search

microsoft / vscode

Visual Studio Code
https://code.visualstudio.com
MIT License
164.86k stars 29.51k forks source link

Enterprise Support #229861

Open sassdawe opened 2 months ago

sassdawe commented 2 months ago

Support for policies would be greatly appreciated.

You see the other week I managed to meet some of the Intune PG members and they were super nice and showed me how can one import the vscode.admx file into Intune.

But we were all surprised to see that there is only a single policy setting available as of today.

<?xml version="1.0" encoding="utf-8"?>
<policyDefinitions revision="1.1" schemaVersion="1.0">
    <policyNamespaces>
        <target prefix="VSCode" namespace="Microsoft.Policies.VSCode" />
    </policyNamespaces>
    <resources minRequiredRevision="1.0" />
    <supportedOn>
        <definitions>
            <definition name="Supported_1_67" displayName="$(string.Supported_1_67)" />
        </definitions>
    </supportedOn>
    <categories>
        <category displayName="$(string.Application)" name="Application" />
        <category displayName="$(string.Category_updateConfigurationTitle)" name="updateConfigurationTitle"><parentCategory ref="Application" /></category>
    </categories>
    <policies>
        <policy name="UpdateMode" class="Both" displayName="$(string.UpdateMode)" explainText="$(string.UpdateMode_updateMode)" key="Software\Policies\Microsoft\VSCode" presentation="$(presentation.UpdateMode)">
            <parentCategory ref="updateConfigurationTitle" />
            <supportedOn ref="Supported_1_67" />
            <elements>
        <enum id="UpdateMode" valueName="UpdateMode">
            <item displayName="$(string.UpdateMode_none)"><value><string>none</string></value></item>
            <item displayName="$(string.UpdateMode_manual)"><value><string>manual</string></value></item>
            <item displayName="$(string.UpdateMode_start)"><value><string>start</string></value></item>
            <item displayName="$(string.UpdateMode_default)"><value><string>default</string></value></item>
        </enum>
            </elements>
        </policy>
    </policies>
</policyDefinitions>

The following additional policies would be a great start

  1. Disable access to Extension Marketplace
  2. Allow list for extensions
  3. Block list for extensions
  4. Mandatory extensions list
  5. Extension update control
  6. Alternative location for Extension Marketplace
  7. Disable settings synchronization

I believe you'll find most of these already exist as issues

Thank you so much!

CJRicard commented 1 week ago

I second this request! The current policy is a good start but more policies, granularity, etc. is needed for the enterprise. Another ask would be have the ability to only allow code to be committed to a specific repository.

sassdawe commented 1 week ago

Hey @joaomoreno, let me know your thoughts about the idea itself, and if you want me to split this up into smaller issues which could be implemented independently.

I just didn't want to bother creating 7 different issues without getting some feedback first.