Source Code Analysis ToolUse a source code analysis tool to scan and analyze your Salesforce code (Apex, Visualforce, Lightning, JavaScript, HTML5), detect violation of best practices, inefficiencies & security vulnerabilities along with recommendations to fix it. Integrate it with your IDE, source control repository, and/or CI/CD pipeline to automate the analysis and raise a hand when something needs your attention. Bake quality in your code with these code scanning tools

(Tools, that I personally use or have used and recommended are marked with a heart)

1. Force.com Code Scanner Portal ()

  • Provided by Salesforce in partnership with Checkmarx
  • Submit the scanning request and get the result through email
  • Limited to 360,000 lines of code scanned in any trailing 12 month period
  • Free

2. Checkmarx

  • Scan Apex, VisualForce, Javascript, HTML5
  • IDE & Source Repository Integration
  • Has a free plan with limited features
  • Contact the company for paid plans

3. Clayton

  • Scans Apex, Visualforce, Lightning, Process Builder, Flows, object definitions, and more
  • Catch OWASP Top 10 vulnerabilities as well as Salesforce-specific security flaws such as CRUD and FLS violations, SOQL-injections and more.
  • Has a free plan with limited features
  • Paid plans start from US$ 599/month

4. Codescan.io

  • Choose from self-host or cloud plan
  • 500+ security and quality rules for Apex, Visualforce, Lightning and Metadata
  • Integrates directly with Salesforce and all popular CI/CD pipelines
  • Integrates into the developer environment
  • US$ 2,800/year for 40,000 lines of code

5. Apex PMD

5. Sonarsource

  • Apex static code analysis for 56 rules
  • Integrates with CI/CD
  • Integrates with Source/Version Control Systems
  • Available on Cloud with Sonarcloud and on-premise with Sonarqube
  • Free & open source

Don’t see the tool of your choice listed here? Please feel free to mention it in the comments below for other readers’ benefit.

Want to see a list of more of such useful resources & tools under different categories? Please do take a look at the resources page.