Kiuwan for Developers (K4D) for Microsoft Visual Studio Code is a plugin that facilitates and automates compliance with security normatives, quality standards and best practices for several languages. It provides the following benefits:
K4D for VS Code has been succesfully tested with for VS Code 1.33.1 For different versions, please contact Kiuwan Technical support.
|
Previous to installlation, you must download k4d-vscode.vsix from https://www.kiuwan.com/pub/vscode/k4d-vscode.vsix |
Click on Extensions
Click on More Actions (...) >> Install from VSIX ..
Select k4d-vscode.vsix
After installing, you will see Kiuwan for Developers extension
After installation, you need to configure K4D to connect to Kiuwan. Please, remember that you need to have a valid Kiuwan Account.
Go to File >> Preferences >> Settings
and select User Settings >> Extensions >> Kiuwan
You can find connection settings at User Settings >> Extensions >> Kiuwan
Please, remember that you need to have a valid Kiuwan Account.
The Kiuwan server URL comes preconfigured (leave it with default value).
Fill in User and Password fields with your Kiuwan account's credentials.
In case your Kiuwan account is configured to use Single Sign-On (SSO), enter your Domain ID (consult your Kiuwan admin and see How to integrate Kiuwan with SAML SSO)
After K4D is installed, you are ready to map your VS Code workspace or folder to a Kiuwan application.
This action will allow synchronizing defects and vulnerabilities found by Kiuwan to your source code, being ready to work on fixing the issues. All the following settings can be configured at User level (i.e. they will apply to all folders opened with the user currently logged in the machine), or at Workspace level (i.e. you can configure different values for different folders / workspaces); the later is recommended. |
To map your VS Code workspace to Kiuwan, type your Kiuwan app name at Remote Application: Name
Once mapped, you can select the source of the defects that will be shown in VS Code.
For Action Plan and Audit Delivery , you can select a range of defects.
Finally, you can limit how many defects to download from Kiuwan servers (Defects Limit), as well as filter the resulting set of defects by Characteristics, File Patterns, Language and Priority.
Once configured, just click on the Kiuwan icon to see the defects.
This 'tree of defects' is structured in two or three levels:
If you experience problems with the Kiuwan plugin for VS Code , you can read Kiuwan Documentation to find a solution, or if you prefer you can collect troubleshooting information and send it to us.
Important information for troubleshooting is scatered across several log and configuration files. To make this process easier find log file at $USER_HOME/.optimyth/k4d-vscode.log and submit to technical support team. Visit Contact Kiuwan Technical Support on how to contact us. We will address your problem as soon as possible. |