A very simple plugin for Veracode SCA to get agent-base SCA results into VSCode IDE
The current version is still lacking images to make it super nice, however, you can already have the following:
- Get a list of your workspaces
- Get a list of project within each of your workspaces - by selecting a workspace
- Get a list of issues within your individual project - by selecting a project
- Review current working directory (only if local SCA agent is installed and configured)
The extension is utilizing the credentials setup in your pc account home directory. See instructions in Veracode Help
This extension contributes the following settings:
veracode.API profile in configuration file: specify theprofileto use from the credentials file (default profile is set todefault)
Images and icons need update
The plugin is currently only support 100 1000 issues in a single project. In case there are more issues, you'll see a note in the issues pane similar to the image below:
- Increase max issues import to 1000 issues
- Update the note for missing issues if there are more than 1000
- Note added for projects with more than 100 issues
- Add a view to refresh and view the local working folder for SCA libraries and vulnerabilities
- grouped issues by type
- update issues icons
- added configuration for selecting section in the credentials file
- Initial release of the plugin
- Can pull Workspaces, Projects, and Issues
- add tooltip to issues
- add links to Veracode platform
- add links to issues description
- add next safe version information to libraries with vulnerabilities
(See repository issues for additional items)
- If you have an improvement idea or you found any defect, please add an 'issue'
Hope you find this plugin useful!