The Socket Security extension for VSCode now fully supports Python and will highlight issues in your Python dependencies automatically. Projects using Pipfile
, pyproject.toml
, requirements.txt
, and setup.py
are now able to view Socket issues for their Python dependencies in both the VSCode "Problems" tab and the editor itself. The extension integrates with VSCode's official Python extension to provide full support for all current and future Python 3 versions (plus support for the legacy Python 2.7.18).
Problematic package imports in Python files will now also show diagnostic warnings when you hover over them, even in dynamic import expressions. With this change, we've matched our Python support in VSCode with that of JavaScript and TypeScript.
We've been hard at work adding support for new issues in Python over the last few months, and with this update the VSCode extension will automatically highlight any new issues Socket finds in your project as we improve our internal detections. You can rest easy knowing your project will only become more secure as time goes on.
We have exciting plans for our VSCode integration in the near future! You'll soon be able to synchronize your issue highlights with your organization settings and even use the extension on web-based VSCode instances like github.dev.
Want to defend your entire organization against supply chain attacks? Install the Socket Security GitHub app for free and get protected today!