Zed is a modern open-source code editor, built from the ground up in Rust with a GPU-accelerated renderer.

  • priapus@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    2
    ·
    4 months ago

    Because people can make make mistakes…

    Loads of important projects have had vulnerabilities that showed up through minor mistakes and oversights. I agree that this shouldn’t happen, but it did. I’d still prefer this project to a closed source editor/IDE and even VSCodes method of having a store full of plugins, many of which are closed source and unverified. The project is in alpha, mistakes and problems are expected. This was obviously an oversight, and after being pointed out, it is being addressed.

    Can you elaborate on questionable sources? All the sources I saw were the official sources of the binaries they wanted to download.

    • Fonzie!@ttrpg.network
      link
      fedilink
      arrow-up
      6
      arrow-down
      2
      ·
      4 months ago

      Deliberately making your program download unsigned binaries from questionable sources is more of a bad design than an oopsie in my book

      • priapus@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        4 months ago

        Again, the binaries aren’t from questionable sources. From what I can tell they all come from the official source. The problem is them being unsigned, which is a simple oversight that can be made when something is being written by someone who is not security minded. It is alpha software and this is already actively being discussed.