I found a remote code execution bug in VSCode that can be triggered from untrusted workspaces. Microsoft fixed it but marked it as moderate severity and ineligible under their bug bounty program.

This page summarizes the projects mentioned and recommended in the original post on /r/programming
hardware-buttons linkedin-bot template-engine-js

CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
InfluxDB high-performance time series database
Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.
influxdata.com
featured

  1. Git

    Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.

  2. CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo

  3. Visual Studio Code

    Visual Studio Code

  4. llvm-project

    The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

    You are mostly right, but the "remote" aspect comes from the fact that https://github.dev/ can open any random repository (e.g. go to this LLVM README file and then hit the "github.dev" in the dropdown menu for edit). Nothing gets downloaded to your computer and happens on the cloud. You are editing a remote repository on a remote computer.

  5. dev

    Discontinued Press the . key on any repo (by github)

    You are mostly right, but the "remote" aspect comes from the fact that https://github.dev/ can open any random repository (e.g. go to this LLVM README file and then hit the "github.dev" in the dropdown menu for edit). Nothing gets downloaded to your computer and happens on the cloud. You are editing a remote repository on a remote computer.

  6. vscodium

    binary releases of VS Code without MS branding/telemetry/licensing

    Why not use the version without any Microsoft branding?

  7. ClearScript

    A library for adding scripting to .NET applications. Supports V8 (Windows, Linux, macOS) and JScript/VBScript (Windows).

    Microsoft makes ClearScript

  8. quickjs

    Public repository of the QuickJS Javascript Engine.

    There's QuickJS

  9. InfluxDB

    InfluxDB high-performance time series database. Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.

    InfluxDB logo

  10. rhino

    Rhino is an open-source implementation of JavaScript written entirely in Java

    Mozilla made Rhino

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • dotnet cross-platform interop with C via Environment.ProcessId system call

    4 projects | dev.to | 28 Mar 2025

  • Azure DevOps: Version Control Using Git and VS Code

    3 projects | dev.to | 3 Feb 2025

  • Hacktoberfest 2024: A retrospective

    3 projects | dev.to | 31 Oct 2024

  • Microsoft is introducing hidden APIs to VS Code only enabled for Copilot

    11 projects | news.ycombinator.com | 21 Oct 2024

  • 5 open-source tools every developer should know

    3 projects | dev.to | 2 Oct 2024

Did you know that C is
the 6th most popular programming language
based on number of references?

Loading...