ADR-VSC03.2: Real-World Survey Addendum (VS Code as a UI/UX Platform)¶

This addendum supplements ADR-VSC03 and ADR-VSC03.1 with a quick survey of real-world systems that already solve “Python ↔ TypeScript” (or “backend ↔ extension host”) boundaries in the VS Code ecosystem, and extracts patterns we can reuse in TNH-Scholar.

Scope¶

We focus on cases where:

A TypeScript extension coordinates UI/UX inside VS Code.
A Python runtime (or other non-TS runtime) performs “domain work” (analysis, parsing, execution, indexing, etc.).
The boundary is crossed via typed messages, versioned schemas, and/or standardized protocols.
The system is credible enough to treat as “precedent” (core VS Code docs, Microsoft repos, long-lived extensions, or well-known protocols).

Key precedent: VS Code is a “protocol platform”¶

VS Code’s extension system is intentionally built around stable interfaces and protocols:

Many core features are themselves shipped as extensions using the same Extension API surface area third parties use. citeturn2search13
For “non-trivial” features, VS Code encourages you to separate concerns into:
UI/UX (TypeScript extension + Webviews / Notebook renderers), and
Language/runtime services (often out-of-process) connected by stable protocols.

This framing strongly supports the direction already emerging in ADR-VSC03.1: treat the Python↔TS boundary as a versioned protocol first, then select transports (CLI/stdio, HTTP, LSP, MCP) as implementation details.

Case study A: Language Server Protocol (LSP) as the canonical “split brain”¶

What it is¶

VS Code formalizes the “thin client / smart server” model with LSP:

A Language Server is a special kind of VS Code extension that powers editing experiences (diagnostics, completion, definitions, etc.). citeturn2search2
In practice, the client and server communicate using JSON-RPC (and a documented message set), enabling cross-language implementations (server can be written in Python, Rust, Go, etc.). citeturn2search12turn2search2

Why this matters to TNH-Scholar¶

LSP demonstrates a battle-tested architecture for: - Strongly typed messages at the boundary (schema-first mindset) - Progressive capability growth (feature negotiation, optional features) - Non-UI components living outside the extension host

Extractable pattern¶

Treat “domain actions” as request/response tools with explicit schemas.
Use a versioned message protocol with forward/backward compatibility rules.
Keep the extension host “thin”: orchestration + UX, not heavy computation.

Case study B: Debug Adapter Protocol (DAP) as “tools over JSON + schema”¶

DAP standardizes communication between an IDE/editor and debuggers/runtimes:

DAP is explicitly defined as the protocol between a development tool and a debugger/runtime. citeturn0search1turn0search19
The DAP spec includes a machine-readable JSON schema and publishes change history. citeturn0search19

Why it matters: DAP is a “north star” example of: - Versioned protocol + schema + interoperability - Separation between VS Code UI and external runtime implementations

Extractable pattern: If TNH-Scholar grows rich interactive tooling (timeline stepping, provenance inspection, annotation workflows), a DAP-like discipline (schema + change history) is a proven way to keep evolution safe.

Case study C: VS Code Webviews as a deliberate security boundary¶

Webviews are how serious “app-like UI” is built inside VS Code:

Webviews can send messages back to the extension using a VS Code API object (postMessage). citeturn0search2turn1search16
Webview content is isolated from the main VS Code process/editor DOM, reducing harm from arbitrary HTML. citeturn0search16

Security notes (important for TNH-Scholar)¶

Webviews are historically a source of security risk when misconfigured. Trail of Bits describes how message passing and webview isolation can still be involved in extension escape vulnerabilities. citeturn0search8

Extractable pattern for ADR-VSC03: - Treat Webview ↔ Extension messages as untrusted inputs: - validate against schemas, - reject unknown fields / versions, - require explicit capability negotiation, - apply strict CSP (content security policy) defaults.

This aligns with a “protocol-first” approach and reinforces schema validation as a security feature, not just a developer-experience feature.

Case study D: The Jupyter ecosystem (Notebook protocol + VS Code Jupyter extension)¶

Jupyter as precedent¶

Jupyter is the canonical Python↔JS split system: a kernel speaks a message protocol; the UI renders it.

VS Code Jupyter extension as precedent¶

Microsoft maintains the VS Code Jupyter extension as a full VS Code extension project:

The repo describes it as an extension providing notebook support for kernels (including Python environments) — it is not itself the kernel; it relies on an external Python environment with Jupyter installed. citeturn0search10
VS Code’s Notebook API enables notebook execution and rich renderers inside VS Code. citeturn0search14

Extractable pattern: - VS Code acts as the “shell” UI; Python remains authoritative for execution. - The boundary is stable because it is message-based and extensible. - UX richness is achieved by a “renderer”/webview-like approach, while execution remains external.

Case study E: “VS Code as an app” — Dendron (PKM in VS Code)¶

Dendron is an open-source, markdown-based personal knowledge management tool built as a VS Code extension. citeturn1search6

Its internal docs explicitly discuss developing and testing webviews integrated into VS Code (bundled UI views, then loaded in extension development mode). citeturn1search0

Why it matters: Dendron is evidence that VS Code can host “app-grade” workflows that: - are not primarily about coding, - have their own UX surfaces, commands, navigation, and views, - and can still feel coherent inside the editor.

Extractable pattern: Treat TNH-Scholar’s UX as a set of views + commands + documents, not as a monolithic app.

Case study F: VS Code for the Web (vscode.dev, github.dev) changes constraints¶

VS Code can run in the browser:

VS Code for the Web is a free, zero-install experience at vscode.dev. citeturn2search4
github.dev is a lightweight web-based editor embedded in GitHub’s UI. citeturn2search1turn2search17
In the browser, extensions run in a “web extension host” and must meet different constraints than Node-based desktop extensions. citeturn2search7turn2search0

Implications for ADR-VSC03: - If TNH-Scholar wants “web-first” access later, the boundary discipline (schema + strict messaging + capability detection) becomes more important, not less. - A Python backend may need to be remote (Codespaces, server, local companion) depending on the deployment mode.

Case study G: Model Context Protocol (MCP) as a modern “tool boundary”¶

VS Code documentation now supports using MCP servers:

VS Code can act as an MCP client, connecting to MCP servers that expose tools via a defined message format (tool discovery, invocation, responses). citeturn2search3
VS Code also documents how to build MCP servers for VS Code and other MCP clients. citeturn2search6

Why it matters: MCP is a direct precedent for TNH-Scholar’s “domain tools” model: - it normalizes the concept of “the editor calls tools on behalf of an AI/system,” - and it makes tool schemas and invocation flows first-class.

Extractable pattern: If TNH-Scholar becomes an AI-assisted research environment, MCP is an ecosystem-aligned way to expose “TNH tools” safely, with a standard discovery and invocation surface.

Synthesis: Patterns that repeat across successful systems¶

Across LSP, DAP, Jupyter, Webviews, and MCP, the same core ideas recur:

Protocol-first boundaries
Define schemas/messages first; treat transport as secondary.
Strict versioning + change history
DAP publishes a change history and JSON schema; similar discipline is beneficial for TNH-Scholar. citeturn0search19
Thin extension host
UI orchestration in TS; heavy work out-of-process.
Schema validation as security
Especially for webview messaging. citeturn0search8turn0search2
Multiple execution modes
Desktop vs web changes what you can run locally. citeturn2search0turn2search7

These reinforce the direction in ADR-VSC03.1: “Python-first data model ownership + generated TypeScript types + explicit protocol versioning” is consistent with how the VS Code ecosystem succeeds at scale.

Concrete “further research” targets (sources we may not fully access here)¶

These are suggested follow-ups to deepen evidence:

Deep dives into major extension architectures
Microsoft repos (beyond Jupyter): Python extension, Remote-SSH, GitHub PRs, etc.
Conference talks / maintainer writeups (often on YouTube or blog posts).
Protocol governance practices
How DAP, LSP, and Jupyter manage spec evolution (e.g., breaking change policies).
VS Code Web constraints & migration strategies
Case studies of extensions that support both desktop and web extension hosts.
Security best practices
Additional security research on VS Code extension escape vectors and mitigations beyond Trail of Bits. citeturn0search8
VS Code “product framework” experiments
Emerging projects embedding VS Code for the Web as a component (industry blog posts, OSS projects).
Marketplace / ecosystem fragmentation
If TNH-Scholar considers forks (Cursor-like) or alternative marketplaces, research compatibility and distribution constraints.

Recommended updates to ADR-VSC03 / ADR-VSC03.1¶

If you want to fold this survey into your existing ADRs, the smallest high-value edits are:

Add a “Protocol platform precedents” section citing LSP, DAP, and MCP as strong evidence for a protocol-first boundary.
Add a “Webview security posture” subsection: schema validation + CSP + untrusted-message assumptions.
Add a “Web / remote execution constraints” subsection to future-proof design decisions.