Home

Awesome

Latest update 🗞️ (start here first 👇)

Vuln Cost is no longer being actively maintained. While you can continue to use this extension until it is officially deprecated, we recommend you install the official Snyk extension. This new extension provides all the functionality supported by Vuln Cost and enables you to find and fix issues in both your open source dependencies AND your custom code.

<p align="center"><a href="https://github.com/snyk/vulncost"><img src="https://raw.githubusercontent.com/snyk/vulncost/master/images/vuln_cost_logo_animated.gif" alt="Vuln Cost Animated Logo" height="60"/></a></p> <h1 align="center">Vuln Cost</h1> <p align="center">The world's easiest, Security Scanner for VS Code</p> <p align="center"> <a href="https://snyk.io/test/github/snyk/vulncost"><img src="https://snyk.io/test/github/snyk/vulncost/badge.svg"/></a> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img src="https://vsmarketplacebadge.apphb.com/installs-short/snyk-security.vscode-vuln-cost.svg"/></a> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img alt="Visual Studio Marketplace Version" src="https://img.shields.io/visual-studio-marketplace/v/snyk-security.vscode-vuln-cost?label=Marketplace&logo=visual-studio-code"></a> </p><br/><br/> <p align="center"> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img src="https://raw.githubusercontent.com/snyk/vulncost/master/images/vulncost.gif"/></a> </p>

Vuln Cost - Security Scanner for VS Code

Getting started

Vulnerability scanning in VS Code

Find security vulnerabilities in open source packages while you code in JavaScript, TypeScript and HTML. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And most important, suggesting a fix if known vulnerabilities are found. If you like the extension, we’d love it if you could rate it.

🔒 Your code and manifest files never leave your machine. Snyk only needs the dependency name and version to test against our constantly updated vulnerability database.

Detect vulnerabilities in third-party open source packages automatically while you code.

Vuln Cost in JavaScript files:

Vuln Cost in JS files

Vuln Cost in HTML files:

Vuln Cost in HTML files

CDN support

Vuln Cost scans HTML files and displays vulnerability information about the JavaScript packages you download from multiple CDN providers.

Currently supported CDN's