Skip to content
| Marketplace
Sign in
Visual Studio Code>Programming Languages>YAG-Suite LinterNew to Visual Studio Code? Get it now.

YAG-Suite Linter

yagaan

|
929 installs
| (0) | Free
Integrates YAG-Suite into VS Code
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

YAG-Suite Visual Studio Code Linter Plugin

Connect to the YAG-Suite Scan Server to provide detected vulnerabilities as warnings in Visual Studio Code.

This plugin requires an account on a YAG-Suite Scan Server. Vulnerabilities are fetched from that server (no local scan)

Use

About the YAG-Suite

The YAG-Suite is a SAST product developped by YAGAAN. It scan the source code in order to spot some vulnerabilities (SQL Injection, XSS, Sensitive Data Exposure, etc.). The YAG-Suite use a Scan Server (SaaS or On-Premises) to centralize scans of applications without consuming developper's resources.

The Scan Server embedd YAG-Scanner for advanced vulnerability detection for Java and PHP languages. It also contains a selection of Open Source SAST tools for Java, JavaScript, TypeScript, PHP, C/C++, Python and Go languages.

Each scan use machine learning capabality of the YAG-Suite to remove the alerts that are false positives.

Configuration

Server connection

Connection to server is configured in the ~/.yagaan/scanner-configuration.json file

    {
       "username":"admin",
       "password": "**********",
       "url":"https://scan.yagaan.io"
    }

If your connection to the server go through a proxy:

    {
       "username":"admin",
       "password": "**********",
       "url":"https://scan.yagaan.io",
       "proxyUrl":"https://my.proxy.com:3128"
    }

Use 'proxyUser' and 'proxyPassword' in case of an authenticated proxy.

Project configuration

In order to fetch detected vulnerabilities, you need to provide the identifier of the scanned project. This can be done by creating file .yagaan/project.json in the root directory of scanned project.

    {
       "pid": 1
    }

Project identifier (pid) can be obtained from the url of the scanned project on the dashboard.

For example, the url https://scan.yagaan.io/#/project/12/dashboard correspond the project identifier pid=12.

  • Contact us
  • Jobs
  • Privacy
  • Terms of use
  • Trademarks
© 2022 Microsoft