@salesforce/afv-skills 1.16.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. package/package.json +1 -1
  2. package/skills/activating-datacloud/SKILL.md +2 -2
  3. package/skills/analyzing-omnistudio-dependencies/SKILL.md +1 -1
  4. package/skills/building-sf-integrations/SKILL.md +1 -1
  5. package/skills/building-ui-bundle-app/SKILL.md +1 -1
  6. package/skills/configuring-code-analyzer/SKILL.md +482 -0
  7. package/skills/configuring-code-analyzer/examples/apex-project-config.yml +41 -0
  8. package/skills/configuring-code-analyzer/examples/ci-github-actions.yml +96 -0
  9. package/skills/configuring-code-analyzer/examples/fullstack-project-config.yml +46 -0
  10. package/skills/configuring-code-analyzer/examples/lwc-project-config.yml +26 -0
  11. package/skills/configuring-code-analyzer/references/ci-cd-templates.md +648 -0
  12. package/skills/configuring-code-analyzer/references/config-schema.md +257 -0
  13. package/skills/configuring-code-analyzer/references/diagnostic-flow.md +70 -0
  14. package/skills/configuring-code-analyzer/references/engine-prerequisites.md +276 -0
  15. package/skills/configuring-code-analyzer/references/rule-name-resolution.md +67 -0
  16. package/skills/configuring-code-analyzer/references/troubleshooting.md +298 -0
  17. package/skills/configuring-code-analyzer/scripts/check-prerequisites.sh +189 -0
  18. package/skills/configuring-code-analyzer/scripts/generate-config.sh +143 -0
  19. package/skills/configuring-code-analyzer/scripts/validate-config.sh +153 -0
  20. package/skills/connecting-datacloud/SKILL.md +2 -2
  21. package/skills/creating-b2b-commerce-store/SKILL.md +0 -1
  22. package/skills/developing-agentforce/SKILL.md +0 -1
  23. package/skills/generating-apex/SKILL.md +1 -0
  24. package/skills/generating-mermaid-diagrams/assets/datamodel/b2b-commerce-erd.md +1 -1
  25. package/skills/generating-mermaid-diagrams/assets/datamodel/campaigns-erd.md +1 -1
  26. package/skills/generating-mermaid-diagrams/assets/datamodel/consent-erd.md +1 -1
  27. package/skills/generating-mermaid-diagrams/assets/datamodel/files-erd.md +1 -1
  28. package/skills/generating-mermaid-diagrams/assets/datamodel/forecasting-erd.md +1 -1
  29. package/skills/generating-mermaid-diagrams/assets/datamodel/fsl-erd.md +1 -1
  30. package/skills/generating-mermaid-diagrams/assets/datamodel/party-model-erd.md +1 -1
  31. package/skills/generating-mermaid-diagrams/assets/datamodel/quote-order-erd.md +1 -1
  32. package/skills/generating-mermaid-diagrams/assets/datamodel/revenue-cloud-erd.md +1 -1
  33. package/skills/generating-mermaid-diagrams/assets/datamodel/sales-cloud-erd.md +1 -1
  34. package/skills/generating-mermaid-diagrams/assets/datamodel/salesforce-erd.md +1 -1
  35. package/skills/generating-mermaid-diagrams/assets/datamodel/scheduler-erd.md +1 -1
  36. package/skills/generating-mermaid-diagrams/assets/datamodel/service-cloud-erd.md +1 -1
  37. package/skills/generating-mermaid-diagrams/assets/datamodel/territory-management-erd.md +1 -1
  38. package/skills/generating-mermaid-diagrams/references/erd-conventions.md +1 -1
  39. package/skills/generating-mermaid-diagrams/references/preview-guide.md +2 -5
  40. package/skills/harmonizing-datacloud/SKILL.md +2 -2
  41. package/skills/implementing-ui-bundle-agentforce-conversation-client/SKILL.md +1 -2
