Engines
Code Analyzer is pre-bundled with these engines. They are all enabled by default and are available when you use either CLI commands or the VS Code extension to analyze your code.
| Rule Engine | Description | Engine Short Name to Use in CLI Commands |
|---|---|---|
| CPD | Identifies blocks of duplication across files. | cpd |
| ESLint | Evaluates JavaScript and TypeScript code. | eslint |
| Flow Scanner | Audits Salesforce Flows and reports detailed information about security issues. New for v5! | flow |
| PMD | Allows for static analysis of code written in a number of supported languages, such as Apex and Visualforce. Includes the PMD AppExchange rules. | pmd |
| RetireJS | Analyzes a project’s third-party JavaScript dependencies and identifies security vulnerabilities. | retire-js |
| Regex | Uses regular expressions (regex) to search your code base for patterns. New for v5! | regex |
| Salesforce Graph Engine | Open-source Salesforce tool that performs complex analysis on Apex code and identifies security vulnerabilities and code issues. | sfge |