Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Apex static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your APEX code

Tags

Impact

Clean code attribute

Arguments to "assertEquals" and "assertNotEquals" should be in the correct order
Code Smell
String conversions should use explicit methods instead of empty string concatenation
Code Smell
Abstract classes should contain at least one abstract or virtual method
Code Smell
SOQL queries should not contain hardcoded date literals
Code Smell
SOQL queries should not be executed inside loops
Code Smell
Custom exception classes should follow proper naming conventions
Code Smell
Loops should use braces
Code Smell
SOSL queries in test methods should use "Test.setFixedSearchResults"
Code Smell
Constants should use SNAKE_CASE with all uppercase letters
Code Smell
Builder pattern methods should return the builder instance to enable method chaining
Code Smell
Test classes and methods should not use "seeAllData=true"
Code Smell
HTTP requests should have explicit timeout configuration
Code Smell
Singleton classes should have private constructors
Code Smell
"getRoleAndSubordinates()" should be replaced with "getRoleAndSubordinatesInternal()"
Code Smell
"String.isEmpty()" should be replaced with "String.isBlank()" for comprehensive validation
Code Smell
SOQL queries should use SystemModStamp instead of LastModifiedDate for better performance
Code Smell
Catch blocks should not be empty
Code Smell
Apex classes and methods should have explicit access modifiers
Code Smell
Test classes should be annotated with "@isTest"
Code Smell
Private members made public for testing should use "@TestVisible" annotation
Code Smell
Batch Apex scope parameters should not exceed 2000 records
Code Smell
Custom event names should not be prefixed with "on"
Code Smell
Catch specific exception types instead of generic "Exception"
Code Smell
Test methods should include meaningful assertions
Code Smell
InvocableMethod annotations should include descriptive label and description
Code Smell
Test methods should not be annotated with "@isTest(SeeAllData=true)"
Code Smell
Tested code should be enclosed between "Test.StartTest()" and "Test.StopTest()"
Code Smell
Messages should not be hardcoded
Code Smell
System.runAs should be used to test user permissions
Code Smell
SOQL COUNT should be used instead of the method size()
Code Smell
Business logic should not be implemented inside Triggers
Code Smell
Multi-line comments should not be empty
Code Smell
Methods should not have identical implementations
Code Smell
Cognitive Complexity of functions should not be too high
Code Smell
Track parsing failures
Code Smell
Boolean checks should not be inverted
Code Smell
Two branches in a conditional structure should not have exactly the same implementation
Code Smell
"switch" statements should not be nested
Code Smell
Unused local variables should be removed
Code Smell
"switch" statements should not have too many "case" clauses
Code Smell
Track lack of copyright and license headers
Code Smell
Functions should not have too many lines of code
Code Smell
Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeply
Code Smell
"switch" statements should have "when else" clauses
Code Smell
"if ... else if" constructs should end with "else" clauses
Code Smell
Sections of code should not be commented out
Code Smell
Statements should be on separate lines
Code Smell
String literals should not be duplicated
Code Smell
Methods should not be empty
Code Smell
Unused function parameters should be removed
Code Smell
Local variable and method parameter names should comply with a naming convention
Code Smell
"when" clauses should not have too many lines of code
Code Smell
Unused "private" methods should be removed
Code Smell
Track uses of "TODO" tags
Code Smell
Track uses of "FIXME" tags
Code Smell
Boolean literals should not be redundant
Code Smell
Redundant pairs of parentheses should be removed
Code Smell
Nested blocks of code should not be left empty
Code Smell
Functions should not have too many parameters
Code Smell
Expressions should not be too complex
Code Smell
Mergeable "if" statements should be combined
Code Smell
Tabulation characters should not be used
Code Smell
Files should not have too many lines of code
Code Smell
Lines should not be too long
Code Smell
Class names should comply with a naming convention
Code Smell
Function names should comply with a naming convention
Code Smell

SOQL queries should not be executed inside loops

intentionality - efficient

reliability

maintainability

Code Smell

performance
salesforce
governor-limits

This rule raises an issue when a SOQL query is executed inside a loop (for, while, or do-while), which can lead to governor limit violations and poor performance.

Why is this an issue?

How can I fix it?

More Info

Executing SOQL queries inside loops is a critical performance anti-pattern in Apex development that can quickly exhaust Salesforce’s governor limits.

Salesforce enforces strict limits on the number of SOQL queries that can be executed in a single transaction: 100 queries in synchronous contexts and 200 in asynchronous contexts. When you place a SOQL query inside a loop, each iteration executes a separate query against the database.

For example, if you have a loop that processes 50 records and each iteration executes one SOQL query, you’ll consume 50 of your 100 available queries in a single operation. This approach doesn’t scale - processing 150 records would exceed the governor limit and cause a runtime exception.

Beyond governor limits, this pattern creates significant performance issues. Each SOQL query requires a round trip to the database, and multiple individual queries are much slower than a single bulk query that retrieves all needed data at once.

The solution is to use bulk processing patterns: collect all the criteria (like IDs) before the loop, execute a single SOQL query with an IN clause or similar bulk operator, and then process the retrieved records. This approach scales efficiently regardless of data volume and respects Salesforce’s platform constraints.

What is the potential impact?

This issue can cause runtime exceptions when governor limits are exceeded, leading to transaction failures and poor user experience. It also creates significant performance degradation, especially as data volume increases, making applications slow and unresponsive.

Available In:

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

In-IDE

SaaS

Self-Hosted