fix & refactor: workspace-trust#15582
Closed
Rudxain wants to merge 3 commits into
Closed
Conversation
Rudxain
force-pushed
the
workspace-trust
branch
2 times, most recently
from
3caafd7 to
54421ff
Compare
Contributor
Author
|
Elaborating on this, I'm concerned that startup performance would degrade as entries are added to the data-dir files; even when using A solution would be to make ws-trust async, but then the |
Rudxain
force-pushed
the
workspace-trust
branch
3 times, most recently
from
4854ebd to
41929e6
Compare
Rudxain
force-pushed
the
workspace-trust
branch
4 times, most recently
from
7f8e691 to
c0c618a
Compare
Rudxain
force-pushed
the
workspace-trust
branch
3 times, most recently
from
9cc372b to
5ed46fa
Compare
Rudxain
force-pushed
the
workspace-trust
branch
4 times, most recently
from
b1c913e to
cb7f806
Compare
xe-nul
pushed a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 13, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 14, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 18, 2026
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 18, 2026
Change `PathBuf` to `Path`, as per suggestion from archseer
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 19, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 19, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 22, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 22, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 26, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
xe-nul
pushed a commit
to xe-nul/helix
that referenced
this pull request
May 26, 2026
refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 26, 2026
Change `PathBuf` to `Path`, as per suggestion from archseer
xe-nul
pushed a commit
to xe-nul/helix
that referenced
this pull request
May 27, 2026
refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
May 27, 2026
Change `PathBuf` to `Path`, as per suggestion from archseer
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
May 27, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
Jun 1, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
iniw
pushed a commit
to iniw/helix
that referenced
this pull request
Jun 1, 2026
PR helix-editor#15582 refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n PR helix-editor#15590 refactor(helix-loader): split out duplicated code In the workspace trust code, the code to search a path in a file was copy-pasted three times. This splits it out into a helper function. refactor(helix-loader): use BufReader to read trust files When the workspace trust files become large, using a BufReader can increase performance, as it won't block until the whole file is loaded into RAM. refactor(helix-loader): cache workspace trust, unify with PROMPTED_WORKSPACES Since `quick_query_workspace()` and `quick_query_workspace_with_explicit_untrust()` are currently called seven times on startup, it makes sense to cache the result. With this in place, the previous cache for prompted workspaces could be merged into this. Docs (helix-editor#15636) Improve readability and grammar of workspace trust docs and popup Rewrite of helix-editor#15592 Merge of helix-editor#15582 and rewritten helix-editor#15592 Change `PathBuf` to `Path`, as per suggestion from archseer Use workspace trust in git subsystem Replace default gitoxide's model of trust (directory ownership) with our own one. Closes helix-editor#15594 Merge of everything with helix-editor#15644 Expand docs; merge wirh everything else Hardening of workspace-trust-related file modes and permissions Do not query for trust if there are no langugage servers to start Refactor: save state into `Editor`; get rid of statics Add an option to disable trust selector pop-up Add `:workspace-exclude` typable command Update docs Add 'Only once' selector option and `:workspace-trust-once` typable Allow setting trust via globbed paths in config Co-authored-by: Rudxain <76864299+Rudxain@users.noreply.github.com> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@posteo.net> Co-authored-by: David <12832280+David-Else@users.noreply.github.com>
xe-nul
pushed a commit
to xe-nul/helix
that referenced
this pull request
Jun 7, 2026
refactor(workspace_trust): minor changes fix(workspace_trust): secure permissions on Unix fix(workspace_trust): reject paths with \n
xe-nul
added a commit
to xe-nul/helix
that referenced
this pull request
Jun 7, 2026
Change `PathBuf` to `Path`, as per suggestion from archseer
Member
|
Replaced by #15857 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
\n. Those could be escaped, but it'd be overly complicated for such a non-portable edge-case, so just reject those paths as "invalid"gpg)