Is "Sourcegraph for Firefox" on Firefox Add-ons Safe to Install?
The open-source Sourcegraph extension adds code navigation and code intelligence to GitHub, GitHub Enterprise, GitLab, Bitbucket Server, and Phabricator. • Code intelligence on your code host: * Hover tooltips with documentation and type information * Go to definition * Find references • Integrations with third-party services like Codecov coverage overlays, open-in-editor buttons and many more with Sourcegraph extensions • Browser shortcut (src + Space) that performs the search on your Sourcegraph instance It works for 20+ languages on public and private code on popular code hosts (see below). Make it work on your code host: • GitHub - No action required. Your extension works here by default. • GitHub Enterprise, GitLab, Bitbucket Server and Phabricator - grant additional permissions in the extension menu Browser extension docs: https://docs.sourcegraph.com/integration/browser_extension Make it work for private code: To use the browser extension with your private repositories, you need to set up a private Sourcegraph instance and connect it to the extension. Installation docs: https://docs.sourcegraph.com/admin/install Where to start? After adding the extension you install it, try it out on any of these public repositories: • Go: https://github.com/gorilla/mux/blob/9e1f59/mux.go or https://github.com/dgrijalva/jwt-go/pull/152/files#diff-f615844d3497ff38db57e459d6ef657bL48 • Java: https://github.com/google/guava/blob/581ba1/guava/src/com/google/common/collect/ImmutableList.java • TypeScript: https://github.com/angular/angular/blob/a2878b/packages/benchpress/src/reporter/console_reporter.ts or https://github.com/sindresorhus/got/pull/917/files#diff-02301bc46e8b878f10e9a8339efb7de7R176 • C#: https://github.com/paiden/Nett/pull/76/files#diff-e969e1315b2cb01bab80b2860be0d87eR52 • Python: https://github.com/ageitgey/face_recognition/blob/b8fed6/examples/facerec_on_raspberry_pi.py This extension is open source: https://github.com/sourcegraph/sourcegraph/tree/master/browser
Risk Assessment
Pending0 security findings detected across all analyzers
Firefox extension requesting 9 permissions
No Threats Detected
This extension passed all security checks
About This Extension
No Findings
All security checks passed
Security Analysis Summary
Security Analysis Overview
Sourcegraph for Firefox is a Firefox Add-ons extension published by Sourcegraph. Version 23.4.14.1343 has been analyzed by the Risky Plugins security platform, receiving a risk score of 0/100 (MINIMAL risk) based on 0 security findings.
Risk Assessment
This extension presents minimal security concerns. The automated analysis found very few or no issues, suggesting it is suitable for general use.
What Was Analyzed
The security assessment covers multiple analysis categories:
- Malware Detection: YARA rule matching against 2,400+ malware signatures
- Secret Detection: Scanning for exposed API keys, tokens, and credentials
- Static Analysis: Code-level security analysis for common vulnerability patterns
- Network Analysis: Detection of suspicious network communications and endpoints
- Obfuscation Detection: Identification of code obfuscation techniques
Developer Information
Sourcegraph for Firefox is published by Sourcegraph on the Firefox Add-ons marketplace. The extension has approximately 516 users.
Recommendation
Based on the automated security analysis, this extension appears safe for general use. As with any extension, users should review the requested permissions before installation.
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace