Rule Management
Preserve Customizations During Ignore/Unignore
When a rule is ignored and later restored, any existing customizations are now retained. Users no longer need to reapply previous configurations after unignoring a rule.
Performance
Dashboard Bundle Size Reduction
Load times across the QC portal have been improved, with bundle size reductions applied across multiple dashboard widgets, including LiveCheck Overview, Profiling, Compare Multiple Instances, User Adoption, Impact Analysis, and others.
Platform & Infrastructure
Critical Vulnerability Fixes
Critical severity vulnerabilities have been resolved across multiple platform projects, keeping the platform secure and up to date.
Quality Center
New Quality Center Authentication Method
We have updated how Quality Clouds connects by introducing an Auth Provider setup. This change simplifies the connection process and ensures more secure communication. For step-by-step setup instructions, please refer to our Setup & Authentication Documentation.
Rule Builder
Technical Preview Tab
Rule creators can now switch between a human-readable summary and a Technical Preview directly within the rule detail view. The preview exposes the underlying execution logic — including regex patterns, field mappings, and operators — giving technical users the transparency needed to audit and validate AI-generated rules before approval.
Duplicate Detection — Reference Links
The duplicate rule warning now displays the name of the conflicting rule as a direct link to its detail page. This replaces the previous generic alert, allowing creators to compare rules without losing their progress.
New Salesforce Rules — Available in Marketplace
Three new security-focused rules are now available for Salesforce and can be added to your rulesets via the Marketplace.
Data Sensitivity Enforcement: Mandatory “Data Sensitivity Level” for Custom Fields
Custom fields without a Data Sensitivity Level classification introduce compliance and data governance risks. This rule flags unclassified fields to help organizations align with data protection regulations such as GDPR and CCPA.
PII Governance: Automated Review of Fields Categorized as PII
Custom fields categorized as PII that are not subject to automated governance review can expose sensitive personal data to unauthorized access. This rule ensures flagged fields are regularly reviewed, and access is restricted to authorized profiles only.
Apex Prompting Restrictions: Prevent Manual Prompt Execution via Connect REST API
Apex classes that call the Connect REST API to execute manual prompts bypass AI governance controls, introducing security and compliance risks in orgs that use Agentforce or Einstein AI. This rule detects and flags such patterns to enforce approved AI usage practices.
Rule Accuracy
Resolved a false positive in the SF-AVOID-DUPLICATE-QUEUEABLE-JOB rule where valid code patterns were being incorrectly flagged.
Debt Manager Display Issue
Fixed an issue in the Debt Manager where combining the issue type filter with an open or close date filter caused issue names to display as “object” instead of their correct values.
This release includes minor security improvements.
Rule Management
Preserve Customizations During Ignore/Unignore
When a rule is ignored and later restored, any existing customizations are now retained. Users no longer need to reapply previous configurations after unignoring a rule.
Performance
Dashboard Bundle Size Reduction
Load times across the QC portal have been improved, with bundle size reductions applied across multiple dashboard widgets, including LiveCheck Overview, Profiling, Compare Multiple Instances, User Adoption, Impact Analysis, and others.
Platform & Infrastructure
Critical Vulnerability Fixes
Critical severity vulnerabilities have been resolved across multiple platform projects, keeping the platform secure and up to date.
Rule Builder
Technical Preview Tab
Rule creators can now switch between a human-readable summary and a Technical Preview directly within the rule detail view. The preview exposes the underlying execution logic — including regex patterns, field mappings, and operators — giving technical users the transparency needed to audit and validate AI-generated rules before approval.
Duplicate Detection — Reference Links
The duplicate rule warning now displays the name of the conflicting rule as a direct link to its detail page. This replaces the previous generic alert, allowing creators to compare rules without losing their progress.
Debt Manager Display Issue
Fixed an issue in the Debt Manager where combining the issue type filter with an open or close date filter caused issue names to display as “object” instead of their correct values.
This release includes minor security improvements.
New Copado Authentication Method
We have updated how Quality Clouds connects to Copado by introducing an Auth Provider setup. This change simplifies the connection process and ensures more secure communication between the platforms. For step-by-step setup instructions, please refer to our Setup & Authentication Documentation.
This release includes minor security improvements.
Support for Australia Release
We have updated the Upgradeability View to support the ServiceNow Australia release. The engine now identifies customized OOTB objects that conflict with Australia’s changes, allowing you to detect and resolve potential issues before you upgrade.
Contextual Instance Headers
To improve clarity during configuration, the Instance Name is now visible across all tabs of the instance setup screen. This ensures you always know which environment you are editing.
False Positive: Debug System Properties
We have resolved a false positive in the “Debug System Properties Enabled” rule where issues were being raised even when debug properties were correctly disabled. Existing incorrect findings will be resolved in your next scan.
This release includes minor security improvements.
Marketplace
Centralized Governance & Rule Discovery
The Marketplace is our new centralized hub for discovering and managing the standards that protect your platform. It is designed to give you full visibility into our rule library, allowing you to adopt the specific governance that aligns with your organization’s unique best practices.
Browse with Visibility
Explore our growing library of rules through intuitive card and table views, making it easy to identify the right guardrails for your environments.
Informed Adoption
Every rule includes a detailed overview of the impact area, severity, and recommended actions. This transparency allows your team to review the specifics and decide whether to adopt a rule in line with your internal standards.
Staged Integration
Once you decide a rule is right for your organization, you can add it to your rulesets with a single click. Rules are initially added in an “Ignored” state, allowing you to assess the impact and transition them to “Active” at your own pace.
Rule Builder
We have upgraded the RuleBuilder to move beyond a “black box” approach, giving technical users the tools they need to audit and trust AI-generated logic.
Technical Preview Tab
You can now toggle between a human-readable summary and a “Technical Preview” to inspect the actual execution logic (Regex, field mappings, and operators) before approving a rule.
Intelligent Selection
To prevent configuration errors during the rule creation process, the Element Type (CE) dropdown now proactively filters out unsupported types and provides helpful tooltips.
AI Readiness View Performance
Optimized data retrieval and loading logic to significantly reduce wait times in the AI Readiness Dashboard, specifically for high-volume environments.
Multiple Instances View
Fixed a functional issue where the interface became unresponsive, restoring the ability for users to switch between managed environments.
OAuth Navigation
Resolved a redirect error in the Salesforce OAuth token generation flow that incorrectly sent users to the History section.
This release includes minor security improvements.
Marketplace
Centralized Governance & Rule Discovery
The Marketplace is our new centralized hub for discovering and managing the standards that protect your platform. It is designed to give you full visibility into our rule library, allowing you to adopt the specific governance that aligns with your organization’s unique best practices.
