Project security

Open a project from unknown sources

When you open any project, IntelliJ IDEA immediately lets you decide how to handle a project that contains unfamiliar source code.

Every time you open a project for the first time, the IDE shows the Trust Project dialog. This helps to ensure that the project is safe to perform the following actions:

You can select one of the following actions:

• Preview in Safe Mode: in this case, IntelliJ IDEA opens the project in Safe Mode, meaning you can browse the project's sources, but there are restrictions in executing code, performing build-related activities, and running scripts.

  For more information about Safe Mode preview limitations, refer to Safe mode preview limitations.

  IntelliJ IDEA notifies you about Safe Mode on top of the editor area. You can click the Trust project link and load your project at any time.

• Trust Project: in this case, IntelliJ IDEA opens and initializes the project, resolves project plugins, adds dependencies, and enables all IntelliJ IDEA features.

• Don't Open: in this case, IntelliJ IDEA cancels the action.

Safe mode preview limitations

If you open a project in Safe Mode, the following limitations will apply:

• The Gradle, Maven, or sbt import: for a project that contains any build tool, the importing process is disabled. So, no build scripts are executed and no dependencies are resolved.

• Startup tasks: any scripts or tasks that are executed during the opening process are disabled.

• VCS support: VCS support is fully disabled.

• GDSL scripts: any Groovy DSL scripts will not be executed.

• File Watcher scripts will not wake up and run corresponding tools.

Trusted locations

You can configure what sources IntelliJ IDEA should consider safe and load such projects automatically during the opening process.

You can add your home directory to the trusted locations to disable IntelliJ IDEA's warnings about untrusted projects.