+	if (isVscodeWorkspaceTrustAPIAvailable) {
+		return; // let vscode handle configuration management.
+	}
+
 	const isTrusted = getFromWorkspaceState(WORKSPACE_IS_TRUSTED_KEY, false);
 	if (isTrusted !== defaultConfig.workspaceIsTrusted()) {
 		defaultConfig.toggleWorkspaceIsTrusted();
 	}
-	ctx.subscriptions.push(vscode.commands.registerCommand('go.workspace.isTrusted.toggle', toggleWorkspaceIsTrusted));
 
 	if (isTrusted) {
 		return;
@@ -65,6 +79,10 @@ function ignoredWorkspaceConfig(cfg: vscode.WorkspaceConfiguration, keys: string
 }
 
 async function toggleWorkspaceIsTrusted() {
+	if (isVscodeWorkspaceTrustAPIAvailable) {
+		vscode.commands.executeCommand('workbench.action.manageTrust');
+		return;
+	}
 	const v = defaultConfig.toggleWorkspaceIsTrusted();
 	await updateWorkspaceState(WORKSPACE_IS_TRUSTED_KEY, v);
 }
@@ -93,7 +111,19 @@ export class Configuration {
 	}
 }
 
-const defaultConfig = new Configuration();
+class vscodeConfiguration {
+	public toggleWorkspaceIsTrusted() {
+		/* no-op */
+	}
+	public get(section: string, uri?: vscode.Uri): vscode.WorkspaceConfiguration {
+		return vscode.workspace.getConfiguration(section, uri);
+	}
+	public workspaceIsTrusted(): boolean {
+		return !!(vscode.workspace as any).isTrusted;
+	}
+}
+
+const defaultConfig = isVscodeWorkspaceTrustAPIAvailable ? new vscodeConfiguration() : new Configuration();
 
 // Returns the workspace Configuration used by the extension.
 export function DefaultConfig() {