If we're debating the OSS credentials of VSCode, it'll need to be based on the code already released (which makes it a pretty great OSS editor) and the current team of people the company has devoted to maintaining that OSS section of the product (also pretty great).
Arguing that there are some extensions that are closed source and that's bad is a bit weird, especially when we can just make an open sourced extension that does the same thing.
Developers should be aware that VSCode is not as open source as it claims it is. In my circles, developers could swear VSCode is fully open source without even knowing VSCodium.
If people were more aware about this, they might think twice before using VSCode for everything and getting lock-in (just like the article says)
Is SQLite also deceiving people about its "open source credentials" because the Encryption Extension is proprietary and costs $2000?
... because as far as I can tell, most conversations do refer to SQLite as "open source" without always bringing up the encryption extension as a disclaimer in every online discussion. SQLite's creator, Richard Hipp, has a company selling a commercial license for the encryption add-on but it doesn't seem to tarnish the "open source" perception of SQLite.
So I think the issue for VScode is more nuanced: proprietary extensions are not clearly marked or separated from the open source feature set.
Another good example to consider is whether people feel deceived by various Linux distributions who bundle one-click or automated install of proprietary blobs.
Also, lots of people seem to value the proprietary extensions a lot more than people value the encryption extension of SQLite.
The blog author complained about "Live Share" as one example. As far as I can tell, "Live Share" is not in the builds one downloads from Microsoft's "Visual Studio Code" website: https://code.visualstudio.com/download
The Live Share feature is downloaded from a separate web page:
This separation seems similar to SQLite Encryption Extension. Can someone explain how the situations are not analogous?
The github page for "Visual Studio Code" prominently displays "Open Source" in its title: https://github.com/microsoft/vscode
I'm willing to be convinced that it's a marketing deception and "open source" should be removed but so far, I haven't seen any precedent from other hybrid open/closed source projects justifying that.
The difference is that typical usage of SQLite is co-located with an application, such that you don't need encryption, and it doesn't market itself as a great database to stand up on a far-away server.
VSCode is marketing these extensions with the core product, as features thereof. They seem to be much closer to critical, core functionality. I think that they are functionally similar situations, except that nobody uses/cares-about that SQLite extension.
Microsoft is also marketing as if VS Code is open source. One claim or the other is fine, but the combination is deceptive. There are many closed-source components which are part of VS Code, if indirectly.
As to best (admittedly subjective) if they are so good I'd think that one of the 100s of devs I know depend on them.
The only close one was Remote - which other editors do too - When I showed that remote drops code to the far end machine we determined that to be too risky - and went back to sshfs.
Also, if those extension are so "best" why hasn't a replica been created? Or why didn't any other editor have them? It might be those extension are not so compelling.
Also, my previous favorite editor (jEdit) had remote features back in like 2003 - maybe earlier.
I'm curious if you've used the live share features personally, and if you have if you've found value in them. I suspect many devs do not like collaborative programming in general, and so may never use them or like them if they have. As someone who thoroughly enjoys collaborative programming, I can tell you that these features are extremely compelling. It's way easier to tell your designer friend to boot up VScode and click on a link to your live app running locally than almost any other solution I've found. It also makes pair programming extremely easy.
I used to use vim and now emacs for everything. I've also used JetBrains products for years. The only reason I ever boot up VScode is for those features. You just can't replicate the experience in any other editor as easily. Every other feature of VScode I've found a similar or better solution in every other editor. I'd be interested to hear any other feature of VScode that you think is as compelling, without parallel in any other editor. I suspect there are few/none.
So, the features of LiveShare I found are better handled with external tools. But that is mostly because I don't want anyone to become to dependent on one tool. How can I LiveShare between emacs and Sublime? WebRTC screenshare+A/V works a treat, across editors and systems.
I don't find VSCode, or it's extension super compelling. But it is very nice.
I think the feature I like the best, built in, is that debugger - that's easier/smoother than Atom, or jEdit or any others that I've used in the last 20 years. It's like what was available in Visual Studio 6 (c1999).
I also doubt they would make the same complaint if JetBrains or someone else wrote the same proprietary extension for VS Code.
Neither the first case nor the second would make any of those editors any less open source.
Similarly, the encryption extension has many alternatives and I've never heard Dr. Hipp advocate using it. This thread is the first I've heard of it, and I've heard of alternatives before. Where I knew coming in about Remote and LiveShare based on promotions from Microsoft.
That's just an explanation of how it "feels" to one reader, not any kind of careful analysis or sweeping statement.
VS Code is as open source as it claims to be.
> If people were more aware about this, they might think twice before using VSCode for everything and getting lock-in
Are there many software developers who are not aware that most open-source software can run proprietary extensions?
I personally don't use any of Microsoft's services. Therefore, the entire claim that "the best parts of VS Code are proprietary" is completely false for me.
