CytoScnPy for VS Code
CytoScnPy is a high-performance Python static analyzer written in Rust. This extension integrates CytoScnPy directly into VS Code, providing real-time analysis, security scanning, and code quality metrics.
Features
- Real-time Analysis: Automatically scans your Python files for unused code, security vulnerabilities, and quality issues as you type or save.
- Security Scanning: Detects hardcoded secrets (API keys, tokens), SQL injection risks, and dangerous code patterns (
eval, exec).
- Taint Analysis: Tracks data flow from untrusted sources to dangerous sinks to detect SQL injection, command injection, and code execution vulnerabilities.
- Clone Detection: Finds duplicate or similar code blocks to reduce technical debt.
- Quality Metrics: Calculates Cyclomatic Complexity, Halstead Metrics, and Maintainability Index.
- Quick Fixes: One-click actions to remove or comment out unused code, with CST-precise deletions.
- Workspace Analysis: Analyze entire directories or workspaces at once.
Requirements
This extension requires the cytoscnpy CLI tool to be available.
Option 1: Bundled Binary (Default)
The extension comes with pre-compiled binaries for:
- Windows:
cytoscnpy-cli-win32.exe
- Linux:
cytoscnpy-cli-linux
- macOS:
cytoscnpy-cli-darwin
The appropriate binary is automatically selected based on your platform.
Option 2: Python Package (Fallback)
If the bundled binary is not available, install the Python package:
pip install cytoscnpy
Extension Settings
This extension contributes the following settings:
| Setting |
Default |
Description |
cytoscnpy.path |
"" |
Custom path to the cytoscnpy executable (optional). |
cytoscnpy.analysisMode |
"workspace" |
'workspace' for full project (accurate) or 'file' (fast). |
cytoscnpy.enableSecretsScan |
false |
Enable scanning for hardcoded secrets. |
cytoscnpy.enableDangerScan |
false |
Enable scanning for dangerous code patterns. |
cytoscnpy.enableQualityScan |
false |
Enable scanning for code quality issues. |
cytoscnpy.enableCloneScan |
false |
Enable code clone detection to find duplicate/similar code. |
cytoscnpy.confidenceThreshold |
0 |
Minimum confidence level (0-100). Set to 0 to show all. |
cytoscnpy.excludeFolders |
[] |
Folders to exclude from analysis (e.g., ["build", "dist"]). |
cytoscnpy.includeFolders |
[] |
Folders to force-include in analysis (e.g., ["tests"]). |
cytoscnpy.includeTests |
false |
Include test files in analysis. |
cytoscnpy.includeIpynb |
false |
Include Jupyter notebooks in analysis. |
cytoscnpy.maxComplexity |
10 |
Maximum allowed cyclomatic complexity before warning. |
cytoscnpy.minMaintainabilityIndex |
40 |
Minimum maintainability index before warning. |
cytoscnpy.maxNesting |
3 |
Maximum allowed nesting depth before warning. |
cytoscnpy.maxArguments |
5 |
Maximum function arguments before warning. |
cytoscnpy.maxLines |
50 |
Maximum function lines before warning. |
Note: The VS Code extension runs the CLI with --client vscode. Project config from .cytoscnpy.toml or pyproject.toml is honored when present, including scan enablement, thresholds, fail gates, excludes, and advanced tuning. Explicit VS Code settings are passed as CLI flags and override matching thresholds.
Commands
Access these commands from the Command Palette (Ctrl+Shift+P / Cmd+Shift+P):
| Command |
Description |
| CytoScnPy: Analyze Current File |
Trigger analysis for the active Python file. |
| CytoScnPy: Analyze Workspace |
Analyze all Python files in the workspace. |
| CytoScnPy: Calculate Raw Metrics (raw) |
Show raw metrics (LOC, SLOC, comments). |
| CytoScnPy: Calculate Halstead Metrics (hal) |
Show Halstead metrics (volume, difficulty). |
| CytoScnPy: Calculate Maintainability Index (mi) |
Show maintainability index per function. |
| CytoScnPy: Calculate Cyclomatic Complexity (cc) |
Show complexity metrics for functions. |
GitHub Copilot Integration
This extension automatically registers CytoScnPy as an MCP (Model Context Protocol) server with GitHub Copilot. No manual configuration required!
Usage
Simply ask Copilot to use CytoScnPy:
- "Run a quick security scan on this file using CytoScnPy"
- "Analyze this code for unused functions with CytoScnPy"
- "Check the cyclomatic complexity of this file"
| Tool |
Description |
analyze_path |
Full analysis on files/directories |
analyze_code |
Analyze code snippet directly |
quick_scan |
Fast security scan (secrets & dangerous patterns) |
cyclomatic_complexity |
Calculate complexity metrics |
maintainability_index |
Calculate MI scores (0-100) |
Known Issues
- Jupyter notebook support (
.ipynb) requires the includeIpynb setting to be enabled.
Links
Release Notes
See CHANGELOG.md for detailed release notes.
