Skip to content

Declare capabilities.untrustedWorkspaces and capabilities.virtualWorkspaces in package.json #1939

Description

@chirag127

Description

The extension's packages/databricks-vscode/package.json does not declare a top-level capabilities object. As a result, neither untrustedWorkspaces nor virtualWorkspaces support is declared, and VS Code has to fall back to its defaults:

  • Workspace Trust: Without capabilities.untrustedWorkspaces, VS Code treats the extension as "trust required" and disables it by default in Restricted Mode, but there is no explicit description shown to the user explaining why the extension needs trust (e.g. "connects to remote Databricks workspaces, runs code on clusters, downloads and executes the Databricks CLI binary"). Many users end up with the Databricks side panel silently unavailable in Restricted Mode with no actionable hint.
  • Virtual Workspaces: Without capabilities.virtualWorkspaces, VS Code shows a generic "This extension has not been tested in virtual workspaces" warning when the extension is enabled against a virtual filesystem (GitHub Repos, GitHub Codespaces web editor, remote FS providers). The correct declaration here is almost certainly false with a short reason string, because the extension executes a local databricks CLI binary and syncs files against a real filesystem.

Rationale

Declaring these capabilities is a low-risk, additive change that:

  1. Gives users a clear reason banner in Restricted Mode instead of a silent no-op.
  2. Removes the untested-virtual-workspace warning by declaring the (accurate) false status with a reason.
  3. Follows the VS Code extension guidelines: https://code.visualstudio.com/api/extension-guides/workspace-trust and https://code.visualstudio.com/api/extension-guides/virtual-workspaces

Suggested shape

"capabilities": {
  "untrustedWorkspaces": {
    "supported": false,
    "description": "The Databricks extension executes the Databricks CLI binary and syncs local files to a remote workspace, so it must run in a trusted workspace."
  },
  "virtualWorkspaces": {
    "supported": false,
    "description": "The Databricks extension needs local filesystem access to sync bundle files and to invoke the Databricks CLI, which is not available in virtual workspaces."
  }
}

(Wording is a suggestion; the maintainers know the exact scope better.)

Verification

Checked packages/databricks-vscode/package.json on main (commit 133c453, 2026-06-26) via the GitHub Contents API — no capabilities key present.

Filed via automated audit.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions