Avoid loading extensions when workspace is not trusted

[rschnekenbu]

With current implementation of the stubbed workspace trust (#10472), extensions are loaded regardless of their capabilities. The issue #12318 references all the parts of Theia that would require some work about workspace trust. The extensions are one part of this issue. As a quick and first solution, it may be interesting to avoid loading the extensions when the workspace is not trusted. The application may be for example stopped when trying to load extensions if the workspace is not trusted and the user does not want to trust it. The application could also not load all extensions if the workspace is not trusted. A second solution would be to take into account the capabilities described by each extension. The application would not load the extensions that would require a trusted workspace if current one is not trusted. This enablement of extensions would be changed when the trust situation of the workspace is changed, most likely reloading the application.

By default, trusted workspace handling should be activated in Theia IDE, but the user may want to disable this feature when required for workspace trust.

Links on Workspace trust in VS Code:

• https://code.visualstudio.com/api/extension-guides/workspace-trust
• https://code.visualstudio.com/docs/editor/workspace-trust

[tsmaeder]

Is this about plugins or VS Code extensions?

[rschnekenbu]

This is about VS Code extensions. They can provide some information about their behavior depending if the environment can be trusted or not. This is not yet supported in Theia.