YAG-Suite Visual Studio Code Linter PluginConnect to the YAG-Suite Scan Server to provide detected vulnerabilities as warnings in Visual Studio Code. This plugin requires an account on a YAG-Suite Scan Server. Vulnerabilities are fetched from that server (no local scan) About the YAG-SuiteThe YAG-Suite is a SAST product developped by YAGAAN. It scan the source code in order to spot some vulnerabilities (SQL Injection, XSS, Sensitive Data Exposure, etc.). The YAG-Suite use a Scan Server (SaaS or On-Premises) to centralize scans of applications without consuming developper's resources. The Scan Server embedd YAG-Scanner for advanced vulnerability detection for Java and PHP languages. It also contains a selection of Open Source SAST tools for Java, JavaScript, TypeScript, PHP, C/C++, Python and Go languages. Each scan use machine learning capabality of the YAG-Suite to remove the alerts that are false positives. ConfigurationServer connectionConnection to server is configured in the
If your connection to the server go through a proxy:
Use 'proxyUser' and 'proxyPassword' in case of an authenticated proxy. Project configurationIn order to fetch detected vulnerabilities, you need to provide the identifier of the scanned project. This can be done by creating file
Project identifier ( For example, the url |