Browse with Visibility
Explore our growing library of rules through intuitive card and table views, making it easy to identify the right guardrails for your environments.
Informed Adoption
Every rule includes a detailed overview of the impact area, severity, and recommended actions. This transparency allows your team to review the specifics and decide whether to adopt a rule in line with your internal standards.
Staged Integration
Once you decide a rule is right for your organization, you can add it to your rulesets with a single click. Rules are initially added in an “Ignored” state, allowing you to assess the impact and transition them to “Active” at your own pace.
Rule Builder
We have upgraded the RuleBuilder to move beyond a “black box” approach, giving technical users the tools they need to audit and trust AI-generated logic.
Technical Preview Tab
You can now toggle between a human-readable summary and a “Technical Preview” to inspect the actual execution logic (Regex, field mappings, and operators) before approving a rule.
System Properties Support
You can now create custom rules based on any sys_properties configuration, allowing for automated validations of instance-specific settings.
Intelligent Selection
To prevent configuration errors during the rule creation process, the Element Type (CE) dropdown now proactively filters out unsupported types and provides helpful tooltips.
AI Readiness View Performance
Optimized data retrieval and loading logic to significantly reduce wait times in the AI Readiness Dashboard, specifically for high-volume environments.
Virtual Agent Topic Rule Audit
Renamed the Virtual Agent rule to “Avoid Virtual Agent Topic creation or modification” and updated documentation to clarify its role as an audit tool.
Multiple Instances View
Fixed a functional issue where the interface became unresponsive, restoring the ability for users to switch between managed environments.
Client Scripts should check for isLoading and return Rule Fix
Resolved a false positive for the “Client Scripts should check for isLoading and return” rule, where valid checks were being incorrectly flagged.
This release includes minor security improvements.
AI Readiness Dashboard
We have launched the AI Readiness Dashboard to help you bridge the gap between technical debt and AI implementation. This tool provides a strategic view of whether your platform’s code and data are truly prepared to support autonomous agents and Generative AI.
Readiness Snapshot: Automatically categorizes your existing issues based on their impact on AI performance, manageability, and security. This allows teams to prioritize “the fixes that matter” for their AI roadmap.
Note: To enable the AI Readiness Dashboard, please contact your Account Manager or Customer Success Manager.
Flosum Integration: Unscanned Branch Warning
To improve release governance, we have added a warning notification when attempting to deploy a Flosum branch that has no associated Quality Clouds scans.
Risk Awareness: Users are notified of potential technical debt or security risks before deployment.
Non-Blocking: While the system alerts the user, it remains non-blocking, allowing the choice to either cancel and run a scan or “Proceed Anyway.”
LiveCheck View
Optimized data loading and added UI loading states to prevent the screen from appearing frozen during processing.
OAuth Secret Persistence
Fixed an issue where editing the description of a ServiceNow instance caused the Client Secret value to be lost. The system now correctly preserves the secret during form updates.
User Licensing & Activation
Fixed a logic error to prevent activating more users than your license allows. The system now also correctly excludes “Developer” API users from the seat count to ensure accurate license enforcement.
This release includes minor security improvements.
AI Readiness Dashboard
We have launched the AI Readiness Dashboard to help you bridge the gap between technical debt and AI implementation. This tool provides a strategic view of whether your platform’s code and data are truly prepared to support autonomous agents and Generative AI.
Note: To enable the AI Readiness Dashboard, please contact your Account Manager or Customer Success Manager.
Streamlined ServiceNow Authentication
To simplify the connection process, we have refined the ServiceNow OAuth form. For Client Credentials flows, the redundant “Refresh Token URL” field has been removed, as the system now automatically handles this requirement to reduce configuration errors.
OAuth Secret Persistence
Fixed an issue where editing the description of a ServiceNow instance caused the Client Secret value to be lost. The system now correctly preserves the secret during form updates.
User Licensing & Activation
Fixed a logic error to prevent activating more users than your license allows. The system now also correctly excludes “Developer” API users from the seat count to ensure accurate license enforcement.
New Governance Policies
Mandatory Validation for Critical Assets
We are introducing Policy Rules, a specialized category of high-standard rules that require formal validation before deployment. To maintain the highest security standards, any approval (write-off) granted to a Policy Rule is now tied to the specific version of the code or configuration analyzed.
If a previously approved element is modified, the system will automatically re-open the issue, requiring a new review. This ensures that even minor changes to critical configurations, such as AI prompts, agents, or security settings, cannot bypass your internal quality gates without being re-verified by the appropriate team.
Note: This automated governance currently applies to our newly released AI & Agentforce Governance rules, ensuring your autonomous AI logic remains supervised at all times.
Unified Visual Identity
We are excited to unveil our new brand identity! Quality Clouds now features a modern, consistent look across the login screen, main portal, dashboards, emails, and PDF reports. This redesign improves overall readability and ensures full WCAG 2.1 AA accessibility compliance for a more inclusive user experience.
Smarter Reporting for Large Datasets
We’ve improved how you manage large-scale exports (over 5,000 issues) from the Debt Manager and Executive View:
Clearer Notifications: Success and failure emails now include the environment name and scan date in the subject line.
Smart File Naming: Exported Excel files are now automatically named by system and date (e.g., QC_Issues_Production_20260407.xls).
Instant Data Loading
The Compare Issues view has been optimized to handle even the largest datasets with significantly faster loading times.
Salesforce: AI & Agentforce Governance (NEW Policy Rules)
We have introduced our first set of Policy Rules:
Validation Required for Agentforce Actions
Rule ID: SF-AGENT-UPDATE-REQUIRES-APPROVAL
Ensures any new or modified Agentforce Agents are reviewed before performing autonomous actions.
Validation Required for AI Prompt Templates
Rule ID: SF-PROMPT-UPDATE-REQUIRES-APPROVAL
Ensures AI-generated prompts are audited to remain secure and compliant.
Global Inventory Sorting
Sorting by “Issues Related” in the Executive View now re-orders the entire inventory globally, ensuring the most critical items stay at the top.
Data Accuracy
Resolved an issue where issue counts in the Debt Manager did not update correctly when using multiple filters simultaneously.
This release includes minor security improvements.
New Governance Policies
Mandatory Validation for Critical Assets
We are introducing Policy Rules, a specialized category of high-standard rules that require formal validation before deployment. To maintain the highest security standards, any approval (write-off) granted to a Policy Rule is now tied to the specific version of the code or configuration analyzed.
If a previously approved element is modified, the system will automatically re-open the issue, requiring a new review. This ensures that even minor changes to critical configurations, such as AI prompts, agents, or security settings, cannot bypass your internal quality gates without being re-verified by the appropriate team.
Note: This automated governance currently applies to our newly released AI & Agentforce Governance rules, ensuring your autonomous AI logic remains supervised at all times.
Unified Visual Identity
We are excited to unveil our new brand identity! Quality Clouds now features a modern, consistent look across the login screen, main portal, dashboards, emails, and PDF reports. This redesign improves overall readability and ensures full WCAG 2.1 AA accessibility compliance for a more inclusive user experience.
Smarter Reporting for Large Datasets
We’ve improved how you manage large-scale exports (over 5,000 issues) from the Debt Manager and Executive View:
Clearer Notifications: Success and failure emails now include the environment name and scan date in the subject line.
Smart File Naming: Exported Excel files are now automatically named by system and date (e.g., QC_Issues_Production_20260407.xls).
Instant Data Loading
The Compare Issues view has been optimized to handle even the largest datasets with significantly faster loading times.
Global Inventory Sorting
Sorting by “Issues Related” in the Executive View now re-orders the entire inventory globally, ensuring the most critical items stay at the top.
Data Accuracy
Resolved an issue where issue counts in the Debt Manager did not update correctly when using multiple filters simultaneously.
This release includes minor security improvements.
Salesforce
New Scan Type – Zero-Access Pipeline Integration
To support environments with restricted Git access, we have introduced a new scanning method that allows your development pipeline to push code changes directly to our platform. This enables full security and quality insights for feature branches while maintaining absolute repository isolation, providing a seamless integration path that fits into your existing build process without requiring direct access to internal repositories.
Team Assignment Rules based on Tags
Teams Assignment Rules now support a new rule type that automatically assigns teams based on Tags. This enhancement supports both “is” and “is one of” operators and features a multi-select dropdown of existing tags, providing greater flexibility for organizations managing complex team structures.
VS Code Extension
Enhanced Developer Experience
We have released a major update to our VS Code extension designed to accelerate your development workflow.
Faster Performance: Significantly optimized the initial load time of the Quality Center.
Streamlined Workflows: New native project selection and the ability to perform “Write Offs” and “Livechecks” directly from right-click menus or line hovers.
Bulk Actions: Added the ability to handle multiple issues at once within the Quality Center, reducing manual effort during code reviews.
Salesforce
Automated Session Management for Copado
We have implemented a “silent” token refresh logic for our Copado integration. The system now automatically detects and renews expired security tokens in the background, ensuring that your scheduled scans and manual workflows continue uninterrupted without requiring a re-login.
XLS Export – Executive View “Update Set name” Column
Fixed a bug where the “Update Set name” column was missing from XLS exports in the Executive view.
This release includes minor security improvements.
ServiceNow
OAuth 2.0 Support
To meet modern security standards, we have introduced OAuth 2.0 as an authentication method for ServiceNow. While we always recommend Certificate-Based Authentication as the most secure and robust standard for instance connectivity, this new OAuth option provides a highly secure, token-based alternative for organizations moving away from Basic Auth.
Team Assignment Rules based on Tags
Teams Assignment Rules now support a new rule type that automatically assigns teams based on Tags. This enhancement supports both “is” and “is one of” operators and features a multi-select dropdown of existing tags, providing greater flexibility for organizations managing complex team structures.
VS Code Extension
Enhanced Developer Experience
We have released a major update to our VS Code extension designed to accelerate your development workflow.
Faster Performance: Significantly optimized the initial load time of the Quality Center.
Streamlined Workflows: New native project selection and the ability to perform “Write Offs” and “Livechecks” directly from right-click menus or line hovers.
Bulk Actions: Added the ability to handle multiple issues at once within the Quality Center, reducing manual effort during code reviews.
XLS Export – Executive View “Update Set name” Column
Fixed a bug where the “Update Set name” column was missing from XLS exports in the Executive view.
This release includes minor security improvements.
Salesforce
New Rule – Avoid Hardcoded User Timezone
Rule ID: SF-AVOID-HARCODED-USER-TIMEZONE
We have introduced a new rule to improve the reliability of automated tests. Hardcoding specific timezones in test code often causes tests to fail unexpectedly across different environments. This rule encourages developers to use dynamic timezones, ensuring consistent results and smoother deployments.
Adjust Rules Thresholds
Admins can now configure thresholds for the following rules directly from the Admin UI, making static analysis reports more meaningful and aligned with internal coding standards:
Rule ID: SF-0007
Name: Avoid deeply nested “If” statements.
Rule ID: SF-0013
Name: AvoidExcessiveComplexity
Rule ID: SF-0044
Name: StdCyclomaticComplexity
Rule ID: SF-0051
Name: AvoidExcessiveComplexity
Rule ID: SF-COGN-COMPLEX
Name: CognitiveComplexity
Rule Improvements
We have updated the following rules to improve detection accuracy and reduce incorrect alerts:
Avoid using size() in SOQL
Rule ID: SF-AVOID-SIZE-IN-SOQL
Now ignores “assert” statements in test code, focusing specifically on database queries where performance is impacted.
Data Sensitivity Level Of Field Gender Is Not Set
Rule ID: SF-0204
Fixed a mapping error that caused fields to be flagged as unclassified even after security levels were correctly defined.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
Debt Manager Enhancements
More Customizable Views
Debt Manager now supports up to 15 customizable views, giving users more flexibility to organize and manage complex Technical Debt scenarios effectively.
ServiceNow – Issue Detail Enhancements
Recursive Loop Issue Detail Visibility
Issue Detail for the “Avoid Creating Cross-Table Business Rule Recursive Loops” rule now shows where the issue occurs, helping developers identify and resolve it faster.
ServiceNow
Documentation Updated – Document Object Model (DOM) manipulation in Client Scripts
Documentation has been updated to clarify exceptions in UI Pages and Service Portal widgets, highlighting the Link function in Widgets and GlideForm API as safer alternatives to reduce direct DOM dependency.
Available Scans Display in Scan Launcher
The Scan Launcher now correctly displays only the available profiling or operational scans when launched from instance cards, ensuring users see relevant scan options based on the selected scan type.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
Debt Manager Enhancements
More Customizable Views
Debt Manager now supports up to 15 customizable views, giving users more flexibility to organize and manage complex Technical Debt scenarios effectively.
Salesforce
View IP Ranges Details in UI
Rule ID: SF-AVOID-PROFILE-WITHOUT-IP-RANGE
Customers can now view the IP ranges configured for the “Profiles must include IP ranges” rule directly in the Ruleset Admin portal via a “View Details” popup, giving more context and visibility into the configured values.
