Skip to content
| Marketplace
Sign in
Visual Studio Code>Linters>BugLensNew to Visual Studio Code? Get it now.
BugLens

BugLens

VanshDev

|
6 installs
| (1) | Free
Instant AI-powered code review — catch bugs, security flaws, and bad practices before they ship.
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info
BugLens Logo

BugLens

AI-powered code review, right inside VS Code

Version Installs Rating GitHub

Catch bugs · Fix security flaws · Chat with your code — before it ships

⚡ Install Now · ✨ Features · 🎬 Demo · 🐙 GitHub PR Bot · ⚙️ Settings


⚡ Install

  1. Open VS Code
  2. Press Ctrl+Shift+X → search BugLens
  3. Click Install
  4. Open any code file → press Ctrl+Shift+R

Done. No API key needed. No sign-up. Works instantly.


🎬 Demo

Open any file and press Ctrl+Shift+R:

# This code has a critical SQL injection vulnerability
def get_user(id):
    query = f"SELECT * FROM users WHERE id = {id}"
    return db.execute(query)

BugLens opens a review panel instantly:

🔍 BugLens Review — users.py

  20 / 100   CRITICAL

┌─────────────────────────────────────────────────┐
│ 🔴 CRITICAL — SQL Injection Vulnerability       │
│ 📍 Line 3  (click to jump)                      │
│                                                 │
│ User input is directly embedded in the SQL      │
│ query, allowing attackers to read, modify or    │
│ delete your entire database.                    │
│                                                 │
│ Fix: db.execute("SELECT * FROM users WHERE      │
│      id = %s", (id,))          [Copy Fix]       │
└─────────────────────────────────────────────────┘

💬 Ask BugLens about this code...
"Explain the SQL injection on line 3"

Line 3 is also underlined red directly in the editor — hover to see the issue without opening the panel.


✨ Features

🔍 Instant Code Review

Press Ctrl+Shift+R to get a full AI-powered review in seconds — bugs, security issues, performance problems, and style violations.

🎨 Inline Highlights

Problem lines are underlined directly in the editor — red for critical, yellow for warnings, purple for suggestions. Hover any line to see the issue and fix without opening the panel.

💬 Chat with Your Code (New in v0.3.0)

After a review, ask follow-up questions in natural language:

  • "Explain the SQL injection on line 3"
  • "How do I fix the hardcoded password?"
  • "What's the real-world impact of this bug?"

BugLens remembers the context — follow-up questions work naturally.

📊 Quality Score

Every review gives a 0–100 score with a label (Excellent / Good / Needs Work / Critical) and a plain-English summary.

📋 One-Click Fix

Each issue has a Copy Fix button — one click copies the exact fix to your clipboard. No manual selecting.

🔗 Jump to Line

Click 📍 Line 14 in the review panel to jump directly to that line in the editor.

🤖 GitHub PR Bot

Automatically reviews every Pull Request and posts structured comments — zero human involvement needed. Set up in 2 minutes →

📈 Status Bar Score

After every review, the score appears in the VS Code bottom bar: ✅ BugLens: 94/100 (1 issue)

🔧 Refactored Code

When score is below 70, BugLens provides a complete refactored version of your code.

🌐 30+ Languages

Python · JavaScript · TypeScript · Java · Go · Rust · C/C++ · C# · PHP · Ruby · Swift · Dart · Kotlin · SQL · Bash · YAML · and more.


⌨️ How to Use

Action How
Review current file Ctrl+Shift+R (Windows/Linux)
Review current file Cmd+Shift+R (Mac)
Review selected code Select lines → Ctrl+Shift+R
Click toolbar button 🔍 icon in top-right editor bar
Right-click menu Right-click → BugLens: Review This Code
Status bar Click 🐛 BugLens at bottom right
Chat about code Type in chat box after review → press Enter

🔴 What BugLens Catches

Bugs

  • Logic errors and off-by-one mistakes
  • Null/undefined handling issues
  • Missing error handling
  • Edge cases and race conditions

Security Issues

  • SQL injection via string concatenation
  • Cross-Site Scripting (XSS)
  • Hardcoded API keys and passwords
  • Insecure deserialization
  • Missing input validation
  • Broken authentication patterns

Performance Problems

  • N+1 database queries
  • Unnecessary loops and O(n²) operations
  • Blocking I/O in async code
  • Memory leaks

Style Violations

  • Naming convention issues
  • Dead and duplicate code
  • Missing type hints
  • Code duplication

🐙 GitHub PR Bot

BugLens can automatically review every Pull Request on any GitHub repository — no manual pressing needed.

