@salesforce/afv-skills 1.16.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. package/package.json +1 -1
  2. package/skills/activating-datacloud/SKILL.md +2 -2
  3. package/skills/analyzing-omnistudio-dependencies/SKILL.md +1 -1
  4. package/skills/building-sf-integrations/SKILL.md +1 -1
  5. package/skills/building-ui-bundle-app/SKILL.md +1 -1
  6. package/skills/configuring-code-analyzer/SKILL.md +482 -0
  7. package/skills/configuring-code-analyzer/examples/apex-project-config.yml +41 -0
  8. package/skills/configuring-code-analyzer/examples/ci-github-actions.yml +96 -0
  9. package/skills/configuring-code-analyzer/examples/fullstack-project-config.yml +46 -0
  10. package/skills/configuring-code-analyzer/examples/lwc-project-config.yml +26 -0
  11. package/skills/configuring-code-analyzer/references/ci-cd-templates.md +648 -0
  12. package/skills/configuring-code-analyzer/references/config-schema.md +257 -0
  13. package/skills/configuring-code-analyzer/references/diagnostic-flow.md +70 -0
  14. package/skills/configuring-code-analyzer/references/engine-prerequisites.md +276 -0
  15. package/skills/configuring-code-analyzer/references/rule-name-resolution.md +67 -0
  16. package/skills/configuring-code-analyzer/references/troubleshooting.md +298 -0
  17. package/skills/configuring-code-analyzer/scripts/check-prerequisites.sh +189 -0
  18. package/skills/configuring-code-analyzer/scripts/generate-config.sh +143 -0
  19. package/skills/configuring-code-analyzer/scripts/validate-config.sh +153 -0
  20. package/skills/connecting-datacloud/SKILL.md +2 -2
  21. package/skills/creating-b2b-commerce-store/SKILL.md +0 -1
  22. package/skills/developing-agentforce/SKILL.md +0 -1
  23. package/skills/generating-apex/SKILL.md +1 -0
  24. package/skills/generating-mermaid-diagrams/assets/datamodel/b2b-commerce-erd.md +1 -1
  25. package/skills/generating-mermaid-diagrams/assets/datamodel/campaigns-erd.md +1 -1
  26. package/skills/generating-mermaid-diagrams/assets/datamodel/consent-erd.md +1 -1
  27. package/skills/generating-mermaid-diagrams/assets/datamodel/files-erd.md +1 -1
  28. package/skills/generating-mermaid-diagrams/assets/datamodel/forecasting-erd.md +1 -1
  29. package/skills/generating-mermaid-diagrams/assets/datamodel/fsl-erd.md +1 -1
  30. package/skills/generating-mermaid-diagrams/assets/datamodel/party-model-erd.md +1 -1
  31. package/skills/generating-mermaid-diagrams/assets/datamodel/quote-order-erd.md +1 -1
  32. package/skills/generating-mermaid-diagrams/assets/datamodel/revenue-cloud-erd.md +1 -1
  33. package/skills/generating-mermaid-diagrams/assets/datamodel/sales-cloud-erd.md +1 -1
  34. package/skills/generating-mermaid-diagrams/assets/datamodel/salesforce-erd.md +1 -1
  35. package/skills/generating-mermaid-diagrams/assets/datamodel/scheduler-erd.md +1 -1
  36. package/skills/generating-mermaid-diagrams/assets/datamodel/service-cloud-erd.md +1 -1
  37. package/skills/generating-mermaid-diagrams/assets/datamodel/territory-management-erd.md +1 -1
  38. package/skills/generating-mermaid-diagrams/references/erd-conventions.md +1 -1
  39. package/skills/generating-mermaid-diagrams/references/preview-guide.md +2 -5
  40. package/skills/harmonizing-datacloud/SKILL.md +2 -2
  41. package/skills/implementing-ui-bundle-agentforce-conversation-client/SKILL.md +1 -2
  42. package/skills/investigating-agentforce-d360/SKILL.md +1 -1
