Skip to content

DataDog/datadog-for-vscode

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

122 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Datadog for VS Code & Cursor

Overview | Requirements | License | Help and Feedback

Overview

The Datadog extension for VS Code and Cursor brings Datadog to your code editor to accelerate your development.

Datadog extension for VS Code and Cursor

The extension includes these features:

  • Code Security: Detect and fix security vulnerabilities, bugs, and exposed secrets before you commit changes.

  • Code Insights: Stay informed about code and library vulnerabilities without leaving the code.

  • View in IDE: Jump directly from code references in Datadog to your source files.

  • Fix in Chat: Fix code errors, vulnerabilities, and flaky tests with AI-powered suggestions and explanations.

  • Log Annotations: Gauge log volumes and search logs from your code.

  • Exception Replay: Debug your production code.

The extension integrates with the Datadog MCP Server which is configured separately.

Unless stated otherwise, all extension features are available for both VS Code and any other IDEs based on VS Code forks, such as Cursor.

Requirements

  • Datadog account: Most features require a Datadog account.

    • New to Datadog? Learn more about Datadog's monitoring and security tools and sign up for a free trial.
    • If your organization uses a custom sub-domain such as myorg.datadoghq.com, you must indicate it using the datadog.connection.oauth.setup.domain setting in the IDE.
  • Git: The extension works better when Git is enabled in the IDE. Ensure this is enabled by checking the git.enabled setting.

MCP Server setup

The extension works well alongside the Datadog MCP Server. Enable the MCP Server to enhance your IDE's AI capabilities with your specific Datadog environment.

In Cursor

Install the Datadog Cursor Plugin from the Cursor marketplace. The plugin configures the Datadog MCP Server in Cursor automatically.

In VS Code

Follow the Datadog MCP Server setup guide to configure the Datadog MCP Server in VS Code.

Code Security

The Code Security features analyze your code locally to detect and fix security issues and vulnerabilities before you commit your changes. The extension supports two complementary scan types: Static Code Analysis and Secret Scanning.

Static Code Analysis

Static Code Analysis analyzes your source files against predefined rules to catch security vulnerabilities, bugs, and maintainability issues.

The extension runs Static Code Analysis rules on the source files you have open in your workspace. Static Code Analysis supports scanning for many programming languages. For a complete list, see Static Code Analysis Rules. Issues are shown in the source code editor, and you can directly apply suggested fixes.

Get started with Static Code Analysis

When you start editing a source file, the extension checks for static-analysis.datadog.yml at your source repository's root. It prompts you to create it if necessary.

Onboarding banner for setting up Static Code Analysis with Python files

After you create the configuration file, the analyzer runs automatically in the background whenever you open a file. If you need to enable Static Code Analysis for a particular language, search for the command Datadog: Configure Static Analysis Languages in the command palette (Shift + Cmd/Ctrl + P).

You can also run a batch analysis for individual folders and even the entire workspace. In the IDE's file explorer view, right-click a folder and select Datadog Code Security > Analyze Folder or Analyze Workspace.

Rule editor

Write and test custom Static Code Analysis rules without leaving your IDE. Use the Datadog DDSA Rule Editor to design detection logic for internal standards, security patterns, or maintainability checks specific to your codebase.

To open the rule editor, run the Datadog: New DDSA Rule command from the command palette (Shift + Cmd/Ctrl + P), or right-click a YAML file and select Datadog Code Security > Open in DDSA Rule Editor.

DDSA Rule Editor in VS Code

Secret Scanning

Secret Scanning detects exposed credentials — API keys, tokens, and passwords — in your source files before you commit them. File contents are scanned locally against rules fetched from your Datadog organization, and findings appear in the editor as you type.

Secret Scanning is enabled by default and runs in the background whenever you open a source file. No local configuration is required — scan rules are fetched from the Datadog backend. All text files are scanned; binary files are skipped automatically.

You can also scan an entire folder or workspace at once. In the IDE's file explorer view, right-click a folder and select Datadog Code Security > Analyze Folder or Analyze Workspace.

Secret Scanning requires you to be signed in to Datadog, because detection rules are fetched from your Datadog organization.

