The Cscan VSCode plugin provides real-time code scanning for security issues and code standards using the Codestral API.
Features
Real-time scanning on document save and change
Highlights security issues and code standard violations
Provides diagnostic messages in VSCode
Installation
Clone the repository.
Run npm install to install dependencies.
Configuration
Environment Variables
To securely manage your API key, use environment variables. Follow these steps:
Create a .env File:
Create a .env file in the root directory of your project and add your API key:
CODESRAL_API_KEY=your-api-key-here
Install dotenv Package:
Ensure the dotenv package is installed by running:
npm install dotenv
Add .env to .gitignore:
To prevent the .env file from being committed to your repository, add it to .gitignore:
node_modules/
out/
.env
codestral-config.json
Update the codestral-config.json file with your API endpoint:
{
"apiEndpoint": "https://api.mistral.ai"
}
Usage
Open a code file in VSCode.
Make changes or save the file to trigger scanning.
View diagnostic messages in the Problems panel or inline.
You can also manually trigger a scan by opening the Command Palette (Ctrl+Shift+P or Cmd+Shift+P on macOS), typing "Scan Code with Cscan", and selecting the command.
Development
Running the Extension
Open the project in VSCode.
Press F5 to start debugging the extension in a new VSCode window.
Test the "Scan Code with Cscan" command and verify real-time scanning by making changes to the code.
Building and Publishing
Compile the Extension:
npm run compile
Package the Extension:
vsce package
Publish the Extension:
vsce publish
Ensure you increment the version number in package.json before publishing new versions.
