{"id":13668424,"url":"https://github.com/Lightning-Flow-Scanner/lightning-flow-scanner-sfdx","last_synced_at":"2025-04-26T22:31:25.920Z","repository":{"id":37506604,"uuid":"380024501","full_name":"Lightning-Flow-Scanner/lightning-flow-scanner-sfdx","owner":"Lightning-Flow-Scanner","description":"A Salesforce CLI Plugin that can perform static analysis on Salesforce Flows and identify violations of industry best practices.","archived":false,"fork":false,"pushed_at":"2024-04-16T23:30:37.000Z","size":4190,"stargazers_count":103,"open_issues_count":0,"forks_count":8,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-05-01T14:52:14.186Z","etag":null,"topics":["cicd","linter","quality","salesforce-flows","salesforcedx","salesforcedx-plugin"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/lightning-flow-scanner","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Lightning-Flow-Scanner.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-06-24T18:59:57.000Z","updated_at":"2024-06-15T03:00:16.903Z","dependencies_parsed_at":"2022-08-18T03:50:42.370Z","dependency_job_id":"c4386538-a18f-4b49-93b6-5ba155c49878","html_url":"https://github.com/Lightning-Flow-Scanner/lightning-flow-scanner-sfdx","commit_stats":null,"previous_names":["force-config-control/lightning-flow-scanner-sfdx"],"tags_count":25,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lightning-Flow-Scanner%2Flightning-flow-scanner-sfdx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lightning-Flow-Scanner%2Flightning-flow-scanner-sfdx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lightning-Flow-Scanner%2Flightning-flow-scanner-sfdx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lightning-Flow-Scanner%2Flightning-flow-scanner-sfdx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Lightning-Flow-Scanner","download_url":"https://codeload.github.com/Lightning-Flow-Scanner/lightning-flow-scanner-sfdx/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223639403,"owners_count":17177816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cicd","linter","quality","salesforce-flows","salesforcedx","salesforcedx-plugin"],"created_at":"2024-08-02T08:00:34.053Z","updated_at":"2025-04-26T22:31:25.913Z","avatar_url":"https://github.com/Lightning-Flow-Scanner.png","language":"TypeScript","funding_links":[],"categories":["Community supported plugins"],"sub_categories":[],"readme":"[![Lightning Flow Scanner Banner](docs/images/banner.png)](https://github.com/Lightning-Flow-Scanner)\n__*Pinpoint deviations from Industry Best Practices in Salesforce Flows, ensuring standards of business automation excellence*__\n\n![FlowScan example](docs/images/sfdxgif.gif)\n\n**Also available as [VS Code Extension](https://github.com/Lightning-Flow-Scanner/lightning-flow-scanner-vsce)*\n\n## Table of contents\n\n- [Installation](#installation)\n- [Usage](#usage)\n - [Options](#options)\n - [Examples](#examples)\n- [Configuration](#configuration)\n - [Defining the severity per rule](#defining-the-severity-per-rule)\n - [Specifying an exception](#specifying-an-exception)\n - [Configuring an expression](#configuring-an-expression)\n - [Loading Custom Rules](#loading-custom-rules)\n- [Development Setup](#development-setup)\n\n## Installation\n\nInstall with SFDX:\n\n```sh-session\nsfdx plugins:install lightning-flow-scanner\n```\n\nInstall with NPM:\n\n```sh-session\nnpm install -g lightning-flow-scanner\n```\n\n## Usage\n\n```sh-session\nsfdx flow:scan [options]\n```\n\n***To learn more about the default rules and options, see the [core documentation](https://lightning-flow-scanner.github.io/lightning-flow-scanner-core/).***\n\n### Options\n\n```sh-session\n -c, --config \u003cpath\u003e provide a path to the configuration file.\n\n -f, --failon provide a threshold level for returning status 1\n\n -p, --files \u003cC:\\..\\flow1.flow, C:\\..\\flow2.flow\u003e provide a space-separated list of flow paths to scan.\n\n -u, --targetusername \u003cusername\u003e retrieve the latest metadata from the target before the scan.\n\n -d, --directory \u003cC:\\..\\force-app\\main\\default\\flows\u003e provide a directory to scan.\n\n --json set output format as json.\n\n --loglevel=(trace|debug|info|warn|error|fatal) [default: warn] logging level.\n```\n### Examples\n\nYou can test the scanner by simply opening an existing project that contains flows and running the scan without any configurations or parameters. This way all the default rules are autmatically included in the scan. \n\n```sh-sessions\nsfdx flow:scan\n```\n\n```sh-sessions\nsfdx flow:scan --json\n```\n\n```sh-sessions\nsfdx flow:scan --config path/to/.flow-scanner.json\n```\n\n## Configuration\n\nCreate a .flow-scanner.json file in order to configure:\n - The ruleset to be executed.\n - The severity of violating any specific rule.\n - Custom expressions or rule implementations.\n - Any known exceptions that should be ignored during scanning.\n\n```json\n{\n \"rules\": {\n ...\n },\n \"exceptions\": {\n ...\n }\n}\n```\n\n_Note: if you prefer YAML format, you can create a `.flow-scanner.yml` file using the same format._\n\n### Defining the severity per rule\n\nWhen the severity is not provided it will be `error` by default. Other available values for severity are `warning` and `note`. Define the severity per rule as shown in the following example. \n\n```json\n{\n \"rules\": {\n \"FlowDescription\": {\n \"severity\": \"warning\"\n },\n \"UnusedVariable\": {\n \"severity\": \"error\"\n }\n }\n}\n```\n### Specifying an exception\n\nSpecifying exceptions can be done by flow, rule and result(s), as shown in the following example.\n\n```json\n{\n \"exceptions\": {\n \"AssignTaskOwner\": {\n \"UnusedVariable\": [\n \"somecount\"\n ]\n },\n \"GetAccounts\":{\n \"UnusedVariable\": [\n \"incvar\"\n ]\n }\n }\n}\n```\n### Configuring an expression\n\nSome rules have additional attributes to configure, such as the expression, that will overwrite default values. These can be configured in the same way as severity as shown in the following example.\n\n```json\n{\n \"rules\": {\n \"APIVersion\":\n {\n \"severity\": \"error\",\n \"expression\": \"===58\"\n },\n \"FlowName\":\n {\n \"severity\": \"error\",\n \"expression\": \"[A-Za-z0-9]\"\n }\n }\n}\n```\n\n### Loading Custom Rules\n\nTo load custom rules using the Lightning Flow Scanner Core, you can utilize the `path` attribute within the rules section of your configurations. This attribute allows you to specify the path to your custom rule class, enabling seamless integration of organization-specific rule definitions into the scanner's ruleset. \n\n```json\n{\n \"rules\": {\n \"\u003cRuleName\u003e\": {\n \"path\": \"\u003cyourtypescriptfilepath\u003e\"\n }\n }\n}\n```\nCustom Rules can either leverage our Flow compiler or be completely customized typescript functions.\nFor more details and examples on custom rules, refer to our [Custom Rule Creation Guide](https://github.com/Lightning-Flow-Scanner/lightning-flow-scanner-core/tree/master/docs/customruleguide.md)\n\n## Development Setup\n\n### Preparing for Changes\n\n1. **Clone Project**: Clone the Lightning Flow Scanner SFDX plugin project from the repository.\n2. **Install Dependencies**: Open the directory and run `npm install` or `yarn install` in the terminal to install the necessary dependencies.\n3. **Optional: Make changes**: For example, if you want to upgrade the core module using npm, you can use the command: `npm update lightning-flow-scanner-core`\n4. **Prepack**: Execute `npm run prepack` to build the plugin locally and prepare for packaging.\n5. **Link Plugin**: Link the plugin to your Salesforce DX environment using `sfdx plugins link .`.\n\n### Debugging the Plugin\n\n1. **Linking Core Module**: You may need to clone and link the `lightning-flow-scanner-core` locally to your project. This step is necessary if you're making changes to the core module and want those changes reflected in the plugin. You can link the core module by navigating to its directory and running:\n\n```bash\nnpm link\n```\n\nThen, navigate to the sfdx plugin directory and run:\n\n```bash\nnpm link lightning-flow-scanner-core\n```\n\n1. **Run Plugin**: In the terminal of your example flow project (or any other project intended for scanning), run the following command to start the plugin with debugging enabled:\n\n```bash\nNODE_OPTIONS=--inspect-brk /path/to/lightning-flow-scanner-sfdx/bin/run flow:scan\n```\n\n2. **Attach Debugger**: Open your local Salesforce DX project in Visual Studio Code, set desired breakpoints, and attach the debugger to the remote session.\n\nFor more detailed information, you can refer to the [wiki](https://github.com/salesforcecli/cli/wiki) of the Salesforce CLI repository.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLightning-Flow-Scanner%2Flightning-flow-scanner-sfdx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FLightning-Flow-Scanner%2Flightning-flow-scanner-sfdx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLightning-Flow-Scanner%2Flightning-flow-scanner-sfdx/lists"}