Visual Studio Code extension

The Snyk Visual Studio Code plugin scans and provides analysis of your code including open source dependencies and infrastructure as code configurations. Download the plugin at any time free of charge and use it with any Snyk account. Scan your code early in the development lifecycle to help you pass security reviews and avoid costly fixes later in the development cycle.
Snyk scans for vulnerabilities and returns results with security issues categorized by issue type and severity.
For open source, you receive automated algorithm-based fix suggestions for both direct and transitive dependencies.
Results appear in context, in line with code in your IDE.
This single plugin provides a Java vulnerability scanner, a custom code vulnerability scanner, and an open-source security scanner.
In using the Visual Studio Code extension, you have the advantage of relying on the Snyk Vulnerability Database. You also have available the Snyk Code AI Engine.
Snyk scans for the following types of issues:
This page explains installation of the Visual Studio Code extension. After you complete the steps on this page, you will continue by following the instructions in the other Visual studio Code extension docs:

Supported languages, package managers, and frameworks

Supported languages and frameworks include C#, JavaScript, TypeScript, Java, Go, Ruby, Python, Ruby, PHP, Scala, Swift, Objective-C, Kubernetes, Terraform, CloudFormation, Azure Resource Manager (ARM)

Supported operating systems and architecture

You can use the Snyk Visual Studio Code extension in the following environments:
  • Linux: AMD64 and ARM64
  • Windows: 386 and AMD64
  • MacOS: AMD64 and ARM64

Install the extension

The Snyk Visual Studio Code extension is available for installation on the Visual Studio code marketplace.
Follow these steps to install:


If you need help, submit a request to Snyk Support.