VS Code Extension
The primus-security VS Code extension brings the full Primus Security Suite directly into your editor — real-time findings, inline diagnostics, and one-click fixes without leaving VS Code.
Install
From VSIX (current)
# Download primus-security-1.0.0.vsix from the GitHub release
code --install-extension primus-security-1.0.0.vsix
Prerequisites
The extension requires the primus-scan CLI on your PATH:
dotnet tool install -g PrimusSaaS.Security.Cli
Features
Real-time findings panel
A tree view in the Explorer sidebar groups findings by file and severity. Click any finding to navigate to the vulnerable line.
Inline diagnostics
Findings appear as VS Code squiggles (red for Critical/High, yellow for Medium) on the affected lines. Hover for a summary; the Problems panel shows the full list.
Inline severity decorations
A small icon appears in the editor gutter next to each vulnerable line — 🔴 for Critical, 🟠 for High, 🟡 for Medium.
One-click patch apply
Every finding with a LocalRemediationEngine patch shows a wrench icon in the sidebar. Click it to apply the before/after diff as a WorkspaceEdit — no manual copy-paste.
Rule explain webview
Right-click any finding → Primus Security: Explain Rule to open a rich webview showing:
- What the vulnerability is
- Why it matters (attack scenario)
- How to fix it (step-by-step)
- Vulnerable code example with syntax highlighting
- Safe code example
Scan on save
C# files are automatically scanned 1 second after saving (debounced). Configurable.
Status bar indicator
Shows live Critical/High counts with colour-coded background:
- 🔴 Red background: Critical findings present
- 🟡 Yellow background: High findings only
- No background: Clean or not yet scanned
Commands
| Command | Description |
|---|---|
Primus Security: Scan Workspace | Scan entire workspace |
Primus Security: Scan Current File | Scan the active editor file |
Primus Security: Apply Fix | Apply patch for selected finding |
Primus Security: Explain Rule | Open rule explanation webview |
Primus Security: Clear Findings | Clear all findings from panel |
Primus Security: Open Settings | Jump to extension settings |
Settings
| Setting | Default | Description |
|---|---|---|
primusSecurity.cliPath | primus-scan | Path to CLI (if not on PATH) |
primusSecurity.scanOnSave | true | Auto-scan C# files on save |
primusSecurity.scanOnOpen | false | Auto-scan C# files on open |
primusSecurity.qualityGate.maxCritical | 0 | Warn when Critical count exceeded |
primusSecurity.qualityGate.maxHigh | 0 | Warn when High count exceeded |
primusSecurity.showInlineDecorations | true | Show severity icons in gutter |
primusSecurity.suppressionsFile | .primus-suppressions.json | Suppressions file path |