Codacy Product Showcase: April 2024

Group 370

Codacy Security Adds Thousands of New SAST Rules With Semgrep Integration

Group 370

March Product Update: Support for Cloud Infrastructure-as-code, Custom Reports with API endpoints & more ๐Ÿš€

In this article:
Subscribe to our blog:

Here are some fresh updates from March! This month we bring you a new product offering, new features, and product updates, interesting reads, and more community news ๐Ÿ™Œ

We also always share our public product roadmap so you can check the features and updates that are in progress and the ones that will be coming out soon, as well as vote on the most important ones for you!

New feature: Code Reviews for Infrastructure-as code toolsWeโ€™re excited to be bringing you a new segment offer, by adding support for tools used on Cloud Infrastructure! We are now providing analysis for AWS CloudFormationAzure Resource ManagerKubernetesServerless Framework and Terraform. Read more about our supported languages and tools.

Create custom reports with new API endpoints ๐Ÿš€

Weโ€™re exposing a set of API endpoints that provide information about overall file quality, found issues, and ignored issues. This will help you to find hotspots in your code by consuming this information in a flexible way such as by aggregating data according to teams, components, or any other dimension. Learn more on our API docs:

โœ… List files for a given repository and the analysis information related to them
โœ… List and search issues found for a given repository
โœ… List and search issues that were ignored for a given repository

A better pattern management experience ๐Ÿคฉ

Weโ€™ve been listening to our customers: itโ€™s been difficult to share pattern configurations, ensure standardization and adapt your configuration as you scale. With this updated user experience:

  • You can now filter the patterns of a tool by language, and you can also Enable/Disable ALL patterns at once, per Language, Category, or a combination of the two! Learn more about pattern filters.

We will also be adding a functionality to help with standardizing patterns across the whole organization.


Ignore issues permissions management for all providers

This feature is now available for all Git providers, it provides a way for you to define who can change analysis configurations by setting the lowest permission required by a user of your organization to be able to ignore issues. Learn more about roles and permissions for synced orgs.

Codacy Self-hosted v3.5.0

Weโ€™ve released a new version of Codacy Self-hosted โ€“ v3.5.0 ๐Ÿ™Œ

โœ… Product enhancements: Codacy is now running Checkov, extending our analysis for infrastructure-as-code; better pattern management experience; new Codacy API endpoints, and more!
โœ… Tool version updates
โœ… Bug fixes

Weโ€™ve released new charts on Pulse ๐ŸŽ‰

Go beyond the DORA framework and discover actionable insights with the new Lead time & Reviews dashboard. You can find out how long it takes for features to be developed, and how long it takes to merge them with two new metrics: Time to open and Time to Review.

Companies are already building elite teams with Pulse ๐Ÿ‘‰  Join them here.

Screenshot 2021-03-24 at 13.45.47-1


New API endpoints about Quality Metrics for a Commit ๐Ÿš€

  • getCommitDeltaStatistics allows you to retrieve the differences in quality metrics introduced in a commit  (amount of new issues, fixed issues and changes in complexity, duplication and coverage, along with a value that indicates if the analysis for the specific commit has been finished)
  • listCommitDeltaIssues enables you to retrieve detailed information of each issue that was detected or fixed in a commit

Interesting reads

โ€œInterview with Gary McKay, Somosโ€™ Director of Agile Service Deliveryโ€

Through a very interesting conversation ๐ŸŽ™๏ธwe could better understand how the team uses Codacy, what were their main needs, key issues tackled and the benefits they found. Read the full story โ†’

 โ€œAn In-Depth Explanation of Code Complexityโ€ ๐Ÿ‘จโ€๐Ÿ’ป

By reducing code complexity, we can reduce the number of bugs and defects, along with its lifetime cost. We discuss cyclomatic complexity. Check this article by our CEO, Jaime Jorge โ†’

โ€œHalf of curlโ€™s vulnerabilities are C mistakesโ€ ๐Ÿ’ป

Daniel Stenberg examines the C related vulnerabilities in curl, with numbers and figures. Read the post โ†’

โ€œPoliteness or Bluntness in Code Review?โ€ ๐Ÿง‘โ€๐Ÿ’ป

An interesting article by Erik Dietrich on the Code Review Etiquette Conundrum. Find out more โ†’


We are now more than 100 members in our community! We have been learning a lot with your knowledge and insights. Your support and feedback are very important to us, thank you all ๐Ÿ™Œ  Here are our Community MVPs of the month ๐Ÿ† Congratulations!

Emily BourneKazu NakaharaKengo Toda,

Tim NolteTimo Suoranta

Help others on the community forum and you could be next! โšก

Screenshot 2021-04-01 at 14.15.46

Join the Community Here

Weโ€™re constantly updating our Product Roadmap to bring new and exciting features โœจ give us feedback!

Weโ€™d like to continue sharing our updated product roadmap with you โœจ You can see what we are working on, and whatโ€™s up next. You can also submit an idea/feature request and vote on what is most important! Your feedback matters ๐Ÿ’ช See whatโ€™s next โ†’

Thank you for being on this journey with us. We are already working to bring you more exciting updates for this month of April โ€“ Stay tuned! ๐Ÿ˜Š


May Product Update: Repository list, performance improvements, UX improvements, and more ๐Ÿš€
Here are the product updates from May! This month we bring you new features, product improvements, and more interesting news to come. ๐Ÿคฉ We also...
April Product Update: New features and improvements, a recorded Codacy Analysis CLI webinar and more ๐Ÿš€
Here are the product updates from April! This month we bring you new features, product improvements, a recorded Codacy Analysis CLI webinar we...
December Product Update ๐Ÿš€
Hi there ๐Ÿ‘‹,

Automate code
reviews on your commits and pull request

Group 13