  43. package/skills/managing-cdc-enablement/SKILL.md +164 -0
  44. package/skills/managing-cdc-enablement/assets/PlatformEventChannel-template.xml +5 -0
  45. package/skills/managing-cdc-enablement/assets/PlatformEventChannelMember-template.xml +11 -0
  46. package/skills/managing-cdc-enablement/references/deploy-troubleshooting.md +73 -0
  47. package/skills/managing-cdc-enablement/references/filter-expressions.md +93 -0
  48. package/skills/observing-agentforce/SKILL.md +0 -1
  49. package/skills/observing-agentforce/references/stdm-queries.md +3 -11
  50. package/skills/orchestrating-datacloud/README.md +5 -7
  51. package/skills/orchestrating-datacloud/SKILL.md +3 -3
  52. package/skills/orchestrating-datacloud/references/feature-readiness.md +2 -2
  53. package/skills/orchestrating-datacloud/references/plugin-setup.md +6 -8
  54. package/skills/orchestrating-datacloud/scripts/diagnose-org.mjs +1 -1
  55. package/skills/orchestrating-datacloud/scripts/verify-plugin.sh +2 -2
  56. package/skills/preparing-datacloud/SKILL.md +2 -2
  57. package/skills/retrieving-datacloud/SKILL.md +3 -3
  58. package/skills/reviewing-lwc-mobile-offline/SKILL.md +0 -1
  59. package/skills/running-code-analyzer/SKILL.md +264 -267
  60. package/skills/running-code-analyzer/references/post-scan-workflows.md +286 -0
  61. package/skills/running-code-analyzer/scripts/describe-rule.js +382 -0
  62. package/skills/running-code-analyzer/scripts/list-rules.js +260 -0
  63. package/skills/running-code-analyzer/scripts/query-results.js +230 -0
  64. package/skills/testing-agentforce/SKILL.md +0 -1
  65. package/skills/using-mobile-native-capabilities/SKILL.md +0 -1
  66. package/skills/using-salesforce-archive/SKILL.md +121 -0
  67. package/skills/using-salesforce-archive/examples/monitor-failed-jobs.md +47 -0
  68. package/skills/using-salesforce-archive/references/archive-activity-entity.md +59 -0
  69. package/skills/using-salesforce-archive/references/connect-api-operations.md +157 -0
@@ -0,0 +1,96 @@
1
+ # GitHub Actions Workflow — Code Analyzer Quality Gate
2
+ #
3
+ # Scans pull requests for code quality and security violations.
4
+ # Uploads SARIF results to GitHub Code Scanning for inline annotations.
5
+ #
6
+ # Usage:
7
+ # Copy to .github/workflows/code-analyzer.yml in your repository
8
+ # Customize severity-threshold and rule-selector as needed
9
+ #
10
+ # Prerequisites:
11
+ # - Repository must have GitHub Advanced Security enabled for SARIF upload
12
+ # - Or remove the "Upload SARIF" step for basic artifact-only workflow
13
+
14
+ name: Code Analyzer
15
+
16
+ on:
17
+ pull_request:
18
+ branches: [main, develop]
19
+ paths:
20
+ - 'force-app/**'
21
+ - 'src/**'
22
+ - '**/*.cls'
23
+ - '**/*.trigger'
24
+ - '**/*.js'
25
+ - '**/*.ts'
26
+ - '**/*.html'
27
+ - '**/*.flow-meta.xml'
28
+ - 'code-analyzer.yml'
29
+ push:
30
+ branches: [main, develop]
31
+
32
+ permissions:
33
+ contents: read
34
+ security-events: write # Required for SARIF upload
35
+
36
+ jobs:
37
+ code-analysis:
38
+ runs-on: ubuntu-latest
39
+ timeout-minutes: 30
40
+
41
+ steps:
42
+ - name: Checkout code
43
+ uses: actions/checkout@v4
44
+ with:
45
+ fetch-depth: 0 # Full history for diff-based scans
46
+
47
+ - name: Set up Node.js
48
+ uses: actions/setup-node@v4
49
+ with:
50
+ node-version: '20'
51
+
52
+ - name: Set up Java
53