Which is an important distinction in this context.
VSCode is a fantastic tool, and I'd prefer to use it directly from Microsoft. I am aware that there is telemetry, and as someone conscious of privacy concerns I've looked at what telemetry is sent - I'm satisfied it's anonymised sufficiently and benign enough not to affect my privacy. If the VSCode team really find this data useful, then I'm happy to provide it and help improve VSCode.
I do however think that telemetry in VSCode should be opt-in rather than opt-out.
chrome as a whole is not Open Source or Free Software while chromium is.
whether that matters to you is up to you. those who want to use Free Software or Open Source should use Chromium and VSCodium
OSS and free software matters to me - so I use VSCode, which is OSS. Whether extensions are OSS or not is immaterial (the same extensions you can use with VSCodium!).
now it is possible that VSCode is different in that regard. but if that were the case then VSCodium would not need to exist. so i guess that it is not possible to build a full version of VSCode from those sources either. i'd love to be wrong on that though
It's perfectly possible to build VSCode from source.
AFAIK, the main reason VSCodium exists is to remove telemetry (since it's opt-in by default in VSCode, something I do disagree with).
in that case, very well. i am happy to be wrong, and retract any claim that VSCode itself is not fully open. thank you.
The gripe in the article is about extensions not also being MIT licensed - an argument precisely nobody would be making if it wasn't Microsoft; as someone else here pointed out, you could make the same argument about SQLite, but nobody would.
I’m not making the specific claims you are arguing against, and I don’t disagree with what you say, in any case. Just as in SQL, and in this case, these licenses matter. A feature matrix clarifying features and licenses would be mice. Also, it would be nice to have a fully FOSS mode for VS Code in its settings or config. It is a distinction with a difference.
This is the kind of double-speak which lets MS have the best of both worlds. From a marketing/developer relations perspective, developers think they are using open-source tools. But in actuality, developers are investing in workflows where MS is a critical link in the chain.
The UX decisions of VSCode go against this kind of careful consideration of licencing implications. If I open a code file and VSCode has a suggested extension for the file type, I will see an animated popup in the bottom of the screen, with a button to install. The simplest way to get rid of this popup is to simply install the extension. There's also no link on the popup to read up on the licensing terms. Everything about this interaction design wants you to just mindlessly install the extensions VSCode suggests to you, and I would wager this is what a lot of users end up doing.
Also if you look at the VSCode homepage, very close to the top of the page you get these marketing claims:
> Free. Built on open source. Runs everywhere.
You might be very capable of understanding the details here, but I think a new CS student who's maybe just heard of open source and knows a little bit about it could be forgiven for conflating these claims with the idea that VSCode is FOSS.
Honestly, if that where the only way to install extensions on VS Code it would probably be a deal breaker for me. I never install something because the application tells me I should. Especially in an ecosystem where anyone can provide a package. To me it would be akin to blindly adding an Node module, python module, jar or any other third party provided dependency to the custom software I am writing without first vetting it. I mean the licence for an extension, could very well state, that any software produce form the use of this extension, entitles the author of the extension a 10% royalty from said resulting software. That is a very real and valid licence, game engines, codecs, encoders use it all the time.
It's all about capturing market share aka creating user lock-in.
Microsoft Office is an early example. I know zero people that switched to it because they liked its functionality or user interface. They switched because nothing else could open Office documents correctly. Eventually, everyone I knew switched to it (and many happily switched away decades later, once “as-a-service” competition cropped up, solving the compatibility problem).
If this discussion were about anything other than text editors, I would take it much more seriously. But text editor popularity cycles every 5 years or so, and the main reason is simply that we get bored and want to try something new.
When we "invested" in VSCode over the past few years, we discarded all of our previous investments in Sublime workflows.
When we invested in Sublime back in the early-2010's, we discarded our previous investments in TextMate or Notepad++.
When we invested in TextMate or Notepad++ in the mid-2000's, we discarded our previous investments in UltaEdit or God knows what.
When we invested in UltraEdit or God known what back around the turn of the century, we discarded our previous investments in Vi or Emacs or Nano or whatever we were using from the shell in our 1990's computer science classes.
All of this has happened before, and all of this will happen again. We'll be bored with VSCode by mid-decade... and when we migrate to the next thing, it will take us a matter of days.
There's plenty of open core software that's the same, like Gitlab. I don't see any big outcry over open core in general so presumably very few people care.
Can you provide a plausible scenario for abuse is likely to happen with VSCode? Does VSCode even have any kind of market dominance? As others have pointed out, the open parts of VSCode could probably survive on their own as a community supported project, minus the proprietary plug-ins.
Those who care about using fee software already know about these things, because they check before starting to use a new software.
