Gearset

Automated Code Review helps you identify, block and fix security and quality issues across code and configuration in Pull Requests (PRs) in your pipeline. It does this with a configurable ruleset, aligned to Salesforce's Well-Architected framework and OWASP top 10 vulnerabilities. ​

Getting setup with Automated Code Reviews

To make use of this feature you’ll need to have:

A Github repository connected to Gearset.

Note: we're initially supporting this for Github. Other VCS providers will follow shortly.

- A Github repository connected to Gearset.
- A working team-shared pipeline setup.
- Note: we're initially supporting this for Github. Other VCS providers will follow shortly.

To enable Automatic Code Review, go to your Pipeline and open an existing PR. Open see the Automated Code Review section and click Get Started. This will create your Code Reviews workspace and kick off a one-time baseline scan of your repository.

One-time baseline scan: Code Reviews needs to do a single baseline scan before it can start giving you feedback on PRs. This initial scan will start automatically and might take a while depending on how big your repository is. We'll send an email and an in-product notification when it's done and ready to go, so you don't need to wait for this to complete.

Once the baseline scan has finished, Code Reviews will automatically scan any new PRs - or any new commits to PRs - that you promote to your chosen pipelines environment. When it's done, you'll see a summary of any issues found.

You'll see a quick overview of the scan on the pipelines environment screen. This shows you the total number of issues found in each PR, broken down by Critical, Error, and Warning.

Want to see more details? Just click the View report button. That'll take you to a new screen with a full list of everything the scan found.

This new screen in pipelines gives you a list of every issue found in the PR, grouped by the rules they relate to. You can expand a rule to see the individual issues, and clicking on an issue shows you a preview of where it is in the code.

To narrow down the list, use the filters on the left side of the screen. You can filter by severity level to show just the issues that matter most to you.

Need to see even more? You can always visit the main Code Reviews app for the full picture. Just click More details to open that in a new tab.

For further reading on understanding scan results in the Code Reviews app <a href="https://docs.gearset.com/en/articles/11478674-understanding-code-reviews-scan-results">read this guide</a>.

Enable automatic quality and security scanning on Pull Requests in your pipeline.

Automated Code Review in pipelines

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Automated Code Review in pipelines

Getting setup with Automated Code Reviews

How it works

Automated Code Review

A closer look at the scan