Addressing findings - Amazon Q Developer
In JetBrains and Visual Studio CodeIn Visual Studio

Addressing findings

When Amazon Q generates a finding, it underlines the vulnerable or low-quality code. Findings include details about the security or quality issue and how to address it in your code.

Address findings in JetBrains and Visual Studio Code

You can view a list of detected findings in the Problems tab. Choose a finding to be redirected to the specific area of the file where the vulnerability or low-quality code was detected. To see a pop-up with information about the finding, hover your cursor over the underlined code.

From the pop-up, you have a few options to address a finding:

  • Automatic fix — This option appears for some vulnerabilities. Choose Fix to update your code in-place and address the finding.

  • Explain with Q — Amazon Q explains the finding and recommends how to fix it. In the pop-up, choose Explain to send the finding and associated code to the Amazon Q chat panel.

  • Learn more about the finding — The finding describes how you can approach remediating the vulnerability. Use this information to replace the code with improved code.

Address findings in Visual Studio

To view findings in Visual Studio, open the Visual Studio Error List by expanding the View heading in the Visual Studio main menu and choosing Error List.

You can use the information in the finding to update your code. After updating your code, scan your code again to see if the findings were addressed.

By default, the Visual Studio Error List displays all of the warnings and errors for your code base. To filter your Amazon Q findings from the Visual Studio Error List, create a filter by completing the following procedure.

Note

Scan findings are only visible after you've run a security scan in which Amazon Q detected issues.

Findings appear as warnings in Visual Studio. In order to view findings from your Error List, the Warnings option in the Error List heading must be selected.

Filter findings in the Error List

  1. From the Visual Studio main menu, choose view and then Error List to open the Error List pane.

  2. From the Error List pane, right-click the header row to open the context menu.

  3. From the context menu, expand Show Columns, and then select Tool in the expanded menu.

  4. The Tool column is added to your Error List.

  5. From the Tool column header, select the Filter icon and choose Amazon Q to filter for Amazon Q security scan findings.