PMD AppExchange Rules Reference
The PMD AppExchange rules help you prepare your second-generation managed packages (managed 2GP) for security review. To select these rules, use --rule-selector AppExchange
. For example, to run the AppExchange rules:
Description: Detects use of Api.Session_ID or GETSESSIONID() to retrieve a session ID.
Severity: High (2)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
Description: Detects use of API versions with Lightning Locker disabled in Aura components. Use API version 40 or greater.
Severity: Critical (1)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects potential misuse of FeatureManagement.changeProtection.
Severity: Critical (1)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects if "Disable Protocol Security" setting is true.
Severity: Moderate (3)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of getInstance(userId)/getInstance(profileId). Hierarchy Custom Settings return the record owned by the current user when getInstance() is invoked without any parameters. But if a tainted or end-user controlled userId or profileId is passed as a parameter to getInstance() that will allow the code to access records owned by other users on... Learn more: https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/rules-pmd-appexchange.html#avoidgetinstancewithtaint
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects Install and Uninstall handlers declared as global. Install and Uninstall Handlers don't need to be global classes. Using global for these handlers means global methods in these classes act as controllers and can be invoked by untrusted code outside the context of post-install/uninstall scenarios. Depending on the logic in these... Learn more: https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/rules-pmd-appexchange.html#avoidglobalinstalluninstallhandlers
Severity: Critical (1)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of hard coded credentials in Aura components.
Severity: High (2)
Tags: AppExchange
, Security
, HTML
Example(s):
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
-
[Good] Code that does not cause a violation:
Description: Identifies hard-coded credentials in source code that must be protected using Protected Custom metadata or Protected Custom settings. Protected custom settings or protected custom metadata should be used to store secrets. Refer to the Protect Secrets Using Platform Features Trailhead module for more guidance.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Identifies hard-coded credentials in source code that must be protected using Protected Custom metadata or Protected Custom settings. Protected custom settings or protected custom metadata should be used to store secrets. Refer to the Protect Secrets Using Platform Features Trailhead module for more guidance.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Detects hard-coded credentials in the call to setPassword().
Severity: Critical (1)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Identifies hard-coded credentials in source code that must be protected using Protected Custom metadata or Protected Custom settings. Protected custom settings or protected custom metadata should be used to store secrets. Refer to the Protect Secrets Using Platform Features Trailhead module for more guidance.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Identifies hard-coded credentials in source code that must be protected using Protected Custom metadata or Protected Custom settings. Protected custom settings or protected custom metadata should be used to store secrets. Refer to the Protect Secrets Using Platform Features Trailhead module for more guidance.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Detects instances of a Remote Site Settings that use HTTP. Use HTTPS instead.
Severity: Moderate (3)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects the use of Schema.DescribeSObjectResult
methods to enforce CRUD check on ContentDistribution
. Developers should use USER MODE
operations or use the custom below to enforce CRUD check against the ContentDistribution
object.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
Description: Detects use of custom JavaScript actions in custom rules.
Severity: High (2)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of custom JavaScript actions in home page components.
Severity: High (2)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of JavaScript-style URLs (javascript:) in components, such as web links and buttons. Avoid JavaScript-style URLs in managed packages.
Severity: Critical (1)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of custom JavaScript actions in web links.
Severity: High (2)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects a Lightning Message Channel with isExposed=true, which isn’t allowed in managed packages.
Severity: High (2)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects Lightning Web Component event configurations where bubbles and composed are both set to true. To avoid sharing sensitive information unintentionally, use this configuration with caution.
Severity: Moderate (3)
Tags: AppExchange
, Security
, JavaScript
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects if S-Controls are used since they should not be used in managed packages.
Severity: Critical (1)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
Description: Detects use of WITH SECURITY_ENFORCED in API version less than 48.0
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Description: Detects use of ${API.Session_Id} to retrieve a session ID. For more guidance on approved use cases, read the Session Id Guidance document.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of UserInfo.getSessionId() to retrieve a session ID. For more guidance on approved use cases, read the Session Id Guidance document.
Severity: Moderate (3)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects use of aura
Severity: High (2)
Tags: AppExchange
, Security
, HTML
Example(s):
-
[Bad] Code that causes a violation:
Description: Detects where System.setPassword() exists in Apex code. Use this method with caution.
Severity: Critical (1)
Tags: AppExchange
, Security
, Apex
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects if a connected app uses full scope instead of limited scope. Explain this use case in your AppExchange security review submission.
Severity: Moderate (3)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation:
Description: Detects where sensitive data must be stored with Protected Custom metadata or Protected Custom settings. Protected custom settings or protected custom metadata should be used to store secrets. Refer to the "Protect Secrets Using Platform Features" Trailhead module for more guidance.
Severity: Moderate (3)
Tags: AppExchange
, Security
, XML
Description: Detects instances of an OAuth callback URL that uses HTTP. Use HTTPS instead.
Severity: Moderate (3)
Tags: AppExchange
, Security
, XML
Example(s):
-
[Bad] Code that causes a violation:
-
[Bad] Code that causes a violation:
-
[Good] Code that does not cause a violation: