Common Issues and Solutions

Errors

Why am I getting the following error: Salesforce\force-app\main\default\applications\Chatter_Delete_Blocker.app-meta.xml when writing a custom SonarQube rules using the Xpath Template rule for Salesforce Metadata (sfmeta:XPathRule)?

The analysis is looking for a match with a file name and the suffix entered in the field, but it cannot find any, which is why the above error is thrown. This is expected behavior because CodeScan cannot decide which rules to apply to the files. To remove file patterns listed for sonar.lang.patterns.xml, navigate to Project Settings > General Settings > Language.

Why is my CodeScan analysis failing with the error `"Job took long. We will attempt to rerun with more memory."`?

This error may occur for projects having huge metadata.

Increase the Project's Java heap memory size to analyze the project sources.
- On the CodeScan Project page, navigate to Project Settings > Project Analysis.
- Click on the Edit Project button.
- Update the Project Memory by selecting the required memory from the dropdown. The memory size can be overridden and increased at the organization level.
Check for the rule "Avoid Cleartext Transmission of Sensitive Information in the default quality profile" in your default quality profile. If available, please deactivate it. Use the steps below:
- Create a new quality profile for Apex language.
- Deactivate the "Avoid Cleartext Transmission of Sensitive Information in the default quality profile" rule.
- Set the newly created profile as default.

For detailed steps, please refer to Customizing Quality Profiles.

Why is the Add & Run Scan tab grayed out?

If a user does not have approval/permission to run a scan, when they try to add a project for analysis, the Add & Run Scan tab will be grayed out.

Why am I getting the following error message: "Not Able to Download Code from SF in the Project Analysis Page"?

Check to see whether CodeScan is blocked in Salesforce (Setup > Connected Apps > CodeScan). If it's blocked, unblocked it. If it's already unblocked, yet you are still seeing the error, uninstall then reinstall, block it, and then unblock it.

Copado Integration

Should the user add a new analysis project after the CodeScan-Copado integration is complete? If the user creates one, how does CodeScan understand it's the same project as the Copado connection?

Adding a new analysis project is not required. The project in CodeScan is automatically created in Copado Integration using the organization key and security token provided by CodeScan.

Why am I unable to see the results in CodeScan using the Copado integration?

Check if the specific user has permission to access the 'Result Record' in Copado.

PreviousFalse Positives NextVault-FAQs

Last updated 25 days ago