Salesforce Code Analyzer v5 (Developer Preview)
Version 5 of Code Analyzer maintains its essential mandate: ensuring that your code adheres to best practices, allowing you to identify problems earlier in the development process. Code Analyzer continues to bring together multiple code scanners under a single, unified experience.
This feature is available as a developer preview. The feature isn’t generally available unless or until Salesforce announces its general availability in documentation or in press releases or public statements. All commands, parameters, and other features are subject to change or deprecation at any time, with or without notice. Don't implement functionality developed with these commands or tools.
We’ve rearchitected the product to make it even easier for you to use. We’ve also made it progressively more powerful, helping new users get started while providing advanced customization capabilities for more experienced users. This Dev Preview gives you a taste of the changes.
Version 5 introduces a new Salesforce CLI plugin, @salesforce/plugin-code-analyzer, which brings a set of new CLI commands in the code-analyzer topic. These commands provide the same functionality as before, such as listing available rules and running them on your code base. However, we've improved the overall experience, making the commands more intuitive and powerful. Unlike v4, the new CLI now features a single, versatile run command with a powerful rule selection mechanism that allows you to precisely choose the exact set of rules you want to run. You can even run a single rule if you want.
Configuring Code Analyzer v5 is now more straightforward and flexible than ever. We’ve provided a default configuration that works well for most users without requiring any customizations. However, if you want to modify existing rule properties, add new rules, customize engine behavior, or adjust other aspects of Code Analyzer, you can create a custom configuration file. This configuration file, code-analyzer.yml, is a single YAML-based file that’s easy to update. You can store it within your Salesforce project workspace, making it simple to apply in continuous integration and continuous delivery (CI/CD) pipelines. We're particularly proud of the new feature that allows you to assign individual tags to each rule. This feature allows you to more easily select the rules that meet your specific needs.
We also introduced a new Regex engine that allows you to run and create simple regular expression-based rules inside of your Code Analyzer configuration file.
The output has dramatically improved with Code Analyzer v5. The terminal now displays more responsive real-time progress updates. You can now write results to multiple output types, and we improved the format of these outputs, including csv, xml, json, and html. Our new HTML report allows you to navigate violations more easily with search, grouping, and more.
This Developer Preview of Code Analyzer v5 comes pre-bundled with these engines:
- ESLint
- PMD. This release doesn't support the
pmd-appexchangecustom PMD variant. - Regex. New for v5!
- RetireJS
- We don’t support these engines in this Developer Preview: Salesforce Graph Engine, CPD, and the
pmd-appexchangecustom PMD variant. - The Salesforce Code Analyzer Visual Studio (VS) Code Extension is still based on v4 and doesn’t yet support the new v5 features.
- The Run Salesforce Code Analyzer - GitHub Action is still based on v4 and doesn’t yet support the new v5 features.