Vulnerability scanning in VS Code
Find security vulnerabilities in open source npm packages while you code. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And the best thing is, it’s FREE.
Detect vulnerabilities in third-party open source packages automatically while you code.
Find security vulnerabilities in the npm packages you import:
See the number of known vulnerabilities in your imported npm packages as soon as you require them!
See your project vulnerabilities inline,
as you code:
See feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.
See in-depth information about your vulnerabilities:
Access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.
“Connecting the Vuln Cost plugin to a FREE Snyk account gives you even more targeted and detailed information about the vulnerabilities you include in your projects.”
When you connect using a free Snyk account from the Vuln Cost extension we provide you with an even better experience, including more actionable information on the package you import.
A vulnerability severity level
Some vulnerabilities are more dangerous than others. With Snyk powering Vuln Cost we will instantly show you the severity levels of all your vulnerabilities.
Direct and indirect issues
Vuln Cost provides you a detailed overview of where the security issues exist in your project. This might be in a direct or a transitive dependency
Where possible we provide you with package upgrade advice to the closest version containing a fix for your vulnerabilities.