secure-code-scanner READMESecure Code Scanner is a Visual Studio Code extension that analyzes source code for potential security vulnerabilities. It offers AI-generated suggestions for safer alternatives and provides a comprehensive, visual report of all detected issues. FeaturesLive Vulnerability Detection Detects and highlights vulnerabilities in real-time as you write code, providing immediate feedback. One-Click Full Project Scan Scans your entire project on command and generates a detailed, interactive report with AI-based suggestions for remediation. AI-Powered Fix Suggestions Uses OpenAI’s language model to propose improvements for insecure code patterns. Hover Hints and Tooltips Hover over flagged code to see the vulnerability explanation and fix suggestion. RequirementsTo use the AI features of this extension, you will need: A valid OpenAI API key This key can be provided securely when prompted by the extension. Node.js installed on your machine (for building/packaging the extension) Extension SettingsStart coding: vulnerabilities will be highlighted automatically. Run full scan: open command palette (Ctrl+Shift+P or Cmd+Shift+P) and run Secure Code Scanner: Scan Code. View the report: after a scan, a detailed webview will display all findings. Your OpenAI API key is stored securely using VSCode's Secret Storage and never shared or logged. Known IssuesRelease Notes1.0.0Initial release of ... 1.0.1Fixed issue #. 1.1.0Added features X, Y, and Z. Following extension guidelinesWorking with MarkdownHere are some useful editor keyboard shortcuts:
For more informationEnjoy! |