intellij-plugin

Template ToDo list

• Create a new IntelliJ Platform Plugin Template project.
• Get familiar with the template documentation.
• Adjust the pluginGroup and pluginName, as well as the id and sources package.
• Adjust the plugin description in README (see Tips)
• Review the Legal Agreements.
• Publish a plugin manually for the first time.
• Set the MARKETPLACE_ID in the above README badges. You can obtain it once the plugin is published to JetBrains Marketplace.
• Set the Plugin Signing related secrets.
• Set the Deployment Token.
• Click the Watch button on the top of the IntelliJ Platform Plugin Template to be notified about releases containing new features and fixes.
• Configure the CODECOV_TOKEN secret for automated test coverage reports on PRs

Xygeni Security Plugin

Secure your codebase with Secrets, SAST, SCA, IaC & Supply Chain scanning directly within your VS Code environment.

Xygeni Security Scanner is a powerful extension that brings comprehensive security scanning to your fingertips. It integrates seamlessly with your development workflow, allowing you to identify and remediate security vulnerabilities early in the process.

Key features:

• Comprehensive Scanning: Detects a wide range of security issues:
  • Secrets: Find hardcoded credentials, API keys, and other sensitive data.
  • SAST (Static Application Security Testing): Analyze your source code for common vulnerabilities.
  • SCA (Software Composition Analysis): Identify vulnerabilities in your open-source dependencies.
  • IaC (Infrastructure as Code): Scan your IaC files (e.g., Terraform, CloudFormation) for misconfigurations.
  • Misconfigurations: Detect security misconfigurations in your application and services.
• Seamless Integration: The extension adds a dedicated Xygeni view to your activity bar for easy access.
• Guided Setup: A simple configuration process to connect to the Xygeni service.
• In-Editor Issue Highlighting: View security findings directly in your code, making it easy to pinpoint and fix issues.
• Detailed Vulnerability Information: Get rich details for each identified issue, including severity, description, and remediation guidance.

Getting started:

1. Install the plugin from JetBrains marketplace. Once installed, the plugin automatically downloads and sets up the Xygeni Scanner
2. Open the Xygeni View and the Xygeni console: After installation, click the Xygeni icon in the activity bar to open the view and console.
3. Configure the plugin:
   • You will be prompted to configure the connection to the Xygeni service.
   • Obtain an API token from your Xygeni Dashboard. If you don’t have an account, you can sign up for a free trial.
   • Enter the Xygeni API URL and your API token in the configuration view.
4. Run a scan.
   • Once configured, the scan is ready
   • Click on the Run scan button to initiate a scan of your workspace
5. View results:
   • Scan results are displayed in the Xygeni view, categorized by type (SAST, SCA, Secrets, etc.).
   • Click an issue to view the file where the issue is found and
   • Click twice on an issue to view detailed information.
6. Fix issues:
   • On the detailed information, select the FIX tab to remediate the vulnerability.

Installation

• Using the IDE built-in plugin system:

  Settings/Preferences > Plugins > Marketplace > Search for "intellij-plugin" > Install

• Using JetBrains Marketplace:

  Go to JetBrains Marketplace and install it by clicking the Install to ... button in case your IDE is running.

  You can also download the latest release from JetBrains Marketplace and install it manually using Settings/Preferences > Plugins > ⚙️ > Install plugin from disk...

• Manually:

  Download the latest release and install it manually using Settings/Preferences > Plugins > ⚙️ > Install plugin from disk...

How to publish de Plugin

How to publish a plugin manually Publication procedure

---

Plugin based on the IntelliJ Platform Plugin Template.