I build developer tools and services at Microsoft (currently Codespaces, Live Share, IntelliCode) and maintain some OSS projects (CodeTour, GistPad, CodeSwing, WikiLens)
The VS Code extension itself is written in TypeScript, but the bulk of the “smarts” behind Live Share is written in .NET Core, which allows us to share most of the client-side logic between VS and VS Code.
On the server-side, we use ASP.NET Core and Cosmos DB for authentication, and the ability to create and join sessions. When a dev tries to join your session, we attempt to connect you directly (P2P), and if that isn’t possible (e.g. due to proxy restrictions), then we create an Azure Relay connection and use that as the means of communication. However, in each case (direct or relay), all communication happens over an SSH connection that is encrypted end-to-end. As a result, no code or activity is ever stored on our servers or accessible by anyone besides participants within the collaboration session.
Are all extensions using the encrypted connection? I'm thinking about the audio call or other that might actually include private company info, not just the code.
I build developer tools and services at Microsoft (currently Codespaces, Live Share, IntelliCode) and maintain some OSS projects (CodeTour, GistPad, CodeSwing, WikiLens)
Yep! Since all extensions build on top of our SDK, they communicate over the exact same secure connection that Live Share users for its “core” capabilities (e.g. terminals, files).
The VS Code extension itself is written in TypeScript, but the bulk of the “smarts” behind Live Share is written in .NET Core, which allows us to share most of the client-side logic between VS and VS Code.
On the server-side, we use ASP.NET Core and Cosmos DB for authentication, and the ability to create and join sessions. When a dev tries to join your session, we attempt to connect you directly (P2P), and if that isn’t possible (e.g. due to proxy restrictions), then we create an Azure Relay connection and use that as the means of communication. However, in each case (direct or relay), all communication happens over an SSH connection that is encrypted end-to-end. As a result, no code or activity is ever stored on our servers or accessible by anyone besides participants within the collaboration session.
Are all extensions using the encrypted connection? I'm thinking about the audio call or other that might actually include private company info, not just the code.
Thank you for the great answers!
Yep! Since all extensions build on top of our SDK, they communicate over the exact same secure connection that Live Share users for its “core” capabilities (e.g. terminals, files).
Thank you! That's great to know!