Security: Skip config resolution in untrusted workspaces (#3972)

* Fix untrusted workspace config resolution executing JS config files

Prettier's resolveConfigFile/resolveConfig can require()/import()
JavaScript config files (.prettierrc.js, prettier.config.js, etc.),
allowing arbitrary code execution even when workspace trust restricted
module resolution to the bundled Prettier. Add a workspace.isTrusted
guard in resolveConfig() to skip config resolution entirely in
untrusted workspaces, returning null (Prettier defaults).

Reported by Hector Ruiz Ruiz.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Honor requireConfig in untrusted workspaces

When requireConfig is true and the workspace is untrusted, return
"disabled" instead of null so formatting is correctly skipped rather
than proceeding with VS Code defaults.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: ntotten

CHANGELOG.md

@@ -6,6 +6,8 @@ All notable changes to the "prettier-vscode" extension will be documented in thi
 
 ## [Unreleased]
 
+- **Security**: Fixed config resolution in untrusted workspaces to prevent JavaScript config files (`.prettierrc.js`, `prettier.config.js`, etc.) from being executed. Previously, even when workspace trust was enforced for module resolution, Prettier's config resolution could still `require()`/`import()` JS config files, allowing arbitrary code execution. Reported by Hector Ruiz Ruiz.
+
 ## [12.3.0]
 
 - Watch `.prettierignore` for changes to invalidate cache (#3942)

src/ModuleResolverNode.ts

@@ -15,6 +15,7 @@ import {
   INVALID_PRETTIER_CONFIG,
   INVALID_PRETTIER_PATH_MESSAGE,
   OUTDATED_PRETTIER_VERSION_MESSAGE,
+  UNTRUSTED_WORKSPACE_SKIPPING_CONFIG,
   UNTRUSTED_WORKSPACE_USING_BUNDLED_PRETTIER,
   USING_BUNDLED_PRETTIER,
 } from "./message.js";
@@ -402,6 +403,18 @@ export class ModuleResolver implements ModuleResolverInterface {
     fileName: string,
     vscodeConfig: PrettierVSCodeConfig,
   ): Promise<"error" | "disabled" | PrettierOptions | null> {
+    // In untrusted workspaces, skip config resolution entirely.
+    // Prettier's resolveConfigFile/resolveConfig can execute JS config files
+    // (.prettierrc.js, prettier.config.js, etc.) which would allow arbitrary
+    // code execution.
+    if (!workspace.isTrusted) {
+      this.loggingService.logDebug(UNTRUSTED_WORKSPACE_SKIPPING_CONFIG);
+      if (vscodeConfig.requireConfig) {
+        return "disabled";
+      }
+      return null;
+    }
+
     let configPath: string | undefined;
     try {
       configPath =

src/message.ts

@@ -13,3 +13,5 @@ export const EXTENSION_DISABLED =
   "Extension is disabled. No formatters will be registered. To enable, change the `prettier.enable` to `true` and restart VS Code.";
 export const UNTRUSTED_WORKSPACE_USING_BUNDLED_PRETTIER =
   "This workspace is not trusted. Using the bundled version of prettier.";
+export const UNTRUSTED_WORKSPACE_SKIPPING_CONFIG =
+  "Skipping Prettier config resolution in untrusted workspace. Config files are not loaded for security.";