Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not really, it installs even more plugins. Some of them are unnecessary. Ideally, every time you update or install a plugin, it must be reviewed. I just don't wanna deal with it and trust plugin developers.

I already got bitten by an infected Python library (that used to be legit). I treat plugins the same since they can be used in supply chain attacks.



You have to trust VS Code plugins too, along with trusting MS not using your code to improve their AI suggestions, or doing a sudden rug pull. All three happened if I remember correctly.

You can easily enable/disable plugins in LazyVim, and they are simple Lua Script/VIM scripts easy to review. I don't think VSCode would be that easy.

And even with more plugins, nvim/vim will be much more performant then VSCode.


I don't use VS Code, I'm using Zed with zero plugins or jetbrains IDEs with a vim plugin.

When I need to edit something on a server, I'm using Neovim with default config.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: