Comment by zargon
21 hours ago
I want to try Zed, but it's just too much of a supply chain attack waiting to happen. https://github.com/zed-industries/zed/issues/12589
I did install it in a VM with virtio-gpu, but it was absurdly slow, so I wasn't able to try it.
Had similar concerns, but just noticed they seem to be taking this more seriously now: https://zed.dev/blog/secure-by-default
Seems not applicable, given it will still download and install random LSPs for you without asking.
Is that directly related to the GitHub issue? Or you just mean that they're taking security more seriously?
I was searching the article you linked to see if it addresses the GH issue in any way, but it seems to not.