Microsoft markets them as OpenSource player and Viscose as OpenSource IDE and if you don't look at the license terms you miss the part.
It is hard for individuals to run and maintain custom forks, but the benefits of open source in terms of preventing lock-in are substantial.
WebKit on Mac continues to be usefully open source, and I believe performance improvements that Apple has made for Mac Safari have been incorporated into Firefox, Chrome, etc.
> it shows how being FOSS isn't enough
This is true for every app on iOS: even if you have the source code, you can't necessarily run a modified version, and so you're missing one of the main user freedoms that FOSS should guarantee. I wish Apple would rethink this, but Safari is still usefully open source.
It is true for any commercial application with source code available since there are computers.
If the user freedoms were of any value as you mention, WebKit and Bink would use copyleft licenses.
Microsoft did the digging with their C++ standard library, which is derived from Dinkum's STL.
I observed that a bit with Sun and Solaris/OpenSolaris where in the final release was one component missing.
So even with will this won't come for free.
(Which even them, they offer free as in beer).
To make the brand attractive, free/open source is best.
The "good" reason: Because relicensing of old software is hard and while they want to make it available (to strengthen their position in the developer community) See also my comment in https://news.ycombinator.com/item?id=24048633
You make a brand attractive by offering a good product, good support/service, and then marketing those points.
I try to use as much OSS as I can. But free/opensource isn't the most attractive feature to everyone. And I'd say the success of so many proprietary companies is proof of that.
After all, if the remote development feature is based on a centralized server (owned by MS), the license check will be performed on that server. And if no centralized server is in play, suffice it to say, anybody sufficiently motivated could reverse-engineer the plugin, remove the license check, and go on using the feature for free.
So they control the value from those closed features to only be used to enhance the VSCode and VS brand.
What does this mean in practice? I guess it protects from the competition. Such as the VS Codium project which provides VS Code binaries without the proprietary parts. But also, as a consequence of this, without the Marketplace of extensions.
that is kinda debatable, considering that those are extensions to an LGPL-licensed core (Blink, the rendering engine used in electron) - see e.g. https://lists.gnu.org/archive/html/directory-discuss/2017-12...
$ ls /opt/visual-studio-code/**/*.so
> Even if they don't, there's nothing wrong with a company holding back some stuff they consider strategic
It is when you are going to potentially get into legal trouble for improving said software. Or when your code is leaked due to an extension whose code you can't inspect.
Coldtea: Notepad++ is foss.
> the same thing that happened to all those people using ...
Just because you do not know about it it does not mean that it has not happened. In addition would you be willing to be the first person that this happens to? If they had nothing shady to hide they would release the source of said addons.
(also, IntelliJ and Sublime are paid software, they are not closed source for the fun of it, unlike the subject of this topic)
Yeah, the same thing that happened to all those people using XCode, Visual Studio proper, IntelliJ, Notepad++, Sublime Text, and so on.... Oh, wait, it hasn't...
That also means that if other people wants to create their own proprietary extensions they can do so. The basic experience of the plain VS Code does not change.
Now one can say indeed that the Remote and also LiveShare is the best extension there of, and since the extension author decides not to share the code, then it stays proprietary. It's just that this time the author is Microsoft itself.
But because the extension itself is not integral to the VS Code itself and merely an extension, there is no stopping anyone to create open source version of the same experience.
However, where I have issues with is that, if you were to base you own editor with VS Codium (the open source, without the telemetry), you still can't use the service that is the extension marketplace for VS Code. Yes, even if it still works, and even if the extension itself is open source. Hence, just because VS Code has a lot of extensions that is open source, does not mean it is readily reusable, because the extension service is off limits.
Of course, one can also publish the same extension in another public directory if they want, but currently there is no such directory exist. And it has to be republished to the new public extension directory.
So yes, VS Code is open source, but the access to the extensions is not currently.
It's used by vs codium and theia.
It's not just those two plugins, it's also the ms-code.cpptools which has proprietary parts. And that's sad because other plugins are built on it like platformio. Which prevents platformio from being added to ovsx because the cpp tools can't be added to ovsx.
Which stinks for me because the cpp proprietary parts are windows only, and all I want to use platformio from is theia running on Linux, but I can't.
VS Codium: https://github.com/VSCodium/vscodium
Theia IDE: https://theia-ide.org/
More details about PlatformIO not being to be added to OVSX: https://github.com/open-vsx/publish-extensions/issues/86
More cpp tools licensing details: https://github.com/microsoft/vscode-cpptools/issues/5784
Edit: you can run theia from one computer and use it via the browser on another. That's why I was so excited for it.
Edit 2: VS Codium, not open codium
The Microsoft extensions are notably missing, but they have a lot of other ones. There's an issue template for requesting another one if you find something missing.
