Salesforce Graph Engine performs more complex checks than an average static analysis tool because Graph Engine uses data flow analysis, which is a technique for gathering information about the possible set of values calculated at various points in the application.
Latest posts
Getting Started with the Salesforce Code Analyzer
Salesforce recently announced the general availability of their own code analyzer tool, which brings popular quality scans to the local development environment, including PMD, ESLint, RetireJS, Cop/Paste Detector and Salesforce Graph Engine.
Build Your Own Synchronization between GitHub and Anypoint API Designer
In a previous post we looked at how to author an API specification locally and save to Anypoint Design Center, as well as how to manually sync changes made on the Anypoint platform to your local computer. One of the benefits of maintaining the API specification on your local computer […]
3 Options for Running Kafka Locally
In this post, we will explore several options for setting up Kafka on your local computer. Each option provides various benefits and capabilities, so the best option will depend on your needs. Overview For each option we will install and run a Kafka implementation locally and we will publish and […]
OpenAPI Specification Development with Mulesoft using Anypoint CLI
In this post we will explore how to create an API specification and save to the Mulesoft Anypoint platform from the command line so that we can take advantage of the platform’s API management capabilities. Business Scenario We are going to create a REST API for a pet adoption agency. […]
Data Generation Recipe for Student Success Hub
As residential universities struggle to establish the level of student engagement with in-person courses that existed before the pandemic, some are looking at implementing the type of student support infrastructure that has long been in place at online universities, which typically cater to working adults juggling many priorities. For universities […]
View Sonar Analysis for Apex in VS Code
In previous posts, we looked at how to set up SonarCloud code analysis for Salesforce using automatic analysis, as well as GitHub Actions to trigger scans from a CI job. Show the results of code analysis once changes are merged to a shared branch is great, but ideally develops are […]
Add Apex Code Coverage to GitHub Pull Requests with SonarCloud
In the previous SonarCloud post, we looked at how to set up SonarCloud code analysis for Salesforce using automatic analysis, as well as GitHub Actions to trigger scans from a CI job. If you want to include Apex test code coverage in the SonarCloud dashboard then running the scan from […]
SonarCloud Code Analysis for Salesforce
SonarCloud is the hosted offering of SonarQube, provided by SonarSource. In this post we will look at how to run a Sonar code quality scan on a Salesforce project using automatic analysis and GitHub Actions. The example in this post is focused on Apex classes and triggers, but SonarCloud also […]
Veracode Static Code Analysis for Salesforce
Veracode is a leading provider of application security testing products. Veracode recently added support for Apex, Visualforce, Lightning Web Components and Aura components to its static code analysis product. Veracode provides three solutions for scanning code: an IDE plugin called Greenlight, a development pipeline option called Pipeline Scan, and a […]