Project security
To prevent potential security risks, DataGrip lets you decide how to open a project if you're not sure about its source. DataGrip warns you about tasks or configurations that will be executed during the opening process and lets you configure sources that you can trust.
note
You can configure trusted locations to automatically load projects from particular directories.
When you open a project, DataGrip executes its build scripts during the loading process. These build scripts can contain arbitrary (potentially dangerous) code.
When you open any project, DataGrip immediately lets you decide how to handle a project that contains unfamiliar source code.
Every time you open a project for the first time, the IDE shows the Trust Project dialog. This helps to ensure that the project is safe to perform the following actions:
When you try to open a project from an unknown source for the first time, DataGrip displays a warning and lets you decide how to proceed.
You can select one of the following actions:
Preview in Safe Mode: in this case, DataGrip opens a project in a "preview mode" meaning you can browse the project's sources, but it might be unsafe to execute any tasks or goals, build, or run your project.
For more information about Safe Mode preview limitations, refer to Safe mode preview limitations.
DataGrip displays a notification on top of the editor area, and you can click the Trust project link and load your project at any time.
Trust Project: in this case, DataGrip opens and loads a project normally. That means build scripts are executed, project's plugins are resolved, dependencies are added, and so on.
Don't Open: in this case, DataGrip cancels the action.
tip
If you are cloning a Git repository to use it in your current project, click the Don't Open button and then attach the cloned directory to your project.
note
Select the <html>Trust all projects in <b>''{0}''</b> folder checkbox to trust the directory from which you are trying to open the project. Next time you open a project from that directory, it will be opened and loaded automatically.
If you open a project in Safe Mode, the following limitation will apply:
VCS support: VCS support is fully disabled.
You can configure what sources DataGrip should consider safe and load such projects automatically during the opening process.
You can add your home directory to the trusted locations to disable DataGrip's warnings about untrusted projects.
In the Settings dialog (CtrlAlt0S) , go to Tools | Build | Trusted Locations.
On the Trusted Locations settings page, specify the local directories that the IDE should trust. Click OK to save the changes.
The next time you open a project from one of those locations, DataGrip will implicitly trust it.
Thanks for your feedback!