Regression gates (forbidden API calls)
Full workflow
Complete guide (limitations, CI, published lens): regression-gates
Why use CCE
Teams ban deprecated internal packages, unsafe APIs (pickle.loads, eval), or direct cloud SDK usage in CI — but grep rules miss qualified calls and false-positive on comments. You need a gate that fails when forbidden methods appear in production code paths.
CCE regression gates scan for forbidden API prefixes and fail CI when entitlements[] is non-empty.
Example command
cce -folder . -language AUTO -mapper-file https://releases.stackgen.com/cce/lenses/regression-gates/latest/regression-gates_lenses.yaml -filter all -format json -output gates.json
Analysis recipe
This use case is registered as recipe regression-gates — run with:
cce run -folder . -language AUTO -recipes regression-gates -output regression-gates.json
Published lens
https://releases.stackgen.com/cce/lenses/regression-gates/latest/regression-gates_lenses.yaml