Run an analysis with Visual Studio Code extension
In the IDE note that the extension is already picking up the files and uploading them for analysis.
Snyk Open Source requires the Snyk CLI, so it downloads in the background.
Snyk Code analysis runs quickly without the CLI, so results may already be available. Otherwise, you see the following screen while Snyk scans your workspace for vulnerabilities:
Snyk Code scan
Snyk analysis runs automatically when you open a folder or workspace.
- Snyk Code performs scans automatically on file saves.
- Snyk Infrastructure as Code scans automatically on file saves.
- Snyk Open Source does not automatically run on save by default, but you can enable it in settings:
Snyk Open Source settings
To manually trigger a scan, either Save or manually rescan using the rescan icon:
If you only need the Code Quality, Code Security, or Open Source Security portion of the findings, you can easily disable the feature with the results you do not want to see or collapse the view:
Configure Features view
Snyk Code has "advanced" mode that allows you to control how a scan is performed.
To perform the analysis manually, in the configuration of the extension you can enable Advanced Mode which enables you to control the scanning process: