Skip to content
| Marketplace
Sign in
Visual Studio Code>Programming Languages>Jit Security - Vulnerability Scanning for Python, JavaScript, TypeScript, GoLang, Terraform, CloudFormation, Dockerfile & moreNew to Visual Studio Code? Get it now.

Jit Security - Vulnerability Scanning for Python, JavaScript, TypeScript, GoLang, Terraform, CloudFormation, Dockerfile & more

Jit Security

jit.io
|
20 installs
| (4) | Free
Born left and stay secure. Keep your software safe from potential threats by swiftly detecting and resolving vulnerabilities in your code, open source packages, and infrastructure-as-code configuratio
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

Jit Security

With Jit, you don't need to be a security expert to consistently write secure code.

The Jit Security extension enables you to access the power of JIT directly from your IDE.

No additional security tools are required to enhance the security of your project with Jit.

Safeguard your code by identifying and fixing vulnerabilities as you work.

VSCode extension

Prerequisites

  • Docker must be up & running.

     The extension runs docker containers in the background to scan your code with multiple security tools.

Features

Quick fix highlights issues in the editor

Quick Fix highlights issues in the editor

Manage New and Existing Issues

Manage New and Existing Issues

Pre-Commit Hook

Jit includes a pre-commit hook that uses the pre-commit framework to check your code for security issues before you commit it.

What is the pre-commit Framework? The pre-commit framework is a popular tool that allows you to define and manage pre-commit hooks for your Git repositories. It provides a flexible and extensible way to run checks on your code before you commit it, helping you prevent insecure code from being committed to your repository.

Enable pre-commit hook

Open the command palette and search for "Jit: Install Pre Commit Hook". Alternatively, you can install the pre-commit hook from the side panel of the extension and click the "Activate" button in the pre-commit section.

This will add the Jit pre-commit hook to your existing .pre-commit-config.yaml file. The hook will check for any security issues in your code before you commit it, helping you prevent insecure code from being committed to your repository.

If the hook finds any security issues in your code, it will fail the commit and provide diagnostic information to help you fix the issues. This can help you ensure that your code is always secure and free from vulnerabilities.

Configure pre-commit hook

You can configure the pre-commit hook to your specific needs and preferences. To do this:

  1. Open the settings view
  2. Search for the "jitsecurity.pre-commit" section
  3. Choose which security issues the hook will check for, and adjust other settings as needed

You can change these settings at any time, so you can easily adapt the hook to your changing needs and priorities.

Coverage

We support the following languages and file types—

Language/File Type Objective
Python Code scanning
Dependency check
JavaScript & TypeScript Code scanning
Dependency check
GoLang Code scanning
Dependency check
All Files Secret detection
Terraform / CloudFormation Infrastructure-as-code scanning
Dockerfile Infrastructure-as-code scanning

FAQ

  • What are the requirements for the extension to work?

    The extension requires Docker to be installed and running on your machine.

  • Do I have to worry about my code being saved by this extension?

    No. Your code is not saved by the extension. It only scans your code locally in a Docker container and displays the results in your IDE.

  • What happens if I don't have Docker installed?

    The extension will prompt you to install Docker if it is not already installed on your machine.


About us

Jit is the platform that enables dev organizations to adopt the MVS mindset and progress iteratively in a just-in-time manner.

Visit us on Jit docs to learn more.


Feedback

We would love to hear from you!

Feel free to contact us at contact@jit.io if you need help, have an issue, or just want to provide feedback.

  • Contact us
  • Jobs
  • Privacy
  • Terms of use
  • Trademarks
© 2023 Microsoft