Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Apex static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your APEX code

Tags

Impact

Clean code attribute

Test methods should not be annotated with "@isTest(SeeAllData=true)"
Code Smell
Tested code should be enclosed between "Test.StartTest()" and "Test.StopTest()"
Code Smell
Messages should not be hardcoded
Code Smell
URLs of Salesforce pages should be relative, not absolute.
Bug
"getRecordTypeInfosByDeveloperName()" should be used instead of "getRecordTypeInfosByName()"
Bug
System.runAs should be used to test user permissions
Code Smell
Business logic should not be implemented inside Triggers
Code Smell
DML statements should not be used inside loops
Bug
Record IDs should not be hardcoded
Bug
Executing SOQL, SOSL or DML queries without sharing or with inherited sharing is security sensitive
Security Hotspot
Sharing level should be specified in Apex Classes with SOQL/SOSL Queries or DML Statements
Vulnerability
Triggers should process records in bulk
Bug
Multi-line comments should not be empty
Code Smell
Methods should not have identical implementations
Code Smell
All branches in a conditional structure should not have exactly the same implementation
Bug
Cognitive Complexity of functions should not be too high
Code Smell
Non-existent operators like "=+" should not be used
Bug
Track parsing failures
Code Smell
Hard-coded credentials are security-sensitive
Security Hotspot
Boolean checks should not be inverted
Code Smell
Two branches in a conditional structure should not have exactly the same implementation
Code Smell
Related "if"/"else if" statements and "when" in a "switch" should not have the same condition
Bug
"switch" statements should not be nested
Code Smell
Identical expressions should not be used on both sides of a binary operator
Bug
All code should be reachable
Bug
Variables should not be self-assigned
Bug
Unused local variables should be removed
Code Smell
"switch" statements should not have too many "case" clauses
Code Smell
Track lack of copyright and license headers
Code Smell
Functions should not have too many lines of code
Code Smell
Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeply
Code Smell
Using hardcoded IP addresses is security-sensitive
Security Hotspot
"switch" statements should have "when else" clauses
Code Smell
"if ... else if" constructs should end with "else" clauses
Code Smell
Sections of code should not be commented out
Code Smell
Statements should be on separate lines
Code Smell
String literals should not be duplicated
Code Smell
Methods should not be empty
Code Smell
Unused function parameters should be removed
Code Smell
Local variable and method parameter names should comply with a naming convention
Code Smell
"when" clauses should not have too many lines of code
Code Smell
Useless "if(true) {...}" and "if(false){...}" blocks should be removed
Bug
Unused "private" methods should be removed
Code Smell
Track uses of "TODO" tags
Code Smell
Track uses of "FIXME" tags
Code Smell
Boolean literals should not be redundant
Code Smell
Redundant pairs of parentheses should be removed
Code Smell
Nested blocks of code should not be left empty
Code Smell
Functions should not have too many parameters
Code Smell
Expressions should not be too complex
Code Smell
Mergeable "if" statements should be combined
Code Smell
Tabulation characters should not be used
Code Smell
Files should not have too many lines of code
Code Smell
Lines should not be too long
Code Smell
Class names should comply with a naming convention
Code Smell
Function names should comply with a naming convention
Code Smell

Test methods should not be annotated with "@isTest(SeeAllData=true)"

adaptability - modular

maintainability

Code Smell

Why is this an issue?

More Info

SeeAllData=true should not be used because it gives your tests access to all data in your organization. Activating this option makes your test dependent on existing data and more difficult to maintain. Tests should create their own data.

This rule raises an issue when it sees @isTest(SeeAllData=true).

Noncompliant code example

@isTest(SeeAllData=true) // Noncompliant
public class MyTestClass {
    @isTest(SeeAllData=true) // Noncompliant
    static void myTestMethod() {
        // Can access all data in the organization.
    }
}

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Enterprise
Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted