Vercel is releasing new features in its Developer Experience Platform to enable development teams to “move fast, don’t break things.”
“As organizations grow, it can become hard to sustain fast release cycles without diminishing code health and letting errors slip into production. It shouldn’t be this way. We should be able to move fast without breaking things—making quick updates and innovating while retaining great performance, security, and accessibility,” Brody McKee and Cody Brouwers, software engineers for Vercel, wrote in a blog post.
Conformance is a new feature that automatically detects critical issues early in the development lifecycle. It does this by running static analysis checks before merges happen.
Conformance rules work across multiple files, meaning that each file doesn’t have to be individually verified. This provides developers with a more holistic perspective on their codebase, Vercel explained.
It also provides a score for issues, which provides development teams with a way to prioritize issues. “Specifically, you can allowlist a specific number of issues before going to production, then track how you start unlisting them and burning down through the issues to improve the code health,” McKee and Brouwers wrote.
Code Owners is another new feature that the company announced today. It enables development teams to discover who is responsible for a piece of code and ensure that changes are being reviewed by the right people.
It mirrors the structure of the organization, meaning that Code Owners higher up in the employee directory will serve as stewards over the codebase and can act as a fallback if the owner files go out of date, like when a developer switches teams.
Vercel explained that when developing these two new features, security was at the forefront. “Creating security rules with Conformance and Code Owners brings your security team into the development process. Conformance catches issues that could become security vulnerabilities, like unsafe usage of cookies in your application, before they make it to production. Similarly, Code Owners ensures no one on your team becomes a security vulnerability. Using the features together, you can define an allowlist file for Security rules, and then assign your Security team as code owner of that file,” McKee and Brouwers explained.
Vercel also improved the Developer Experience Platform dashboard to work better with these new features. Team members can see global code health, Conformance scores, and the teams responsible for a repository.
“This means, you can understand problem areas and investigate errors by seeing all of your allowlisted performance, security, or code-quality errors,” McKee and Brouwers wrote.