Reshift's VS Code extension enables developers to find vulnerabilities in their own custom code and help them remediate with rich issue descriptions within the IDE.
How to install the VS Code plugin:
Download the Reshift extension or within your IDE navigate to "Extensions" and then search the marketplace for “Reshift”.
The plugin can be opened by clicking the Reshift tab on the left panel.
Press the "play" button. A scan will kick off and show the progress bar at the bottom with a time estimate.
To stop a scan simply hit the button and it will discontinue the scan.
Once the scan has run, the results will appear in the left panel.
You can click specific security vulnerability findings to see the highlighted line of code along with a DevSec Coach panel to the right where you can learn more about the vulnerability.
You can also hover over the vulnerable code for a brief overview of the issue finding.
In the right panel you will find "Reshift Education" where solutions are provided for each finding. You can review the solutions and apply it to your code to fix it.
If you have any more questions, please email us at [email protected]!