Not sure if their second extension store is available for use by software other than code-server, but it's not an impossible problem.
See this thread: https://github.com/microsoft/vscode/issues/31168#issue-24453...
I work at @cdr
VSCode includes extra twitter/microsoft spyware (or "telemetry" for those who prefer that euphemism).
The "VSCode" binary you download includes unknown proprietary extras.
Fun fact : VSCode official home page used to have the motto "Open Source", now it is "Built on Open Source" (check on the wayback machine if you don't believe me)
I guess the MS legal team was afraid of keeping lying about the openness of VScode yet they knew Open Source is a good buzzword to attract devs so they played with words.
This is the typical big corporate approach :
Step 1) Say you develop an Open Platform so that you get many users and free contributions.
Step 2) Once you own the market and people are too addicted to switch, bit by bit make it proprietary, add more spyware.
This is the story of Android , VSCode, ONNXRuntime, and many others.
On the other hand with Neovim being able to run headless you may just need that and VS Code stripped and use Neovim for the underlying editing and plugins if you really wanted to have a more open VS Code ecosystem. Kind of a hack, but it would work.
VS Code is a closed, proprietary platform. Something like emacs, vim is 100% open source, open platform.
Open platforms tend to be a lot easier to write code for, use, extend, etc. You can't build an editing empire on VS Code - at the end of the day no matter how brilliant you are, they own the distribution 100%, so it might as well be closed source - much the same as how there are hundreds of open source clients for twitter, 'open access' APIs, but Twitter is very much, very, very proprietary.
The promise of OSS is and was that you can always freely modify, build, hack on whatever, and that you don't have to be a talented reverse engineer to do it or write large swathes of 'special sauce' magic drivers yourself. Its almost the same gambit as Apple's - Darwin is indeed Open Source but nobody would say OSX is open source - quite the opposite.
Locked down proprietary walled-garden cant-take-your-code-wherever premium platform with a very much pay-to-play mindset. Which, I'm not surprised - its great that MS is doing open source, cool beans, but who really thought they'd become a charity or a truly concerned 'digital citizen'. Although those types of (succesful) companies are becoming rarer and rarer, as is wont to do with capitalism.
Don't blame the license, blame the motivations?
1. MS has changed their ways, and has become an altruist organization which just wants to give developers things of value for free so they might hopefully choose Azure when they decide what cloud provider to run on.
2. MS is embedding themselves in the open-source community in such a way that it's almost unavoidable to make use of their proprietary tools without even realizing it, and they will use that to their advantage against competitors and developers.
It's just hard for me to think that the second possibility won't become increasingly true to the extent that MS gains the leverage to get away with it.
As a side-note, I think MS's marketing for VSCode has been very effective. As an editor, I don't see an advantage over 𝚖̶𝚘̶𝚛̶𝚎̶ ̶𝚘̶𝚙̶𝚎̶𝚗̶ less corporate alternatives like SublimeText, and I actually don't like the "install this plugin" spam in the bottom right corner.
This is why I disagree with your claim that Microsoft is giving away VSCode away for free to promote their own proprietary tools. You can shame Microsoft for trying to improve their image by making VSCode, Typescript, ... opensource. To me this is totally different from bundling your own Browser into an operating system to increase artificially your market share, you can't compare the two.
There is nothing bad about not blindly trusting a big corporation like Microsoft, but I dislike it when people are so desperate to blame Microsoft for mistakes it did in the past, that they write articles that are (deliberately?) misleading. In this case, by saying parts of VSCode are opensource when it is just some extensions. This is putting VSCode on a pedestal with Chrome, but the comparaison is all wrong, Chrome includes lots of proprietary parts, while chromium is the opensource variant you can build yourself, but for VSCode this is completely different as the version distributed on the Microsoft website doesn't include anything besides the opensource code from Github repository.
I find it a bit weird when people anthropomorphize corporations and feel bad for/protective of them.
And let's be honest, we're not talking about "mistakes", we're talking about a decades-long strategy which was methodically executed to cultivate good will, and then take advantage of it to destroy competitors.
The MS of today isn’t the MS of the 90s. That’s not to say they’re virtuous and wonderful today, just that banging on about the past doesn’t really feel relevant.
So, I just checked https://news.microsoft.com/leadership/.
The vast majority of the people there joined Microsoft in the 80s or 90s. Two or three in the early 2000, and one after 2010. For one person it was unclear when they joined.
So, an overwhelming majority of the senior management were perfectly happy to work for the "MS of the 90s". Therefore, it's hard to see that they'd be particularly uncomfortable with the ethics of the "MS of the 90s".
Companies definitely have personalities and traits that last longer than their constituent members, that's what's called a culture. Just like a nation has defining features that will still be around when every single currently living member is dead, so have companies. In particular old, large ones.
