This extension is not maintained anymore after WhiteSource became Mend. To get the latest updates please install Mend for Visual Studio.

Overview

Get the insights you need, when you need them. The extension provides full visibility of your open source components, alerts on security vulnerabilities, and offers actionable remediation insights in real-time. WhiteSource Advise integrates seamlessly into your coding environment in a frictionless integration, without interrupting or delaying your workflow.

You will need a WhiteSource account to activate the extension. If you do not have one, you can request a free trial here.

Key Benefits

• Detect vulnerabilities while coding: early detection of security issues saves precious time and resources. You can now run security tests before committing your code, and speed-up your development process.
• Get detailed alerts: Each alert provides you with all of the information you need, , within your Visual Studio UI, like the component name, CVE ID, severity score, and more..
• Speed-up remediation: Alerts contain proactive remediation guidance to help developers fix the issues, like suggested fix, and mapping of the vulnerable dependency.
• Non-intrusive integration: You can control when to scan and receive alerts. Alerts are displayed at the bottom of the screen with all additional information. The alerts don't trigger automated workflows, so that you can have full control over the process.

Getting started with WhiteSource Advise

After installing the extension, please check out our documentation for more details.

Release Notes

The release notes are available here.