All Products
Search
Document Center

Alibaba Cloud DevOps:Code detection

Last Updated:Jun 02, 2026

Code detection in Codeup scans your repositories for issues using a layered system of rules, strategies, and quality gates.

Concepts

  • Detection rule: The fundamental unit of detection. Each rule targets a specific issue pattern — for example, exposed credentials or insecure plaintext passwords.

  • Detection rule package: A collection of detection rules grouped by detection type or engine — for example, a sensitive information detection package.

  • Detection strategy: A group of rule packages combined with their runtime parameter configurations. A single strategy can be applied to multiple repositories. When applied to a repository, the strategy is instantiated as a detection task.

  • Detection task: A running instance of a detection strategy on a specific repository. A task can run multiple times on a branch, and each run produces a separate report.

  • Quality gate: A pass/fail checkpoint. If the number of detected issues exceeds the configured threshold, the quality gate fails. Quality gates are commonly used in merge request checks to control whether code can advance to the next stage.

Severity levels of rules

Each detection rule carries one of three severity levels. Use the levels to prioritize which issues to address first.

Severity

What it means

Recommended action

Critical

Violations can cause serious consequences.

Fix immediately.

Warning

Non-compliance risks system stability and efficiency.

Fix before merging.

Suggestion

Rules that improve individual coding habits and team collaboration.

Address when time allows.