Adjust Rules Thresholds
Admins can now configure thresholds for the following rules directly from the Admin UI, making static analysis reports more meaningful and aligned with internal coding standards:
Rule ID: SF-0008
Name: Methods with numerous parameters should not be used
Rule ID: SF-0009
Name: Avoid excessive class file lengths
Rule ID: SF-0010
Name: Avoid methods with excessive Lines of Code count
Rule ID: SF-0011
Name: Avoid types with excessive Lines of Code count
Rule ID: SF-0012
Name: Avoid constructors with excessive Lines of Code count
Rule ID: SF-0014
Name: Avoid classes with too many fields
Rule ID: SF-0015
Name: Avoid classes with too many public methods
Refined DML Detection
Rule ID: SF-AVOID-DML-NO-ERROR-HANDLING
The “Avoid DML statements without error handling” rule has been updated to focus only on actual DML statements, preventing previously resolved issues from being flagged. This ensures users only see relevant issues and reduces unnecessary alerts, while other database operations may be addressed by separate rules in the future.
Available Scans Display in Scan Launcher
The Scan Launcher now correctly displays only the available profiling or operational scans when launched from instance cards, ensuring users see relevant scan options based on the selected scan type.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
Debt Manager Enhancements
More Customizable Views
Debt Manager now supports up to 15 customizable views, giving users more flexibility to organize and manage complex Technical Debt scenarios effectively.
ServiceNow – Issue Detail Enhancements
Recursive Loop Issue Detail Visibility
Issue Detail for the “Avoid Creating Cross-Table Business Rule Recursive Loops” rule now shows where the issue occurs, helping developers identify and resolve it faster.
ServiceNow
Documentation Updated – Document Object Model (DOM) manipulation in Client Scripts
Documentation has been updated to clarify exceptions in UI Pages and Service Portal widgets, highlighting the Link function in Widgets and GlideForm API as safer alternatives to reduce direct DOM dependency.
Available Scans Display in Scan Launcher
The Scan Launcher now correctly displays only the available profiling or operational scans when launched from instance cards, ensuring users see relevant scan options based on the selected scan type.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
Salesforce – Flosum Integration v2.0
A new view, the Release Tracker, provides a centralized overview of quality and scan coverage across Flosum Branches. Accessible as a tab in the Quality Clouds App’s Instance Details view, it enables Release Managers to:
See all Flosum Branches in one consolidated list.
Monitor key quality indicators, including Quality Gate status, issue counts, and unscanned items.
Trigger bulk scans across multiple branches, reducing manual effort.
Quickly identify blockers that could affect deployment readiness.
This new view delivers earlier visibility into quality risks, better scan coverage across releases, and streamlined release-level quality management.
Quality Clouds LivecheckAI – MCP Server
LivecheckAI now supports project and instance context, applying the correct ruleset based on where developers are working. This enables real-time issue detection while coding, improving code quality, speeding up problem resolution, and providing a smoother, more efficient development experience.
Debt Manager Enhancements
Issue Type Visibility in Filters
The Issue Type filter now shows issue counts, helping users quickly gauge volume and prioritize remediation.
Write-Off Approver Visibility
The Debt Manager list view now displays the write-off approver’s name, improving transparency and accountability.
Teams Assignment Rules – Advanced Rule Conditions
Teams Assignment Rules now support multiple conditions using AND / OR logic, enabling more precise and flexible automatic issue assignments and improving workflow efficiency.
Instances – Duplicate URL Prevention
The platform now prevents multiple active instances from sharing the same URL, reducing synchronization issues and improving overall system reliability.
ServiceNow – Issue Detail Enhancements
Recursive Loop Issue Detail Visibility
Issue Detail for the “Avoid Creating Cross-Table Business Rule Recursive Loops” rule now shows where the issue occurs, helping developers identify and resolve it faster.
VSCode Plugin – Write Off Flow Enhancements
The Write-Off flow now provides clear feedback and updates the button automatically, keeping developers informed and preventing confusion.
Executive View – Severity Dropdown Accuracy
Fixed an issue where the Severity dropdown in the Executive View was displaying incorrect values. The dropdown now shows the correct severity options, ensuring accurate reporting and reliable filtering.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
ServiceNow Fix Scripts Inventory Coverage
ServiceNow Fix Scripts are now included in the inventory and analyzed as part of both Livecheck and Full Scan. Issues are identified based on the full set of applicable server-side scripting best practices, including OOTB modification rules, giving customers broader coverage and greater confidence that Fix Scripts meet quality and maintainability standards.
Teams Assignment Rules – Rule-Based Assignment Criteria
Teams assignment rules now support Rule as a new assignment criterion, enabling customers to automatically route issues from Full Scans to the most relevant teams based on the rule that triggered them. This ensures clearer ownership, reduces manual coordination, and accelerates remediation by aligning issues with the teams best equipped to address them.
KPI Accuracy – Exclusion of False Positive Write-Offs
Issues marked with a write-off reason of False Positive are now excluded from all KPIs, including issue counts, Technical Debt, and Quality of Cloud. This ensures that metrics reflect only valid issues, giving customers greater confidence in their KPIs and enabling more accurate tracking of quality, risk, and remediation progress.
New – Salesforce (Visual Force Pages)
Avoid Calling Visualforce Actions on Page Load
Rule ID: SF-AVOID-ACTION-UPON-LOAD
This rule detects Visualforce pages that call actions automatically on page load, which increases exposure to Cross-Site Request Forgery (CSRF) attacks. Enforcing this rule helps reduce security risk by ensuring actions are triggered only through explicit and secure user interactions.
Ensure Correct Encoding in Visualforce Style Tags
Rule ID: SF-AVOID-STYLE-WRONG-ENCODING
This rule checks for correct encoding in <style/> tags within Visualforce pages. Incorrect encoding can lead to Cross-Site Scripting (XSS) vulnerabilities. Applying this rule helps prevent script injection through styles and strengthens front-end security.
Avoid Unescaped User-Controlled Values in Expression Language
Rule ID: SF-AVOID-UNESCAPED-VALUES
This rule identifies unescaped, user-controlled content used in Expression Language (EL). Using unescaped values can result in XSS vulnerabilities. Enforcing proper escaping helps teams protect applications from common injection attacks.
Copy Ruleset in the Admin Portal
Fixed an issue that prevented rulesets from being copied between instances in the Admin Portal. The Copy Ruleset functionality now works as expected, allowing customers to reliably copy rulesets across instances and maintain consistent configurations.
This release includes minor security improvements.
Expanded our suite of automated tests to improve quality assurance and stability.
Quality Clouds Rule Builder (Beta)
A new Rule Builder add-on is now available, allowing teams to create, customize, and refine rules directly within their own platforms, with no coding required. Access to this feature is controlled through a new permission setting, ensuring it is only visible to authorized users.
Rule creation follows a guided, iterative flow where users can define rules, test them on existing elements, and submit them for approval before they are published to the active ruleset.
To activate the Rule Builder Add-on, please contact your Customer Success Manager or Quality Clouds Support.
Rule Reset – Default Configuration Not Restored
Resolved an issue where a rule could not be reset to its default state after being modified. The reset action now works as expected.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
ServiceNow LivecheckAI Add-on (Quality Clouds MCP)
A new MCP Add-on for ServiceNow is now available, enabling teams to link their ServiceNow development activity directly with Quality Clouds. With this integration, updates and code can be validated automatically through Livecheck, helping maintain consistency, improve quality, and ensure alignment with best practices.
To activate the LivecheckAI Add-on, please contact your Customer Success Manager or Quality Clouds Support.
Flosum – Incorrect Error Message When Launching Scans
Resolved an issue where an error appeared when launching a scan, even though the scan actually started and ran correctly. The message has been updated to reflect the real scan status.
Code Duplication View – Export Error
Resolved an issue where exporting all items from the Code Duplication view resulted in an unexpected error. The export now works correctly across affected instances.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
Salesforce AI Productivity Add-on (Quality Clouds MCP)
The new AI Productivity Add-on introduces the Quality Clouds MCP (Model Context Protocol) server for Salesforce. This capability allows teams using Agentforce Vibes, GitHub Copilot, or other compatible AI coding assistants to connect directly with Quality Clouds and run automated quality checks on AI-generated code using Livecheck. It ensures that all delivered code complies with best practices and organizational standards, helping teams boost productivity while maintaining code quality and consistency across their Salesforce environments.
To activate the AI Productivity Add-on, please contact your Customer Success Manager or Quality Clouds Support.
Scans – Better Memory Handling for More Stable Scans
Scans are now more reliable thanks to improved memory management. The system adjusts memory usage automatically, helping reduce out-of-memory errors and preventing unnecessary scan failures.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
Salesforce AI Productivity Add-on (Quality Clouds MCP)
The new AI Productivity Add-on introduces the Quality Clouds MCP (Model Context Protocol) server for Salesforce. This capability allows teams using Agentforce Vibes, GitHub Copilot, or other compatible AI coding assistants to connect directly with Quality Clouds and run automated quality checks on AI-generated code using Livecheck. It ensures that all delivered code complies with best practices and organizational standards, helping teams boost productivity while maintaining code quality and consistency across their Salesforce environments.
To activate the AI Productivity Add-on, please contact your Customer Success Manager or Quality Clouds Support.
Rules Management – Automatic Quality Gate Categorization
Rules are now automatically categorized based on the active Quality Gate configuration. Each rule is labeled as Blocker, Minor, or Legacy according to its configuration and activation date. This information is displayed in a new column within the Ruleset table, giving users clearer visibility of rule criticality and improving overall quality governance.
Rules Management – Edit Rule Impact and Action from UI
Admins can now edit the text of a rule’s Impact and Action directly from the Ruleset UI. This makes it easier to customize rule descriptions and align them with internal best practices or guidance provided to AI Agents for fixing issues and reducing technical debt.
Admin Tables – Project Filter Support
Project filters are now available across admin tables, making it easier to view and manage data by project.
Access Issues for Project User Role
Fixed a problem that prevented users with the Project User role from properly accessing issue lists and related scan data. Access now works as expected without requiring additional permissions.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
Salesforce Inventory – New AI and DataCloud Elements
The Salesforce Inventory now includes a new AI Agent Template and the first three Data 360 elements (soon to be rebranded as Data360): Data Connector, Data Source Object, and External Data Source. These additions provide customers with enhanced visibility into their Salesforce environments, enabling more complete assessments and better oversight of data-related configurations.
Instances Table Project Management
The Instances Table now supports bulk project management across Salesforce. Admins and Partners can assign or reassign multiple instances to a project in a single action, reducing manual effort and improving governance.
New – ServiceNow
Script Includes marked as Client Callable should use GlideRecordSecure instead of GlideRecord
Rule ID: SN-SI-GLIDERECORDSECURE
This rule flags Script Includes marked as Client Callable that use GlideRecord instead of GlideRecordSecure. Using GlideRecord in this context can bypass Access Control Lists (ACLs), potentially exposing or modifying data without proper authorization. Updating to GlideRecordSecure ensures ACL enforcement and protects against unauthorized data access.
Improved – ServiceNow
User Criteria with hard-coded sys_ids.
Rule ID: SN-0450
The rule that flags User Criteria containing hard-coded sys_ids has been updated to exclude out-of-the-box HR Criteria automatically generated by ServiceNow. This adjustment removes false positives and ensures more accurate detection of hard-coded sys_ids. Existing issues related to HR Criteria will be closed automatically after this update.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
Quality Clouds Roadmap
A link to the QC Roadmap is now available in the Admin and BI portal headers, giving direct visibility into upcoming features and improvements.
Code Duplication View – Active/Inactive Filter
The Code Duplication view now supports filtering by Active and Inactive elements across ServiceNow and Office 365. This enhancement helps Admins focus their analysis on relevant code segments, making duplication checks more accurate and actionable.
Instances Table Project Management
The Instances Table now supports bulk project management across ServiceNow and Office 365. Admins and Partners can assign or reassign multiple instances to one or more projects in a single action, reducing manual effort and improving governance.
ServiceNow – Issue Detail – Forms with Duplicate Fields
The Issue Detail view now highlights which forms and fields are affected by the Forms with Duplicate Fields rule for all clients. This helps Admins quickly identify and resolve duplication issues, improving form accuracy and data consistency across the platform.
New – ServiceNow
Script includes marked as Client Callable should contain a Access Control Role
Rule ID: SN-SI-ACCESS-CONTROL-ROLE
This rule flags Script Includes marked as Client Callable that do not have an associated Access Control Role. Adding proper role restrictions prevents unauthorized client-side execution of server-side code and protects sensitive logic from exposure.
New – Salesforce
Limit the Number of Actions per Topic
Rule ID: SF-AVOID-TOO-MANY-ACTIONS-PER-TOPIC
This rule flags AI Topics with more than 15 actions. Exceeding this limit can increase latency, slow down response times, and reduce overall user experience.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
Peer Review view has been optimized for faster loading, improving overall performance for users.
