GitHub Code Scanner
Fetch and aggregate GitHub code scanning alerts and generate readable reports from VS Code.
Demo

Installation
- Install from the Visual Studio Marketplace when published.
- Or install a downloaded
.vsix file via the command palette: Extensions: Install from VSIX....
Usage
- Open the Command Palette (
Ctrl/Cmd+Shift+P).
- Run Generate Report.
- Choose the report scope:
- Organization — fetch alerts across all repos in an organization.
- Single repository — enter
owner/repo.
- Choose which alert states to include: open, dismissed, fixed.
- View the generated report in the report panel.
- Run Save Report to File… to save the report as HTML, Markdown, or CSV.
Default saved filename pattern: code-scanning-<scope>-YYYY-MM-DD.html (or .md/.csv).
Authentication & Permissions
- The extension uses VS Code's GitHub authentication flow.
- It requires access to the target repository and the GitHub
security_events permission.
- If authorization fails, sign in to GitHub through VS Code and ensure the account has repository access.
Troubleshooting
- If no alerts appear, the repository/org may not have code scanning alerts or your account may not have permission.
- If authentication fails, sign in to GitHub in VS Code or use a token with appropriate access.
- If the report fails to save, verify that you have write permission in the selected folder.
License
This project is licensed under the MIT License — see the LICENSE file for details.
License
This project is licensed under the MIT License — see the LICENSE file for details.
| |