  42. package/skills/investigating-agentforce-d360/SKILL.md +1 -1
  43. package/skills/managing-cdc-enablement/SKILL.md +164 -0
  44. package/skills/managing-cdc-enablement/assets/PlatformEventChannel-template.xml +5 -0
  45. package/skills/managing-cdc-enablement/assets/PlatformEventChannelMember-template.xml +11 -0
  46. package/skills/managing-cdc-enablement/references/deploy-troubleshooting.md +73 -0
  47. package/skills/managing-cdc-enablement/references/filter-expressions.md +93 -0
  48. package/skills/observing-agentforce/SKILL.md +0 -1
  49. package/skills/observing-agentforce/references/stdm-queries.md +3 -11
  50. package/skills/orchestrating-datacloud/README.md +5 -7
  51. package/skills/orchestrating-datacloud/SKILL.md +3 -3
  52. package/skills/orchestrating-datacloud/references/feature-readiness.md +2 -2
  53. package/skills/orchestrating-datacloud/references/plugin-setup.md +6 -8
  54. package/skills/orchestrating-datacloud/scripts/diagnose-org.mjs +1 -1
  55. package/skills/orchestrating-datacloud/scripts/verify-plugin.sh +2 -2
  56. package/skills/preparing-datacloud/SKILL.md +2 -2
  57. package/skills/retrieving-datacloud/SKILL.md +3 -3
  58. package/skills/reviewing-lwc-mobile-offline/SKILL.md +0 -1
  59. package/skills/running-code-analyzer/SKILL.md +264 -267
  60. package/skills/running-code-analyzer/references/post-scan-workflows.md +286 -0
  61. package/skills/running-code-analyzer/scripts/describe-rule.js +382 -0
  62. package/skills/running-code-analyzer/scripts/list-rules.js +260 -0
  63. package/skills/running-code-analyzer/scripts/query-results.js +230 -0
  64. package/skills/testing-agentforce/SKILL.md +0 -1
  65. package/skills/using-mobile-native-capabilities/SKILL.md +0 -1
  66. package/skills/using-salesforce-archive/SKILL.md +121 -0
  67. package/skills/using-salesforce-archive/examples/monitor-failed-jobs.md +47 -0
  68. package/skills/using-salesforce-archive/references/archive-activity-entity.md +59 -0
  69. package/skills/using-salesforce-archive/references/connect-api-operations.md +157 -0
@@ -0,0 +1,257 @@
1
+ # Code Analyzer Configuration Schema
2
+
3
+ Full reference for the `code-analyzer.yml` configuration file.
4
+
5
+ ## Top-Level Fields
6
+
7
+ ```yaml
8
+ # code-analyzer.yml
9
+
10
+ # Root directory for resolving relative paths in the config
11
+ config_root: .
12
+
13
+ # Directory where Code Analyzer writes log files
14
+ log_folder: /tmp
15
+
16
+ # Log verbosity: 1=Error, 2=Warn, 3=Info, 4=Debug, 5=Fine
17
+ log_level: 3
18
+
19
+ # File patterns to exclude from analysis
20
+ ignores:
21
+ files: []
22
+
23
+ # Rule severity, tag, and disable overrides
24
+ rules: {}
25
+
26
+ # Engine-specific configuration
27
+ engines: {}
28
+
29
+ # Bulk suppression rules
30
+ suppressions:
31
+ disable_suppressions: false
32
+ ```
33
+
34
+ ## Ignores Section
35
+
36
+ ```yaml
37
+ ignores:
38
+ files:
39
+ - "**/node_modules/**" # npm dependencies
40
+ - "**/.sfdx/**" # Salesforce DX internal
41
+ - "**/.sf/**" # Salesforce CLI internal
42
+ - "**/test/**" # Test directories
43
+ - "**/*.test.js" # Test files
44
+ - "**/*.min.js" # Minified files
45
+ - "**/staticresources/**" # Static resources (often vendor)
46
+ ```
47
+
48
+ **Pattern syntax:** Glob patterns using `*` (any filename chars), `**` (any path segment), `?` (single char).
49
+
50
+ ## Rules Section
51
+
52
+ Override severity, tags, or disable rules per engine:
53
+
54
+ ```yaml
55
+ rules:
56
+ <engine_name>:
57
+ <rule_name>:
58
+ severity: <1-5 or "Critical"|"High"|"Moderate"|"Low"|"Info">
59
+ tags: ["Tag1", "Tag2"] # Override rule tags
60
+ disabled: true|false # Disable/enable rule
61
+ ```
62
+
63
+ ### Severity Values
64
+
65
+ | Number | Name | Meaning |
66
+ |--------|------|---------|
67
+ | 1 | Critical | Security vulnerabilities, must fix before release |
68
+ | 2 | High | Significant issues, should fix |
69
+ | 3 | Moderate | Recommended improvements |
70
+ | 4 | Low | Minor suggestions |
71
+ | 5 | Info | Informational, no action required |
72
+
73
+ ### Example Rule Overrides
74
+
75
+ ```yaml
76
+ rules:
77
+ pmd:
78
+ ApexCRUDViolation:
79
+ severity: 1 # Promote to Critical
80
+ AvoidGlobalModifier:
81
+ disabled: true # Disable entirely
82
+ ApexDoc:
83
+ severity: 5 # Demote to Info
84
+ tags: ["Documentation"]
85
+ eslint:
86
+ no-console:
87
+ severity: 4 # Demote to Low
88
+ no-unused-vars:
89
+ severity: 2 # Promote to High
90
+ ```
91
+
92
+ ## Engines Section
93
+
94
+ ### PMD Engine
95
+
96
+ ```yaml
97
+ engines:
98
+ pmd:
99
+ disable_engine: false
100
+ java_command: "java" # Path to Java executable
101
+ custom_rulesets: # Additional ruleset XML files
102
+ - "./config/custom-pmd-rules.xml"
103
+ java_classpath_entries: # JARs for custom Java rules
104
+ - "./lib/my-custom-rules.jar"
105
+ file_extensions: # Override scanned file types
106
+ apex: [".cls", ".trigger"]
107
+ visualforce: [".page", ".component"]
108
+ ```
109
+
110
+ ### ESLint Engine
111
+
112
+ ```yaml
113
+ engines:
114
+ eslint:
115
+ disable_engine: false
116
+ auto_discover_eslint_config: true # Use project's eslint config files
117
+ eslint_config_file: "./eslint.config.mjs" # Explicit config file path
118
+ disable_javascript_base_config: false # Disable built-in JS rules
119
+ disable_typescript_base_config: false # Disable built-in TS rules
120
+ disable_lwc_base_config: false # Disable built-in LWC rules
121
+ disable_flow_base_config: false # Disable built-in Flow rules
122
+ ```
123
+
124
+ **Note:** `auto_discover_eslint_config` requires a `--workspace` flag on the run command.
125
+
126
+ ### CPD Engine (Copy-Paste Detector)
127
+
128
+ ```yaml
129
+ engines:
130
+ cpd:
131
+ disable_engine: false
132
+ minimum_tokens: # Min tokens for duplicate detection
133
+ apex: 100 # Lower = more sensitive
134
+ html: 100
135
+ javascript: 100
136
+ visualforce: 100
137
+ xml: 100
138
+ skip_duplicate_files: false # Skip files with identical content
139
+ ```
140
+
141
+ ### SFGE Engine (Salesforce Graph Engine)
142
+
143
+ ```yaml
144
+ engines:
145
+ sfge:
146
+ disable_engine: false
147
+ java_max_heap_size: "4g" # JVM heap (increase for large projects)
148
+ java_thread_count: 4 # Parallel threads
149
+ java_thread_timeout: 900000 # Per-thread timeout in ms
150
+ ```
151
+
152
+ **Warning:** SFGE is resource-intensive. For projects with 500+ Apex classes, use 4g+ heap. Analysis can take 10-30 minutes.
153
+
154
+ ### ApexGuru Engine
155
+
156
+ ```yaml
157
+ engines:
158
+ apexguru:
159
+ disable_engine: false
160
+ target_org: "my-org-alias" # Authenticated org alias or username
161
+ api_timeout_ms: 300000 # API timeout in ms (default 5min)
162
+ ```
163
+
164
+ **Requires:** Authenticated Salesforce org (`sf org login web`).
