Introduction

Corgea is a powerful Visual Studio Code extension designed to enhance security practices by automatically fixing vulnerabilities in code. It integrates artificial intelligence to provide real-time security insights, making secure coding more accessible and effective.

The Corgea Visual Studio Code plugin is in Beta. For any issues or support, please email support@corgea.com.

Features

  • AI-Generated Fixes: Offers intelligent, context-aware fixes for detected vulnerabilities.
  • Vulnerability Management Panel: A dedicated sidebar that lists detected vulnerabilities, allowing for easy management and review.
  • Diff Application: Enables direct application of suggested patches through an interactive interface.
  • Detailed Vulnerability Insights: Displays comprehensive details about each vulnerability in a separate webview panel.
  • Secure API Integration: Manage your API key and Corgea service endpoint securely within VS Code.
  • User Authentication Management: Provides functionalities for securely logging in and out, and managing API keys.

Prerequisites

Before installing the Corgea extension, ensure you have the following:

  • Corgea account: have an active Corgea account.
  • Visual Studio Code (Version 1.50+): Download and install from Visual Studio Code website.

Installation Guide

Step 1: Install the Extension

We will be hosting the Visual Studio Code extension on the extension market place soon.
  1. Download the extension.
  2. Open Visual Studio Code.
  3. Go to the Extensions view.
  4. Click Views and More Actions…
  5. Select Install from VSIX…

Step 2: Loginn

  1. After installation, open the Command Palette by pressing Ctrl+Shift+P.
  2. Type Corgea: Login and press Enter.
  3. Follow the prompts to input your Corgea URL. If you are using the default URL (corgea.app), it will be prefilled.
  4. Enter your API key when prompted. This key can be obtained from your Corgea dashboard under the integrations section.

Usage

Viewing Vulnerabilities

  • To view the list of detected vulnerabilities, click on the “Vulnerabilities” icon in the sidebar. This panel will display all the current issues along with their severity and location in your code.

Applying Fixes

  • Click on a vulnerability in the sidebar to open its details in a new webview panel.
  • The details panel will provide a comprehensive overview of the issue, including a fix suggestion.
  • To apply a fix, click the Apply Fix button in the details panel. This will automatically update your code with the suggested fix.
  • Save the file with the changes.

Logging Out

  • To login into another user or log out, use the Command Palette (Ctrl+Shift+P) and select the respective commands (Corgea: Login or Corgea: Logout).

Release Notes

Version 1.0.2

  • Improved message when the project doesn’t have any issues in Corgea.

Version 1.0.1

  • Improved support for earlier versions of VS Code.

Version 1.0.0

  • Initial release: Introduces full functionality for vulnerability detection, management, and auto-fixing capabilities.
User ManagementGitHub