+ uses: actions/setup-java@v4
54
+ with:
55
+ distribution: 'temurin'
56
+ java-version: '11'
57
+
58
+ - name: Install Salesforce CLI
59
+ run: npm install -g @salesforce/cli
60
+
61
+ - name: Install Code Analyzer
62
+ run: sf plugins install @salesforce/plugin-code-analyzer
63
+
64
+ - name: Verify installation
65
+ run: |
66
+ sf --version
67
+ sf plugins --core | grep code-analyzer
68
+ java -version
69
+ node --version
70
+
71
+ - name: Run Code Analyzer
72
+ run: |
73
+ sf code-analyzer run \
74
+ --rule-selector Recommended \
75
+ --severity-threshold 2 \
76
+ --output-file results.sarif \
77
+ --output-file results.json \
78
+ --output-file results.html \
79
+ --config-file code-analyzer.yml
80
+
81
+ - name: Upload SARIF to GitHub Security
82
+ if: always()
83
+ uses: github/codeql-action/upload-sarif@v3
84
+ with:
85
+ sarif_file: results.sarif
86
+ category: code-analyzer
87
+
88
+ - name: Upload Results as Artifact
89
+ if: always()
90
+ uses: actions/upload-artifact@v4
91
+ with:
92
+ name: code-analyzer-results
93
+ path: |
94
+ results.json
95
+ results.html
96
+ retention-days: 30
@@ -0,0 +1,46 @@
1
+ # Code Analyzer Configuration — Full-Stack Salesforce Project
2
+ #
3
+ # This file contains ONLY overrides. Code Analyzer's built-in defaults
4
+ # handle everything else. Only add entries here that intentionally
5
+ # change behavior for your project.
6
+ #
7
+ # Usage:
8
+ # Place at project root as code-analyzer.yml
9
+ # Validate: sf code-analyzer config --config-file code-analyzer.yml
10
+
11
+ # Exclude non-project files
12
+ ignores:
13
+ files:
14
+ - "**/node_modules/**"
15
+ - "**/.sfdx/**"
16
+ - "**/.sf/**"
17
+ - "**/jest-mocks/**"
18
+ - "**/__tests__/**"
19
+ - "**/*.min.js"
20
+ - "**/staticresources/jquery*"
21
+ - "**/staticresources/bootstrap*"
22
+
23
+ # Engine tuning — only what differs from defaults
24
+ engines:
25
+ # SFGE: increase heap for large Apex codebases
26
+ sfge:
27
+ java_max_heap_size: "4g"
28
+ # ESLint: use project's existing config for LWC-specific rules
29
+ eslint:
30
+ auto_discover_eslint_config: true
31
+
32
+ # Rule overrides — only rules that need project-specific treatment
33
+ rules:
34
+ pmd:
35
+ # Promote security rules (default is High → make Critical)
36
+ ApexCRUDViolation:
37
+ severity: 1
38
+ ApexSOQLInjection:
39
+ severity: 1
40
+ # Demote noisy documentation rule
41
+ ApexDoc:
42
+ severity: 5
43
+ eslint:
44
+ # Demote console warnings in development (default is Moderate)
45
+ no-console:
46
+ severity: 4
@@ -0,0 +1,26 @@
1
+ # Code Analyzer Configuration — LWC-focused Project
2
+ #
3
+ # This file contains ONLY overrides. Code Analyzer's built-in defaults
4
+ # handle everything else. Only add entries here that intentionally
5
+ # change behavior for your project.
6
+ #
7
+ # Usage:
8
+ # Place at project root as code-analyzer.yml
9
+ # Validate: sf code-analyzer config --config-file code-analyzer.yml
10
+
11
+ # Exclude non-project files and test infrastructure
12
+ ignores:
13
+ files:
14
+ - "**/node_modules/**"
15
+ - "**/.sfdx/**"
16
+ - "**/.sf/**"
17
+ - "**/jest-mocks/**"
18
+ - "**/__tests__/**"
19
+ - "**/*.min.js"
20
+
21
+ # Engine tuning
22
+ engines:
23
+ # ESLint: opt-in to use project's existing ESLint config
24
+ # (built-in default is false — Code Analyzer uses its own base configs)
25
+ eslint:
26
+ auto_discover_eslint_config: true