Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Write a design doc for "Trusted Workspaces" (for procmacros) #200

Open
Arcticae opened this issue Jan 20, 2025 · 0 comments
Open

Write a design doc for "Trusted Workspaces" (for procmacros) #200

Arcticae opened this issue Jan 20, 2025 · 0 comments
Assignees
@piotmag769

Comments

@Arcticae
Copy link
Member

An uneasiness appeared in the community about prebuilt procmacros, that CairoLS will now happily execute arbitrary code whenever the user pastes whatever Scarb.toml/Cairo code they get from the internet.

A long-term solution is to sandbox procmacros, but a short-term idea is to write a system that will ask the user to explicitly allow running all proc macros in a workspace/particular procmacros (identifier by PackageId?)/something like this.

Write a design doc, to be shared with #crust.

Important considerations:

  1. Investigate whether we can make use of https://code.visualstudio.com/docs/editor/workspace-trust for this mechanism and whether it solves this need.
  2. Plan and design UX for non-VSCode editors.
  3. Plan what should happen on procmacro updates.
@mkaput mkaput added this to CairoLS Jan 8, 2025
@Arcticae Arcticae converted this from a draft issue Jan 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@piotmag769 piotmag769

Labels
None yet
Projects
CairoLS
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Arcticae @piotmag769