165
+
166
+ ### Flow Engine
167
+
168
+ ```yaml
169
+ engines:
170
+ flow:
171
+ disable_engine: false
172
+ python_command: "python3" # Path to Python 3 executable
173
+ ```
174
+
175
+ **Requires:** Python 3 installed.
176
+
177
+ ### Regex Engine
178
+
179
+ ```yaml
180
+ engines:
181
+ regex:
182
+ disable_engine: false
183
+ custom_rules:
184
+ <RuleName>:
185
+ regex: "/<pattern>/<flags>" # JavaScript regex syntax
186
+ regex_ignore: "/<pattern>/<flags>" # Optional: false positive filter
187
+ file_extensions: [".cls", ".trigger"]
188
+ description: "What this rule checks"
189
+ violation_message: "Message shown to developer"
190
+ severity: 3
191
+ tags: ["Recommended", "Security"]
192
+ ```
193
+
194
+ ### RetireJS Engine
195
+
196
+ ```yaml
197
+ engines:
198
+ retire-js:
199
+ disable_engine: false
200
+ ```
201
+
202
+ **Note:** RetireJS scans JavaScript dependencies for known CVEs. No additional configuration needed beyond enable/disable.
203
+
204
+ ## Suppressions Section
205
+
206
+ ```yaml
207
+ suppressions:
208
+ disable_suppressions: false # Set true to ignore ALL suppressions
209
+
210
+ # Bulk suppressions by file/folder path
211
+ "src/legacy/":
212
+ - rule_selector: "pmd:ApexDoc"
213
+ max_suppressed_violations: 50 # Quota (null = unlimited)
214
+ reason: "Legacy code, documentation not required"
215
+
216
+ "src/utils/Logger.cls":
217
+ - rule_selector: "eslint:no-console"
218
+ max_suppressed_violations: 10
219
+ reason: "Logger intentionally uses console"
220
+ ```
221
+
222
+ ### Inline Suppression Markers
223
+
224
+ In addition to bulk config suppressions, violations can be suppressed inline:
225
+
226
+ ```java
227
+ // Apex: PMD suppression
228
+ // NOPMD - reason here
229
+ @SuppressWarnings('PMD.ApexCRUDViolation')
230
+
231
+ // Any engine: universal marker
232
+ // code-analyzer-suppress(pmd:ApexCRUDViolation) - reason
233
+ // code-analyzer-suppress(eslint:no-console) - reason
234
+ ```
235
+
236
+ ## Config File Discovery
237
+
238
+ Code Analyzer automatically looks for configuration in this order:
239
+ 1. File specified via `--config-file` flag
240
+ 2. `code-analyzer.yml` in current working directory
241
+ 3. `code-analyzer.yaml` in current working directory
242
+ 4. No config (use defaults)
243
+
244
+ ## Validating Configuration
245
+
246
+ Always validate after making changes:
247
+
248
+ ```bash
249
+ # Validate config and show effective settings
250
+ sf code-analyzer config --config-file code-analyzer.yml
251
+
252
+ # Show config for specific rules
253
+ sf code-analyzer config --rule-selector pmd:Security
254
+
255
+ # Show all rule defaults (verbose)
256
+ sf code-analyzer config --include-unmodified-rules --rule-selector all
257
+ ```
@@ -0,0 +1,70 @@
1
+ # Diagnostic Flow: Fix a Broken Setup
2
+
3
+ **TRIGGER:** User says "not working", "broken", "getting errors", "scan fails", "help me fix", etc.
4
+
5
+ ## NEVER DO THESE (anti-patterns that waste time)
6
+
7
+ - ❌ NEVER run `which sfdx`, `which sf`, `find`, `ls /opt/homebrew/bin/` or search for binaries
8
+ - ❌ NEVER use an old `sfdx` binary as a workaround — it is NOT a substitute for `sf`
9
+ - ❌ NEVER create symlinks (`ln -s`) to work around missing commands
10
+ - ❌ NEVER check PATH, inspect Cellar directories, or search for alternative installations
11
+ - ❌ NEVER proceed to Layer 2 if Layer 1 failed — fix Layer 1 first
12
+ - ❌ NEVER give the user a list of manual steps — fix it yourself or give ONE command
13
+
14
+ ## Diagnostic Flow (follow this EXACTLY, no deviation)
15
+
16
+ Run **ONLY** this one command first:
17
+ ```bash
18
+ sf --version 2>&1
19
+ ```
20
+
21
+ **If output contains "command not found":**
22
+ → STOP. Do not run any other commands. Tell user: "sf CLI is not installed. I'll install it now."
23
+ → Ask user for permission, then run: `npm install -g @salesforce/cli`
24
+ → After install, re-run `sf --version 2>&1` to verify. If it works, continue to next layer.
25
+
26
+ **If sf works**, run ONLY:
27
+ ```bash
28
+ sf plugins --core 2>&1 | grep -i "code-analyzer"
29
+ ```
30
+
31
+ **If output is empty or shows "JIT" but not a real version:**
32
+ → STOP. Run: `sf plugins install @salesforce/plugin-code-analyzer`
33
+ → After install, re-check. If it works, continue to next layer.
34
+
35
+ **If plugin is installed**, check engine deps:
36
+ ```bash
37
+ java -version 2>&1
38
+ node --version 2>&1
39
+ ```
40
+
41
+ **If all pass**, verify with a scan:
42
+ ```bash
43
+ sf code-analyzer run --rule-selector Recommended 2>&1 | tail -20
44
+ ```
45
+
46
+ ## Fix Table
47
+
48
+ | Error Pattern | The ONE Fix |
49
+ |--------------|-------------|
50
+ | `sf: command not found` | `npm install -g @salesforce/cli` |
51
+ | Plugin missing / JIT error | `sf plugins install @salesforce/plugin-code-analyzer` |
52
+ | `Cannot find module` | `sf plugins uninstall @salesforce/plugin-code-analyzer && sf plugins install @salesforce/plugin-code-analyzer` |
53
+ | `java: command not found` | Install Java 11+ (see `<skill_dir>/references/engine-prerequisites.md`) |
54
+ | `OutOfMemoryError` (SFGE) | Add `engines.sfge.java_max_heap_size: "4g"` to `code-analyzer.yml` |
55
+ | `YAMLException` | Read the config file, fix YAML syntax |
56
+ | `EPERM` / npm permission error | Tell user to run: `sudo chown -R $(whoami) ~/.npm` — then wait for them to confirm, then retry the SAME install command that failed. Do NOT dump next steps. |
57
+
58
+ ## After Fix: Verify and Hand Off
59
+
60
+ Re-run the check for the fixed layer. Once a scan succeeds, tell the user what was fixed and **proceed to run the full scan**.
61
+
62
+ ## When a fix requires user action (sudo, manual step)
63
+
64
+ Tell the user ONLY the ONE command they need to run and WHY. Then STOP and WAIT for them to confirm it's done. Do NOT:
65
+ - ❌ List the remaining steps ("after that, do X, then Y, then Z")
66
+ - ❌ Tell them what to run next after the manual step
67
+ - ❌ Provide a multi-step recovery plan
68
+ - ❌ Ask "would you like me to attempt with sudo or do it yourself"
69
+
70
+ Just say: "Run this command: `<command>`. It fixes [reason]. Let me know when it's done and I'll continue."
@@ -0,0 +1,276 @@
1
+ # Engine Prerequisites
2
+
3
+ Detailed installation instructions for each Code Analyzer engine's dependencies.
4
+
5
+ ## Summary Table
6
+
7
+ | Engine | Required Dependencies | Optional |
8
+ |--------|----------------------|----------|
9
+ | PMD | Java 11+ | Custom ruleset JARs |
10
+ | CPD | Java 11+ | — |
11
+ | ESLint | Node.js 18+ | Project ESLint config |
12
+ | RetireJS | Node.js 18+ | — |
13
+ | Regex | None (built-in) | — |
14
+ | Flow | Python 3 | — |
15
+ | SFGE | Java 11+ (4g+ heap recommended) | — |
16
+ | ApexGuru | Authenticated Salesforce org | — |
17
+
18
+ ## Core: Salesforce CLI
19
+
20
+ **Required for ALL engines.**
21
+
22
+ ### macOS
23
+
24
+ ```bash
25
+ # Via Homebrew (recommended)
26
+ brew install sf
27
+
28
+ # Or via npm
29
+ npm install -g @salesforce/cli
30
+ ```
31
+
32
+ ### Windows
33
+
34
+ ```bash
35
+ # Via npm
36
+ npm install -g @salesforce/cli
37
+
38
+ # Or download installer from:
39
+ # https://developer.salesforce.com/tools/salesforcecli
40
+ ```
41
+
42
+ ### Linux
43
+
44
+ ```bash
45
+ # Via npm
46
+ npm install -g @salesforce/cli
47
+
48
+ # Or via tarball:
49
+ # https://developer.salesforce.com/docs/atlas.en-us.sfdx_setup.meta/sfdx_setup/sfdx_setup_install_cli.htm
50
+ ```
51
+
52
+ ### Verify
53
+
54
+ ```bash
55
+ sf --version
56
+ # Expected: @salesforce/cli/2.x.x ...
57
+ ```
58
+
59
+ ## Code Analyzer Plugin
60
+
61
+ **Required: sf CLI must be installed first.**
62
+
63
+ ```bash
64
+ # Install
65
+ sf plugins install @salesforce/plugin-code-analyzer
66
+
67
+ # Verify
68
+ sf code-analyzer --help
69
+
70
+ # Update to latest
71
+ sf plugins install @salesforce/plugin-code-analyzer@latest
72
+
73
+ # Check version
74
+ sf plugins --core | grep code-analyzer
75
+ ```
76
+
77
+ ## Java 11+ (for PMD, CPD, SFGE)
78
+
79
+ ### macOS
80
+
81
+ ```bash
82
+ # Via Homebrew
83
+ brew install openjdk@11
84
+
85
+ # Add to PATH (add to ~/.zshrc or ~/.bash_profile)
86
+ export PATH="/opt/homebrew/opt/openjdk@11/bin:$PATH"
87
+ export JAVA_HOME="/opt/homebrew/opt/openjdk@11"
88
+
89
+ # Or via SDKMAN (manages multiple Java versions)
90
+ curl -s "https://get.sdkman.io" | bash
91
+ sdk install java 11.0.21-tem
92
+ ```
93
+
94
+ ### Windows
95
+
96
+ ```bash
97
+ # Via winget
98
+ winget install EclipseAdoptium.Temurin.11.JDK
99
+
100
+ # Or via Chocolatey
101
+ choco install temurin11
102
+ ```
103
+
104
+ ### Linux
105
+
106
+ ```bash
107
+ # Ubuntu/Debian
108
+ sudo apt install openjdk-11-jdk
109
+
110
+ # RHEL/CentOS/Fedora
111
+ sudo dnf install java-11-openjdk-devel
112
+
113
+ # Via SDKMAN (any Linux)
114
+ curl -s "https://get.sdkman.io" | bash
115
+ sdk install java 11.0.21-tem
116
+ ```
117
+
118
+ ### Verify
119
+
120
+ ```bash
121
+ java -version
122
+ # Expected: openjdk version "11.x.x" or higher
123
+
124
+ echo $JAVA_HOME
125
+ # Should point to JDK installation
126
+ ```
127
+
128
+ ### Troubleshooting Java
129
+
130
+ | Issue | Solution |
131
+ |-------|----------|
132
+ | `java: command not found` | Add Java bin dir to PATH |
133
+ | Wrong Java version | Set JAVA_HOME explicitly |
134
+ | Multiple Java versions | Use `sdk use java 11.x.x` or update PATH order |
135
+ | SFGE heap errors | Increase `java_max_heap_size` in config |
136
+
137
+ ## Node.js 18+ (for ESLint, RetireJS)
138
+
139
+ ### macOS
140
+
141
+ ```bash
142
+ # Via Homebrew
143
+ brew install node@20
144
+
145
+ # Or via nvm (recommended for version management)
146
+ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
147
+ nvm install 20
148
+ nvm use 20
149
+ ```
150
+
151
+ ### Windows
152
+
153
+ ```bash
154
+ # Via winget
155
+ winget install OpenJS.NodeJS.LTS
156
+
157
+ # Or via nvm-windows
158
+ # Download from: https://github.com/coreybutler/nvm-windows/releases
159
+ nvm install 20
160
+ nvm use 20
161
+ ```
162
+
163
+ ### Linux
164
+
165
+ ```bash
166
+ # Via nvm (recommended)
167
+ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
168
+ nvm install 20
169
+ nvm use 20
170
+
171
+ # Or via package manager (may be outdated)
172
+ # Ubuntu/Debian (use NodeSource for latest):
173
+ curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
174
+ sudo apt install -y nodejs
175
+ ```
176
+
177
+ ### Verify
178
+
179
+ ```bash
180
+ node --version
181
+ # Expected: v20.x.x or v18.x.x (minimum v18)
182
+
183
+ npm --version
184
+ # Expected: 9.x.x or 10.x.x
185
+ ```
186
+
187
+ ## Python 3 (for Flow Engine)
188
+
189
+ **Only needed if you scan Flow files (*.flow-meta.xml).**
190
+
191
+ ### macOS
192
+
193
+ ```bash
194
+ # Via Homebrew
195
+ brew install python3
196
+
197
+ # macOS may already have python3 via Xcode Command Line Tools
198
+ xcode-select --install
199
+ ```
200
+
201
+ ### Windows
202
+
203
+ ```bash
204
+ # Via winget
205
+ winget install Python.Python.3.12
206
+
207
+ # Or from python.org
208
+ # https://www.python.org/downloads/windows/
209
+ ```
210
+
211
+ ### Linux
212
+
213
+ ```bash
214
+ # Usually pre-installed. If not:
215
+ # Ubuntu/Debian
216
+ sudo apt install python3
217
+
218
+ # RHEL/CentOS/Fedora
219
+ sudo dnf install python3
220
+ ```
221
+
222
+ ### Verify
223
+
224
+ ```bash
225
+ python3 --version
226
+ # Expected: Python 3.x.x
227
+ ```
228
+
229
+ ## Authenticated Org (for ApexGuru)
230
+
231
+ **Only needed for ApexGuru performance analysis.**
232
+
233
+ ```bash
234
+ # Login to a Salesforce org
235
+ sf org login web --alias my-org
236
+
237
+ # Or login with JWT (CI/CD)
238
+ sf org login jwt --client-id <id> --jwt-key-file <key> --username <user> --alias my-org
239
+
240
+ # Verify
241
+ sf org display --target-org my-org
242
+ ```
243
+
244
+ ### Troubleshooting ApexGuru Auth
245
+
246
+ | Issue | Solution |
247
+ |-------|----------|
248
+ | `No default org` | Set default: `sf config set target-org my-org` |
249
+ | `Session expired` | Re-login: `sf org login web --alias my-org` |
250
+ | `Insufficient permissions` | Org needs API access enabled |
251
+
252
+ ## Quick Setup Script
253
+
254
+ For a complete setup on macOS with Homebrew:
255
+
256
+ ```bash
257
+ # Install all prerequisites
258
+ brew install node@20 openjdk@11 python3
259
+
260
+ # Set Java environment
261
+ export JAVA_HOME="/opt/homebrew/opt/openjdk@11"
262
+ export PATH="/opt/homebrew/opt/openjdk@11/bin:$PATH"
263
+
264
+ # Install Salesforce CLI
265
+ npm install -g @salesforce/cli
266
+
267
+ # Install Code Analyzer
268
+ sf plugins install @salesforce/plugin-code-analyzer
269
+
270
+ # Verify everything
271
+ sf --version
272
+ sf plugins --core | grep code-analyzer
273
+ java -version
274
+ node --version
275
+ python3 --version
276
+ ```
@@ -0,0 +1,67 @@
1
+ # Rule Name Resolution (Fuzzy Matching)
2
+
3
+ **⚠️ CRITICAL:** The `rules` section in `code-analyzer.yml` requires the EXACT full rule name as it appears in Code Analyzer's rule registry. A misspelled or partial name will be silently ignored — the override won't apply, and no error is shown.
4
+
5
+ ## Why This Matters
6
+
7
+ Unlike `--rule-selector` (which returns 0 results on mismatch), a wrong name in `code-analyzer.yml` is SILENTLY ignored. The config validates fine, but the override simply doesn't apply. This makes typos and partial names dangerous.
8
+
9
+ ## Common Fuzzy → Exact Mappings
10
+
11
+ Users will often refer to rules by approximate, partial, or descriptive names:
12
+
13
+ | User Says | Exact Rule Name | Engine |
14
+ |-----------|----------------|--------|
15
+ | "the ApexDoc rule" | `ApexDoc` | `pmd` |
16
+ | "no-console" | `no-console` | `eslint` |
17
+ | "CRUD violation" | `ApexCRUDViolation` | `pmd` |
18
+ | "hardcoded values" | `@salesforce-ux/slds/no-hardcoded-values-slds2` | `eslint` |
19
+ | "unused variables" | `no-unused-vars` | `eslint` |
20
+ | "soql injection" | `ApexSOQLInjection` | `pmd` |
21
+ | "global modifier" | `AvoidGlobalModifier` | `pmd` |
22
+ | "empty catch" | `EmptyCatchBlock` | `pmd` |
23
+
24
+ ## Lookup Procedure
25
+
26
+ When you are NOT 100% certain of the exact full rule name:
27
+
28
+ 1. **Do NOT guess** — a wrong name silently fails (the override is ignored with no error)
29
+ 2. **Look up the rule first** using the `sf code-analyzer rules` command with grep:
30
+ ```bash
31
+ sf code-analyzer rules --rule-selector all 2>&1 | grep -i "<USER_KEYWORD>"
32
+ ```
33
+ 3. **If grep returns exactly one match** → use that exact rule name in the YAML
34
+ 4. **If grep returns multiple matches** → present them to the user and ask which one they meant
35
+ 5. **If grep returns 0 matches** → try broader keywords or tell the user no rule matched
36
+
37
+ ## When You CAN Skip the Lookup
38
+
39
+ Skip only when confident in the exact name:
40
+ - User provides the full exact name (e.g., "ApexCRUDViolation", "no-unused-vars")
41
+ - The rule is extremely common AND unambiguous (e.g., "ApexDoc", "no-console")
42
+
43
+ ## Matching Strategies for Ambiguous Input
44
+
45
+ | User Says | Grep Command | Notes |
46
+ |-----------|-------------|-------|
47
+ | "the doc rule" | `grep -i "doc"` | May match ApexDoc, JSDoc, etc. — ask user if multiple |
48
+ | "CRUD" | `grep -i "crud"` | Likely matches ApexCRUDViolation |
49
+ | "hardcoded" | `grep -i "hardcoded"` | May match multiple SLDS/custom rules |
50
+ | "console" | `grep -i "console"` | Likely matches no-console |
51
+ | "security rules" | Use `--rule-selector all:Security` | Category-based, not name-based |
52
+ | "the injection rule" | `grep -i "injection"` | May match ApexSOQLInjection, ApexXSSFromURLParam, etc. |
53
+ | "unused" | `grep -i "unused"` | May match no-unused-vars, UnusedLocalVariable, etc. |
54
+
55
+ ## Identifying the Engine
56
+
57
+ The YAML structure requires nesting under the correct engine. Always extract BOTH the engine and rule name from the `sf code-analyzer rules` output:
58
+
59
+ ```yaml
60
+ rules:
61
+ <engine>: # ← must match the engine that owns the rule
62
+ <rule_name>:
63
+ severity: ...
64
+ disabled: ...
65
+ ```
66
+
67
+ The output of `sf code-analyzer rules` shows engine name alongside each rule. Use that to determine the correct YAML path.