This is an unofficial Visual Studio Code extension for evaluating npm projects with Sonatype Nexus IQ Server.
Version 0.0.1 was released August 20, 2017
When you have a workspace (folder) opened with a package.json at the root, execute a command (Ctrl+Shift+P)
Nexus IQ Evaluate.
The extension then executes
npm shrinkwrap to gather the dependency list and submits the name, version pairs them to the evaluation server. The user is notified about how many components have security issues listed.
The results are presented in a JSON format in a new text editor.