That's not to say that they can't change, and Microsoft definitely has changed since the 90s, but the past is not irrelevant.
I see it as reminder to frequently check whether my opinions on different things are still valid.
The thing that bothers me about Visual Studio Code is that does conform to the general Microsoft rule of enabling telemetry by default. IMO, this is not good practice, and in some cases it seems to have been encouraged or mandated at a senior level. We should not have aggressive data collection in the world's standard desktop OS, or compilers baking vendor instrumentation into C++ binaries by default.
I think it's a difficult ethical question, because there are balancing concerns and interests, and most behaviour doesn't easily fall into the obviously wrong or obviously right categories.
One of which is a keylogger! Windows 10 is pure evil.
"As part of inking and typing on your device, Windows collects unique words—like names you write—in a personal dictionary stored locally on your device, which helps you type and ink more accurately.
If you sync your Windows device settings to other Windows devices, your local user dictionary (up to 100 KB per language and 300 KB total of hard drive space) will be stored on your personal OneDrive for the purpose of enabling sharing of your dictionary with your other Windows devices. "
And it may have been worse when Windows 10 was first released:
It also doesn't do this for password/passphrase fields.
You can also turn it off, and you're prompted to do so upon OS installation, and the option is always there in the settings application, and you can even tell Microsoft to delete any telemetry it has for you, if you want, and they'll delete it.
Those are the facts. But, it's common to ignore those and just shout "keylogger" in online forums. It is also, somehow, a sign of weakness if you look for updated or changed information which may change your opinions, because no one ever seems to do this. Like, ever.
So for instance, the team building VSCode might be the most altruistic FOSS diehards on the planet, but that doesn't matter if the people managing them see an opportunity to leverage their work to profit MS at the expense of developers.
every PR action
free(as in beer) software (e.g. visual studio)
charitable donations (e.g. google to wikipedia)
not pressing charges for rampant cracking (photoshop used by students/children)
diversity photo ops/hiring practices
non-firing of incompetent employees
free workshops or tours for the public/children
It doesn't make me feel great about them owning the platform where almost all open source software is hosted, and one of the most dominant tools for writing code.
Microsoft's embrace of open source is about making their PaaS offerings universally compatible, and about trying to meet developers where they are. They will continue this strategy as long as it remains super profitable; ie as long as great developers have a preference for OSS, and as long as OSS remains a key part of the software ecosystem. If you want Microsoft to remain open source friendly, those are your battlefields.
It's not about MS being worse than the other tech giants, it's about opting out of these kinds of tools in favor of more open, less corporate controlled tools in general.
Try removing the word "proprietary" from that strategy, and see if it still fits the evidence you see. Or replace it with "paid".
Look at their earnings reports (https://www.microsoft.com/en-us/investor/earnings/FY-2020-Q4...). Licensing proprietary software is a small and shrinking piece of the pie, they don't even segment that way anymore in fiscal reports. They are (successfully) pivoting to become the Enterprise cloud service provider, and tightly integrated tools are an important part of that picture. Licenses simply aren't. So it's not "commercial office365", it's "commercial office365 and cloud", because o365 has tightly integrated Azure services and the revenue is tracked together. Which parts are OSS licensed is irrelevant, because that's not a primary revenue driver anymore.
A good example is the fastest growing service on Azure, AKS. 100% open source, even the implementation down to bare metal. They don't care about keeping it proprietary, because they make the same money with it either way.
Now imagine I as a developer want to pick up shop and move to another editor, but it turns out my workflow depends on proprietary extensions which are only available on VSCode, and my velocity will be cut by 70% if I switch editors.
If MS owns the interface most developers have to their code, there are all kinds of ways they could leverage that to your disadvantage.
Compare that to any google service which barely releases the clients as open source, and the clients usually are so complex that may need quite long time to get any professional developer productive in such complex code bases. Also being tied to a controlled protocol, set of libraries, cloud infrastructure which does actually keep your data is in fact the actual evil that Free Software wanted to save us.
At the end it is just corporations fighting for their users and giving free candy (OSS Clients) so they get some traction. I do not expect that to change and I do not thing companies should either keep their servers OSS just for the sake of keeping OSS folks happy.
I am more concerned about law compliance and companies respecting my rights, and providing good user support when necessary. Also the next freedom battle should be to accept any system to plug in to any other "cloud" provider service (as much as we do with electricity, phone, etc) and in this regard Microsoft is way ahead of Google and Apple yet still far from an utopian free interexchangeable stack.
Most users don't actually fall in either camp, and largely care about free as in beer (gratis), or possibly free as in doesn't require complex purchasing processes that require signoff or approvals.
FALSE, example some guy pays me to modify a GPL script/program and add some integration for his business. If I am a jerk I don't give him the source code only an obfuscated binary. This guy is not an expert but if I would have respected the license and give him the source code then he can in future hire a new developer to update the application when a new change is needed.
