Try JFrog
Guides
Contact SupportTry JFrog
Start typing to search…
  1. source-code
  2. Developers
  3. IDEs

Visual Studio

The JFrog Visual Studio Extension integrates JFrog Xray scanning into Visual Studio, enabling developers to analyze NuGet project dependencies for security vulnerabilities. It provides real-time insights within Visual Studio, helping developers make informed decisions about using specific components before they become part of the organization's product.

Key Features

  • Vulnerability Scanning – Identify security risks in project dependencies.
  • Severity-Based Filtering – View scanned results based on issue severity.

Prerequisites

  • JFrog Xray version 2.5.0 or higher

Source Code

The JFrog Visual Studio Extension source code is available on GitHub.

Supported Technologies

Software Composition Analysis (SCA)

JFrog supports the following package managers for Visual Studio:

  • NuGet
  • npm

Installation

This section provides instructions for installing, configuring, and using the JFrog Visual Studio Extension.

Supported Visual Studio Versions

Two extensions are available in the Visual Studio Marketplace, each supporting different versions:

  • Visual Studio 2022JFrogV2
  • Visual Studio 2017 and 2019JFrog

Installing the JFrog Visual Studio Extension

  1. Open the terminal window.
  2. Run the nuget command. If the command is not recognized, add nuget.exe to the PATH environment variable.
  3. If your projects use NPM, run the npm command. If the command is not recognized, add npm.exe to the PATH environment variable.
  4. Open Visual Studio.
  5. Navigate to Tools → Extensions and Updates.
  6. Search for JFrog.
  7. Click Download and complete the installation.
  8. Restart Visual Studio after installation.

Configuring the JFrog Visual Studio Extension

Once installed, configure the extension to connect to JFrog Xray:

  1. Open Visual Studio.
  2. Go to Tools → Options → JFrog → JFrog Xray.
  3. Enter your JFrog Platform URL and login credentials.
  4. Click Test Connection to verify the setup.

Quick Start

Scanning and Viewing Results

  1. Open View → Other Windows → JFrog.
  2. JFrog Xray automatically scans the project when it is opened.
  3. To manually trigger a scan, click the Refresh button in the JFrog window.

Filtering Scanned Results

The JFrog Extension provides filters to refine scan results, allowing you to focus on relevant issues:

  • All
  • Critical
  • Major
  • Minor
  • Unknown
  • Normal

Reporting Issues

Report issues by opening a ticket on GitHub.

Troubleshooting

If you encounter issues, check the log messages in the Output console at the bottom of the screen.

Updated 2 months ago