Security scanner for VS Code
Vulnerability scanning in VS Code
Find security vulnerabilities in open source npm packages while you code. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And the best thing is, it’s FREE.
Detect vulnerabilities in third-party open source packages automatically while you code.
Find security vulnerabilities in the npm packages you import:
See the number of known vulnerabilities in your imported npm packages as soon as you require them!
See your project vulnerabilities inline,
as you code:
See feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.
Find security vulnerabilities in your JavaScript packages from well-known CDNs:
Vuln Cost scans any HTML files in your projects and displays vulnerability information about the JavaScript packages you download from your favorite CDN.
See in-depth information about your vulnerabilities:
Access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.
“Connecting the Vuln Cost plugin to a FREE Snyk account gives you even targeted and detailed information about the vulnerabilities you include in your projects.”
When you connect using a free Snyk account from the Vuln Cost extension we provide you with an even better experience, including more actionable information on the package you import.
A vulnerability severity level
Some vulnerabilities are more dangerous than others. With Snyk powering Vuln Cost we will instantly show you the severity levels of all your vulnerabilities.
Direct and indirect issues
Vuln Cost provides you a detailed overview of where the security issues exist in your project. This might be in a direct or a transitive dependency
Remediation advice
Where possible we provide you with package upgrade advice to the closest version containing a fix for your vulnerabilities.