The extension capability is much less powerful than VSCode (no embedded web view) so it's a lot harder to pull off crazy stuff. All of the language support is done via language servers.
But in the process of installing those language servers (automatically, without notifying you) it will install node, and download npm packages, which can do crazy stuff, as we've seen recently with the shai halud redux
The extension capability is much less powerful than VSCode (no embedded web view) so it's a lot harder to pull off crazy stuff. All of the language support is done via language servers.
But in the process of installing those language servers (automatically, without notifying you) it will install node, and download npm packages, which can do crazy stuff, as we've seen recently with the shai halud redux
They are compiled to WASM, so they have limited IO capabilities, but still they have IO.