Trivy Vulnerability Scanner is a VS Code plugin that helps you find vulnerabilities in your software projects without leaving the comfort of your VS Code window.
The Trivy VS Code plugin now has a findings explorer which allows you to more easily navigate the config and vulnerability findings in your project
- Trivy version v0.9.1 and above.
If you find one, please file a GitHub Issue here.
Have a feature you desire? Please let us know by filing an issue here.
Handle findings inside tarballs
Add support for secrets - turn on in the extension settings
Fix json check
Add support for newer format of json results
Fix typo in the configuration settings
Add additional settings for offline and minimum severity
Add Findings viewer and help
Automatic detection of old Trivy versions.
Initial release with basic project scanning.