Tag: Static Code Analysis

Salesforce Code Analyzer report in HTML format
Salesforce

Prevent Null Pointer Exceptions with Salesforce Graph Engine

Salesforce Graph Engine performs more complex checks than an average static analysis tool because Graph Engine uses data flow analysis, which is a technique for gathering information about the possible set of values calculated at various points in the application.

View Salesforce Code Analyzer Results
Salesforce

Getting Started with the Salesforce Code Analyzer

Salesforce recently announced the general availability of their own code analyzer tool, which brings popular quality scans to the local development environment, including PMD, ESLint, RetireJS, Cop/Paste Detector and Salesforce Graph Engine.

SonarLint extension for VS Code
Salesforce

View Sonar Analysis for Apex in VS Code

In previous posts, we looked at how to set up SonarCloud code analysis for Salesforce using automatic analysis, as well as GitHub Actions to trigger scans from a CI job. Show the results of code analysis once changes are merged to a shared branch is great, but ideally develops are […]

Salesforce

Add Apex Code Coverage to GitHub Pull Requests with SonarCloud

In the previous SonarCloud post, we looked at how to set up SonarCloud code analysis for Salesforce using automatic analysis, as well as GitHub Actions to trigger scans from a CI job. If you want to include Apex test code coverage in the SonarCloud dashboard then running the scan from […]

SonarCloud Quality Dashboard
Salesforce

SonarCloud Code Analysis for Salesforce

SonarCloud is the hosted offering of SonarQube, provided by SonarSource. In this post we will look at how to run a Sonar code quality scan on a Salesforce project using automatic analysis and GitHub Actions. The example in this post is focused on Apex classes and triggers, but SonarCloud also […]

photo of code projected over woman
Salesforce

Veracode Static Code Analysis for Salesforce

Veracode is a leading provider of application security testing products. Veracode recently added support for Apex, Visualforce, Lightning Web Components and Aura components to its static code analysis product. Veracode provides three solutions for scanning code: an IDE plugin called Greenlight, a development pipeline option called Pipeline Scan, and a […]