VSCode is the most popular IDE right now, making it and its telemetry-free derivative (and their overlapping extension ecosystem) too juicy of a target for a supply chain attack. Over 75% of devs use VSCode, according to the SO survey. And there's also the potential of Codium itself being targeted, despite it currently having a small userbase by comparison, which could easily change as MSFT does to VSCode what it did to Windows. Also, I predict MSFT is going to make it progressively more difficult for the Codium devs to completely strip anti-privacy "features" from VSCode upstream.
VSCode is the most popular IDE right now, making it and its telemetry-free derivative (and their overlapping extension ecosystem) too juicy of a target for a supply chain attack. Over 75% of devs use VSCode, according to the SO survey. And there's also the potential of Codium itself being targeted, despite it currently having a small userbase by comparison, which could easily change as MSFT does to VSCode what it did to Windows. Also, I predict MSFT is going to make it progressively more difficult for the Codium devs to completely strip anti-privacy "features" from VSCode upstream.
Definitely all true!
If you don’t need it, I wouldn’t use it.
Thanks.