ErrorNotes

Fix "This extension is disabled in this workspace because it is not trusted" in VS Code

beginner๐Ÿ’ป VS Code2026-05-14| Visual Studio Code 1.57+ on Windows, macOS, and Linux

Error Message

This extension is disabled in this workspace because it is not trusted
#workspace#trust#security#vscode#extension

TL;DR

Open the Command Palette (Ctrl+Shift+P / Cmd+Shift+P), run Workspaces: Manage Workspace Trust, then click Trust. Extensions re-enable immediately โ€” no restart needed.

What's happening

VS Code 1.57 shipped a security feature called Workspace Trust. When you open a folder from an unknown source โ€” a cloned repo, a downloaded zip, a network share โ€” VS Code drops into Restricted Mode and disables extensions that can execute arbitrary code.

The reason is real: a malicious .vscode/settings.json or task config could run commands on your machine the moment you open the project. Workspace Trust blocks that by default.

You'll see this in the Extensions panel next to each affected extension:

This extension is disabled in this workspace because it is not trusted

There's also a banner at the top of the panel:

Restricted Mode is intended for safe code browsing. Some features are disabled.

Fix 1 โ€” Trust the current workspace (recommended)

Use this when it's your own code, or code you've already reviewed.

  • Hit Ctrl+Shift+P (Windows/Linux) or Cmd+Shift+P (macOS) to open the Command Palette.
  • Type Manage Workspace Trust and select it.
  • Click Trust Workspace & Reload โ€” or just Trust if VS Code doesn't ask for a reload.

Prefer the mouse? Click the shield icon in the bottom-left status bar, then select Trust.

VS Code writes this decision to your user profile. Next time you open the same folder, it won't ask again.

Fix 2 โ€” Trust a parent folder

Got a ~/projects directory where you keep all your repos? Trust the whole thing at once instead of clicking through for every new clone.

  • Open Manage Workspace Trust from the Command Palette.
  • Scroll down to Trusted Folders & Workspaces.
  • Click Add Folder and pick your parent directory (e.g., /home/yourname/projects or C:\Users\you\dev).

Every subfolder under that path is now trusted automatically. You won't see the Restricted Mode banner again for any project inside it.

Fix 3 โ€” Disable Workspace Trust entirely

On a locked-down corporate machine where all repos come through an internal Git server? The feature adds friction without much benefit.

Add this line to your User Settings (settings.json):

{
  "security.workspace.trust.enabled": false
}

Or go to File โ†’ Preferences โ†’ Settings, search workspace trust, and uncheck Security > Workspace Trust: Enabled.

Heads up: This kills the protection for every folder you open. Don't do it if you regularly open code from strangers on the internet โ€” that's exactly the scenario this feature was built for.

Fix 4 โ€” Suppress the startup prompt via workspace config

Running a shared team project? You can cut the nag on first open without auto-trusting the workspace. Add this to .vscode/settings.json and commit it:

{
  "security.workspace.trust.startupPrompt": "never"
}

Each developer still has to trust manually on their first open. The dialog just won't appear automatically. That's intentional โ€” trust should be a conscious decision, not a CI side effect.

Verify the fix worked

  • Open the Extensions panel (Ctrl+Shift+X). Previously disabled extensions should now show as active.
  • Check the status bar โ€” the shield icon disappears (or switches to a checkmark) once you leave Restricted Mode.
  • Trigger something from a formerly-blocked extension: run ESLint on a file, format with Prettier, or hover over a symbol in Pylance. If it responds, you're good.

Why some extensions are blocked and others aren't

Not every extension cares about Workspace Trust. Each one declares its stance in package.json:

  • "untrustedWorkspaces": { "supported": true } โ€” runs fine in Restricted Mode.
  • "untrustedWorkspaces": { "supported": false } โ€” fully disabled until trusted.
  • "untrustedWorkspaces": { "supported": "limited" } โ€” partial functionality only.

ESLint, Pylance, and most language servers fall into the second category. They execute workspace-level configs, so VS Code blocks them by design. Themes, icon packs, and keymaps? Those are read-only โ€” they stay enabled regardless.

Manage your trusted workspaces list

Trusted a folder by mistake, or want to clean up old entries? Here's how to revoke access:

  • Open Manage Workspace Trust.
  • Scroll to Trusted Folders & Workspaces.
  • Hit the trash icon next to any entry.

VS Code stores all trust data in a single file in your user profile:

  • Windows: %APPDATA%\Code\User\globalStorage\storage.json
  • macOS: ~/Library/Application Support/Code/User/globalStorage/storage.json
  • Linux: ~/.config/Code/User/globalStorage/storage.json

Related Error Notes

Fix VS Code "Error: XHR failed" When Installing or Searching Extensions

Error: XHR failed

Fixing the 'OmniSharp Server Failed to Start' Error in VS Code

OmniSharp server failed to start. View the OmniSharp log for details.

Fix: 'Cannot connect to the Docker daemon' in VS Code Dev Containers

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?