Vuln Cost is no longer being actively maintained. While you can continue to use this extension until it is officially deprecated, we recommend you install the official Snyk extension. This new extension provides all the functionality supported by Vuln Cost and enables you to find and fix issues in both your open source dependencies AND your custom code.
The world's easiest, Security Scanner for VS Code
Find security vulnerabilities in open source packages while you code in JavaScript, TypeScript and HTML. Receive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And most important, suggesting a fix if known vulnerabilities are found. If you like the extension, we’d love it if you could rate it.
🔒 Your code and manifest files never leave your machine. Snyk only needs the dependency name and version to test against our constantly updated vulnerability database.
-
Find security vulnerabilities in the npm packages you import: see the number of known vulnerabilities in your imported npm packages as soon as you require them!
-
See your project vulnerabilities inline, as you code: see feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.
-
Find security vulnerabilities in your JavaScript packages from well-known CDNs: Vuln Cost scans any HTML files in your projects and displays vulnerability information about the JavaScript packages you download from your favorite CDN.
-
See in-depth information about your vulnerabilities: access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.
Vuln Cost in JavaScript files:
Vuln Cost in HTML files:
Vuln Cost scans HTML files and displays vulnerability information about the JavaScript packages you download from multiple CDN providers.