Add terminal.integrated.allowInUntrustedWorkspace setting

[Copilot]

Users are currently forced to grant workspace trust to use the terminal, even when they only need basic terminal functionality. This creates unnecessary security friction since the same trust privilege gates other higher-risk features like extension code execution.

Adds terminal.integrated.allowInUntrustedWorkspace setting to bypass the workspace trust check for terminal creation.

• Setting definition: Added to TerminalSettingId enum and registered in terminal configuration
• Security: Marked as restricted: true so only user settings (not workspace settings) can enable it; defaults to false
• Implementation: _trust() method in terminalInstance.ts returns true immediately when setting is enabled

// User settings (cannot be set in workspace settings)
{
  "terminal.integrated.allowInUntrustedWorkspace": true
}

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• redirector.gvt1.com
  • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --crashpad-handler-pid=6523 --enable-crash-reporter=4b8cc43a-e964-4161-b2ad-93b8cbb4e082,no_channel --user-data-dir=/tmp/vscode-tests-1768236639455 --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1767961354823271388,3107929433555519600,262144 --enable-features=PdfUseShowSaveFilePicker --disable-features=LocalNetworkAccessChecks,ScreenAIOCREnabled,SpareRendererForSitePerProcess,TraceSiteInstanceGetProcessCreation --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • Triggering command: .build/electron/code-oss .build/electron/code-oss test/unit/electron/index.js --crash-reporter-directory=/home/REDACTED/work/vscode/vscode/.build/crashes --grep TerminalInstance --no-sandbox (dns block)
  • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --crashpad-handler-pid=6885 --enable-crash-reporter=4b8cc43a-e964-4161-b2ad-93b8cbb4e082,no_channel --user-data-dir=/tmp/vscode-tests-1768236877242 --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,7561926732789474700,10125450658317701606,262144 --enable-features=PdfUseShowSaveFilePicker --disable-features=LocalNetworkAccessChecks,ScreenAIOCREnabled,SpareRendererForSitePerProcess,TraceSiteInstanceGetProcessCreation --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Don't require "trust" to open the terminal</issue_title>
<issue_description>

The first time you open a terminal in VSCode, it asks you if I want to trust the authors of the directory that you're viewing. I believe this creates a "usable security bug", since it encourages granting trust to directories unnecessarily. The problem is:

1. Users are forced to grant this "trust" privilege to use a basic feature which 99% of the time will be used safely. As long as VSCode's terminal itself isn't executing code in the directory, most users are aware of when they're running code from their source code directory and do it intentionally. So the warning is maybe not necessary, but granting extra trust privileges that might be needed by other VSCode extensions is definitely not necessary. If VSCode's terminal does immediately and automatically execute code in the directory, this should be fixed to match the security level users expect from their regular terminal program.

2. The same "trust" privilege gates other features, which 99% of the time are unsafe, like code exec through extensions. If trust weren't required to use the terminal, users who just need the terminal would remain protected against these other kinds of attacks.

I recommend:

• Make sure there's no way the terminal feature will automatically execute code without the user typing a command.
• Remove the trust requirement for using the terminal.
• Re-evaluate other features where full "trust" isn't really required and do a similar thing for them too.

</issue_description>

<agent_instructions>Add a new setting that allows bypassing the workspace trust check when creating terminals.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

@Tyriar It's there because it's just as unsafe to trust running a terminal in the folder as it is for extensions, debugging, etc. **If you don't trust the origin you should never open a terminal there because your shell may execute code in it.** We've discussed workspace trust at length and it's all or nothing by design, it would be even more confusing if there were multiple levels of trust.

• Fixes Don't require "trust" to open the terminal #146862

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

Pull request overview

This PR adds a new setting terminal.integrated.allowInUntrustedWorkspace to allow users to bypass workspace trust checks when creating terminals, addressing the friction users face when they only need basic terminal functionality without requiring other trust-gated features.

Changes:

• Added new AllowInUntrustedWorkspace setting ID to TerminalSettingId enum
• Registered the setting in terminal configuration with appropriate security restrictions
• Modified _trust() method to check the setting and bypass trust request when enabled

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
src/vs/platform/terminal/common/terminal.ts	Added AllowInUntrustedWorkspace to the TerminalSettingId enum
src/vs/workbench/contrib/terminal/common/terminalConfiguration.ts	Registered the new setting with restricted: true, comprehensive security warning, and false default value
src/vs/workbench/contrib/terminal/browser/terminalInstance.ts	Modified _trust() method to check setting and bypass workspace trust request when enabled, with logging

[Copilot]

The log message should use the setting key's actual string value instead of interpolating the enum value. Consider using backticks around the setting ID for better readability, similar to other log messages in the codebase.

Suggested change

	this._logService.info(`Workspace trust check bypassed due to ${TerminalSettingId.AllowInUntrustedWorkspace}`);
	this._logService.info(`Workspace trust check bypassed due to \`${TerminalSettingId.AllowInUntrustedWorkspace}\``);

[Copilot]

This new security-sensitive feature lacks test coverage. The _trust method should have tests verifying that when AllowInUntrustedWorkspace is enabled, the workspace trust check is bypassed, and when disabled, the trust request is made as expected. Given the security implications, comprehensive testing is important.