Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
prettier-plugin-apex
Advanced tools
This is a code formatter for the Apex Programming Language, used on the Salesforce development platform.
It uses the excellent Prettier engine for formatting, and the jorje compiler from Salesforce for parsing.
This project is production ready, and have been tested on multiple projects, including a mix of open source/proprietary/Salesforce internal code bases.
First, install the library:
# Install locally
npm install --save-dev prettier prettier-plugin-apex
# Or install globally
npm install --global prettier prettier-plugin-apex
If you install globally, run:
prettier --write "/path/to/project/**/*.{trigger,cls}"
If you install locally, you can add prettier as a script in package.json
:
{
"scripts": {
"prettier": "prettier"
}
}
Then in order to run it:
npm run prettier -- --write "/path/to/project/**/*.{trigger,cls}"
If you are formatting a big code base for the first time,
please make sure that you have some form of version control in place,
so that you can revert any change if necessary.
You should also run Prettier with the --debug-check
argument.
For example:
prettier --debug-check "/path/to/project/**/*.{trigger,cls}"
This will guarantee that the behavior of your code will not change because of the format.
If there are no errors, you can run prettier
with --write
next.
If there are errors, please file a bug report so that they can be fixed.
You can also format anonymous Apex with this program by using the
apex-anonymous
parser.
For example:
prettier --write "/path/to/project/anonymous/**/*.cls" --parser apex-anonymous
Note that Prettier will treat any Apex file that it finds using the glob above
as anonymous code blocks,
so it is recommended that you collect all of your anonymous Apex files into
one directory and limit the use of --apex-anonymous
only in that directory.
If there are lines in your Apex code that you do not want formatted by Prettier
(either because you don't agree with the formatting choice,
or there is a bug), you can instruct Prettier to ignore it by including the comment
// prettier-ignore
or /* prettier-ignore */
on the line before. For example:
// prettier-ignore
matrix(
1, 0, 0,
0, 1, 0,
0, 0, 1
)
This library follows the same configuration format as Prettier, which is documented here.
The amount of configuration is very limited, because this is intended to be a very opinionated formatter. Here is the default configuration that can be overriden:
Name | Default | Description |
---|---|---|
printWidth | 80 | Same as in Prettier (see prettier docs) |
tabWidth | 2 | Same as in Prettier (see prettier docs) |
useTabs | false | Same as in Prettier (see prettier docs) |
requirePragma | false | Same as in Prettier (see prettier docs) |
insertPragma | false | Same as in Prettier (see prettier docs) |
apexInsertFinalNewline | true | Whether a newline is added as the last thing in the output |
apexStandaloneParser | none | If set to built-in , Prettier uses the built in standalone parser for better performance. See Performance Tip.If set to none , Prettier invokes the CLI parser for every file. |
apexStandalonePort | 2117 | The port that the standalone Apex parser listens on. Only applicable if apexStandaloneParser is built-in . |
Follow this tutorial from Salesforce in order to use this plugin in VSCode.
By default, this library invokes a CLI application to get the AST of the Apex code. However, since this CLI application is written in Java, there is a heavy start up cost associated with it. In order to alleviate this issue, we also have an optional HTTP server that makes sure the start up is invoked exactly once. This is especially useful if this library is integrated in a 3rd party application.
In order to use this server, you have to evoke it out of band before running Prettier, as well as specifying a special flag when running Prettier:
# Start the server (if installed globally)
start-apex-server
# Or if installed locally
node /path/to/library/bin/start-apex-server.js
# In a separate console
prettier --apex-standalone-parser built-in --write "/path/to/project/**/*.{trigger,cls}"
# After you are done, stop the server (if installed globally)
stop-apex-server
# Or if installed locally
node /path/to/library/bin/stop-apex-server.js
FAQs
Salesforce Apex plugin for Prettier
The npm package prettier-plugin-apex receives a total of 59,295 weekly downloads. As such, prettier-plugin-apex popularity was classified as popular.
We found that prettier-plugin-apex demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.