Nov 2018: What’s new with Clayton? 100m lines reviewed daily, and new real-time insights

In this issue: our first 100M lines reviewed day, GitLab, real-time insights, and detecting vulnerable third-party libraries.

Our first 100M lines reviewed

For the first time in our history, we have surpassed 100M lines of code reviewed in a single day.
We are incredibly excited about it (it’s a lot of code!) and wanted to share our happiness with you all 😊

Hello GitLab 👋

We are working to expand the version control platforms we support, and we have just launched support for GitLab.com. If you use this fantastic service to run your Salesforce projects, you can now plug Clayton in, with just a few clicks and have your Salesforce code quality monitored in real-time.

Security Spotlight

Using vulnerable third-party libraries in your Salesforce code
According to OWASP, one of the top 10 vulnerability risks is using components with known vulnerabilities in your app (read more). This easily overlooked risk is very relevant for Salesforce developers, as they might unknowingly include vulnerable JavaScript libraries in their Visualforce and Lightning components. Clayton offers full protection against this security risk: by enabling the “Detect vulnerable JS libraries” rule, Clayton will detect any use of insecure libraries, even when they are stored in a resource bundle.

Introducing real-time insights

You can now visualise the quality of your Salesforce projects like never before. Pinpoint any recurring issues to spot training problems, learn how responsive your team is, and understand the size – as well as the remediation effort – for your entire technical debt. Check our documentation to learn more!

Use wildcards to ignore files

You have asked for it, we delivered: you can now use wildcards to ignore files you don’t want to be included in your scans. Use this for any unmanaged package or third-party code you don’t intend to maintain. Not so fancy, but incredibly useful! Have a look at our documentation to learn more.