Code review and remediation
Learn how SRE.ai surfaces code and metadata quality issues and supports fixing them before they become technical debt
Overview
Poor code quality is rarely a single event.
Issues accumulate because review is inconsistent, declarative metadata gets skipped, and senior engineers become bottlenecks — pulled into fix cycles that could have been caught earlier.
Code review and remediation is about making that process automatic, consistent, and resolution-oriented.
SRE.ai addresses this through two layers:
Automated analysis runs on every change — static analysis using PMD and ESLint rules, AI-generated observations about patterns and risks, and dependency reference checks. Findings are surfaced with severity levels in the change detail view and posted as inline comments on pull requests.
Agent-assisted remediation lets teams fix flagged issues without a separate rework cycle. Once findings are surfaced, the Build Agent can resolve them directly.
Automated code and metadata review
Scenario
Problem:
Code review depends on the availability of senior engineers.
When they're unavailable or overloaded, review gets deferred, rushed, or skipped entirely. Declarative work — validation rules, flows, field configurations — rarely goes through the same review process as developer code at all.
Issues that should have been caught during development accumulate as technical debt or escape into production.
SRE.ai's fit:
SRE.ai runs automated code analysis on every change as soon as it's tracked — no manual trigger required. Each change receives a complete set of findings: static analysis violations, AI-generated observations, and dependency checks, organized by severity.
Automated code analysis is part of SRE.ai's Changes feature. Read the Changes documentation for an overview of how findings are surfaced, and the Pipelines documentation for how quality gates use findings to control promotion.
Who this is for
Teams that want every Salesforce change reviewed automatically, including declarative metadata that would otherwise bypass human review.
Particularly useful for teams where Salesforce admins commit configuration changes — field modifications, validation rules, flows — that don't go through the same review process as developer code.
Click to learn how SRE.ai addresses this scenario
What you'll need
A connected GitHub repository with changes being tracked (see Integrations documentation)
At least one Change in SRE.ai (see Changes documentation)
How it works
No additional setup is required for automated analysis to run. Once a repository is connected and changes are tracked, SRE.ai runs the following on every change:
Static code analysis — PMD and ESLint rule violations surfaced with rule name, file location, and severity.
AI analysis — pattern-based observations about code quality, security risks, performance concerns, and governor limit exposure, generated by SRE.ai's AI layer and distinct from static rule violations.
Dependency reference checks — components in the change are checked for missing or broken references.
Findings appear in the Code Quality section of the change detail view, organized by severity: Critical, High, Medium, Low, and Info.
Each finding can be:
Reviewed — expand the finding detail, file location, and line reference.
Dismissed — mark as dismissed with a recorded reason, visible in the audit trail.
Resolved — set to Resolved once the issue has been addressed.
When a pull request is open for the change, SRE.ai posts findings as inline code review comments on the PR, making them visible to reviewers without requiring them to open SRE.ai separately.
Example workflow
A developer commits changes to a feature branch connected to a SRE.ai pipeline.
SRE.ai detects the commit and begins analysis — static rules, AI observations, and dependency checks run automatically.
Findings are surfaced in the change detail view. The developer reviews them, addresses issues, and dismisses intentional patterns with a recorded reason.
Pull request reviewers see the same findings as inline comments without leaving the PR.
Once findings are resolved or acknowledged, the change is ready to advance through the pipeline's quality gates.
Result
Every change receives a consistent, automated review regardless of whether a senior engineer is available.
Findings are surfaced at the point of development, not after deployment, and are tracked with resolution status and dismissal reasons for a complete audit trail.
Blocking changes on unresolved findings
Scenario
Problem:
Analysis findings are surfaced but not enforced.
Without a blocking mechanism, developers can acknowledge findings and promote changes anyway. Issues still reach production.
SRE.ai's fit:
SRE.ai's pipeline quality gates enforce code review findings at each stage. Configure a severity threshold and any change carrying unresolved findings at or above that severity is blocked from advancing until the issues are resolved or dismissed.
Severity-based blocking is configured through SRE.ai's Pipelines feature. Read the Pipelines documentation for the full quality gate configuration reference, and the Pipeline automation use case for a setup walkthrough.
Who this is for
Teams that want code quality standards enforced structurally, not left to individual discipline.
Click to learn how SRE.ai addresses this scenario
What you'll need
A Pipeline configured with at least one stage (see Pipelines documentation)
A GitHub integration active and connected to a repository (see Integrations documentation)
Setup
Configure the Code Review quality gate on each stage where you want findings enforced.
Navigate to Pipelines and select your active pipeline.
Click on the stage where you want blocking enforced to open the Stage Details panel.
Under Quality gates, toggle Enable Code Review on.
Under Block Review Comments, select the minimum severity that should block promotion:
Critical: only the most severe findings block promotion.
High: critical and high-severity findings block promotion.
Medium: critical, high, and medium severity findings block promotion.
Repeat for additional stages. A common pattern is a less strict threshold on early stages (High or Critical) and a stricter threshold (Medium) on staging and pre-production stages.
Save the stage configuration.
Example workflow
A developer promotes a change to the configured stage.
SRE.ai evaluates the change's code quality findings against the configured blocking threshold.
If any unresolved findings meet or exceed the configured severity, the quality gate blocks the change from advancing.
The developer resolves or dismisses the flagged findings.
Once no blocking findings remain, the quality gate clears and the change can advance.
Result
Changes can't advance past the configured stage while unresolved findings at the blocking severity are present.
Quality standards are enforced at the gate, not left to code review discipline.
Agent-assisted remediation
Scenario
Problem:
Findings are surfaced and blocked at the gate, but fixing them still requires a developer to context-switch into a manual review-and-fix cycle.
For teams where code review is already a bottleneck, adding a mandatory remediation step slows delivery further — unless there's a faster way to resolve findings.
SRE.ai's fit:
Once findings are surfaced in a Change, the Build Agent can address them directly. A team member points the agent at the findings to resolve, and the agent implements fixes, validates them against the connected org, and commits the changes to the feature branch.
Agent-assisted remediation uses SRE.ai's Build Agent. Read the Agents documentation for an overview of how the Build Agent works and how agent tasks are tracked in Changes.
Who this is for
Teams where code review findings are surfaced but remediation creates a secondary bottleneck — pulling senior engineers into fix cycles after initial review.
Click to learn how SRE.ai addresses this scenario
What you'll need
A connected GitHub repository (see Integrations documentation)
A connected Salesforce org (see Salesforce Orgs documentation)
A Change with active code quality findings (see Changes documentation)
Workflow
Open the Command Center and describe the findings you want to resolve. For example: "Fix the critical and high findings on the OpportunityTrigger change — the governor limit exposure and the missing null checks."
SRE.ai activates the Build Agent. The agent reviews the flagged findings, implements fixes on the connected feature branch, validates the changes against the org, and commits the result.
The agent's task is tracked on the Change — which findings were addressed, what files were modified, and the resulting commit.
The developer reviews the agent's output before advancing the change.
Once the findings are resolved, the quality gate clears and the change can be promoted to the next stage.
Result
Flagged findings are resolved without a separate manual fix cycle.
Senior engineers review the agent's output rather than implementing each fix themselves, reducing the time between "finding surfaced" and "change ready to advance."
Last updated