Hardis Group & Cloudity
Any thoughts on Salesforce Code Analyzer? #1560
marcosboger
started this conversation in
General
Replies: 1 comment
-
|
@marcosboger as it embeds PMD & eslint, it's pretty good for your Apex, Aura & LWC :) in sfdx-hardis CI/CD, code-analyzer is embedded via MegaLinter by Ox Security, with other linters, including copy-paste detectors, security linters (avoid credentials hardcoded in your repo... ) Note: Current version embeds sfdx-scanner, the previous version of code-analyzer, but very soon there will be a new release with code-analyzer, it's already available in current beta :) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Creating the discussion here as I consider sfdx-hardis a key project in the DevOps community.
Does anyone have thoughts and impressions on the Salesforce Code Analyzer?
We are thinking about using it as our main SAST tool for Salesforce developments, but mainly worried about the rules coverage and if it's good enough to be the sole SAST tool in our Dev setup.
@nvuillam welcome to hear your thoughts (if any 😊)
Beta Was this translation helpful? Give feedback.
All reactions