18 yıldır işletmelerin daha iyi yazılımı
seçmesine yardımcı oluyoruz
CodeScan
CodeScan Nedir?
CodeScan; Salesforce geliştirme ekipleri için özel olarak oluşturulmuş önemli bir statik kod analizi çözümüdür. Sistem verilerini ve meta verileri analiz etmek için 600’den fazla yerleşik kural, tüm Salesforce geliştirme dilleriyle uyumludur. Yazıldığı andan üretimine kadar tam kod görünürlüğü sağlayarak teknik borcu azaltın, sürüm hızını artırın, hataları izleyin ve veri güvenliğini destekleyin. Hatalı kod riskini ortadan kaldırarak DevOps ekiplerinize başarılı olmak için ihtiyaç duydukları araçları verin.
Kimler CodeScan Kullanıyor?
Salesforce DevOps ekipleri
CodeScan konusunda emin değil misiniz?
Popüler bir alternatifle karşılaştırın
CodeScan
CodeScan ürününe diğer harika alternatifler
CodeScan için incelemeler
Great for Salesforce Apex
Artılar:
It finds the right bugs and I've checked it against Checkmarx, it does the job well with less cost. I like the new feature "Security Hotspot", it has helped my team to work efficiently in writing secure codes.
Eksileri:
It doesn't report on individual scans. The report is tailored to the entire project and all the vulnerabilities that exist in your project. To this, it fails industry standard but it still does a good job.
Fantastic Static Code Analyzer
Yorumlar: Overall, fantastic tool that helps ensure code quality and best practices.
Artılar:
A fantastic polyglot static code analyzer all wrapped into a single UI. Typically we would need to set separate integrations using language specific libraries and scan each file accordingly but a single CodeScan setup handles them all. CodeScan handles all major languages so even if the repo has a mix of Java, PHP, JS, etc, it out of the box applies best practices to ensure code quality. It also works across repos/projects which is great.
Eksileri:
I think I recall that there is an issue when running on branches of branches where upstream is merged but we run into so infrequently it's not really a problem. We just point the branch back at master and rerun. Very rarely, but it has happened, there is a rule that may be incorrect due to context. Ignoring these is simple, but then the email that it's been ignored is shot off and then the questions start rolling in. There is probably a way to avoid the email getting sent out but I haven't looked into it yet. Once again, really rare.
CodeScan Overview
Yorumlar: It helps me detects all the non standard code practices in my codebase before it gets to production. This saves me a lot of time in overall
Artılar:
The code scanning feature, the ease of performing most task with the app is what amazes me with the app.
Eksileri:
I love everything about the app so far, especially the ease of adapting to it.
An excellent quality gate for your DevSecOps processes
Yorumlar: As a customer facing architect with a Government customer, Codescan has been powerful in exposing the existing technical dept in our salesforce code base. We have implemented it as a quality gate as well to prevent vulnerabilities, especially those around data access, from being introduced to Production.
Artılar:
Excellent documentation and a fair pricing model. Integrates with our DevSecOps CI/CD tool (Copado) seamlessly.
Eksileri:
Email reports are not beneficial for reporting to Security leadership, would like better options. Also all reports are emailed, you cannot select which project to email.
Great product
Yorumlar: Problem: Fragmented application development teams with no unified way of working. CodeScan helped us put together a process that was easy to adopt
Artılar:
This was a very easy tool to set up, train and adopt. We onboarded a lot of users in very little time.
Eksileri:
Would help if they had more documentation
