Time to rethink that VSCode install

Visual Studio Code is the perfect tool to ascertain which of your colleagues would jump off a cliff, just because Microsoft told them too.

I think people should be more honest to themselves. There is no-way in hell they would use this unportable mess of a text editor if it wasn't Microsoft branded. They didn't when it was originally GitHub Atom for example.
 
Hopefully not off topic, but I've never found an IDE that I was comfortable with. I can switch between vi and emacs without missing a beat, tags/ctags/etags are wonderful, but getting an IDE up and running takes too much effort for me. I've tried a bunch; and when working on code that is in a SCM system like git, so many pauses as things happen automatically in the background.
Those are all reasons I've never even thought about vscode
 
I did use it back when it was Atom, and VSCode was better. I had already abandoned VSCodium because it was a real pain to build, but yeah, I'm guilty of taking the easy way out. Time to bite the bullet and learn how to customize Emacs the way I like editors to look and work.
 
kpedersen said:
Visual Studio Code is the perfect tool to ascertain which of your colleagues would jump off a cliff, just because Microsoft told them too.

I think people should be more honest to themselves. There is no-way in hell they would use this unportable mess of a text editor if it wasn't Microsoft branded. They didn't when it was originally GitHub Atom for example.
Click to expand...

If the alternative is Emacs... I prefer use VSCode...
 
kpedersen said:
Visual Studio Code is the perfect tool to ascertain which of your colleagues would jump off a cliff, just because Microsoft told them too.

I think people should be more honest to themselves. There is no-way in hell they would use this unportable mess of a text editor if it wasn't Microsoft branded. They didn't when it was originally GitHub Atom for example.
Click to expand...
Well that's incredibly naive. I have used vscodium with the official marketplace for years.

To me there's no real alternative. Real language specific IDE's like JetBrains of IntelliJ are good, but properietary and incredibly heavy weight.
VSCode can do most of what the big IDE's can, but in a lighter package (though still incredibly heavy) and with much more versatility.

Simpler editors like vim or emacs can be endlessly extended, but writing these extensions or properly configuring them is a pain. Besides there being a decent learning curve.

VSCode might be web based which I despise in general, but this does make it extremely easy to write extensions for.
It can do anything fairly well, from previewing latex and markdown to working with enterprise java codebases.
It can integrate any debugger from any language and the language server protocol was made specifically for it.

mer said:
Hopefully not off topic, but I've never found an IDE that I was comfortable with. I can switch between vi and emacs without missing a beat, tags/ctags/etags are wonderful, but getting an IDE up and running takes too much effort for me. I've tried a bunch; and when working on code that is in a SCM system like git, so many pauses as things happen automatically in the background.
Those are all reasons I've never even thought about vscode
Click to expand...
I think maybe you should try vscode for that reason. Even though it's much more versatile than other IDE's it is setup quite fine out of the box.

As for the security concerns, this isn't specific to the vscode marketplace at all. Emacs and Vim packages can also contain malware, these editors just see much fewer use nowadays.
 
I use VSCode because it integrates with rust-analyzer. Sure, Emacs does too, but Emacs is.. well.. Emacs.. and my brain isn't wired that way. JetBrains RustRover costs money, which is valid, but not for me as a simple hobby coder. Do I intensely dislike the hot mess that VSCode and Electron bring with them? Yes! It's a ridonculous clusterfudge of dependencies wrapped in package management, wrapped in more dependencies.. all to show an editor on my screen. Alternatives would be welcomed with open arms.. in all fairness I am quite close to retrying Emacs in earnest.
 
levitating said:
As for the security concerns, this isn't specific to the vscode marketplace at all. Emacs and Vim packages can also contain malware, these editors just see much fewer use nowadays.
Click to expand...
Got any links to Vim or Emacs packages that contain malware?
 
Jose said:
Got any links to Vim or Emacs packages that contain malware?
Click to expand...
The fact that there are none known currently doesn't mean they can't or won't exist. [1]

Besides the content of an open repository like that of vscode doens't say anything about the value of the software (vscode) itself, or the authors.
It may say something about their security concerns, but it's not like the packaging in emacs is focused around security.[2]

In contrast to emacs, packages in vscode are signed, have been scanned for viruses and are always downloaded over secure connections.

