Visual Studio extension

The Snyk Visual Studio extension provides analysis of your code and open-source dependencies. Download the plugin at any time free of charge and use it with any Snyk account. Scan your code early in the development lifecycle to help you pass security reviews and avoid costly fixes later in the development cycle.

Snyk scans for vulnerabilities and returns results with security issues categorized by issue type and severity.

For open source, you receive automated algorithm-based fix suggestions for both direct and transitive dependencies.

This single plugin provides a Java vulnerability scanner, a custom code vulnerability scanner, and an open-source security scanner.

Snyk scans for the following types of issues:

• Open Source Security - security vulnerabilities and license issues in both direct and indirect (transitive) open-source dependencies pulled into the Snyk Project.
  See also the Open Source docs.
• Code Security and Code Quality - security vulnerabilities and quality issues in your code. See also the Snyk Code docs.
  See also the Snyk Code docs.

In using the Visual Studio Code extension, you have the advantage of relying on the Snyk Vulnerability Database. You also have available the Snyk Code AI Engine.

This page explains installation of the Visual Studio extension. After you complete the steps on this page, you will continue by following the instructions in the other Visual studio extension docs:

• Visual Studio extension configuration
• Visual Studio extension authentication
• Run an analysis with Visual Studio extension
• View analysis results from Visual Studio extension
• Troubleshooting and known issues with Visual Studio extension

The following are also available:

• Bug tracker
• Github repository

The plugin runs on Windows.

Supported Visual Studio versions

Supported versions of Visual Studio are 2015, 2017, 2019, and 2022 (version 17.0.5 and above).

Supported languages, package managers, and frameworks

Supported languages and frameworks include C#, JavaScript, TypeScript, Java, Go , Ruby, Python, PHP, Scala, Swift, Objective-C, unmanaged C/C++ and .NET.

• For Snyk Open Source: the Visual Studio extension supports all the languages and package managers supported by Snyk Open Source and the CLI. See the full list in the docs.
• For Snyk Code: the Visual Studio extension supports all the languages and frameworks supported by Snyk Code.

Supported operating systems and architecture

You can use the Snyk Visual Studio extension in the following environments:

• Windows: 386, AMD64, and ARM64
• MacOS: Visual Studio Windows plugin in a Windows virtual machine inside a Mac with an ARM64 processor

Install the extension

You can install the Snyk extension directly from the IDE; open Extensions > Manage Extensions.

Search for Snyk and select Download to download the Snyk Security - Code and Open Source Dependencies extension.

After you install, use Snyk through the Extensions > Snyk menu. (On Visual Studio versions older than 2019, Snyk is part of the top menu bar).

You can also open the Snyk tool window using View > Other Windows > Snyk.

Once the tool window opens, wait while the Snyk extension downloads the latest Snyk CLI version.

After you install the extension and the CLI you must authenticate. You can use the Connect Visual Studio to Snyk link. For more information and additional ways to authenticate see Visual Studio extension authentication.

Support

If you need help, submit a request to Snyk Support.