Zed Moves Toward Secure-by-Default: Introducing Worktree Trust

Zed has introduced a worktree trust mechanism in its preview release v0.218.2-pre to enhance developer and supply chain security by adopting secure-by-default principles. This mechanism ensures that Zed does not automatically download or execute language servers or Model Context Protocol (MCP) servers configured in project settings without user consent, thereby protecting against potential malicious content. Triggered by recent vulnerability reports indicating that Zed was executing potentially harmful code without user knowledge, the update includes a Restricted Mode that requires user approval before proceeding with potentially risky actions. This approach shifts the initial security burden from the user to the software, aligning with the secure-by-default design principle. Users can manually trust projects, and trust decisions are remembered across sessions, though an option exists to automatically trust all worktrees, which should be used with caution. The update aims to balance security with user experience, ensuring that Zed remains secure while minimizing workflow disruptions.