sf-agent-framework

# Code Analyzer Utility This utility provides static code analysis capabilities for Salesforce Apex, Lightning Web Components, and other code artifacts. ## Purpose Automated code quality analysis to identify: - Code smells and anti-patterns - Security vulnerabilities - Performance issues - Best practice violations - Technical debt indicators ## Core Features ### 1. Apex Analysis ```javascript analyzeApex({ files: ['*.cls', '*.trigger'], rules: { complexity: { max: 10 }, methodLength: { max: 50 }, classLength: { max: 500 }, soqlQueries: { maxInLoops: 0 }, dmlStatements: { maxInLoops: 0 }, }, }); ``` ### 2. LWC Analysis ```javascript analyzeLWC({ components: ['**/*.js'], checks: ['wire-adapter-usage', 'imperative-apex-calls', 'event-handling', 'lifecycle-hooks', 'performance-patterns'], }); ``` ### 3. Flow Analysis ```javascript analyzeFlows({ flows: ['*.flow-meta.xml'], validation: ['loop-detection', 'dml-in-loops', 'error-handling', 'bulkification', 'naming-conventions'], }); ``` ## Analysis Categories ### Security Analysis - SOQL injection vulnerabilities - Sharing rule enforcement - FLS/CRUD checks - Exposed credentials - Cross-site scripting risks ### Performance Analysis - Governor limit risks - Query optimization opportunities - Bulkification issues - Inefficient algorithms - Memory leaks ### Best Practices - Naming conventions - Code documentation - Test coverage - Error handling - Logging patterns ## Usage Examples ### Basic Code Analysis ```bash # Analyze all Apex classes analyzeCode --type apex --path force-app/main/default/classes/ # Analyze specific component analyzeCode --file MyController.cls --detailed # Generate analysis report analyzeCode --output report.html ``` ### Integration with CI/CD ```yaml pipeline: - stage: code-quality steps: - run: analyzeCode --threshold 85 - run: checkCoverage --min 85 - run: securityScan --block-on-high ``` ## Output Formats ### Console Output ``` Analyzing: AccountController.cls ✗ Line 45: SOQL in loop detected ✗ Line 67: Missing FLS check ⚠ Line 89: Method complexity: 15 (max: 10) ✓ Test coverage: 92% ``` ### JSON Report ```json { "file": "AccountController.cls", "issues": [ { "line": 45, "severity": "high", "category": "performance", "message": "SOQL query inside loop" } ], "metrics": { "complexity": 15, "coverage": 92, "lines": 234 } } ``` ## Configuration ### Rule Sets ```yaml ruleSets: security: - rule: enforce-crud-fls severity: high - rule: prevent-soql-injection severity: critical performance: - rule: no-queries-in-loops severity: high - rule: bulkify-dml severity: high style: - rule: naming-conventions severity: medium - rule: method-length severity: low params: maxLines: 50 ``` ### Custom Rules ```javascript // Define custom analysis rule registerRule({ name: 'custom-pattern-check', description: 'Check for organization-specific patterns', analyze: (ast) => { // Custom logic here return violations; }, }); ``` ## Integration Points ### With Development Workflow - Pre-commit hooks - Pull request validation - IDE integration - Real-time analysis ### With Quality Gates - Build pipeline integration - Deployment validation - Code review automation - Technical debt tracking ## Best Practices 1. **Run Early and Often** - Integrate into IDE - Run before commits - Automate in CI/CD 2. **Configure Appropriately** - Start with recommended rules - Adjust based on team standards - Document exceptions 3. **Act on Results** - Fix critical issues immediately - Plan remediation for warnings - Track improvement over time 4. **Continuous Improvement** - Review rule effectiveness - Update rules regularly - Share learnings This utility helps maintain code quality standards across Salesforce development projects.