@salesforce/afv-skills 1.16.0 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/skills/activating-datacloud/SKILL.md +2 -2
- package/skills/analyzing-omnistudio-dependencies/SKILL.md +1 -1
- package/skills/building-sf-integrations/SKILL.md +1 -1
- package/skills/building-ui-bundle-app/SKILL.md +1 -1
- package/skills/configuring-code-analyzer/SKILL.md +482 -0
- package/skills/configuring-code-analyzer/examples/apex-project-config.yml +41 -0
- package/skills/configuring-code-analyzer/examples/ci-github-actions.yml +96 -0
- package/skills/configuring-code-analyzer/examples/fullstack-project-config.yml +46 -0
- package/skills/configuring-code-analyzer/examples/lwc-project-config.yml +26 -0
- package/skills/configuring-code-analyzer/references/ci-cd-templates.md +648 -0
- package/skills/configuring-code-analyzer/references/config-schema.md +257 -0
- package/skills/configuring-code-analyzer/references/diagnostic-flow.md +70 -0
- package/skills/configuring-code-analyzer/references/engine-prerequisites.md +276 -0
- package/skills/configuring-code-analyzer/references/rule-name-resolution.md +67 -0
- package/skills/configuring-code-analyzer/references/troubleshooting.md +298 -0
- package/skills/configuring-code-analyzer/scripts/check-prerequisites.sh +189 -0
- package/skills/configuring-code-analyzer/scripts/generate-config.sh +143 -0
- package/skills/configuring-code-analyzer/scripts/validate-config.sh +153 -0
- package/skills/connecting-datacloud/SKILL.md +2 -2
- package/skills/creating-b2b-commerce-store/SKILL.md +0 -1
- package/skills/developing-agentforce/SKILL.md +0 -1
- package/skills/generating-apex/SKILL.md +1 -0
- package/skills/generating-mermaid-diagrams/assets/datamodel/b2b-commerce-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/campaigns-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/consent-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/files-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/forecasting-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/fsl-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/party-model-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/quote-order-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/revenue-cloud-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/sales-cloud-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/salesforce-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/scheduler-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/service-cloud-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/assets/datamodel/territory-management-erd.md +1 -1
- package/skills/generating-mermaid-diagrams/references/erd-conventions.md +1 -1
- package/skills/generating-mermaid-diagrams/references/preview-guide.md +2 -5
- package/skills/harmonizing-datacloud/SKILL.md +2 -2
- package/skills/implementing-ui-bundle-agentforce-conversation-client/SKILL.md +1 -2
- package/skills/investigating-agentforce-d360/SKILL.md +1 -1
- package/skills/managing-cdc-enablement/SKILL.md +164 -0
- package/skills/managing-cdc-enablement/assets/PlatformEventChannel-template.xml +5 -0
- package/skills/managing-cdc-enablement/assets/PlatformEventChannelMember-template.xml +11 -0
- package/skills/managing-cdc-enablement/references/deploy-troubleshooting.md +73 -0
- package/skills/managing-cdc-enablement/references/filter-expressions.md +93 -0
- package/skills/observing-agentforce/SKILL.md +0 -1
- package/skills/observing-agentforce/references/stdm-queries.md +3 -11
- package/skills/orchestrating-datacloud/README.md +5 -7
- package/skills/orchestrating-datacloud/SKILL.md +3 -3
- package/skills/orchestrating-datacloud/references/feature-readiness.md +2 -2
- package/skills/orchestrating-datacloud/references/plugin-setup.md +6 -8
- package/skills/orchestrating-datacloud/scripts/diagnose-org.mjs +1 -1
- package/skills/orchestrating-datacloud/scripts/verify-plugin.sh +2 -2
- package/skills/preparing-datacloud/SKILL.md +2 -2
- package/skills/retrieving-datacloud/SKILL.md +3 -3
- package/skills/reviewing-lwc-mobile-offline/SKILL.md +0 -1
- package/skills/running-code-analyzer/SKILL.md +264 -267
- package/skills/running-code-analyzer/references/post-scan-workflows.md +286 -0
- package/skills/running-code-analyzer/scripts/describe-rule.js +382 -0
- package/skills/running-code-analyzer/scripts/list-rules.js +260 -0
- package/skills/running-code-analyzer/scripts/query-results.js +230 -0
- package/skills/testing-agentforce/SKILL.md +0 -1
- package/skills/using-mobile-native-capabilities/SKILL.md +0 -1
- package/skills/using-salesforce-archive/SKILL.md +121 -0
- package/skills/using-salesforce-archive/examples/monitor-failed-jobs.md +47 -0
- package/skills/using-salesforce-archive/references/archive-activity-entity.md +59 -0
- package/skills/using-salesforce-archive/references/connect-api-operations.md +157 -0
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
# GitHub Actions Workflow — Code Analyzer Quality Gate
|
|
2
|
+
#
|
|
3
|
+
# Scans pull requests for code quality and security violations.
|
|
4
|
+
# Uploads SARIF results to GitHub Code Scanning for inline annotations.
|
|
5
|
+
#
|
|
6
|
+
# Usage:
|
|
7
|
+
# Copy to .github/workflows/code-analyzer.yml in your repository
|
|
8
|
+
# Customize severity-threshold and rule-selector as needed
|
|
9
|
+
#
|
|
10
|
+
# Prerequisites:
|
|
11
|
+
# - Repository must have GitHub Advanced Security enabled for SARIF upload
|
|
12
|
+
# - Or remove the "Upload SARIF" step for basic artifact-only workflow
|
|
13
|
+
|
|
14
|
+
name: Code Analyzer
|
|
15
|
+
|
|
16
|
+
on:
|
|
17
|
+
pull_request:
|
|
18
|
+
branches: [main, develop]
|
|
19
|
+
paths:
|
|
20
|
+
- 'force-app/**'
|
|
21
|
+
- 'src/**'
|
|
22
|
+
- '**/*.cls'
|
|
23
|
+
- '**/*.trigger'
|
|
24
|
+
- '**/*.js'
|
|
25
|
+
- '**/*.ts'
|
|
26
|
+
- '**/*.html'
|
|
27
|
+
- '**/*.flow-meta.xml'
|
|
28
|
+
- 'code-analyzer.yml'
|
|
29
|
+
push:
|
|
30
|
+
branches: [main, develop]
|
|
31
|
+
|
|
32
|
+
permissions:
|
|
33
|
+
contents: read
|
|
34
|
+
security-events: write # Required for SARIF upload
|
|
35
|
+
|
|
36
|
+
jobs:
|
|
37
|
+
code-analysis:
|
|
38
|
+
runs-on: ubuntu-latest
|
|
39
|
+
timeout-minutes: 30
|
|
40
|
+
|
|
41
|
+
steps:
|
|
42
|
+
- name: Checkout code
|
|
43
|
+
uses: actions/checkout@v4
|
|
44
|
+
with:
|
|
45
|
+
fetch-depth: 0 # Full history for diff-based scans
|
|
46
|
+
|
|
47
|
+
- name: Set up Node.js
|
|
48
|
+
uses: actions/setup-node@v4
|
|
49
|
+
with:
|
|
50
|
+
node-version: '20'
|
|
51
|
+
|
|
52
|
+
- name: Set up Java
|
|
53
|
+
uses: actions/setup-java@v4
|
|
54
|
+
with:
|
|
55
|
+
distribution: 'temurin'
|
|
56
|
+
java-version: '11'
|
|
57
|
+
|
|
58
|
+
- name: Install Salesforce CLI
|
|
59
|
+
run: npm install -g @salesforce/cli
|
|
60
|
+
|
|
61
|
+
- name: Install Code Analyzer
|
|
62
|
+
run: sf plugins install @salesforce/plugin-code-analyzer
|
|
63
|
+
|
|
64
|
+
- name: Verify installation
|
|
65
|
+
run: |
|
|
66
|
+
sf --version
|
|
67
|
+
sf plugins --core | grep code-analyzer
|
|
68
|
+
java -version
|
|
69
|
+
node --version
|
|
70
|
+
|
|
71
|
+
- name: Run Code Analyzer
|
|
72
|
+
run: |
|
|
73
|
+
sf code-analyzer run \
|
|
74
|
+
--rule-selector Recommended \
|
|
75
|
+
--severity-threshold 2 \
|
|
76
|
+
--output-file results.sarif \
|
|
77
|
+
--output-file results.json \
|
|
78
|
+
--output-file results.html \
|
|
79
|
+
--config-file code-analyzer.yml
|
|
80
|
+
|
|
81
|
+
- name: Upload SARIF to GitHub Security
|
|
82
|
+
if: always()
|
|
83
|
+
uses: github/codeql-action/upload-sarif@v3
|
|
84
|
+
with:
|
|
85
|
+
sarif_file: results.sarif
|
|
86
|
+
category: code-analyzer
|
|
87
|
+
|
|
88
|
+
- name: Upload Results as Artifact
|
|
89
|
+
if: always()
|
|
90
|
+
uses: actions/upload-artifact@v4
|
|
91
|
+
with:
|
|
92
|
+
name: code-analyzer-results
|
|
93
|
+
path: |
|
|
94
|
+
results.json
|
|
95
|
+
results.html
|
|
96
|
+
retention-days: 30
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# Code Analyzer Configuration — Full-Stack Salesforce Project
