Security developer Snyk has published a free extension for that finds vulnerabilities in packages.
Introduced April 2, the open source Snyk Vuln Cost extension serves as a security scanner, providing feedback inline as developers code. With 80 percent to 90 percent of code today being heavily dependent on open source packages, developers need to know what these packages do, Brian Vermeer, Vuln Cost project lead, said.
The extension is available from the . Users who connect Vuln Cost to a Snyk account get additional capabilities, including a vulnerability severity level, an overview of security issues in a project, and remediation advice.
Copyright © 2020 IDG Communications, Inc.