Get Started with Salesforce Code Analyzer

To get started scanning your code with Salesforce Code Analyzer, follow this developer workflow and choose resources that match your learning style.

Salesforce Code Analyzer is a unified tool for source code analysis available in Salesforce CLI, VS Code, GitHub Actions, and DevOps Testing. Code Analyzer analyzes multiple languages. It provides a consistent experience to help you identify rule violations.

• Overview. Get a bird's-eye view of Code Analyzer and read how the current version (v5) differs from the previous version (v4).
• Engines. Check out all the supported engines, such as ESLint, PMD, and more.
• Migrate from v4. If you're already using Code Analyzer v4, read the migration guide to help you easily move to v5.

To get started with Code Analyzer, follow these instructions for your tool of choice.

• Salesforce CLI. You must install Salesforce CLI to use the Code Analyzer CLI commands. Complete the prerequisties, install the Code Analyzer CLI plugin, and get started.
• Salesforce Code Analyzer VS Code Extension. If you use Visual Studio Code (VS Code), install the Code Analyzer VS Code extension to scan your code easily as you work.

After you understand how to view and run Code Analyzer rules on your code, play around with more advanced features: customize the Code Analyzer configuration, create new engine rules, and integrate Code Analyzer into your continuous integration/continuous delivery (CI/CD) process.

• Configuration. Customize how Code Analyzer works by creating a configuration file.
• CI/CD Integration, including GitHub Actions. Learn how to integrate Code Analyzer into your CI/CD process.
• Custom Rules. Extend your Code Analyzer implementation by creating custom rules for these engines:
  • ESLint
  • PMD
  • Regex
• DevOps Testing. Integrate Code Analyzer with DevOps Testing, a feature that extends the capabilities of DevOps Center.
• AppExchange Security Review. Produce the Code Analyzer reports required if you want to list a managed package on AppExchange.

Code Analyzer launches a new release monthly. Read Code Analyzer Release Notes to stay on top of the latest developments.

• To report an issue with Code Analyzer, create a bug on GitHub.
• To suggest a feature enhancement, create a request on GitHub.
• To provide feedback, use this form.

• Pass the AppExchange Security Review
• Salesforce CLI Setup Guide
• Salesforce Code Analyzer Github Repository
• Salesforce DX Developer Guide
• Scan Your Solution with Salesforce Code Analyzer
• Trailhead: Build Apps Together with Package Development