DigitSec Security PluginDigitSec Extension to analyze Salesforce code and configs Installation Launch VS Code Quick Open ( Ctrl+P), paste the following command, and press enter.Copied to clipboard |
digitsec READMEYou have installed the VS Code Scan Extension by DigitSec, Inc. This extension connects your DigitSec account with your developer environment. It facilitates running scans on your current working directory to find issues within your code. This extension will scan all salesforce files looking for vulnerabilities that could have been coded into your program. You can learn more about DigitSec, Inc. and the features of DigitSec at https://digitsec.com and you can signup for a trial at https://DigitSec.digitsec.com/signup. FeaturesThis Extension can be run against the current working directory to find vulnerabilities in your software. RequirementsYou will need to have an DigitSec account with DigitSec, Inc. and will need to have code files that would integrate with a Salesforce Org. Create CredentialsTo start using this plugin, please make sure to use the command "DigitSec: Login to DigitSec". This command will create a file called DigitSeccreds.json after it has verified the validity of your credentials. Run DigitSec Scan on root directoryTo run this extension, please press ctrl+shift+P to open the Command Palette, then enter "DigitSec". Select the "DigitSec: Run Security Scan" function. A scan may take a few minutes to complete, please be patient. Once the scan is completed, VSCode will display popups showing the findings results. Run DigitSec Scan on open fileTo run this extension, please press ctrl+shift+P, then type in DigitSec. Click the “DigitSec: Security Scan open file” function. Wait a few minutes. Once the scan is completed, vscode will display popups showing the findings results. Run DigitSec Scan on file saveThis extension can also be configured with "Scan on Save". Now, hitting the save button in the editor window in VSCode can fire an DigitSec scan. Use the Extension Settings page to activate this functionality. It is disabled by default. Extension SettingsThese are the settings you can modify for this extension: Scan on Save - When saving a file in your Salesforce Project, VS Code will trigger an DigitSec scan. You will receive a pop-up in VS Code indicating your vulnerability scan result finding counts grouped by severity and a link to your Findings Report. Release Notes--Version 2.0.2 Initial release of DigitSec |