We are making VS Code trusted types compliant (see microsoft/vscode#103699). This is to reduce potential XSS attacks and in essence about avoiding certain, dangerous DOM APIs, like assigning strings to innerHTML.
Searching for innerHTML makes me positive about this because not too many results show up. Low hanging/simple "fixes" are using innerText/textContent over innerHTML, see microsoft/vscode#106395 (comment) for more details
We are making VS Code trusted types compliant (see microsoft/vscode#103699). This is to reduce potential XSS attacks and in essence about avoiding certain, dangerous DOM APIs, like assigning strings to innerHTML.
Searching for
innerHTMLmakes me positive about this because not too many results show up. Low hanging/simple "fixes" are using innerText/textContent over innerHTML, see microsoft/vscode#106395 (comment) for more details