{"id":13532883,"url":"https://github.com/snyk/vulncost","last_synced_at":"2025-04-01T21:31:21.238Z","repository":{"id":41983329,"uuid":"240465760","full_name":"snyk/vulncost","owner":"snyk","description":"Find security vulnerabilities in open source npm packages while you code","archived":true,"fork":false,"pushed_at":"2022-04-20T17:16:26.000Z","size":2544,"stargazers_count":202,"open_issues_count":16,"forks_count":38,"subscribers_count":106,"default_branch":"master","last_synced_at":"2024-11-02T20:32:07.011Z","etag":null,"topics":["security","vscode-extension","vulnerabilities"],"latest_commit_sha":null,"homepage":"https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/snyk.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null}},"created_at":"2020-02-14T08:53:35.000Z","updated_at":"2024-11-01T03:59:56.000Z","dependencies_parsed_at":"2022-08-24T02:50:30.920Z","dependency_job_id":null,"html_url":"https://github.com/snyk/vulncost","commit_stats":null,"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fvulncost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fvulncost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fvulncost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fvulncost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/snyk","download_url":"https://codeload.github.com/snyk/vulncost/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246713075,"owners_count":20821836,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security","vscode-extension","vulnerabilities"],"created_at":"2024-08-01T07:01:14.595Z","updated_at":"2025-04-01T21:31:16.222Z","avatar_url":"https://github.com/snyk.png","language":"JavaScript","funding_links":[],"categories":["OSS and Dependency management","JavaScript","Secure Programming"],"sub_categories":["Tokens"],"readme":"# Latest update 🗞️ (start here first 👇)\nVuln Cost is no longer being actively maintained. While you can continue to use this extension until it is officially deprecated, we recommend you install [the official Snyk extension](https://marketplace.visualstudio.com/items?itemName=snyk-security.snyk-vulnerability-scanner). This new extension provides all the functionality supported by Vuln Cost and enables you to find and fix issues in both your open source dependencies AND your custom code.\n\n\n\u003cp align=\"center\"\u003e\u003ca href=\"https://github.com/snyk/vulncost\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/snyk/vulncost/master/images/vuln_cost_logo_animated.gif\" alt=\"Vuln Cost Animated Logo\" height=\"60\"/\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch1 align=\"center\"\u003eVuln Cost\u003c/h1\u003e\n\u003cp align=\"center\"\u003eThe world's easiest, Security Scanner for VS Code\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n\t\u003ca href=\"https://snyk.io/test/github/snyk/vulncost\"\u003e\u003cimg src=\"https://snyk.io/test/github/snyk/vulncost/badge.svg\"/\u003e\u003c/a\u003e\n  \u003ca href=\"https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost\"\u003e\u003cimg src=\"https://vsmarketplacebadge.apphb.com/installs-short/snyk-security.vscode-vuln-cost.svg\"/\u003e\u003c/a\u003e  \u003ca href=\"https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost\"\u003e\u003cimg alt=\"Visual Studio Marketplace Version\" src=\"https://img.shields.io/visual-studio-marketplace/v/snyk-security.vscode-vuln-cost?label=Marketplace\u0026logo=visual-studio-code\"\u003e\u003c/a\u003e\n\n\u003c/p\u003e\u003cbr/\u003e\u003cbr/\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/snyk/vulncost/master/images/vulncost.gif\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n## Vuln Cost - Security Scanner for VS Code\n\n- [Homepage](https://snyk.io/security-scanner-vuln-cost/)\n- [Github repository](https://github.com/snyk/vulncost)\n- [Issues](https://github.com/snyk/vulncost/issues)\n\n## Getting started\n- [Getting started guide](https://github.com/snyk/vulncost/blob/master/GETTING-STARTED.MD)\n\n## Vulnerability scanning in VS Code\n\nFind security vulnerabilities in open source packages while you code in JavaScript, TypeScript and HTML.\nReceive feedback in-line with your code, such as how many vulnerabilities a package contains that you are importing. And most important, suggesting a fix if known vulnerabilities are found.\nIf you like the extension, we’d love it if you could [rate it](https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost\u0026ssr=false#review-details).\n\n🔒 Your code and manifest files never leave your machine. Snyk only needs the dependency name and version to test against our constantly updated vulnerability database.\n\n## Detect vulnerabilities in third-party open source packages automatically while you code.\n\n\n- **Find security vulnerabilities in the npm packages you import:** see the number of known vulnerabilities in your imported npm packages as soon as you require them!\n\n\n- **See your project vulnerabilities inline, as you code:** see feedback directly in your editor. Vuln Cost displays the number of vulnerabilities your packages add to your project.\n\n\n- **Find security vulnerabilities in your JavaScript packages from well-known CDNs:** Vuln Cost scans any HTML files in your projects and displays vulnerability information about the JavaScript packages you download from your favorite CDN.\n\n\n- **See in-depth information about your vulnerabilities:** access relevant resources that will give you deeper information about the vulnerabilities that directly affect your project.\n\nVuln Cost in JavaScript files:\n\n![Vuln Cost in JS files](https://raw.githubusercontent.com/snyk/vulncost/master/images/require.png)\n\nVuln Cost in HTML files:\n\n![Vuln Cost in HTML files](https://raw.githubusercontent.com/snyk/vulncost/master/images/unpkg.png)\n\n## CDN support\nVuln Cost scans HTML files and displays vulnerability information about the JavaScript packages you download from multiple CDN providers.\n\n#### Currently supported CDN's\n- [unpkg.com](https://unpkg.com/)\n- [ajax.googleapis.com](https://ajax.googleapis.com)\n- [cdn.jsdelivr.net](https://cdn.jsdelivr.net)\n- [cdnjs.cloudflare.com](https://cdnjs.cloudflare.com)\n- [code.jquery.com](https://code.jquery.com/)\n- [maxcdn.bootstrapcdn.com](https://www.bootstrapcdn.com/)\n- [yastatic.net](https://yastatic.net/)\n- [ajax.aspnetcdn.com](https://ajax.aspnetcdn.com)\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnyk%2Fvulncost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsnyk%2Fvulncost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnyk%2Fvulncost/lists"}