ServiceNow Zurich Release Support
The ServiceNow scanning service has been upgraded to fully support the Zurich release, ensuring compatibility with the latest platform features. Modified OOTB elements impacted by the Zurich release are now also visible in the Upgradeability View, giving Admins better visibility into upgrade readiness and making it easier to track and manage ServiceNow version support.
Instances Table Filtering and Tag Management
The Instances Table is now easier to navigate and organize. Admins can filter instances by environment or tags and manage tags in bulk across multiple instances, making it faster to keep environments structured and up to date.
New – ServiceNow
Avoid using ‘gr’ as a variable name in scripts
Rule ID: SN-AVOID-GR-VARIABLE-NAME
This rule flags scripts using ‘gr’ as a variable name. Using descriptive names improves readability, reduces conflicts, and makes custom code easier to maintain.
New – Salesforce
Flows should always include a description
Rule ID: SF-AVOID-FLOW-WITHOUT-DESCRIPTION
This rule flags Flows without a description. Providing a clear description makes Flows easier to understand, maintain, and troubleshoot.
This release includes minor security improvements.
We have resolved various internal issues to enhance system stability further and optimize the user experience.
📚 Learn More
To explore the full details of this release, follow this article:
👉 Release 25.18
📚 Learn More
To explore the full details of this release, follow this article:
👉 Release notes 25.17
✅ Support for ServiceNow Yokohama Release
🚀 Quality Clouds now fully supports the ServiceNow Yokohama release, ensuring seamless integration and enhanced upgradeability insights. Key updates include:
Upgradeability Impact Reporting: Identifies and reports OOTB modifications affected by the Yokohama release on the Upgradeability dashboard.
Enhanced Inventory Tracking: Captures modified Yokohama elements in QC inventory for better change governance.
Issue Identification: Detects and reports issues related to modified Yokohama elements.
✅ A new rule has just been released
🚀 Virtual Agent Topic – Avoid Unauthorized Creation
Rule ID: AVOID-UNAPPROVED-VIRTUAL-AGENT-TOPIC
This rule helps manage the creation of Virtual Agent topics by warning users when topics are created outside of governance processes. It is added to the default ruleset in an ignored status, allowing teams to enable it as needed.
📚 Learn More
To explore the full details of this release, follow this article:
👉Avoid Virtual Agent Topic Creation
🚀New Metadata Security Rules
We’ve introduced a new set of Metadata Security Rules designed to strengthen governance around sensitive configuration changes in Salesforce.
These rules require proper review and approval before deploying critical elements such as IP ranges, API exposure, and data access via Profiles and Permission Sets.
By adding this layer of oversight, the update helps safeguard access controls, protect system integrity, and improve the overall security posture.
🚀 Here are the newly released rules that have been released:
✅ Salesforce – OperationWithHighCostInLoop
Rule ID: SF-AVOID-OPERATION-WITH-HIGH-COST-IN-LOOP – Prevents calling high-cost performance methods inside loops, as repeated calls can slow down application performance, especially in large organizations. To optimize efficiency, extract these method calls outside the loop and execute them only once.
✅ Salesforce – AvoidNonRestrictiveQueries
Rule ID: SF-AVOID-NON-RESTRICTIVE-QUERIES – Prevents using unfiltered SOQL or SOSL queries, which can retrieve excessive data, leading to governor limit exceptions and impacting application stability. To optimize performance, always apply filters to limit the data retrieved.
✅ Salesforce – QueueableWithoutFinalizer
Rule ID: SF-AVOID-QUEUEABLE-WITHOUT-FINALIZER – Prevents using the Queueable interface without a Finalizer, ensuring proper error recovery. Without a Finalizer, failures in Queueable actions can cause unhandled errors. To improve reliability, attach a Finalizer using System.attachFinalizer(Finalizer f).
✅ We’re upgrading to PMD 7.8.0 on January 29th. This update improves detection accuracy, reduces false positives through refined rules and advanced analysis, and lays the groundwork for more powerful rules in future releases.
⚠️ Please note: this upgrade will not change the Quality Clouds Ruleset—no new rules will be added, and your ignored rules remain unaffected.
Centralized Governance & Rule Discovery
The Marketplace is our new centralized hub for discovering and managing the standards that protect your platform. It is designed to give you full visibility into our rule library, allowing you to adopt the specific governance that aligns with your organization’s unique best practices.
Browse with Visibility
Explore our growing library of rules through intuitive card and table views, making it easy to identify the right guardrails for your environments.
Informed Adoption
Every rule includes a detailed overview of the impact area, severity, and recommended actions. This transparency allows your team to review the specifics and decide whether to adopt a rule in line with your internal standards.
Staged Integration
Once you decide a rule is right for your organization, you can add it to your rulesets with a single click. Rules are initially added in an “Ignored” state, allowing you to assess the impact and transition them to “Active” at your own pace.
🚀 We have enhanced the Upgradeability View to support the Australia release in ServiceNow. The engine now detects customized OOTB objects that conflict with changes introduced in the Australia release, helping you identify and resolve potential upgrade issues in advance.
We have launched the AI Readiness Dashboard to help you bridge the gap between technical debt and AI implementation. This tool provides a strategic view of whether your platform’s code and data are truly prepared to support autonomous agents and Generative AI.
More information 👉 AI Readiness
We’ve introduced OAuth 2.0 authentication for ServiceNow to help meet modern security standards 🔐
While Certificate-Based Authentication remains our recommended option for the most secure and reliable instance connectivity, OAuth 2.0 offers a strong, token-based alternative—ideal for organizations transitioning away from Basic Authentication.
This update gives you more flexibility while maintaining a high level of security 🚀
More information mentioned in our documentation page
The new ServiceNow version of the Quality Clouds App is coming packed with powerful enhancements and smarter functionalities!
🚀 New View in the Quality Center to gain more consolidated insights.
📘 Enhanced Best Practices – Access richer guidance and detailed insights on issues directly in the app to improve quality from the start.
🔍 Upgraded Diagnostics – Benefit from smarter, faster analysis to quickly identify and resolve issues with confidence.
🌟 And this is only a few of the new features, with many more exciting enhancements on the way!
✅ Streamlined Instance Management
The redesigned Instances Table provides administrators with greater clarity and control over instance management. Key enhancements include:
⚡ Additionally, a new Inactivation Workflow improves lifecycle management.
🎯 Administrators can now mark instances as inactive directly from the table. Once confirmed, these instances are automatically removed from view and cannot be reactivated—ensuring a focused, clutter-free workspace.
✅ We have improved navigation and usability, ensuring screens in the Account section maintain context after actions and pagination remain consistent across tables.
