Run analysis locally using SFDX
  • 11 Aug 2022
  • 1 Minute to read
  • Contributors
  • Dark

Run analysis locally using SFDX

  • Dark

This article will guide you through how to run the code manually using our CodeScan Plugin and Salesforce CLI.

To run the code manually using our CodeScan Plugin and Salesforce CLI, first make sure you have Salesforce CLI installed. Click here to download the Salesforce CLI and its dependencies.

  1. To install the CodeScan SFDX plugin, follow these steps:
    • Use sfdx plugins:install sfdx-codescan-plugin.
    • You'll be prompted that this plugin is not signed by Salesforce, type y to continue.
    • Check the installation using sfdx plugins.
  2. You're ready to run a scan once the installation is completed. To run this scan, follow these steps:
    • Open Bash CLI like Git Bash, etc.
    • Now, go to the file or the repository you want to run a scan on and enter the command as shown below:
sfdx codescan:run --token <token> --projectkey <project key>> --organization <organization key>

To find your project key and the organization key, click on the respective links below:

Project keys differ from project to project as both the Organization key and Project key are unique.

  1. This will start the analysis directly on the CodeScan cloud.
  2. To know how to generate a security token, click here.
  3. If you want to run the analysis in the CodeScan Self-Hosted, then make the below changes in the command:
    • Add --server <Server Name> 
    • Replace Project key
    • Replace Organization key
    • Replace Token
    • Replace your server name (if applicable).
sfdx codescan:run --token <token> --projectkey <project key>> --organization <organization key>
  1. To view a list of parameters and flags which you can use, run the following command:
sfdx help codescan:run

Was this article helpful?