VSCodium – Free/Libre Open Source Software Binarie...

[eterevsky]

I'm not sure why I should trust VSCodium more than I trust Microsoft. There were supply chain attacks coming from open source community and none that I can think of coming from Microsoft.

[shp0ngle]

I mean, you can re-build it yourself, in docker

https://github.com/VSCodium/vscodium/blob/master/docs/build....

But I think you can also just build VSCode itself yourself. (But, I am not sure if that still doesn't have some non-free parts.)

https://github.com/Microsoft/vscode/wiki/How-to-Contribute#b...

[topspin]

> none that I can think of coming from Microsoft

Would a supply chain attack on Microsoft be worse than the damage Microsoft itself does? Actual data loss has occurred via Microsoft updates.

[tristan957]

Microsoft isn't using node modules from NPM?

[mekster]

Who has more resource?