Ally Guard

Ally Guard is a powerful Visual Studio Code extension designed to help developers and auditors scan their codebases for specific patterns using Regular Expressions.

Whether you are looking for security vulnerabilities (hardcoded secrets), ensuring Accessibility (ADA) compliance, or just tracking down TODO comments, this tool provides an interactive and persistent way to manage your scans.

Features

• 🔍 Workspace & File System Scanning: Scan your currently open workspace or browse to select any folder on your computer.

• 🛡️ Predefined Pattern Sets: Comes pre-loaded with useful patterns:

  • Security: Detects hardcoded passwords and potential API keys.

  • Accessibility (ADA): Checks for missing aria-labels, alt text on images, and missing tabindex on interactive elements.

• ✏️ Custom Pattern Management:

  • Create your own Regex patterns via the UI.

  • Edit and Delete custom patterns.

  • Patterns are saved globally and persist across VS Code restarts.

• 📊 Interactive Results:

  • View matches in a clean table format.

  • Click-to-Navigate: Clicking a result instantly opens the file and scrolls to the exact line.

• 💾 CSV Export: Export your scan findings to a .csv file for reporting or external analysis.

Installation

To install this extension from the .vsix file provided:

1. Open Visual Studio Code.

2. Go to the Extensions View (Click the square icon on the left sidebar or press Ctrl+Shift+X).

3. Click the "..." (Three Dots) menu at the top-right of the Extensions pane.

4. Select Install from VSIX...

5. Browse and select the AllyGuard-1.0.0.vsix file.

6. Click Install.

7. Reload VS Code if prompted.

How to Use

1. Open the Command Palette (Ctrl+Shift+P or Cmd+Shift+P).

2. Type and select Ally Guard: Open Scanner.

3. Select Patterns: Check the boxes for the patterns you want to search for.

4. Select Scope (Optional):

   • Default: Scans the entire open workspace (ignoring node_modules, .git, etc.).

   • Click Browse... to select a specific folder to scan.

5. Click Start Scan.

6. Review results in the table below or click Export CSV to save them.

Default Patterns Included

The extension comes with several built-in patterns, including:

• Hardcoded Password: Detects variables assigned string literals resembling passwords.

• API Key Placeholder: Detects potential API keys strings.

• ADA | Label without aria-label: Ensures <label> tags have accessibility attributes.

• ADA | Image without alt: Checks <img> tags for descriptions.

• Focus Management: Checks Buttons, Anchors, and Inputs for tabindex or aria-label.

Requirements

• Visual Studio Code v1.80.0 or higher.

Extension Settings

This extension uses VS Code's Global State to store your custom patterns, so they are available in any project you open.

Release Notes

1.0.0

Initial release of Ally Guard.

• Added Webview UI.

• Added Custom Pattern Management.

• Added CSV Export.

• Added recursive directory scanning.