Because we realize how important it is to keep tabs on the security of your applications, you can now be notified of vulnerabilities in two new ways.
New Repository Feed Items
When new vulnerabilities are detected, they will show up in your repository’s feed. Along with the type of vulnerability you’ll see:
- The date it was found
- A link to more information about the vulnerability (line number, description, etc)
- A link to open a new issue in your project’s issue tracker (configured under repository settings)
To keep your feed clean and noise-free, we also roll up issues of the same kind. For example, if more than one SQL Injection was introduced, you might see “4 new SQL Injection issues found” in your feed, with a link to a page of SQL Injection issues in your application.
New Chat Notifications
If you’ve configured Code Climate to integrate with your company’s chat system, such as Campfire or HipChat, you will now start receiving notifications about new security issues. You’ll see:
- The type of issue introduced
- The number of vulnerabilities of that type introduced
- The location, if relevant
- A link back to Code Climate where the issue was reported