ScanReq scans your project for security vulnerabilities and outdated packages directly inside VS Code. It checks versions against public registries in real time and detects known CVEs via OSV.dev. Supports Python, Node.js, Rust, Go, PHP, Ruby, and Java (Maven & Gradle). Free plan covers all ecosystems with full CVE detection. Pro ($19 one-time) adds cross-version compatibility analysis and risk-phased update planning.