How it works

Developer opens a PR
       ↓  (automatic — zero human involvement)
GitHub sends event to BugLens server
       ↓
Server fetches changed files
       ↓
AI reviews each file
       ↓
Structured review posted as PR comment
       ↓
Developer sees review within 30 seconds

Example PR comment

❌ BugLens Review: auth/login.py
Score: 20/100 | Issues: 5 | Model: meta-llama/llama-4-scout-17b-16e-instruct

🔀 Mixed changes — 1 new file(s) + 1 modified file(s)

🔴 [CRITICAL] Hardcoded admin password — Line 6
The admin password is hardcoded, which is a significant security risk.
Fix: Use bcrypt to hash passwords and store them securely.

🔴 [CRITICAL] SQL Injection vulnerability — Line 10
The query directly inserts username into SQL string.
Fix: Use parameterized queries or an ORM.

🔴 [CRITICAL] Hardcoded API key and secret — Line 13
Store API key and secret as environment variables.
Fix: Use os.environ.get('API_KEY') and os.environ.get('SECRET')

Reviewed by BugLens

Set up the PR bot on your repo

  1. Go to your GitHub repo → Settings → Webhooks → Add webhook
  2. Fill in:
    • Payload URL: https://buglens-api.onrender.com/api/v1/webhook
    • Content type: application/json
    • Secret: contact @Vansh940 for the shared secret
    • Events: Pull requests only
  3. Click Add webhook

Every PR in your repo will now get an automatic BugLens review. ✅

Want to self-host? See the Backend Setup →


⚙️ Settings

Open VS Code Settings (Ctrl+,) → search "buglens":

Setting Default Description
buglens.apiUrl https://buglens-api.onrender.com Backend server URL
buglens.reviewOnSave false Auto-review every time you save
buglens.showInlineHighlights true Colored underlines on problem lines

Point to your own backend

If you self-host BugLens, change the API URL:

  1. Press Ctrl+, → search "buglens"
  2. Change apiUrl to your server URL (e.g. http://localhost:8000)

🛠️ Tech Stack

Component Technology
Extension TypeScript + VS Code API
Backend FastAPI + Python 3.12
AI Model Groq API — meta-llama/llama-4-scout-17b-16e-instruct
Database PostgreSQL (review history)
Cache Redis (Upstash)
GitHub Bot GitHub Webhooks + REST API
Hosting Render (free tier)

🌐 Supported Languages

Language Extensions
Python .py
JavaScript .js .jsx
TypeScript .ts .tsx
Java .java
Go .go
Rust .rs
C / C++ .c .cpp
C# .cs
PHP .php
Ruby .rb
Swift .swift
Dart .dart
Kotlin .kt
Scala .scala
HTML .html
CSS / SCSS .css .scss .sass
SQL .sql
Bash .sh
YAML .yml .yaml
JSON .json
+ more .hs .ex .clj .r .lua ...

❓ FAQ

Q: Is BugLens free? A: Yes — completely free. No sign-up, no API key, no credit card.

Q: Does my code get stored anywhere? A: No. Only review metadata (score, issue count, language) is stored. Your actual code is sent to the AI model and immediately discarded.

Q: How accurate are the reviews? A: Very accurate for common issues (SQL injection, XSS, null pointers, hardcoded secrets). For complex business logic, treat it as a smart first pass — not a replacement for human review.

Q: Can I use my own backend? A: Yes — see the GitHub repo for self-hosting instructions.

Q: The first review takes 30 seconds — why? A: The free hosting tier sleeps after inactivity. First request wakes it up. Subsequent reviews are instant.

Q: How do I set up the GitHub PR bot? A: See the GitHub PR Bot section above.


🔗 Links

  • GitHub: github.com/Vansh940/BugLens
  • API Docs: buglens-api.onrender.com/docs
  • Issues: github.com/Vansh940/BugLens/issues
  • Publisher: VanshDev on Marketplace

Built with ❤️ by Vansh

⭐ Star the repo if BugLens helped you write better code!

Install BugLens

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2026 Microsoft