100% free for Open Source, forever. Get another set of eyes on your code.

The latest Code Climate updates

Metadata About False Positives Now Shown

As you may already know, Code Climate allows you to mark vulnerabilities as "false positives" in Security Monitor, as shown below.

Mark as false positive

Doing so is a great way to clear out any unwanted noise from the Security dashboard. However, because marking false positives is a pretty impactful action and often tricky to spot, it's important, especially on larger teams, to audit this list occasionally.

To help enable this practice we've added some important meta-data to the False Positives view. As show below, you can now see when the vulnerability was marked and by whom. Instead of wondering why something was done, you can start a conversation about it with the person who did it.

False Positive metadata

Hope you find this useful, and thanks to everyone who asked for this.

« Back to Changelog