Conclusion is that I do not need to be a developer to benefit from free software I can always find somebody that I can pay to fix or add something I need.
I see the current state of FS as a way to cooperate between organizations in an almost transparent way and at the same time protect themselves from competitors by making the entry barrier to the market higher to little players as they would need to be remarkably stronger than the current free offering.
Sure, everyone wins by having more accessible free knowledge and products everywhere, but now these markets have quite high entry bar for anyone who doesn't have enough capital to be in a market which cannot sustain smaller players.
Somehow `massive` OSS defeats the competitiveness of capitalism and that is something which wasn't expected when FS was originally formulated. Also a project which appears to be free but it is extremely lobbied and flooded with milions of many companies and contains incredibly large amounts of financing and development time is not accessible to most of the users anymore as these are overpowered by corporations.
As a developer, you might choose to invest in truly OSS workflows which don't involve proprietary MS technologies, and you might not be aware that you're not doing that by choosing VSCode.
What about rights to study, modify, share the software? Yes, sometimes they are important: https://www.gnu.org/philosophy/free-software-even-more-impor...
I think these privileges you mention are very important but if I am honest with you I do not think we have the moral right to demand companies to release all of their IP and code, specially if it is running in their servers and just because we stablish a customer-vendor relationship. It would feel crazy to demand such lack of privacy in other professional relations.
Maybe this will help: https://news.ycombinator.com/item?id=24047877
`I don't think it says "Software not open-source is bad". But more something like "It is marketed as open source but it is not".'
> just for the sake of keeping OSS folks happy.
Heh. Maybe it is just me but that sounds very condescending.
Vscodium is some wrapper scripts to download vscode source, fix up a dev environment suitable for building vscode, and building it while rebranding it "vscodium".
I agree with that, in fact it has been for quite a while. There are lots of OSS projects which have companies selling proprietary extensions for. For example, The Qt Company sells a proprietary plugin that automatically generates QML from Photoshop designs. Most people are fine with that because it is a very niche feature and not something that is the value proposition of the OSS project (Qt in this example).
OTOH, the OP feels like LiveShare, Remote and Marketplace are VSCode's primary value proposition - in which case it is fair to object to it being marketed as OSS. (although I personally consider only Marketplace to qualify)
Because people do not want to go to jail/have to pay huge fines for improving a piece of software that they are using.
This post is about two plugins (`LiveShare` and `Remote`), both by Microsoft, not being open source. None of these plugins are even mentioned on Microsoft's Visual Studio Code homepage . At least LiveShare is marketed as a separate tool for which a Visual Studio Code plugin exists (as well as a Visual Studio plugin).
I'm curious what research/IP has lead to this being a source turducken of open-closed-open, but it's not entirely closed.
Curiosity leading me to try to answer my own question with an educated guess: Pylance does appear to use the ONNX runtime, so it seems probable that it could be using ML models for type information to feed to Pyright developed by or in concert with IntelliCode efforts and that research effort of IntelliCode does fit what Microsoft is currently keeping proprietary.
I am disappointed because I expected more openness from the new direction of Microsoft than this indicates. In most of the places I've heard of LiveShare and Remote it is discussed in the context of the larger open source efforts of Microsoft. And it really isn't part of that. Specifically on things like open source-focused podcasts and such. That's how I've come across it. I think the distinction of what parts are proprietary and what parts are open will pass most developers by while they happily think they are working with open source tools.
This is indeed about two plugins not being open source, as well as the marketplace for extensions which is dominated by open source work also being limited to Visual Studio-products only. I find this disappointing and it makes me more skeptical than I was previously.
I think Microsoft can afford and would benefit from going further in an open direction with this. Its fine to not believe the same.
You definitely need to take responsibility and read the documentation for each extension that you decide to install. You may be surprised.
I would also disagree with the article and recommend that you disable telemetry, unless you specifically decide that you want that copy of VS Code and those extensions to send data. I understand the value of telemetry data, but I think that turning it on by default is unethical: software should not be written to automatically transmit data to remote systems without explicit user consent.
Not to mention illegal in the EU without explicit informed consent. Accept-by-default etc have been ruled illegal by courts many times.
If you think it's not good enough, you could raise an issue on the code repo. I've found them quite responsive there.
For a web site itself this is generally fine as it is a technical necessity and intended by the user... however stuff that is not necessary to fulfill the user intention such as any kind of tracking or telemetry is opt-in only.
And yes this was and is the explicit intention why the GDPR was passed in the first place: get rid of involuntary tracking, telemetry and other data thefts.
If processing IPs always required consent, every website, app, and operating system would have to come with a cookie banner. Instead, processing IPs falls under the "required to make things work" banner. I'm sure VSCode processes your IP address for many things such as installing extensions and updates and nobody is arguing they need consent for those.
This particular case is complicated since it's telemetry, however, they are gathering non-identifying data.
I suspect this is currently a grey area of the GDPR which would take a lot of money and lawyer time to work out. In the meantime, MS (and many others) are taking the point of view that this non-identifying data gathering is important for the work of making the software better and therefore doesn't require consent. Personally, that seems reasonable. None of my actual identifying data is being collected, so this matches the spirit of the law at least, if not the letter.
Or, you know, they could just not do data collection or limit to reasonable amounts? The way stuff used to be before ubiquitous broadband connections? As the GDPR intended?
> Instead, processing IPs falls under the "required to make things work" banner. I'm sure VSCode processes your IP address for many things such as installing extensions and updates and nobody is arguing they need consent for those.
Because installing updates is something the user wants and needs (and is recommended by international IT security standard). But telemetry is not something the user wants or needs and the software works fine without the data, therefore it should be opt-in only.
The problem: Microsoft formally has the Ireland subsidiary listed for data processing (as many US tech companies do), and the Irish DPO is notorious for being slow and lax. It will take years for courts to decide on that matter.
Even if they dismiss it, it might help matters for lawyers at a later date - as in, they can point to the issue that was opened and say, you cannot deny being aware of this issue because you dismissed people's concerns previously.
But no, last time this was mentioned, it was downvoted to oblivion. "But, you see, they put the intellicode C++ extension in Github, so it must be opensource!"
Wrong. They are just using Github to distribute binaries. If you download the vsix file from either github or the vscode extension repos, you will find a 10MB binary called cpptools that was not there in the source tarball. The extension does nothing without it.
I've seen people try a similar maneuver when discussing Pocket. If you point out that the reported plans/expected outcome of Pocket being made open source have never come to fruition, even though it's now been 3 and a half years since Mozilla Corp acquired them, there's a certain type of person who will do a cursory search and point to the Pocket org on GitHub in an attempt to score some points and say you're wrong...
... without ever actually checking that the code in question is even there.
"The extension has platform-specific binary dependencies, therefore installation via the Marketplace requires an Internet connection in order to download additional dependencies. If you are working on a computer that does not have access to the Internet or is behind a strict firewall, you may need to use our platform-specific packages and install them by running VS Code's "Install from VSIX..." command. These "offline' packages are available at: https://github.com/Microsoft/vscode-cpptools/releases."
It is the hidden cpptools binary which has no source that is the problem. And that one is not that well announced. So lot of people think the extension is opensource when the important bits are not.
Anybody knows what that binary does?
Unless somebody needs to change how the C++ sources are processed, doesn't its mere presence allow the extension to function? I.e. if you modify the source of the extension, wouldn't that modified extension still function with the unchanged binary?
I fail to see, from the perspective of some user of VS Code: what are the issues of not having the sources for the binary that does C++ parsing?
It seems to me comparable to not having a source of Google, but being able to make as many queries as you want (Google wouldn't even allow you that, by default).
> It seems to me comparable to not having a source of Google, but being able to make as many queries as you want
This analogy does not work at all. This is a local component and there are no online services whatsoever involved.
And it is...? It's a completely honest question, I really like to know what you'd want to achieve and modify but is hidden from you for being in that binary. I'm not interested in the "benefits of open source" but in the specific use cases.
I surely agree that you are limited to the platforms MS is building that binary for, but if you are already using the platform for which they provide the binary, what would you like to change but you can't since it is in the binary and not in the rest of the extension for which there is existing source?
I'm asking as somebody whose job was for many years actually implementing these kinds of software (parsers, compilers, real time parsers for help during editing, etc.). I am really interested in specific use cases, to know if working on the development of some alternative could be justified.
At the point I was using Qt Creator which had two C++ parsers: a custom one which was very fast but not keeping up with the times and (optionally) a clang-based one. I was using the "custom" parser because it would take 2 minutes to scan a small 10MLOC codebase where the clang one would take almost a day (and still takes multiple hours, and so does the Eclipse CDT parser and others).
That small custom parser would choke on structured binding declarations, and it would recover in the most terrible way possible as it would skip entire functions. Thereby I was starting to lose autocomplete on huge chunks of the codebase.
Now, I have quite a bit of experience on parsers, so it was trivial for me (one weekend) to change the QtCreator one to handle these declarations like (a series of) auto declarations (which it did not do that well, but it was workable). I was able to get another 2 years out of QtCreator with that fix. By then I didn't care.
But this is just my particular example.
I really don't understand why usecases for an opensource IDE would be surprising, specially since this is _developers_ we are talking about, the most likely group of people to feel comfortable editing the IDE to their liking.
Why would we expect them to open-source a completely different project just because they're adding support for a new editor?