The VSCode marketplace is just a much bigger target. It probably sees a couple of orders of magnitude more use from a much less tech-savy userbase.
It's also trivial to make and publish a vscode extension.

[1]: https://www.gnu.org/software/emacs/manual/html_node/efaq/Security-risks-with-Emacs.html
[2]: https://old.reddit.com/r/emacs/comments/63e8hu/are_emacs_package_repositories_a_security_risk/
 
levitating said:
Well that's incredibly naive. I have used vscodium with the official marketplace for years.
Click to expand...
No it isn't. People have been jumping off cliffs for years. VSCode(ium) is just the current branded cliff.

To clarify, I'm not really arguing about text editors (that cliche kind of came and went with Vi vs Emacs wars). I am more reflecting upon Microsoft's impressive marketing strategies which seem to never fail to impress the wider developer ecosystem. In short, if it was still called GitHub Atom, it would not have the aforementioned 74% market share. Bolting the word "Microsoft" has given it at least an additional 50% usage.

levitating said:
Among professional developers, 74% makes use of vscode. That's just the reality of modern software development.
Click to expand...
These are the same guys who stated the years before that Microsoft Visual Studio was best because it is fully integrated with the compiler without plugins. Only to jump to Microsoft's VSCode because "it supports plugins" and "is no longer integrated with a single vendors compiler". Bunch of clowns.

You can try to call it "modern" as a justification but ultimately being blindly lead by the nose by Microsoft has been the reality of *all eras* of software development ("modern", "90s", "legacy", etc). VSCode is no exception. Visual Studio was the "trendy" editor of choice before VSCode. I wonder what terrible cruft will come next from Microsoft. The masses will use it regardless. They even successfully conned macOS users to engage with a seriously limited MonoDevelop by simply branding it Visual Studio Mac. A little bit tragic.

Jose said:
I did use it back when it was Atom
Click to expand...
Honestly, you are truely the minority there! Most people have not even heard of Atom.
What brought you to Atom originally out of interest? I can't imagine the i.e Java support to be fantastic.
Jose said:
Time to bite the bullet and learn how to customize Emacs the way I like editors to look and work.
Click to expand...
I imagine you have a backup editor for every time the VSCode package breaks?
I guess, so long as you don't load up your VSCode with random plugins, you will still be fine.
 
www.bleepingcomputer.com

Malicious VSCode extensions with millions of installs discovered

A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme to include risky code. Further research into the VSCode Marketplace found thousands of extensions...
www.bleepingcomputer.com www.bleepingcomputer.com
Oh dear. Trouble in paradise.
Unfortunately levitating is right, everyone and his dog seems to be using it now. It's a bummer, man.

Use vim. I don't need a dracula theme, or any theme for that matter.

"Below is an example of code found in a malicious Visual Studio Code Marketplace extension that opens a reverse shell to the cybercriminal's server."
- maybe they will write your code for you if you ask them nicely ;-)
 
  • Like
Reactions: _al
I am happy with nvi (& acme) but vscode users may want to try out the zed editor -- even has vim bindings. Written by the people who wrote Atom. I tried it out on a mac and seems quite zippy. There is work in progress for linux, windows and web versions. See https://github.com/zed-industries/zed
 
bakul said:
I am happy with nvi (& acme) but vscode users may want to try out the zed editor -- even has vim bindings. Written by the people who wrote Atom. I tried it out on a mac and seems quite zippy. There is work in progress for linux, windows and web versions. See https://github.com/zed-industries/zed
Click to expand...
I think zed is interesting, but it also comes at 155% the installed size of vscode and I don't care that much for it's performance improvements (vscode is already surprisingly fast).

And although it claims to support extensions, which I guess means third party extensions as well, I can't find any documentation on developing these.
Writing a vscode extension is easy because the whole application is an HTML DOM and there are various api's to integrate with.

Also, aside from tree-sitter which is very cool, the world of versatile IDE's has really been kicked off with LSP. Which is created by Microsoft.

I respect those who stick solely to vim or emacs, but those tools really can't suit everyone.

For instance I am a university student and many of our assignments and projects are done in java. I only know one person who has succesfully configured neovim to work with the recent java codebase and it took him quite a bit of effort and frankly the result was nowhere near as usable as using a real IDE. I am talking about having debuggers, lineprofilers, a proper LSP, automatic building, visualizing unit tests etc etc. These tools might not be required for your work but they sometimes are for us.

Frankly I think I might be the only student using vscode for Java out of 400 students. I also used Eclipse for a bit, but the rest is running IntelliJ Idea which is also the only IDE that the university officially supports for Java.

Just this week we had to work with haskell, prolog, java, python and c.
 
levitating said:
These tools might not be required for your work but they sometimes are for us.
Click to expand...
Oh they are. Many just don't feel the need to cram them into the text editor. For example the standard Java debugger (jdb) is a command line program and you can interface with it in the same way as gdb/lldb.

Long gone are the old MS-DOS days where only one process could be run at a time so you needed everything merged into one monolithic program, aka the TurboC IDE. Computers can multi-task and UNIX even has (real) job control.

(That said, VSCode is more on the right tracks than Visual Studio. At least it is extensible with more innovative compilers).
 
levitating said:
I respect those who stick solely to vim or emacs, but those tools really can't suit everyone.
Click to expand...
I'm a vim fan, emacs drives me nuts.

The nice thing is that vi/m is small, it works on older computers, it's available pretty much everywhere. It has a low footprint, it's most likely to be available.

I really dislike editors/environments that pop-up things or auto-suggest/auto-complete etc. Visual noise and distraction. I know what I want to write and I just want to write it without help.

VScode and Netbeans and anything that relies on Electron/Java/whatever - you are more likely to have problems, dependancy issues, etc.

But here we go, editor wars, no winners!

We've all got works for us and our own triggers. Use what works for you and your flow, but be aware that some of those choices may well cause you issues when Electron won't build or whatever. Your preferred editor/IDE might be better supported on another platform.
 
Why use VSCode on FreeBSD when KDE's Kate is pretty good? If I need command-line, it's editors/nano...

I used plain VSCode on Windows with no extensions installed because it was convenient, and comparable to Kate in terms of features.

Yeah, sometimes there's a need to automate some parts of the development stack, but it's also good to be aware of the basics, what's supposed to be happening. Malware tends to prey on that lack of awareness of the basics. 😩
 
I still have PTSD from being made to use eclipse! Now they want me to use an editor that runs a headless instance of chromium o_O and uses node.js:oops:.. oh well, that will be why they're giving me a laptop with 64 GB RAM, and the 8-core cpu... but hey, I still get to type in some code.. or at least paste in some stuff chatgpt wrote.

What's that you say? 64 GB RAM is entry level now?!
 
drhowarddrfine said:
People seem to forget that VSCode is made by Microsoft for Microsoft and its products. Anyone else is an afterthought or a marketing attempt to drag you into their universe.
Click to expand...
They want you to be a "windows ready" programmer. If you know their editor, you can sit down at an MS O/S and start typing. And they had to think of something to soak up the power of all those latest chips ( https://www.notebookcheck.net/Lenov...eplaces-the-ThinkPad-X1-Extreme.760877.0.html ) so "we may as well bloat out the IDE, we already made Paint3d as big as we possibly could". Think of your time running VSC on linux/bsd as your initial windows training. Yeah, I know, I'm a dinosaur...
 
  • Like
Reactions: mer
levitating said:
I think maybe you should try vscode for that reason. Even though it's much more versatile than other IDE's it is setup quite fine out of the box.
Click to expand...
That does not make sense to me. I have a workflow that works fine for me: edit in this window, grep in that window, make in the other, run/debugger in another if needed.
That gets to the crux of it with me and IDEs:
IDEs tend to force me to work the way they want me to.
Setup: as one gets older, one typically gets sensitive to fonts, sizes, color combinations because it's easier on my eyes. I've spent days in the past trying to get something comfortable to work with.

So if IDEs and specfic IDEs work for you, good. I guess I've been down that rabbit hole too many times over my lifetime to have any desire to try yet again.
 
You must log in or register to reply here.
Back
Top