Review findings

Detected secrets are shown in three places:

  • Inline in the editor: each finding appears as an underline on the detected secret, with severity derived from the rule's priority.
  • Problems panel: all findings are listed with the source Datadog.
  • File Insights view: findings are grouped alongside other Code Security issues.

Suppress a finding

To suppress an individual detection, use the code action for the flagged secret to insert a no-dd-secrets comment on the line above. The comment suppresses all secret findings on the immediately following line.

Turn Secret Scanning on or off

To toggle Secret Scanning, run the Datadog: Turn on Secret Scanning or Datadog: Turn off Secret Scanning command from the command palette (Shift + Cmd/Ctrl + P), or change the datadog.codeSecurity.setup.secretScanning.enabled setting.

Code Insights

Code Insights displays vulnerabilities in your code and dependencies, as detected by Code Security.

The extension identifies vulnerabilities in the code with colored squiggles; hover over the line for more details.

The Code Insights view in the Datadog sidebar lists all the issues found in the repository. Select an item to view the full insight, and use the links to jump to the related source code location or open the code insight in Datadog.

You can group code insights by kind, file, priority, or service. You can also ignore individual code insights and set filters to view the ones you're most interested in.

The Code Insights view

For specific insights about the file currently open in the active editor, check the File Insights view in the IDE's file explorer. This view also lists issues discovered by Code Security within the file.

Other insight types

The following insight types are in limited support:

View in IDE

This feature is only available for VS Code and Cursor. Other forks of VS Code are not supported.

The View in VS Code or View in Cursor feature provides a link from Datadog directly to your source files. Look for the button next to frames in stack traces displayed in the UI (for example, in Error Tracking):

A stack trace in Datadog showing the View in VS Code button

You can also use this feature to open your source files from an insight (such as an error from Error Tracking):

An Error Tracking issue in the Datadog showing the View in VS Code button

To use this feature, first configure source code integration for your service.

Fix in Chat

The Fix in Chat button appears in several contexts when the extension identifies errors or issues. Click the button to generate an AI chat prompt that summarizes the problem, includes relevant details and context, and gives specific instructions for the agent.

Log annotations

This feature is in limited support.

Use Log Annotations to gauge the volume of logs generated by a given log line in your code. The extension adds annotations above your code to detected logging patterns that match log records in Datadog. Click an annotation to open the Log Explorer in Datadog and view the matching logs.

You can also search Datadog logs from within VS Code. Select any text in the code editor, then right-click and select Datadog > Search Logs With Selected Text.


Using the Datadog logs explorer feature.

Exception Replay

This feature is in limited support.

Exception Replay allows you to inspect the stack trace frames of any Error Tracking code insight and get information about the values of the variables of the code running in production.

To access this feature, you must enable Error Tracking Exception Replay on Datadog.

After the feature has been enabled, you can see an Exception Replay button next to the stack trace section of any instrumented Error Tracking code insight. Click the button to:

  • Access all the information Datadog has about the different frames.
  • Navigate through the production code.
  • Review the value of the different variables involved.

Select an Error Tracking code insight from the Code Insights view. Go to the stack trace and click the Exception Replay button. The IDE shows a new activity with two new views:

  • Variables: Displays the variables related to a particular stack trace frame.
  • Stack Trace: Lists the stack frames for navigation.

Select a stack trace frame and inspect the values of all the variables that Datadog captured from your production code.

License

Read the End-User License Agreement carefully before downloading or using this extension.

Data and Telemetry

Datadog collects certain information about your usage of this IDE, including how you interact with it, whether errors occurred while using it, what caused those errors, and user identifiers in accordance with the Datadog Privacy Policy and Datadog's VS Code extension EULA. This data is used to help improve the extension's performance and features, including transitions to and from the extension and the applicable Datadog login page for accessing the Services.

If you don't wish to send this data to Datadog, you can disable this at any time in the extension's settings: Datadog > Telemetry > Setup > Enable Telemetry and select disabled.

The Datadog extension also honors the VS Code telemetry setting.

Help and Feedback

Help us improve the extension by sharing your feedback using the feedback form, email us at team-ide-integration@datadoghq.com , or create an issue in our public repository.

Check out the issues section to discover known issues.

Do you use Cursor, or another fork of VS Code? Find the extension on the Open VSX Registry.