Security Scan Log
Every release is scanned with VirusTotal (70+ antivirus engines) before distribution. This page tracks every scan so you can verify independently.
All source code is open under Apache 2.0. No outbound network calls from the VS Code extension. Secrets are never exposed in process listings.
VS Code Extension (.vsix)
| Date | Version | Result | SHA256 | Report |
|---|---|---|---|---|
| 2026-03-27 | v0.4.12 | 0 detections | c82c851eaa24d8168fe844d2505853014aed3ca0974adac2b75313728608b1ab | View |
Python Package (PyPI)
| Date | Version | Result | SHA256 | Report |
|---|---|---|---|---|
| 2026-03-27 | v0.4.12 | 0 detections | cab30ad8c25fceb6a7786963fcc8ceb75ebaf4f522e2582061aacd17bf5b9cd5 | View |
GitHub Repository URL
| Date | URL | Result | Report |
|---|---|---|---|
| 2026-03-27 | github.com/rwheeler007/cohort | 0 flags | View |
Verify It Yourself
Download the .vsix from the GitHub release, then check the hash:
# Linux/macOS
sha256sum cohort-vscode-0.4.12.vsix
# Windows (PowerShell)
Get-FileHash cohort-vscode-0.4.12.vsix -Algorithm SHA256
sha256sum cohort-vscode-0.4.12.vsix
# Windows (PowerShell)
Get-FileHash cohort-vscode-0.4.12.vsix -Algorithm SHA256
Compare the output to the SHA256 in the table above. If they match, you have the exact file we scanned.