cancel
Showing results for 
Search instead for 
Did you mean: 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

JumpCloud script for automating Visual Studio Code extension risk assessment using ExtensionTotal

amitassaraf
Novitiate I
Hey all, after working with a few organizations we got a working JumpCloud script to automate VSCode extensions risk using ExtensionTotal. Adding the script here if you'd like to use it! Works on MacOS clients - 

 

 

#!/bin/bash

loggedInUser=$(stat -f "%Su" /dev/console)
codePath="/Applications/Visual Studio Code.app/Contents/Resources/app/bin/code"
codeExtensions=$(sudo -u "$loggedInUser" "$codePath" --list-extensions)

jsonResult="{\"extensions\":["

while IFS= read -r line || [[ -n $line ]]; do
    content=$(curl -s --location 'https://app.extensiontotal.com/api/getExtensionRisk' \
    --header 'Content-Type: application/json' \
    --header 'Cookie: SameSite=None' \
    --header 'x-api-key: <YOUR_API_KEY>' \
    --data "{
      \"q\": \"$line\"
    }")
    jsonResult+="$content,"
    done < <(printf '%s' "$codeExtensions")

jsonResult=${jsonResult%,}
jsonResult+="]}"
echo "$jsonResult"

 

 

 For an API key, visit ExtensionTotal.com

 
0 REPLIES 0
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.