🚀Updates include better filtering, sorting, and improved labeling for a more seamless experience
📚 Learn More
To explore the full details of this release, follow this article:
👉 Navigation between the Portals
✅ Release Check Agent provides Salesforce teams with instant release visibility, highlighting blockers, compliance gaps, and technical debt before deployment—so teams can go live with confidence.
📚 Learn More
To explore the full details of this release, follow this article:
👉 Release Check Agent Integration
The Salesforce Inventory now includes a new AI Agent Template and the first three Data 360 elements (soon to be rebranded as Data360): Data Connector, Data Source Object, and External Data Source. These additions provide customers with enhanced visibility into their Salesforce environments, enabling more complete assessments and better oversight of data-related configurations.
✅ What’s New in This Release
This update delivers UX improvements, stability enhancements, and bug fixes across Quality Center, CoPilot, and LiveCheck. Install now from the ServiceNow Store.
🚀 Quality Center (Beta)
🔌 CoPilot (Beta)
⚡ LiveCheck
📚 Import Issues
🌟 Other Fixes & Enhancements
Improved app preservation post-clone (system properties included)
Added configuration element link for CE Type Inline Scripts
🚀 As a Partner, you can now manage multiple accounts using the same email address while having unique usernames for each account.
🔐 This update enhances flexibility in account management and ensures secure password recovery using both the email and username.
🚀 We’ve enhanced XLS exports to make sure files reach the right recipients.
⚡Now, when exporting issues, a notification will display the recipient’s email address, allowing you to confirm before sending and avoid accidental misdelivery.
This update gives you greater visibility and control, ensuring a more reliable export process.
🚀 Streamlined Onboarding with SSO Federation
Admins can now enable SSO Federation to automatically create user accounts when employees log in through their organization’s Identity Provider (IdP).
🔐 Stronger Security with SSO Enforcement
SSO Enforcement lets admins require authentication exclusively via the organization’s IdP, disabling local logins.
📚 Learn More
To explore the full details of this release, follow this article:
👉 SSO Federation
👉 SSO Enforcement
✅ New AI Quality Expert Agent
We’re introducing an AI Assistant integrated with our documentation, giving users quick, direct access to product information.
🚀 Who is this for?
Support teams, platform owners, and users looking for fast answers to product-related questions.
🎯 Why it matters
This feature improves self-service support and makes product knowledge more accessible.
🌟 Impact on users
Users can interact with the AI Agent directly within the platform to quickly find answers and guidance on Quality Clouds features and processes.
🧭 What’s next
Future versions will expand the AI Agent’s capabilities to help resolve technical issues. Stay tuned for updates in upcoming release notes.
✅ Integration with Salesforce DevOps Testing
Quality Clouds is now officially recognized as a Salesforce Test and Quality Provider with a new integration package available on the AppExchange. This integration connects Quality Clouds with Salesforce’s DevOps Testing framework, embedding automated quality checks directly into development workflows.
🌟 Who is this for?
Salesforce teams using DevOps Center to streamline testing in their release process.
🎯 Why it matters
Supports Salesforce’s DevOps Testing strategy by making it easier to ensure quality and governance at every stage of development.
⚡ Impact on users
Teams can install the AppExchange package to seamlessly integrate Quality Clouds and leverage automated analysis throughout their DevOps lifecycle.
📚 Learn More
To explore the full details of this release, follow this article:
👉 DevOps Testing Integration
Quality Clouds now integrates with GitHub Actions, allowing scans to be triggered on both commits and pull requests. This enhancement strengthens CI/CD pipelines by improving visibility and accelerating feedback loops.
🔑 Key benefits:
🔐 Who is this for?
Developers and DevOps teams working with GitHub.
🎯 Why it matters
By detecting issues earlier in the development lifecycle, this integration provides fast, actionable feedback on code quality.
⚠️ Impact on users
Developers gain immediate insight into blockers and non-blockers during code reviews, enabling faster fixes and more efficient development workflows.
📚 Learn More
To explore the full details of this release, follow this article:
👉 GitHub Integration
✅ New Code Duplication View
We’ve introduced a new Code Duplication View that makes it easier to spot and resolve repeated code. The view organizes duplication into structured blocks and highlights related issues for quick analysis.
🚀 Who is this for?
Platform Owners and Admins working in the QC Portal.
🎯 Why it matters
This feature provides a clear, actionable overview of duplication patterns, helping teams detect and address repeated code more efficiently while understanding its impact.
🌟 Impact on users
Users can review duplication in grouped blocks, expand entries to see detailed occurrences, and access a pop-up with linked issue information—all in one place. This streamlines the code review and refactoring process, saving time and improving quality.
📚 Learn More
To explore the full details of this release, follow this article:
👉 Code Duplication View
✅ Salesforce – Quality Clouds VSCode Extension
The QC Copilot is now available in the Quality Clouds VSCode extension, enabling developers to receive issue-specific recommendations and apply fixes directly within their editor.
🚀 Who is this for?
Developers using the Quality Clouds VSCode extension to analyze and resolve issues in real time.
🎯 Why it matters
By integrating QC Copilot guidance into the development workflow, developers can resolve issues faster and more efficiently without switching tools.
🌟 Impact on users
From within VSCode, developers can:
All of this can be done seamlessly without leaving the editor, improving both speed and productivity.
📚 Learn More
To explore the full details of this release, follow this article:
👉 QC Copilot in VSCode Extension
🚀 Introducing Projects for Salesforce, ServiceNow, and Office 365
We’re excited to announce Projects—a new way to organize your instances within a unified structure. With Projects, customers can group related instances together, making it easier to manage quality settings and laying the groundwork for future Project-based capabilities.
⚠️ Important: If you’re using the write-off propagation add-on, propagation will now follow the Project assignments of your instances.
Learn More
To explore the full details of this release, follow this article:
Projects
✅ Quality Center App Now Available
The Salesforce Quality Center app is now live for customers. This first release introduces a guided onboarding experience designed to support both new and existing users:
🌟 Who is this for?
Admins, Platform Owners, and Developers working with Quality Clouds.
🎯 Why it matters
The Quality Center provides a centralized hub for managing code quality directly within Salesforce. It enables teams to track progress, measure quality using actionable metrics, and implement improvements effectively.
⚡ Impact on users
With Quality Center, users gain continuous visibility into the quality of their development work. Integrated tools help detect issues early, apply best practices, and maintain high code standards—all from one place.
📚Learn More
To explore the full details of this release, follow this article:
👉 Quality Center for Salesforce
✅ San Diego and Tokyo Compatibility
Our latest update introduces full compatibility with the San Diego and Tokyo releases, ensuring support for organizations operating on these versions.
