The Salesforce Code Analyzer logo with a blue magnifying glass hovering over a piece of paper

Get Started

To get started scanning your code with Salesforce Code Analyzer, follow this developer workflow and choose resources that match your learning style.

Salesforce Code Analyzer is a unified tool for source code analysis. Code Analyzer analyzes multiple languages. It relies on a consistent command-line interface and produces a results file of rule violations. Use the results to review and improve your code.

If you plan to list a managed package listed on AppExchange, the package must undergo and pass security review. As part of the review submission, you’re required to upload your Code Analyzer scan reports. Attach your Code Analyzer reports to your submission in the AppExchange Security Review Wizard.

To get started with Code Analyzer, follow these instructions.

  • Salesforce CLI. You must install Salesforce CLI to use Code Analyzer. Complete the prerequisties, install the Code Analyzer CLI plugin, and get started.
  • Salesforce Code Analyzer VS Code Extension (Beta). If you use Visual Studio Code (VS Code), you can then install the Code Analyzer VS Code extension to scan your code easily as you work.

To enforce rules that you define and to produce high-quality code, integrate Code Analyzer into your Continuous Integration/Continuous Development (CI/CD) process.

  • CLI Command Reference. Read more about Code Analyzer's rules and flags, and how to use them.
  • CI/CD Integration. Learn how to integrate Code Analyzer into your CI/CD process.
  • Customization. Extend your Code Analyzer implementation by creating custom ESLint and PMD rules.

To get help with Code Analyzer, read our Troubleshooting guide.

Code Analyzer launches a new release monthly. Read Code Analyzer Release Notes to stay on top of the latest developments.