Vuln Cost - Security Scanner for VS Code

• Homepage
• Github repository
• Issues

Vulnerability scanning in VS Code

Find security vulnerabilities in open source packages while you code in JavaScript, TypeScript and HTML. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And most important, suggesting a fix if known vulnerabilities are found. If you like the extension, we’d love it if you could rate it.

🔒 Your code and manifest files never leave your machine. Snyk only needs the dependency name and version to test against our constantly updated vulnerability database.

Detect vulnerabilities in third-party open source packages automatically while you code.

• Find security vulnerabilities in the npm packages you import: see the number of known vulnerabilities in your imported npm packages as soon as you require them!

• See your project vulnerabilities inline, as you code: see feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.

• Find security vulnerabilities in your JavaScript packages from well-known CDNs: Vuln Cost scans any HTML files in your projects and displays vulnerability information about the JavaScript packages you download from your favorite CDN.

• See in-depth information about your vulnerabilities: access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.

Vuln Cost in JavaScript files:

Vuln Cost in HTML files:

CDN support

Vuln Cost scans HTML files and displays vulnerability information about the JavaScript packages you download from multiple CDN providers.

Currently supported CDN's

• unpkg.com
• ajax.googleapis.com
• cdn.jsdelivr.net
• cdnjs.cloudflare.com
• code.jquery.com
• maxcdn.bootstrapcdn.com
• yastatic.net
• ajax.aspnetcdn.com