As for the marketplace, most extensions link to their github repositories, from where you can download and install the extensions. The marketplace itself is mostly a convenience thing.
Remote plugin, terminal, marketplace are less valuable in an engineering sense than the actual editor itself.
Monaco, Monarch & LSP are projects that are directly or tangentially related to the VSCode project are they are MIT licensed and have astounding capability. Have a look at the editor API for Monaco - its extremely well engineered.
I for one am extremely thankful that these projects are open source because those are they genuinely impressive bits of engineering from VSCode.
I don’t think LiveShare is a top-10 feature of vscode. It’s one of the better unique features but that’s something else.
It's worth noting you can easily switch vscodium back to using the official extension marketplace by changing the product.json file as noted here: https://github.com/VSCodium/vscodium/blob/master/DOCS.md#ext...
They note the legality of this is dubious. I'm no lawyer so I can't say I understand the intricacies of this, but as far as I can tell, it's merely against the TOS of the marketplace. At worst, I imagine Microsoft would just lock the marketplace down and prevent vscodium accessing it in the future, if they see it as a big enough problem.
Yeah, so? I'll still use it. And those "compelling features" were only added in the last year or so. VSCode became immensily popular sereval years before they landed.
Plus, if somebody likes, they can create the same functionality as open source extensions upon the open source VSC core.
Microsoft also has to create something to differentiate themselves, right? Or should it all be just free foss stuff?
The argument here feels akin to saying Linux is open source, but some applications available for Linux aren’t, so Linux is thus somehow not actually open source.
VSCode Live Share allows users to independently move. So, if you're pair programming and want to check something, you don't need to awkwardly ask to switch files.
Microsoft has a long history of giving things away for free in order to hamstring their competitors. Netscape is the prime example. MS is very good at developer tools. How can any commercial editor compete with the amount of resources they are putting into making VS Code and giving it away for free?
MS fundamentally needs their remote editing tools to support developing for Linux-based containers on Windows. Then they leverage it to debug containers running in the cloud from VS Code. But then they keep competitors from using the server side extensions. We need an open source server for this.
Anti-trust needs to look at more than the monetary cost to consumers. It should consider the long term health of the ecosystem.
Pretty sure AWS is more profitable and doesn't need any subsidy.
Also, the revelation that Visual Studio Code is not in fact as open source-y as it could be should come as a surprise to nobody
To be fair, this is a really complex feature to add, so it would be a serious commitment from JetBrains to build it.
LiveShare though doesn't convince me because there are existing ways of code sharing and collaboration that doesn't involve google doc style live sharing at all. In fact that pattern sounds a bit weird to me. I guess it enables pair programming if you really need it but it's completely useless to me. I use git+reviewboard to share my code and they work just fine.
That said, I do think the author's larger point stand. Microsoft's good will to be open source extends only to where it wishes and in this case it's a rather limited range. I believe in the spirit of sharing code and I think sharing more is better than sharing less, which is better than not sharing at all.
Just because of this I prefer open source projects from smaller developers that are built with labor of love, instead of from big corporate businesses that will eventually try to use you for any kind of profit.
Since topic is similar, I would like to recommend onivim 2  for who prefer vi bindings. It is almost out of alpha and in pretty usable stage. Currently they are integrating open-vsx. Project is open source with dual license and it is currently very cheap for who wants to support, or free to build from source to try.
They made a good product and if this is a way to fund improvements, I say it's a good thing.
I mean I love the extensions and everything but I’m probably gonna use this as motivation to learn vim.
They may never open it. Open source isn't magic pixie dust you sprinkle on software to make it better, but it does make for a weird experience to see them open some things and not others.
What about screen + vim|emacs ? That's how pair programing have been going for ages right ?
Teletype for Atom appears to be under an MIT license, and it seemed to work fine for me before I switched to VS Code (after M$ acquired Github and I figured Atom was doomed). https://github.com/atom/teletype
I guess they must have been former Emacs users.
> I read a piece of license that said that LiveShare could only be used with the Visual Studio family of products
VS Code implementation could be used to implement VIM because VIM can use language server infrastructure etc. IntelliJ would be a game changer for me but Microsoft OSS-ing their implementation would have 0 impact on this - IntelliJ uses their own language analysis infrastructure, FS, etc. and they shown no interest in using language server protocol.
Oh, well... let's revive LightTable, then :)
Also at least for firefox and chromium (but not chrome) you can look at the source.
If we're debating the OSS credentials of VSCode, it'll need to be based on the code already released (which makes it a pretty great OSS editor) and the current team of people the company has devoted to maintaining that OSS section of the product (also pretty great).
Arguing that there are some extensions that are closed source and that's bad is a bit weird, especially when we can just make an open sourced extension that does the same thing.