🚀Enhanced Logging and Error Handling
We’ve strengthened system reliability by improving logging and error handling. These enhancements make it easier to identify issues quickly, streamline troubleshooting, and maintain consistent performance.
📚 Learn More
To explore the full details of this release, follow this article:
👉Field Analysis versions
Version 12.1 builds directly on the foundation of 12.0 (released June 27, 2025), keeping all its capabilities while adding important improvements in security, usability, and flexibility.
The main highlight is the new Auth Token model, which replaces API Keys with a secure, scalable, and automated authentication system. This simplifies user management, reduces admin workload, and ensures centralized control, all without losing any existing functionality.
🔑 Key Benefits & Features
Stronger security with token-based authentication
Flexible, Non-blocking Quality Gates
Enhanced Quality Center navigation and quick links
Smarter LiveCheck with batch updates, error messaging, and conflict alerts
Agile 2.0 improvements for bulk exports and role-based access
Configurable Peer Review and Write-Off functionality
QC Copilot code comparison enhancements
HealthScan issue imports into ServiceNow
General improvements for consistency, diagnostics, and performance
With 12.1, teams gain better security, streamlined workflows, and enhanced flexibility, ensuring Quality Clouds continues to drive governance and quality across ServiceNow environments.
📚 Learn More
To explore the full details of this release, follow this article:
👉 Transition from API Key to Auth Token
The ServiceNow inventory has been expanded to include AI Agents, AI Tools, AI Use Cases, AI Skills, and AI Prompts as new Configuration Element Types. This enhancement provides greater visibility and deeper analysis of AI-related configurations and customizations, helping teams better track, manage, and govern their AI assets.
👉 Check the list of Configuration Elements scanned in ServiceNow
✅ Salesforce – Unified Onboarding, Authentication & Project Configuration
We’ve introduced major improvements to the Salesforce developer experience, creating a secure, unified flow for identity, authentication, and project configuration across all Quality Clouds tools.
🚀 Why this change?
To replace fragmented API key setups with a centralized model that simplifies access, strengthens security, and enforces consistent project governance.
🌟 What’s new?
Bulk Onboarding – Admins can add developers individually or in bulk from the Admin Portal.
Personal Credentials – Developers activate QC credentials via email, used across Salesforce apps and the VSCode plugin (not the QC Portal).
Authentication Flow – Developers log in directly with their credentials, eliminating shared keys.
Project Assignment – Developers select a Project on first login; each Project groups instances under a Ruleset and Quality Gate, with a Main Instance defining configuration.
🎯 Impact:
Simpler onboarding, stronger access control, and consistent governance—laying the foundation for future scalability.
📚 Learn More
To explore the full details of this release, follow this article:
👉 Developer Role
👉 Projects
✅ ServiceNow OOTB Service Updated for Zurich Release
The out-of-the-box ServiceNow service has been upgraded to fully support the Zurich release, ensuring compatibility and smooth operation with the latest platform features.
The Quality Clouds integration for Flosum allows Salesforce teams to embed automated quality and governance checks directly into their development and deployment pipelines. It enables seamless scanning of Flosum repositories to analyze code, metadata, and configurations without leaving the Flosum environment.
Please follow this articles to
🔗 Connect a Flosum org in Quality Clouds Admin Console
⚙️ Configure the Flosum package in Salesforce
Self-Service SSO Configuration
Customer Admins can now configure and manage SSO directly within the Admin Portal using a step-by-step guided setup. This update gives organizations more control over secure access while minimizing the need for support involvement.
🚀Target Audience: Customer Admins, Security Teams, IT Teams
🌟 Why this matters:
Organizations can align authentication processes with their own security standards, making access management more efficient and secure.
✅ What is changing for users:
The new AI Productivity Add-on introduces the Quality Clouds MCP (Model Context Protocol) server for Salesforce. This capability allows teams using Agentforce Vibes, GitHub Copilot, or other compatible AI coding assistants to connect directly with Quality Clouds and run automated quality checks on AI-generated code using Livecheck. It ensures that all delivered code complies with best practices and organizational standards, helping teams boost productivity while maintaining code quality and consistency across their Salesforce environments.
To activate the AI Productivity Add-on, please contact your Customer Success Manager or Quality Clouds Support.
✅ Code Duplication View – Active/Inactive Filter
The Code Duplication view now allows filtering by Active or Inactive elements in ServiceNow and Office 365, enabling admins to focus on relevant code and perform more precise duplication checks.
The Quality Clouds MCP feature ensures AI code assistants like GitHub Copilot follow your organization’s development, governance, and security standards. It validates AI-generated code in real time via the Quality Clouds MCP server, automatically enforcing quality, security, and compliance rules across platforms such as ServiceNow, Salesforce, and Microsoft 365.
📚 Learn More
To explore the full details of this release, follow this article:
👉LiveCheck AI (via MCP)
🌟 V14 Highlights
Extended Livecheck support for retrieved update sets, including batch processing
Major Quality Center enhancements with retrieved update set tracking, KPIs, issue details, and integrated NowAssist chat
New Rule Builder capabilities: draft creation/editing, testing, approvals, and code highlighting
Improved tracking & reporting with team insights, new filters, and updated scan-date accuracy
Enhanced clone management with new exclusion and data preserver options
Performance, diagnostics, and integrity check improvements, plus multiple UI and stability fixes
🚀 We are strengthening Debt Manager by expanding information visibility, refining access, and enabling more effective user actions such as:
Admins will enable or disable Write-Off permissions per user, ensuring only authorized users can see and perform Write-Off actions.
The “Also Spotted In” tab will display an Issue ID column, making it easier to track the same issue across environments.
Make AI Code Assistants follow your rules – from validation to fixes, in real time.
AI code assistants accelerate development, but risk drifting into code that violates your organization’s rules, platform limits, or architectural conventions.
LivecheckAI adds the missing governance layer: Real-time & fully embedded in your workflow.
✅ Real-Time Validation
Every AI-generated line is instantly checked.
⚡ Automatic Fixes
Naming issues, complexity, and documentation gaps are corrected in the background.
🧠 Smarter Peer Reviews
Reviewers focus on functionality and architecture, while standards are enforced automatically.
🚀 Productivity + Compliance
Developers code faster with AI, knowing quality and governance are built in from the start.
Your smart, conversational assistant inside the Quality Clouds platform that helps you to:
💬 Plain-Language Rules
Create, test, and launch configuration rules without coding.
🛡️ Instant Governance
Set guardrails dynamically across teams, tools, environments, and partners.
⚡ No Slowdowns
Enforce standards without impacting delivery speed.
✅ We are working to implement more rules related to strengthening security, enforcing governance, and ensuring compliance across environments. They are designed to:
More to come soon!
