Sysdig LSP provides on-demand vulnerability explanations directly in your editor. After running a scan on an image (e.g., base image, Docker Compose service), you can hover over the image name to see a detailed summary of the scan results.
This feature allows you to quickly assess the security posture of an image without leaving your code, displaying information such as total vulnerabilities, severity breakdown, and fixable packages in a convenient tooltip.
- Run a Scan: Use a code action or code lens to scan an image in your
Dockerfileordocker-compose.yml. - Hover to View: Move your cursor over the image name you just scanned.
- Get Instant Feedback: A tooltip will appear with a formatted Markdown summary of the vulnerabilities found.
This provides immediate context, helping you decide whether to update a base image or investigate a specific package.