microsoft/vscode · Security & risks
Authoritative risk signals for microsoft/vscode — dependency CVEs (deps.dev), OpenSSF Scorecard, and GitHub Code Scanning. Not a substitute for your own security review.
Dependency CVEs (deps.dev)
0
Critical
0 direct
0
High
0 direct
0
Moderate
25
Deps scanned
25 direct
OpenSSF Scorecard · 7.4/10
- Signed-Releases—
- Packaging—
- CII-Best-Practices0/10
- Token-Permissions0/10
- Fuzzing0/10
- Pinned-Dependencies5/10
- Binary-Artifacts7/10
- Branch-Protection8/10
Ask AI about microsoft/vscode
Grounded in the actual source code. Pick a starter question or write your own.
What does this repo do, in one paragraph?How would I get started using it?What are the main alternatives?Show me the entry point.
Or write your own question →Informational only. RepoPilot summarises public signals at the time of analysis; they can be incomplete or stale. Not professional, security, or legal advice.