Jit IDE Extension for Visual Studio Code


Enhance your coding experience and strengthen security with the Jit IDE Extension for Visual Studio Code.

Find us in VSCode Marketplace.

Key Features

Real-time Vulnerability Detection: Write secure code confidently as Jit's IDE extension detects and helps you fix vulnerabilities as you code.

Prevent Secrets from Being Pushed: Safeguard sensitive information by leveraging Jit's pre-commit hooks that prevent accidental exposure.

Streamlined and Secure Workflow: Access the power of Jit directly from your IDE. No additional tools or configurations needed.

VSCode extension


In order to use Jit Extension from your IDE:

  • Docker must be up & running: The extension runs docker containers in the background to scan your code with multiple security tools.


Quick fix highlights issues in the editor

Quick Fix highlights issues in the editor

Manage New and Existing Issues

Manage New and Existing Issues

Pre-Commit Hook

Jit includes a pre-commit hook that uses the pre-commit framework to check your code for security issues before you commit it.

Enable pre-commit hook

Open the command palette and search for "Jit: Install Pre Commit Hook".
Alternatively, you can install the pre-commit hook from the side panel of the extension and click the "Activate" button in the pre-commit section.

This will add the Jit pre-commit hook to your existing .pre-commit-config.yaml file. The hook will check for any security issues in your code before you commit it, helping you prevent insecure code from being committed to your repository.

If the hook finds any security issues in your code, it will fail the commit and provide diagnostic information to help you fix them. This can help you ensure that your code is always secure and free from vulnerabilities.

Configure pre-commit hook

You can configure the pre-commit hook to your specific needs and preferences. To do this:

  1. Open the settings view
  2. Search for the "jitsecurity.pre-commit" section
  3. Choose which security issues the hook will check for, and adjust other settings as needed

You can change these settings anytime, so you can easily adapt the hook to your changing needs and priorities.


We support the following languages and file types—

Language/File TypeObjective
PythonCode scanning
Dependency check
JavaScript & TypeScriptCode scanning
Dependency check
GoLangCode scanning
Dependency check
JavaCode scanning
KotlinCode scanning
C#Code scanning
SwiftCode scanning
RustCode scanning
PHPDependency check
Text FilesSecret detection
Terraform / CloudFormationInfrastructure-as-code scanning
KubernetesInfrastructure-as-code scanning
DockerfileInfrastructure-as-code scanning


  • What are the requirements for the extension to work?

    • The extension requires Docker to be installed and running on your machine.
  • Do I have to worry about my code being saved by this extension?

    • No. Your code is not saved by the extension. It only scans your code locally in a Docker container and displays the results in your IDE.
  • What happens if I don't have Docker installed?

    • The extension will prompt you to install Docker if it is not already installed on your machine.