Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ADMX policies for controlling VSCode extensions #170840

Closed
o-l-a-v opened this issue Jan 9, 2023 · 2 comments
Closed

ADMX policies for controlling VSCode extensions #170840

o-l-a-v opened this issue Jan 9, 2023 · 2 comments

Comments

@o-l-a-v
Copy link

o-l-a-v commented Jan 9, 2023
edited
Loading

As the VSCode marketplace does not seem to be sufficiently regulated from a security point of view:

It would be great with ADMX policies for specifying extension policies, like:

  • Allowed sources (VSCode Marketplace vs. other marketplaces (?) vs. sideload)
  • Preaccepted extensions / whitelist:
    • A list of extensions from a source that are allowed to be installed.
    • Maybe even preaccepted publishers, like Microsoft, to make the management overhead smaller.

ATM, update mode seems to be the only thing one can control with VSCode.

VSCode.admx from VSCode v1.74.2 
<?xml version="1.0" encoding="utf-8"?>
<policyDefinitions revision="1.1" schemaVersion="1.0">
	<policyNamespaces>
		<target prefix="VSCode" namespace="Microsoft.Policies.VSCode" />
	</policyNamespaces>
	<resources minRequiredRevision="1.0" />
	<supportedOn>
		<definitions>
			<definition name="Supported_1_67" displayName="$(string.Supported_1_67)" />
		</definitions>
	</supportedOn>
	<categories>
		<category displayName="$(string.Application)" name="Application" />
		<category displayName="$(string.Category_updateConfigurationTitle)" name="updateConfigurationTitle"><parentCategory ref="Application" /></category>
	</categories>
	<policies>
		<policy name="UpdateMode" class="Both" displayName="$(string.UpdateMode)" explainText="$(string.UpdateMode_updateMode)" key="Software\Policies\Microsoft\VSCode" presentation="$(presentation.UpdateMode)">
			<parentCategory ref="updateConfigurationTitle" />
			<supportedOn ref="Supported_1_67" />
			<elements>
		<enum id="UpdateMode" valueName="UpdateMode">
			<item displayName="$(string.UpdateMode_none)"><value><string>none</string></value></item>
			<item displayName="$(string.UpdateMode_manual)"><value><string>manual</string></value></item>
			<item displayName="$(string.UpdateMode_start)"><value><string>start</string></value></item>
			<item displayName="$(string.UpdateMode_default)"><value><string>default</string></value></item>
		</enum>
			</elements>
		</policy>
	</policies>
</policyDefinitions>
@gjsjohnmurray
Copy link
Contributor

See #84756

@o-l-a-v o-l-a-v mentioned this issue Jan 10, 2023
Closed
@o-l-a-v
Copy link
Author

o-l-a-v commented Jan 10, 2023

Duplicate issue, thanks for pointing that out @gjsjohnmurray.

@o-l-a-v o-l-a-v closed this as completed Jan 10, 2023
@sandy081 sandy081 removed their assignment Jan 10, 2023
@github-actions github-actions bot locked and limited conversation to collaborators Feb 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@o-l-a-v @gjsjohnmurray @sandy081