DinoScan VS Code Extension

DinoScan is a comprehensive AST-based Python code analysis extension for Visual Studio Code that provides real-time diagnostics, security scanning, and code quality metrics with intelligent caching and enhanced error handling.

🚀 Features

Core Analysis

• Real-time Python Analysis: Instant feedback as you code

• 5 Specialized Analyzers: Security, dead code, circular imports, documentation, duplicates

• 3 Analysis Profiles: Minimal, standard, comprehensive

• Smart Caching: Content-based caching skips unchanged files for faster analysis

• Process Management: Configurable timeouts and output limits

• Security Vulnerability Detection: Identifies potential security issues

• Dead Code Analysis: Finds unused functions, variables, and imports

• Circular Import Detection: Prevents import dependency issues

• Documentation Analysis: Ensures proper code documentation

• Duplicate Code Detection: Identifies code duplication

User Experience

• Enhanced Error Categorization: Clear, actionable error messages with quick fixes
• Intelligent Status Bar: Real-time analysis progress and results
• Interactive Reports: Detailed HTML reports with filtering and search
• Auto-analysis: Configurable analysis on file save/open
• Cancellation Support: Cancel long-running workspace analyses

Privacy & Telemetry

• Optional Telemetry: Opt-in usage statistics (disabled by default)
• Local Storage: All data stays on your machine
• Export Control: Export or clear your usage data anytime

📦 Installation

From VS Code Marketplace

1. Open VS Code
2. Press Ctrl+Shift+X (or Cmd+Shift+X on Mac)
3. Search for "DinoScan"
4. Click "Install"

From VSIX

1. Download the latest .vsix file from Releases
2. Run code --install-extension dinoscan-vscode-*.vsix

Prerequisites

DinoScan requires a Python installation with the DinoScan package:

pip install dinoscan

Or install from source:

git clone https://github.com/DinoAir/DinoScan.git
cd DinoScan
pip install -e .

⚙️ Configuration

Analysis Settings

Performance Settings

Display Settings

Advanced Settings

🎯 Usage

Quick Start

1. Open a Python file
2. Right-click → "DinoScan: Analyze Current File"
3. View results in the Problems panel

Commands

Analysis Profiles

Minimal: Essential issues only

• Security vulnerabilities
• Critical circular imports
• Basic dead code

Standard (Default): Balanced analysis

• All minimal checks
• Documentation issues
• Minor dead code
• Simple duplicates

Comprehensive: Thorough analysis

• All standard checks
• Complex duplicate detection
• Detailed documentation analysis
• Advanced dead code patterns

🔍 Analysis Types

Security Analysis (security)

Detects potential security vulnerabilities:

• Hardcoded secrets and passwords
• Dangerous function usage (eval, exec)
• Unsafe input handling
• Path traversal vulnerabilities

Example Finding:

[SEC001] Potential hardcoded secret detected
Line 15: password = "admin123"
Suggestion: Use environment variables or secure vaults

Dead Code Analysis (dead-code)

Identifies unused code elements:

• Unused functions and classes
• Unreferenced variables
• Unreachable code blocks
• Unused imports

Example Finding:

[DEAD001] Unused variable 'temp_data'
Line 42: temp_data = process_input()
Suggestion: Remove unused variable or add usage

Circular Import Analysis (circular)

Prevents import dependency cycles:

• Direct circular imports
• Indirect circular dependencies
• Potential future circular imports

Example Finding:

[CIRC001] Potential circular import detected
Line 5: from utils import helper
Suggestion: Refactor to break circular dependency

Documentation Analysis (docs)

Ensures proper code documentation:

• Missing function docstrings
• Missing class documentation
• Incomplete parameter documentation

Example Finding:

[DOC001] Function missing docstring
Line 23: def calculate_metrics():
Suggestion: Add docstring describing function purpose

Duplicate Code Analysis (duplicates)

Finds code duplication:

• Identical function implementations
• Similar code blocks
• Copy-paste patterns

Example Finding:

[DUP001] Duplicate function body detected
Lines 45-52: Similar to function at lines 78-85
Suggestion: Extract common functionality into shared function

🛠️ Troubleshooting

Common Issues

DinoScan not found

Error: DinoScan is not installed or not found
Solution: pip install dinoscan

Analysis times out

Error: Analyzer timed out after 20000ms
Solution: Increase dinoscan.processTimeoutMs setting

Invalid configuration

Error: Invalid choice 'strict' for profile
Solution: Use 'minimal', 'standard', or 'comprehensive'

Large file skipped

Warning: Skipping large file (>1MB)
Solution: Increase dinoscan.maxFileSize setting

Performance Optimization

Slow Analysis

• Reduce enabled analyzers for faster results
• Use 'minimal' profile for quick checks
• Increase process timeout for complex files
• Enable content caching (automatic)

Memory Usage

• Reduce maxOutputBytes for memory-constrained systems
• Exclude large directories (venv, node_modules)
• Use file size limits appropriately

Workspace Analysis

• Analysis runs in parallel where possible
• Progress is shown for large projects
• Cancellation available during long operations
• Cache prevents re-analyzing unchanged files

Error Categories

DinoScan categorizes errors for better troubleshooting:

Configuration Errors

• Invalid settings values
• Missing required configuration
• Quick fix: Opens settings panel

Environment Errors

• DinoScan not installed
• Python environment issues
• Quick fix: Copy install command

Parse Errors

• Invalid analyzer output
• JSON parsing failures
• Quick fix: Show output channel

Execution Errors

• General runtime failures
• Process execution issues
• Quick fix: Show troubleshooting guide

Timeout Errors

• Process exceeded time limit
• Quick fix: Adjust timeout settings

📊 Telemetry (Optional)

DinoScan includes optional, privacy-focused telemetry:

What's Collected (if enabled)

• Analysis count and average duration
• Cache hit ratio and performance metrics
• Error counts by category (no personal data)
• Profile and analyzer usage statistics

Privacy Guarantees

• Opt-in only: Disabled by default
• Local storage: Data stays on your machine
• No personal info: No file paths, code content, or identifiers
• Full control: View, export, or clear data anytime
• Anonymous: No tracking or user identification

Commands

• DinoScan: Show Usage Statistics - View collected data
• DinoScan: Clear Usage Statistics - Delete all data
• Export data to JSON file for analysis

Enable in settings: "dinoscan.telemetryEnabled": true

🧪 Development

Running Tests

npm install
npm run test:unit     # Jest unit tests
npm run test         # VS Code integration tests
npm run test:all     # All tests

Building

npm run compile      # TypeScript compilation
npm run watch       # Watch mode
npm run package     # Create VSIX package

Contributing

1. Fork the repository
2. Create a feature branch
3. Add tests for new functionality
4. Ensure all tests pass
5. Submit a pull request

📈 Roadmap

Upcoming Features

• Additional Analyzers: Type checking, complexity analysis
• Custom Rules: User-defined analysis patterns
• IDE Integration: Support for other editors
• Advanced Caching: Project-level dependency tracking
• Team Features: Shared configurations and reports

Performance Improvements

• Incremental Analysis: Analyze only changed code
• Parallel Processing: Multi-core analyzer execution
• Memory Optimization: Reduced memory footprint
• Faster Startup: Lazy loading and optimization

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🤝 Support

• Issues: GitHub Issues
• Discussions: GitHub Discussions
• Documentation: Wiki

🌟 Acknowledgments

• Built with TypeScript and the VS Code Extension API
• Testing powered by Jest
• CI/CD via GitHub Actions
• Inspired by the Python community's commitment to code quality

Happy Coding! 🦕✨

Please note it is a work in progress and feedback is welcome!