Notify developers about hard gating violations directly in their IDE
G
Granite Caterpillar
STO Notify developers about hard gating violations directly in their IDE. This will provide early visibility into deployment blockers.
Log In
G
Granite Caterpillar
Ask / Scope
Today, developers usually discover hard gating violations later in the pipeline or deployment process. The ask is to surface hard gating violations directly in the developer’s IDE so that issues are visible as early as possible in the development workflow.
The scope includes showing developers clear information about:
Which security or compliance gate was violated
Which file, dependency, image, or vulnerability caused the violation
Why the violation is considered a hard blocker
What remediation action is expected
Whether an exemption is possible or already exists
This should help developers identify deployment blockers before committing, merging, or triggering downstream pipeline execution.
Affected users
Primary users are application developers who consume STO gating results as part of their development and deployment process.
Secondary users include security teams, platform teams, DevOps teams, and release managers who currently spend time helping developers understand why a deployment was blocked.
Impact
This improves early visibility into security and compliance blockers and reduces late-stage pipeline failures. Developers can fix issues earlier, which reduces deployment delays, support requests, and back-and-forth between engineering and security teams.
It also improves developer experience by making STO feedback actionable within the tool developers already use every day.