dpndncY

VS Code extension

Catch risk before it leaves the editor. The extension shows inline diagnostics on manifest files, scans the workspace on save, and offers quick-fixes for upgradable dependencies — authenticated against your self-hosted dpndncY instance.

Install & authenticate

  • Install the .vsix from your dpndncY instance’s download page.
  • Authenticate with a Personal Access Token (PAT) scoped to your tenant.

What it does

FeatureDetail
Inline diagnosticsVulnerable dependencies and SAST findings underlined in package.json, requirements.txt, pom.xml, and more.
Scan on save / openConfigurable, with debounce.
Quick-fix lensOne-click bump for upgradable dependencies.
Severity filterShow only the severities you care about while coding.
Shift-left, literally
The cheapest place to fix a vulnerable dependency is before you commit it. The extension puts the same verdicts you’d see in CI right next to the line you’re editing.

See also