SFDX CLI plugin for the apex-link Salesforce metadata static analysis library. This plugin provides a simple 'check' command that can be used to examine metadata for errors, in addition it can report on various warnings such as unused fields & methods or variable shadowing. The command can also be used to obtain Apex class dependencies in either CSV or JSON format.
To install the CLI plugin (from npm)
sfdx plugins:install apexlink
Check the installation was successful with
sfdx plugins
This should show apexlink in the plugin list.
To perform a simple validity check use:
sfdx apexlink:check <directory>
This parses and performs semantic checks on the code and reports any errors, such as types not being found. The library contains a pretty comprehensive set of platform types that it validates against. This command does not require an sfdx project, if you omit the directory it will search the current directory for metadata. To also see warnings add the argument "--verbose".
You can use the check command to report on unused fields, properties and methods of Apex classes.
sfdx apexlink:check --verbose --unused <directory>
The check command can also report Apex class dependencies with:
sfdx apexlink:check --depends --json <directory>
If you omit the --json the dependency default format is CSV.
To download metadata for use by apexlink use:
sfdx apexlink:gulp --namespaces="unmanaged,ns1"
If you org does not have a namespace you can use "unmanaged" to download umanaged metadata, if the org does have a namespaces you should use it instead. The metadata will be stored in a .apexlink/gulp directory within your workspace. Note: to make use of the metadata you need to add settings to sfdx-project.json, see apex-assist README for instructions.
$ npm install -g apexlink
$ sfdx COMMAND
running command...
$ sfdx (-v|--version|version)
apexlink/2.3.5 darwin-x64 node-v16.6.0
$ sfdx --help [COMMAND]
USAGE
$ sfdx COMMAND
...
sfdx apexlink:check [--depends] [--unused] [--nocache] [--debug] [--verbose] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]sfdx apexlink:gulp [--namespaces <array>] [--debug] [-u <string>] [--apiversion <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]sfdx apexlink:packages [-u <string>] [--apiversion <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]sfdx apexlink:check [--depends] [--unused] [--nocache] [--debug] [--verbose] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]Validate Apex code in current or passed directories
USAGE
$ sfdx apexlink:check [--depends] [--unused] [--nocache] [--debug] [--verbose] [--json] [--loglevel
trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]
ARGUMENTS
DIRECTORY directory to search for metadata files, defaults to current directory
OPTIONS
--debug show debug log
--depends output class dependencies rather
than issues, in CSV (default) or
JSON format
--json show output in json format (disables
--verbose)
--loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for
this command invocation
--nocache don't use cache during loading
--unused show unused messages, requires
--verbose
--verbose show warning messages
EXAMPLES
$ sfdx apexlink:check
$ sfdx apexlink:check --verbose $HOME/myproject
$ sfdx apexlink:check --json --depends $HOME/myproject
See code: src/commands/apexlink/check.ts
sfdx apexlink:gulp [--namespaces <array>] [--debug] [-u <string>] [--apiversion <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]Download metadata to enable apex-link semantic analysis
USAGE
$ sfdx apexlink:gulp [--namespaces <array>] [--debug] [-u <string>] [--apiversion <string>] [--json] [--loglevel
trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]
OPTIONS
-u, --targetusername=targetusername username or alias for the target
org; overrides default target org
--apiversion=apiversion override the api version used for
api requests made by this command
--debug show progress messages
--json format output as json
--loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for
this command invocation
--namespaces=namespaces gulp metadata for these namespaces,
if not set 'unmanaged' is loaded
EXAMPLES
$ sfdx apexlink:gulp
$ sfdx apexlink:gulp --debug --namespaces="ns1,ns2"
See code: src/commands/apexlink/gulp.ts
sfdx apexlink:packages [-u <string>] [--apiversion <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]Display information about installed packages
USAGE
$ sfdx apexlink:packages [-u <string>] [--apiversion <string>] [--json] [--loglevel
trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]
OPTIONS
-u, --targetusername=targetusername username or alias for the target
org; overrides default target org
--apiversion=apiversion override the api version used for
api requests made by this command
--json format output as json
--loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for
this command invocation
EXAMPLES
$ sfdx apexlink:packages
$ sfdx apexlink:packages --debug"
See code: src/commands/apexlink/packages.ts
FAQs
SFDX CLI plugin for Apexlink Salesforce metadata analysis library
We found that apexlink demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Research
A malicious npm campaign is targeting Ethereum developers by impersonating Hardhat plugins and the Nomic Foundation, stealing sensitive data like private keys.