1. 22
    VS Code is not what it seems privacy programming areknawo.com

  2. 54

    This is the second article that pitches this like a big secret or important. It’s not. The article goes into a nice review of the vscode build process, but the clickbait title lessens the value of the post.

    VSCode is pretty open about what they do and how they produce their official build. As another commenter said, there’s a project that builds without the non-OSS parts. And MS even makes sure you can build directly and it use theirs.

    There’s nothing to see here. If anything it’s the probably clicked through prompt to submit telemetry data, but that’s not so bad.

    I can’t find the link now, but I seem to remember someone trying to determine what telemetry data is submitted and it wasn’t terrible.

    1. 27


      VSCodium Project contains a bunch of scripts that strip away Microsoft branding, telemetry and other corporate artifacts and generate ‘clean’ binaries, sourced from the original vscode repo.

      I should also point out that the exe you download from the vscode website is not the same as the one you get after building from their github source. There are some very minor differences, but can be overlooked.

      VSCodium is also available via Brew, Scoop, Chocolatey, and other linux package managers as well.

      Migrate from VSCode to VSCodium by referring to this doc.

      1. 11

        I am not sure if I want to hate this for the intentionally obfuscated title or like it for clarifying immediately at the beginning of the article.

        1. 3

          Seriously, what is the point of this article?

          1. 2

            I see arguments being made for “not open source,” but not as many arguments being made for why that is bad.

            This is an argument of values, not a technical one.

            1. 3

              Not having the ability (not to be confused with ‘desire’) to review the source code of any application you run on your computer is a technical problem.

            2. 2

              Does the products.json file just establish what telemetry endpoint the product should be hitting, or does MS, as part of the build process, add code to the VS Code binary that has telemetry specific behavior? If all of the code that VS Code executes is open source, including the code that communicates with the telemetry server, having a custom, non-open source telemetry server doesn’t negate anything.

              Also can we make garbage, clickbait headlines a flaggable offense?