Through this Open Source extension for Atom, you can quickly start using DeepCode's code review and analysis within your development workflow. The extension will automatically alert you about critical vulnerabilities you need to solve in your code the moment when you hit SAVE in your IDE. Learn more here


Installation

  1. Installing the package is rather straightforward. You could use apm (Atom's package manager) - open the terminal and run apm install deepcode. Below we show how to install it through the Preferences. 


To learn more about the installation process, see this short video on how to install the extension:

Open Atom's Preferences and then Install. Search for the deepcode package. Here is a video how to do this:






How to use it?

PROTIP - DeepCode analysis on Save

Video on how to use the package

  • Here is a video on how to use the package. In short - don't forget to save and you would be in good hands:


How to ignore suggestions

There are two key steps here:

  1. Ignore particular alert directly by using Ignore for line or Ignore for file:

    deepcode problem

  2. Deepcode will create a comment, that will inform our analysis engine to ignore it. Don't forget to specify a description why you think it needs to be ignored. Your feedback will improve our engine over time:

.dcignore file

  • If you want to ignore certain files/folders (like node_modules for example), create a .dcignore file. You can create it in any folder on any level starting from the directory where your project resides. You may create multiple .dcignore files depending on your use case. This file supports glob syntax with "*" and "**" to specify file masks and sub-folders:

    .node_modules
    mocked_for_tests
    **/models/*_molecule.js
    

Rescan

  • If you need to restart the analysis or if it fails for any reason, you can easily analyse the project again by clicking Scan project:

    rescan-project

View results online

  • If you need to view the results online or you want to see example fixes, you could go to the analysis by clicking View results online:

    view-results-online

Configuration

  • If you need to update the url to the DeepCode server in a self-managed environment or restart the login process, you could do so by clicking on Settings:

    configuration

Feedback and contact