Awesome
Latest update 🗞️ (start here first 👇)
Vuln Cost is no longer being actively maintained. While you can continue to use this extension until it is officially deprecated, we recommend you install the official Snyk extension. This new extension provides all the functionality supported by Vuln Cost and enables you to find and fix issues in both your open source dependencies AND your custom code.
<p align="center"><a href="https://github.com/snyk/vulncost"><img src="https://raw.githubusercontent.com/snyk/vulncost/master/images/vuln_cost_logo_animated.gif" alt="Vuln Cost Animated Logo" height="60"/></a></p> <h1 align="center">Vuln Cost</h1> <p align="center">The world's easiest, Security Scanner for VS Code</p> <p align="center"> <a href="https://snyk.io/test/github/snyk/vulncost"><img src="https://snyk.io/test/github/snyk/vulncost/badge.svg"/></a> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img src="https://vsmarketplacebadge.apphb.com/installs-short/snyk-security.vscode-vuln-cost.svg"/></a> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img alt="Visual Studio Marketplace Version" src="https://img.shields.io/visual-studio-marketplace/v/snyk-security.vscode-vuln-cost?label=Marketplace&logo=visual-studio-code"></a> </p><br/><br/> <p align="center"> <a href="https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost"><img src="https://raw.githubusercontent.com/snyk/vulncost/master/images/vulncost.gif"/></a> </p>Vuln Cost - Security Scanner for VS Code
Getting started
Vulnerability scanning in VS Code
Find security vulnerabilities in open source packages while you code in JavaScript, TypeScript and HTML. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And most important, suggesting a fix if known vulnerabilities are found. If you like the extension, we’d love it if you could rate it.
🔒 Your code and manifest files never leave your machine. Snyk only needs the dependency name and version to test against our constantly updated vulnerability database.
Detect vulnerabilities in third-party open source packages automatically while you code.
-
Find security vulnerabilities in the npm packages you import: see the number of known vulnerabilities in your imported npm packages as soon as you require them!
-
See your project vulnerabilities inline, as you code: see feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.
-
Find security vulnerabilities in your JavaScript packages from well-known CDNs: Vuln Cost scans any HTML files in your projects and displays vulnerability information about the JavaScript packages you download from your favorite CDN.
-
See in-depth information about your vulnerabilities: access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.
Vuln Cost in JavaScript files:
Vuln Cost in HTML files:
CDN support
Vuln Cost scans HTML files and displays vulnerability information about the JavaScript packages you download from multiple CDN providers.