Release date: 7th July 2020
- Editing in Visual Studio Code? Now we have extensions to easily check your code!
The Quality Clouds extensions (for Salesforce and ServiceNow) for Visual Studio Code connects to our centralized, curated set of best practices and rules and checks your code against it. Our ruleset includes best practices for Salesforce, ServiceNow, Quality Clouds’ own recommendations, and other industry standards.
- We're extending the open source libraries list we check for
If you're worried about forgetting once imported open source libraries and loosing visibility on risks they may pose, we've got you covered. Our analysis now detects the actual name and version of each open source library used in your code, even though these might have gotten renamed.
You can find the Detected Open Source Libraries on our Profiling dashboard, and our new Executive for Salesforce view.
With that information we can highlight any reported library vulnerability.
Including more libraries for both ServiceNow and Salesforce, and these are the following:
Area of impact
|Full scan||Update set scan||Live Check|
|AngularJS - Prototype Pollution Vulnerability under 1.7.9||High||Security|
|AngularJS - XSS vulnerability using AngularJS under 1.6.9 with Firefox||High||Security|
|AngularJS - XSS vulnerability through the attribute "usemap" from 1.3.0 to 1.5.0-rc2||High||Security|
|AngularJS - XSS vulnerability through the attribute "usemap" from 1.0.0 to 1.2.30||High||Security|
|AngularJS - XSS vulnerability using AngularJS under 1.6.5 in Firefox and Safari - sanitize on inert Documents||High||Security|
|AngularJS - XSS vulnerability under 1.8.0 - input HTML||High||Security|
|AngularJS - Denial of Service attack through DOM clobbering on versions under 1.6.3||High||Security|
The new rules will be reported with severity High, and if any related issues are detected - this will impact your high-level KPIs for the platforms.
See more at Vulnerabilities in Open Source Libraries.
Quality Clouds for ServiceNow
- You've asked for it, and now we show it - who uses Live Check
You can now see who is using Live Check on the instance of your selection, and what errors are being detected.
See more in our Live Check view.
- Using the Agile Development plugin? You can now create stories from issues from our app
Reviewing the issues from a scan, decide which are the ones you want to create a story for your agile development. See more at Creating stories from issues (working with Agile Development plugin) .
- We've improved our Field Analysis app
Quality Clouds Field Analysis for ServiceNow is an application on the ServiceNow Store which analyses the custom database table fields and gives visibility as to which fields are populated and which are not.
We've improved the error handling on data gather process. And we've separated the buttons for data collection and dashboard update.
Read more at Field Analysis for ServiceNow.
Quality Clouds for Salesforce
- Kaboom! Our new, fresh (Beta) Salesforce Executive view is here!
This view brings all the hot Quality Clouds areas together - your main KPIs, org inventory, your rules, and your team info all in one place.
Check out all your essential platform info on the neat new interface, with improved look-and-feel and more intuitive navigation. Find out more in Executive for Salesforce.
- Every team is different, every team values quality. We have an integration for that... We're now working with Copado user stories!
Build in quality in your continuous integration by integrating Quality Clouds features with Copado. All the commits for all your user stories can then be checked for adherence to coding standards and best practices.
- Not sure where your Salesfoce licenses go? We have an idea..
If you own several orgs, and constantly struggle to keep up with the license info, check out used and available licenses on our Cross-org Licensing Salesforce dashboard.
To access it, go to All Clouds. In the View select Cross-Org Licensing Salesforce.
See more at Dashboards for Salesforce.