Proposal: Enforce protectedFiles at extension host file system layer #296694
Description
Proposal: Enforce protectedFiles at extension host file system layer
Background
There is currently no mechanism in the extension host layer to prevent programmatic reads of sensitive files (e.g. .env) by extensions.
An initial PR implemented workspace.protectedFiles to disable inline suggestions for protected files. However, extending this to block workspace.fs.readFile requires access to configuration within ExtHostFileSystem.
Architectural Constraint
ExtHostFileSystem does not currently have access to configuration services. Injecting configuration requires modifying constructor wiring in extHost.api.impl.ts, which becomes an architectural change rather than a localized patch.
Proposal
Introduce a supported way for ExtHostFileSystem to query configuration (e.g. via ExtHostConfiguration) to allow enforcement of:
- Programmatic read blocking
- Potential future write blocking
Question
Would maintainers prefer:
- Injecting configuration into
ExtHostFileSystem - Centralizing protected file enforcement elsewhere in extension host
- A different approach entirely
Happy to iterate based on architectural guidance.