Use CLI Commands to Analyze Your Code

To get started using the Salesforce Code Analyzer CLI commands, complete the prerequisites and follow the installation instructions.

To set up Salesforce Code Analyzer, complete these prerequisites.

Some Code Analyzer features depend on the Java Platform, Standard Edition Java Development Kit (JDK). Install JDK version 11 or later.

Code Analyzer is a Salesforce CLI plugin, so you must install Salesforce CLI on your machine. Then use Salesforce CLI to execute commands against Salesforce orgs and work with source files on your local computer.

For information about installing Salesforce CLI, read Install Salesforce CLI.

To install the Salesforce Code Analyzer plugin, run this command.

To check that Code Analyzer is installed, run this command.

The output shows all the core and use plugins currently installed in Salesforce CLI. If Code Analyzer is installed, it's listed like this.

To install a specific Code Analyzer version, run this command.

To display a list of the top-level Code Analyzer commands and topics, run this command.

To view the complete help about a specific command, including the full descriptions and examples, use the --help flag.

To view the short form of the help, use -h.

To update Code Analyzer, rerun the installation command.

To uninstall Code Analyzer, run this command.

The Code Analyzer CLI commands fall into two groups:

• Commands to scan your codebase, such as scanner run and scanner run dfa.
• Commands to manage rules, such as scanner rule list and scanner rule add.

See the scanner Command Reference for a full list of CLI commands; each command page includes examples of how to run the commands.

• Salesforce CLI Setup Guide: Update Salesforce CLI
• Salesforce CLI Setup Guide: Troubleshoot Salesforce CLI