Code Quality and Security for Apex

SonarSource provides a static code analysis for Apex. Based on our own technology, it can find Bugs, Security Vulnerabilities, and Code Smells. As with everything we develop at SonarSource, it was built on the principles of depth, accuracy, and speed.

SonarSource's Apex analysis has a great coverage of well-established quality standards. This capability is available in Eclipse and VS Code for developers (SonarLint) as well as throughout the development chain for automated code review with self-hosted SonarQube or cloud-based SonarCloud.

Samples of Issues Detected
 
Duplicated condition
Duplicated condition
Identical sub-expressions
Identical sub-expressions
Missing 'else' clause
Missing 'else' clause
Metrics

SonarSource's Apex analysis supports all the standard metrics implemented by SonarQube including Cognitive Complexity.

Use in enterprise edition

See all editions


Issue Tracker