|
|
2
|
+
#
|
|
3
|
+
# This file contains ONLY overrides. Code Analyzer's built-in defaults
|
|
4
|
+
# handle everything else. Only add entries here that intentionally
|
|
5
|
+
# change behavior for your project.
|
|
6
|
+
#
|
|
7
|
+
# Usage:
|
|
8
|
+
# Place at project root as code-analyzer.yml
|
|
9
|
+
# Validate: sf code-analyzer config --config-file code-analyzer.yml
|
|
10
|
+
|
|
11
|
+
# Exclude non-project files
|
|
12
|
+
ignores:
|
|
13
|
+
files:
|
|
14
|
+
- "**/node_modules/**"
|
|
15
|
+
- "**/.sfdx/**"
|
|
16
|
+
- "**/.sf/**"
|
|
17
|
+
- "**/jest-mocks/**"
|
|
18
|
+
- "**/__tests__/**"
|
|
19
|
+
- "**/*.min.js"
|
|
20
|
+
- "**/staticresources/jquery*"
|
|
21
|
+
- "**/staticresources/bootstrap*"
|
|
22
|
+
|
|
23
|
+
# Engine tuning — only what differs from defaults
|
|
24
|
+
engines:
|
|
25
|
+
# SFGE: increase heap for large Apex codebases
|
|
26
|
+
sfge:
|
|
27
|
+
java_max_heap_size: "4g"
|
|
28
|
+
# ESLint: use project's existing config for LWC-specific rules
|
|
29
|
+
eslint:
|
|
30
|
+
auto_discover_eslint_config: true
|
|
31
|
+
|
|
32
|
+
# Rule overrides — only rules that need project-specific treatment
|
|
33
|
+
rules:
|
|
34
|
+
pmd:
|
|
35
|
+
# Promote security rules (default is High → make Critical)
|
|
36
|
+
ApexCRUDViolation:
|
|
37
|
+
severity: 1
|
|
38
|
+
ApexSOQLInjection:
|
|
39
|
+
severity: 1
|
|
40
|
+
# Demote noisy documentation rule
|
|
41
|
+
ApexDoc:
|
|
42
|
+
severity: 5
|
|
43
|
+
eslint:
|
|
44
|
+
# Demote console warnings in development (default is Moderate)
|
|
45
|
+
no-console:
|
|
46
|
+
severity: 4
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
# Code Analyzer Configuration — LWC-focused Project
|
|
2
|
+
#
|
|
3
|
+
# This file contains ONLY overrides. Code Analyzer's built-in defaults
|
|
4
|
+
# handle everything else. Only add entries here that intentionally
|
|
5
|
+
# change behavior for your project.
|
|
6
|
+
#
|
|
7
|
+
# Usage:
|
|
8
|
+
# Place at project root as code-analyzer.yml
|
|
9
|
+
# Validate: sf code-analyzer config --config-file code-analyzer.yml
|
|
10
|
+
|
|
11
|
+
# Exclude non-project files and test infrastructure
|
|
12
|
+
ignores:
|
|
13
|
+
files:
|
|
14
|
+
- "**/node_modules/**"
|
|
15
|
+
- "**/.sfdx/**"
|
|
16
|
+
- "**/.sf/**"
|
|
17
|
+
- "**/jest-mocks/**"
|
|
18
|
+
- "**/__tests__/**"
|
|
19
|
+
- "**/*.min.js"
|
|
20
|
+
|
|
21
|
+
# Engine tuning
|
|
22
|
+
engines:
|
|
23
|
+
# ESLint: opt-in to use project's existing ESLint config
|
|
24
|
+
# (built-in default is false — Code Analyzer uses its own base configs)
|
|
25
|
+
eslint:
|
|
26
|
+
auto_discover_eslint_config: true
|