Cyclopt for Visual Studio Code

Professional code quality analysis powered by Cyclopt. Get instant feedback on code metrics, security vulnerabilities, style violations, code duplication, and dependency issues.

Quick Start

1. Install the Extension

• Open VS Code Extensions (Ctrl+Shift+X / Cmd+Shift+X)
• Search for "Cyclopt"
• Click Install

2. Set Your API Token

1. Get your token from Cyclopt Dashboard
2. Open Command Palette (Ctrl+Shift+P / Cmd+Shift+P)
3. Run Cyclopt: Set API Token
4. Paste your token

3. Run Your First Analysis

• Keyboard: Ctrl+Shift+A (Windows/Linux) or Cmd+Shift+A (Mac)
• Command Palette: Cyclopt: Analyze Current File
• Editor Menu: Click the play button in the top-right corner

Results appear in three places:

• Cyclopt Sidebar - Click the Cyclopt icon in the Activity Bar
• Problems Panel - Ctrl+Shift+M / Cmd+Shift+M
• Editor - Inline highlights on affected lines

Features at a Glance

Code Analysis

Multiple Analyzers - Run comprehensive checks on your code:

• Metrics - Complexity, maintainability, lines of code
• Violations - Code style, anti-patterns, best practices
• SAST - Security vulnerabilities, injection flaws
• Duplication - Duplicated and similar code blocks
• Vulnerabilities - Known CVEs in dependencies

Automatic Analysis - Optional triggers for seamless workflow:

• Analyze on Save - Run analysis every time you save
• AI Detection - Auto-analyze when Copilot/AI tools generate code

Smart Filtering - Focus on what matters:

• Filter by severity (critical, high, major, minor)
• Quick filters: critical/high only, critical/high/major, all
• Hide noise, fix critical issues first

Results & Insights

Live Status Tracking - Always know the state of your code:

• Real-time progress with elapsed time
• Timestamp of last analysis
• Previous results visible during new analysis

Editor Safety - Prevents conflicts during analysis:

• Editor freezes during manual analysis
• Stays editable during AI-triggered analysis
• Visual lock indicator in status bar

Inline Decorations - Issues highlighted directly in code:

• Color-coded by severity (red, orange, blue)
• Hover for details
• Auto-tracks as you edit

AI Integration

Copy for AI Assistance - Right-click any issue to:

• Copy Issue Info - Get detailed information
• Create AI Prompt - Generate ready-to-use fix prompt with code context

Perfect for GitHub Copilot Chat, ChatGPT, Claude, or any AI assistant.

Copilot Instructions - Auto-generate .github/copilot-instructions.md:

• Teaches Copilot about Cyclopt
• Suggests commands for quality checks
• Integrates analysis into AI workflow

Quality Gates

Pre-Commit Hook - Block commits with critical issues:

• Install directly from VS Code
• Installed per git repository, not globally for every project
• Analyzes staged files before commit
• Blocks high-priority issues
• Results auto-load into sidebar

Export Results - Share findings and track progress:

• JSON, CSV, or Markdown formats
• Complete issue details
• Statistics and summaries

Smart Notifications

Auto-Dismiss - Simple confirmations disappear after 3 seconds Persistent - Important messages stay until dismissed Status Bar - Transient messages appear briefly, then vanish

Settings

Access settings in two ways:

1. Visual Panel: Command Palette → Cyclopt: Open Settings
2. VS Code Settings: Ctrl+, → Search "Cyclopt"

Key Settings

Pre-Commit Hook Setup

The Cyclopt pre-commit hook is installed into the current repository's .git/hooks/pre-commit file. Git does not share that file across repositories or machines, so each repository where you want commit-time checks must install the hook once.

Install it from VS Code in either of these ways:

• Command Palette → Cyclopt: Install Pre-Commit Hook
• Settings → search Cyclopt → use Install Pre-Commit Hook

If cyclopt.autoInstallHook is left at its default false, Cyclopt will not install the hook automatically when you open a repository.

How the Pre-Commit Hook Works

When you run git commit, the hook collects staged files, submits them to the Cyclopt API for analysis, and either blocks the commit or allows it based on the findings.

After the hook finishes, results are automatically loaded into the Cyclopt sidebar in VS Code.

Severity and Blocking Behaviour

Network errors, analysis failures, and timeouts are always non-blocking, the hook exits 0 so that infrastructure issues never prevent legitimate commits.

Skipping the Hook for a Single Commit

To bypass the hook once without uninstalling it:

# Environment variable — skip only this commit
CYCLOPT_SKIP=1 git commit -m "your message"

# Git built-in flag — skips all hooks
git commit --no-verify -m "your message"

Commands

Access all commands via Command Palette (Ctrl+Shift+P / Cmd+Shift+P):

Analysis

• Cyclopt: Analyze Current File - Analyze active file
• Cyclopt: Analyze Selected Files - Analyze selected files/folders
• Cyclopt: Select Analyzers & Analyze - Choose analyzers to run
• Cyclopt: Clear Results - Clear all findings

Filtering

• Cyclopt: Show Critical and High Only - Display only critical and high severity
• Cyclopt: Show Critical, High, and Major - Critical, high, and major severity
• Cyclopt: Show All Severities - Show everything

Results

• Cyclopt: Export Analysis Results - Export to JSON/CSV/Markdown

Configuration

• Cyclopt: Open Settings - Visual settings panel
• Cyclopt: Set API Token - Configure API token
• Cyclopt: Generate Copilot Instructions - Create AI instructions
• Cyclopt: Install Pre-Commit Hook - Install the hook in the current repository
• Cyclopt: Uninstall Pre-Commit Hook - Remove the hook from the current repository
• Cyclopt: Activate Pre-Commit Hook - Re-enable an installed hook
• Cyclopt: Deactivate Pre-Commit Hook - Disable an installed hook without removing it

Supported Languages

Analysis: JavaScript, TypeScript, Python, Java, C#, PHP, Dart

Dependency Scanning: package.json, requirements.txt, pom.xml, build.gradle, pubspec.yaml, composer.json, and more

Keyboard Shortcuts

License

See LICENSE file for details.