This extension provides automatic reporting of security concerns from Socket Security. The features of this extension aim to provide guidance through all stages of development.
Ahead of Package Installation
After Package Installation
Package dependency files like package.json and pyproject.toml are run against more thorough issue reporting to see exact issues for each dependency. These are listed in the "Problems" tab for easy access.
Simplified GitHub application installation is available as a code lens. It detects your username/organization and sets up the installation workflow automatically with a simple click. These reports are more extensive than the ones provided within the extension and include things such as transitive issue aggregation and diffing from one commit to another. If you want these features, please install the GitHub app.
If you are in charge of a team you may wish to setup this up as a recommended extension or other organization level settings. Please refer to our docs.