November 2018 Updates

In this issue: our first 100M lines reviewed day, GitLab, real-time insights, detect vulnerable third-party libraries, upcoming webinars and more.

Our first 100M lines reviewed

For the first time in our history, we have surpassed 100M lines of code reviewed in a single day.
We are incredibly excited about it (it’s a lot of code!) and wanted to share our happiness with you all 😊

Hello GitLab 👋

We are working to expand the version control platforms we support, and we have just launched support for GitLab.com. If you use this fantastic service to run your Salesforce projects, you can now plug Clayton in, with just a few clicks and have your Salesforce code quality monitored in real-time.

Security Spotlight

Using vulnerable third-party libraries in your Salesforce code
According to OWASP, one of the top 10 vulnerability risks is using components with known vulnerabilities in your app (read more). This easily overlooked risk is very relevant for Salesforce developers, as they might unknowingly include vulnerable JavaScript libraries in their Visualforce and Lightning components. Clayton offers full protection against this security risk: by enabling the “Detect vulnerable JS libraries” rule, Clayton will detect any use of insecure libraries, even when they are stored in a resource bundle.

Introducing real-time insights

You can now visualise the quality of your Salesforce projects like never before. Pinpoint any recurring issues to spot training problems, learn how responsive your team is, and understand the size – as well as the remediation effort – for your entire technical debt. Check our documentation to learn more!

Use wildcards to ignore files

You have asked for it, we delivered: you can now use wildcards to ignore files you don’t want to be included in your scans. Use this for any unmanaged package or third-party code you don’t intend to maintain. Not so fancy, but incredibly useful! Have a look at our documentation to learn more.


November webinars: book your space

Webinar 1: Getting started with Clayton

Learn how to integrate Clayton into your Salesforce CI/CD pipeline, trigger code reviews automatically upon code changes, and enforce best practices, code quality and security standards at scale.


Webinar 2: Get the best out of the new real-time insights

The new Clayton Insights is finally here and will help you see the big picture like never before. See it in action and learn how you can use it to monitor key quality and delivery metrics and to drive actionable improvements across your team based on actual data.