Vscode-powershell: PS extension sets execution policy?

Created on 6 Jan 2020  路  5Comments  路  Source: PowerShell/vscode-powershell

I've been hitting an issue where I couldn't debug scripts because, even though my execution policy was set machine-wide to Bypass, my integrated console was reporting RemoteSigned.

It looks like this is set here but I'm not sure why. Shouldn't we just inherit the right execution policy?

Area-Startup Issue-Bug
Source
picture rjmholt

Most helpful comment

I was just having a similar thought! I鈥檒l keep plugging on this

picture rjmholt on 21 Feb 2020
🎉1 👍1

All 5 comments

We already start with Bypass so I don't really see why we need this. We should get rid of that code.

TylerLeonhardt picture TylerLeonhardt on 8 Jan 2020

The integrated terminal should follow the machine settings, it's frustrating having to set the policy each time. New (powershell) terminals created do use the correct execution settings, no reason for the integrated one to be different.

IainM-NZ picture IainM-NZ on 21 Feb 2020

Ok I've played with this a bit now. It's not trivial.

When we start PSES, we're forced to run it with execution policy Bypass to be able to load the modules that users depend on as part of their experience. That means we can't simply inherit the execution policy, since it's been overridden.

So the remaining solution is to remember the initial execution policy and transmit that. The problem there is that the starting process is node, rather than PowerShell, meaning we'd need to start another PowerShell process to discover the execution policy, leading to greater startup time cost.

Increasing startup time is something I'm fairly reluctant to do, since it's already a pain point. But I'm not sure what other avenues are available to us to fix this.

rjmholt picture rjmholt on 21 Feb 2020

So the remaining solution is to remember the initial execution policy and transmit that. The problem there is that the starting process is node, rather than PowerShell, meaning we'd need to start another PowerShell process to discover the execution policy, leading to greater startup time cost.

You can query the other scopes in the same process, so running something like below before we run profiles could work.

$userPolicy = Get-ExecutionPolicy -Scope User
if ($userPolicy -ne [Microsoft.PowerShell.ExecutionPolicy]::Undefined) {
    Set-ExecutionPolicy -Scope Process -ExecutionPolicy $userPolicy -Force
    return
}

$machinePolicy = Get-ExecutionPolicy -Scope Machine
Set-ExecutionPolicy -Scope Process -ExecutionPolicy $machinePolicy -Force

Does really make me wish setting it to Undefined wasn't a no-op though...

Anyway, still not free, but cheaper than starting another process.

SeeminglyScience picture SeeminglyScience on 21 Feb 2020
👍1

I was just having a similar thought! I鈥檒l keep plugging on this

rjmholt picture rjmholt on 21 Feb 2020
🎉1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

MiYanni picture MiYanni  路  3Comments
bgelens picture bgelens  路  3Comments
AWahlqvist picture AWahlqvist  路  3Comments
itfranck picture itfranck  路  3Comments
nathan-alden-hp picture nathan-alden-hp  路  3Comments