Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Apex static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your APEX code

Record IDs should not be hardcoded

intentionality - complete

reliability

Bug

Why is this an issue?

Salesforce Record Ids vary across environments. Thus if a Record Id is hardcoded in Apex code, the code may not work as expected when it is deployed in another environment. This happens because the environment in which the code is deployed may not have the same hardcoded record Id. Hence it is a best practice to avoid hard coding record Ids.

This rule raises an issue when it detects hardcoded record Ids, i.e. strings which contain 15 or 18 characters and which start with any of the prefixes listed by Salesforce

Noncompliant code example

for(Case c: Trigger.new){
   if(c.RecordTypeId=='012500000009tuy'){ // Noncompliant
      // ...
   } else if(c.RecordTypeId=='0123000000095Kmwer'){ // Noncompliant
      // ...
   }
}

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Enterprise
Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted