View analysis results from Visual Studio Code extension
Last updated
Was this helpful?
Last updated
Was this helpful?
Snyk analysis shows a list of security vulnerabilities and code issues in the application code. Select a security vulnerability or a code security issue to view more details and examples of how others fixed the issue. The Issue details panel appears in a tab on the right side of the screen, as shown in the screen image at the end of this section.
The Snyk analysis panel on the left shows the time the analysis took and a list of issues with the suggestions found for those issues.
Each issue contains a severity icon that has the following meaning:
May allow attackers access to sensitive data and run code on your application.
May allow attackers access to sensitive data on your application.
May allow attackers under some conditions to have access to sensitive data on your application.
The application may expose some data allowing vulnerability mapping, which can be used with other vulnerabilities to attack the application.
You may customize your scan behavior to reflect your company's security policy or to focus on certain areas.
Snyk reports critical, high, medium, and low severities. This can be adjusted in the Scan configuration settings.
By default, all levels are selected. You must select at least one.
Snyk reports the following types of issues:
Open Source issues: Found in open source dependencies; for more details, see Analysis results: Snyk Open Source.
Code Security issues: Found in your application’s source code; for more details, see Analysis results: Snyk Code.
Code Quality issues: Found in your application source code (same structure as Code Security)
Infrastructure as Code issues: Found in infrastructure as code files; For more details, see Snyk IaC Analysis results: Snyk IaC Configuration.
The exact capabilities and available scanners depend on your Snyk plan. Be sure your Organization's admin enabled all Snyk products prior to configuring any of them in the IDE plugin.
You can adjust the issue types that will be shown in the Scan configuration settings. By default, all issue types shown are selected.
Starting with Visual Studio Code extension version 2.19.0, it is possible to see only newly introduced issues.
This functionality reduces noise and allows you to focus only on current changes. This helps prevent issues early, thus unblocking your CI/CD pipeline and speeding up your deliveries.
The logic uses your local Git repository or any folder to compare the current findings with those in a base branch or reference folder. Net new issues scanning (delta scanning) shows you the difference between the two branches or folders, highlighting only the new issues.
In Visual Studio Code version 2.21.0 and later, you can choose any folder as your base for scanning.
To apply the filter and see only the new issues, use the total or new toggle in the summary panel.
The net new issues feature can also be enabled in the scan configuration settings for the extension.
For newly created feature branches, there will be no reported issues. That is an intended state, that developers would aim for, as shown in the screen image that follows:
The base branch is usually automatically determined for each Git repository.
You may change the base branch or base folder by following these steps, as illustrated in the screen image that follows:
Select the Snyk plugin.
Toggle the total/new filter in the summary panel.
Click on the top-level node in the issues tree to change the branch or directory.
Use text input to specify any branch name or reference directory.
Critical severity
High severity
Medium severity
Low severity
