Skip to main content

How to use Code Reviews Autofix in Pipelines

Autofix is Code Reviews automated tool for identifying and resolving code issues automatically

David Martin avatar
Written by David Martin
Updated this week


Understanding Code Reviews Autofix Feature

Code Reviews Autofix feature (formerly known as Fixbot) is an automated tool engineered to streamline your code review process. It's designed to automatically identify and resolve issues in your code, significantly reducing the need for manual intervention. Autofix works in conjunction with Code Reviews code analysis platform and integrates seamlessly with Gearset pipelines. This allows it to automatically suggest and apply fixes based on a set of pre-configured rules.


Fixing Pull Requests in Code Reviews with Autofix


When you're reviewing Pull Requests (PRs) in Gearset, you might see that Code Reviews has flagged certain issues. These are problems that Autofix suggests resolving before you promote the PR, helping prevent the introduction of new issues into higher environments. To view all the issues identified in a Pull Request, simply select the full report option.


Clicking the provided link will take you directly to Code Reviews, where you'll see a scan report detailing the issues found. You might notice a green magic wand icon next to some of these flagged issues. This icon indicates that Code Reviews can resolve these specific issues automatically for you.

When you click on a specific issue, you'll be taken to a new page that shows every instance where that issue has been flagged. On this page, you'll also see an option to create an Autofix PR.

It's important to note that when you create an Autofix PR, it will include all the Autofixes it can resolve automatically, regardless of whether they are individually selected or not. If there are any issues you don't want resolved by the Autofix PR, please dismiss those issues before creating the Autofix PR.


Code Reviews will now generate a Autofix PR. This may take a some time depending on how many issue you are looking to resolve and when its is complete you will have the option to view the pull the request as above: this link will take you to your Git provider where you can inspect the changes that the PR will be making.

Once Code Reviews generates the PR, you'll see an Autofix Icon in Gearset next to your original sandbox. Its name will start with "Code Reviews fixes for PR (XXX)," and you'll find it under a separate tab called "Fixbot Pull Request." Selecting this fix and choosing the Apply fixes option will not only apply the changes to your sandbox but also automatically resolve the issue in the pending PR.

As show in the screenshot above, after the PR has been rescanned, the "Incorrect sharing classes" issues are now resolved. It's crucial to understand that other flagged issues may persist, as Autofix can only automatically resolve a specific subset of issues.

Autofix currently provides built-in support for the following rules:

  • Autocompletion enabled on password fields

  • Breaking change in LWC host access

  • Breaking change in LWC import and export statements

  • Breaking change in LWC style access

  • Exposure of sensitive information in logs

  • Incorrect sharing clauses

  • Inefficient calls to Schema.getGlobalDescribe

  • Inefficient JavaScript loading

  • Insecure cookies

  • Insecure endpoint callouts

  • Insecure serialization and deserialization for Visualforce pages

  • Missed opportunity: Null Coalescing Operator

  • Missed opportunity: Safe Navigation Operator

  • Missing annotation @IsTest in test methods

  • Missing comment in test assertions

  • Undocumented Apex methods

  • Unexpected console.logs

  • Use of deprecated: Salesforce API (7-20)

  • Use of deprecated: Salesforce API (21-30)

Did this answer your question?