{"id":18830542,"url":"https://github.com/zupit/horusec-vscode-plugin","last_synced_at":"2025-08-28T12:21:35.889Z","repository":{"id":37029760,"uuid":"315996386","full_name":"ZupIT/horusec-vscode-plugin","owner":"ZupIT","description":"Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command. Now you can usage extension for vscode.","archived":false,"fork":false,"pushed_at":"2024-10-31T07:30:00.000Z","size":1438,"stargazers_count":17,"open_issues_count":21,"forks_count":9,"subscribers_count":32,"default_branch":"main","last_synced_at":"2024-10-31T08:23:56.972Z","etag":null,"topics":["binary","docker","hacktoberfest","javascript","open-source","typescript","vscode","vscode-extension"],"latest_commit_sha":null,"homepage":"https://marketplace.visualstudio.com/items?itemName=ZupInnovation.horusec","language":"TypeScript","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ZupIT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-25T16:33:58.000Z","updated_at":"2023-12-04T16:52:43.000Z","dependencies_parsed_at":"2023-09-29T19:17:30.138Z","dependency_job_id":"7ebf876a-e3cb-4c4f-bd90-765054402381","html_url":"https://github.com/ZupIT/horusec-vscode-plugin","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-vscode-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-vscode-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-vscode-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-vscode-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ZupIT","download_url":"https://codeload.github.com/ZupIT/horusec-vscode-plugin/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223619757,"owners_count":17174416,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary","docker","hacktoberfest","javascript","open-source","typescript","vscode","vscode-extension"],"created_at":"2024-11-08T01:49:22.155Z","updated_at":"2024-11-08T01:49:22.690Z","avatar_url":"https://github.com/ZupIT.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp\u003e\u003c/p\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cp align=\"center\" margin=\"20 0\"\u003e\u003ca href=\"https://horusec.io/\"\u003e\u003cimg src=\"assets/horusec_logo.png\" alt=\"logo_header\" width=\"100%\" style=\"max-width:100%;\"/\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cp\u003e\u003c/p\u003e\n\n# **Horusec-Extensions**\n\n## **Table of contents**\n### 1. [**About**](#about)\n### 2. [**Usage**](#usage)\n### 3. [**Documentation**](#documentation)\n### 4. [**Issues**](#issues)\n### 5. [**Contributing**](#contributing)\n### 6. [**License**](#license)\n### 7. [**Community**](#community)\n\n\n## **About**\n\nThis repository contains a [**Horusec CLI**](https://github.com/ZupIT/horusec) extension for the integrated development environment (IDE) **Visual Studio Code**. With this extension, you will be able to perform a static code analysis (SAST) in search of vulnerabilities.\n\n## **Usage**\n\n### Requirements\n\nYou must have [**Docker**](https://www.docker.com/) installed, click [**here**](https://github.com/ZupIT/horusec#requirements) to check more detailed information about **Horusec-CLI** requirements.\n\n**Note:** The analysis works using Horusec docker image, if you use the [**disable docker**](https://docs.horusec.io/docs/tutorials/how-to-use-horusec-without-docker/) option, \nHorusec only will execute the [**Horusec tools**](https://docs.horusec.io/docs/cli/analysis-tools/overview/#horusecs-tools), therefore, you need the Docker installed for analysis works properly.\n\n### Executing an analysis\n\nIn the **Visual Studio Code** sidebar, click on the Horusec extension icon, then click on **Start analysis** button. To stop the analysis, you can click on the **Horusec stop** button.\n\n**Note:** If there is no path configured, the workspace path of the IDE will be analyzed.\n\n\u003cimg src=\"assets/usage-horusec.gif\" alt=\"usage_gif\" width=\"100%\" style=\"max-width:100%;\"/\u003e\n\n### Configuration\n\nIn this extension, we use a configuration file to customize Horusec usage. You can make this changes using the settings button, `F1` or directly on the [**config file**](https://docs.horusec.io/docs/cli/commands-and-flags/#1-configuration-file). All possible configs start with the `horusecCli` prefix.\n\n## **Documentation**\n\nFor more information about Horusec, please check out the [**documentation**](https://docs.horusec.io/docs/overview).\n\n## **Issues** \n\nTo open or track an issue for this project, in order to better coordinate your discussions, we recommend that you use the [**Issues tab**](https://github.com/ZupIT/horusec/issues) in the main [**Horusec-CLI**](https://github.com/ZupIT/horusec) repository.\n\n## **Contributing**\n\nIf you want to contribute to this repository, access our [**Contributing Guide**](https://github.com/ZupIT/horusec-vscode-plugin/blob/main/CONTRIBUTING.md). \n\n\n### **Developer Certificate of Origin - DCO**\n\n This is a security layer for the project and for the developers. It is mandatory.\n \n Follow one of these two methods to add DCO to your commits:\n \n**1. Command line**\n Follow the steps: \n **Step 1:** Configure your local git environment adding the same name and e-mail configured at your GitHub account. It helps to sign commits manually during reviews and suggestions.\n\n ```\ngit config --global user.name “Name”\ngit config --global user.email “email@domain.com.br”\n```\n**Step 2:** Add the Signed-off-by line with the `'-s'` flag in the git commit command:\n\n```\n$ git commit -s -m \"This is my commit message\"\n```\n\n**2. GitHub website**\nYou can also manually sign your commits during GitHub reviews and suggestions, follow the steps below: \n\n**Step 1:** When the commit changes box opens, manually type or paste your signature in the comment box, see the example:\n\n```\nSigned-off-by: Name \u003c e-mail address \u003e\n```\n\nFor this method, your name and e-mail must be the same registered on your GitHub account.\n\n## **License**\n[**Apache License 2.0**](https://github.com/ZupIT/horusec-vscode-plugin/blob/main/LICENSE).\n\n## **Community**\nDo you have any question about Horusec? Let's chat in our [**forum**](https://forum.zup.com.br/).\n\n\nThis project exists thanks to all the contributors. You rock! ❤️🚀\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzupit%2Fhorusec-vscode-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzupit%2Fhorusec-vscode-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzupit%2Fhorusec-vscode-plugin/lists"}