IDE Extension
Install and configure the RepoGate IDE extension for your development environment.
RepoGate IDE Extension
RepoGate provides powerful IDE extensions that act as security gatekeepers for your project's dependencies. The extensions monitor dependency changes in real-time and validate them against your organization's security policies through the RepoGate platform.
Enterprise Dependency Governance
RepoGate embeds automated governance directly into your development lifecycle, preventing costly audit failures and accelerating business velocity.
Available IDEs
RepoGate extensions are available for the following development environments. Click on your IDE to visit the marketplace:
Visual Studio Code
Available on VS Code Marketplace
View in Marketplace →
JetBrains IDEs
IntelliJ IDEA, WebStorm, PyCharm, and more
View in Marketplace →Need support for another IDE?
If your preferred IDE is not listed, please contact the RepoGate team to request support. We're continuously expanding our IDE coverage.
Installation
Choose your IDE below for specific installation instructions:
Installing on Visual Studio Code
The easiest way to install RepoGate is directly from the VS Code Marketplace:
- Open VS Code
- Go to Extensions (
Ctrl+Shift+XorCmd+Shift+X) - Search for "RepoGate"
- Click Install
Or install directly from the VS Code Marketplace.
From VSIX File
If your organization distributes the extension manually:
- Download the
.vsixfile - Open VS Code Extensions view
- Click the ... menu (Views and More Actions)
- Select Install from VSIX...
- Select the downloaded file
Installing on JetBrains IDEs
Install RepoGate from the JetBrains Marketplace:
- Open your JetBrains IDE (IntelliJ IDEA, WebStorm, PyCharm, etc.)
- Go to Settings/Preferences → Plugins
- Click the Marketplace tab
- Search for "RepoGate"
- Click Install
- Restart your IDE when prompted
Or install directly from the JetBrains Marketplace.
Supported JetBrains IDEs
- IntelliJ IDEA
- WebStorm
- PyCharm
- PhpStorm
- GoLand
- RubyMine
- CLion
- Rider
Configuration
Authentication
RepoGate offers two authentication methods to connect your IDE extension to the platform:
Option 1: Sign In with EntraID (Recommended)
The recommended authentication method uses Microsoft Entra ID (formerly Azure Active Directory) for secure, seamless single sign-on:
- In your IDE, open the Command Palette or RepoGate menu
- Select RepoGate: Sign In with EntraID
- A browser window will open for authentication
- Sign in with your organizational credentials
- Return to your IDE - you're now authenticated
Benefits of EntraID Authentication:
• No need to manage API tokens
• Automatic token refresh
• Centralized access control through your organization's identity provider
• Enhanced security with multi-factor authentication support
Option 2: Sign In with API Token (Legacy)
For organizations not using EntraID, you can authenticate using an API token:
- Log in to your RepoGate dashboard at app.repogate.io
- Navigate to Settings → API Tokens
- Generate a new token or copy an existing one
- In your IDE, select RepoGate: Sign In with API Token
- Paste your token when prompted
API URL
The API URL points to your RepoGate instance. The default value is https://app.repogate.io/api/v1 for cloud-hosted instances. If you're using a self-hosted or enterprise instance, update this URL to match your deployment.
Settings
Configure RepoGate behavior through your IDE's settings:
| Setting | Type | Default | Description |
|---|---|---|---|
repogate.apiToken |
string | "" |
API authentication token (stored securely) |
repogate.apiUrl |
string | https://app.repogate.io/api/v1 |
URL of the RepoGate API |
repogate.enabled |
boolean | true |
Enable/disable the extension |
repogate.logLevel |
string | "info" |
Logging verbosity (debug, info, warn, error) |
How It Works
Initialization Flow
When you first install RepoGate or open a workspace with the extension enabled, the following initialization sequence occurs:
- First Install: Extension scans all existing packages and sends them to the
/queueendpoint - Baseline Established: The RepoGate platform receives an inventory of current dependencies
- Watchers Start: File watchers activate only after a successful scan
- Continuous Monitoring: The extension watches for any dependency changes
Supported Package Managers
RepoGate currently monitors the following package ecosystems and their associated files:
| Ecosystem | Files Monitored | Status |
|---|---|---|
| npm | package.json |
✅ Fully Supported |
| Maven | pom.xml |
✅ Fully Supported |
| Gradle | build.gradle, build.gradle.kts |
✅ Fully Supported |
Security & Privacy
Token Storage
RepoGate uses your IDE's secure storage mechanism to store your API token securely. This provides:
- Encryption: Tokens are encrypted at rest
- Automatic Migration: Tokens previously stored in plain settings are automatically migrated to secure storage
- Secure Access: Only the RepoGate extension can access stored tokens
Logging & Data Sanitization
All sensitive data is automatically redacted from logs, including:
- API tokens
- Passwords
- Authentication headers
Troubleshooting
"No API token configured"
Solution:
- Open your IDE settings
- Search for "RepoGate"
- Enter your API token in the settings
- Test the connection using the RepoGate extension menu
"Connection failed"
Possible Causes:
- RepoGate service not running
- Wrong API URL or port
- Invalid API token
- Network or firewall issues
Solution:
- Verify the RepoGate service is running
- Check the API URL in settings
- Test the connection using the extension menu
- Check the IDE's output/console for detailed error messages
"Bootstrap failed"
Cause: Initial package scan failed
Solution:
- Check API connection status
- Test the connection using the extension menu
- Manually trigger a scan from the RepoGate menu
Packages not being monitored
Solution:
- Check that
repogate.enabledis set totrue - Verify API token is configured
- Check the IDE output/console for errors
- Ensure the file is not in
node_modulesor other excluded directories