Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize your Salesforce Flows
Install with SFDX:
sf plugins install lightning-flow-scannerInstall with NPM:
npm install -g lightning-flow-scannerLightning Flow Scanner CLI is plug-and-play. Open any project with flows and run sf flow:scan; all default rules and thresholds are applied automatically.
sf flow:scan [options]Customize the scan behavior using the following options:
-c, --config <path> provide a path to the configuration file. -f, --failon provide a threshold level for returning status 1 -p, --files <C:\..\flow1.flow, C:\..\flow2.flow> provide a space-separated list of flow paths to scan. -u, --targetusername <username> retrieve the latest metadata from the target before the scan. -d, --directory <C:\..\force-app\main\default\flows> provide a directory to scan. --json set output format as json. --loglevel=(trace|debug|info|warn|error|fatal) [default: warn] logging level.Create a .flow-scanner.json file in order to configure:
- A defined ruleset to be executed.
- The severity of violating any specific rule.
- Custom expressions or rule implementations.
- Any known exceptions that should be ignored during scanning.
{ "rules": { ... }, "exceptions": { ... } }Note: if you prefer YAML format, you can create a .flow-scanner.yml file using the same format.
When the severity is not provided it will be error by default. Other available values for severity are warning and note. Define the severity per rule as shown in the following example.
{ "rules": { "FlowDescription": { "severity": "warning" }, "UnusedVariable": { "severity": "error" } } }Some rules have additional attributes to configure, such as the expression, that will overwrite default values. These can be configured in the same way as severity as shown in the following example. For more information on the available rules and configurations, please review the flow scanner documentation.
{ "rules": { "APIVersion": { "severity": "error", "expression": "===58" }, "FlowName": { "severity": "error", "expression": "[A-Za-z0-9]" } } }Specifying exceptions can be done by flow, rule and result(s), as shown in the following example.
{ "exceptions": { "AssignTaskOwner": { "UnusedVariable": ["somecount"] }, "GetAccounts": { "UnusedVariable": ["incvar"] } } }This project optionally uses Volta to manage Node.js versions. Install Volta with:
curl https://get.volta.sh | bashVolta will automatically use the Node.js version defined in
package.json.
- Clone the repository
git clone https://github.com/Flow-Scanner/lightning-flow-scanner-cli.git- Install Dependencies
npm install- Build Executables
npm run build- Run Tests
npm run build- Linking Core Module (Optional)
If you’re developing or testing updates to the core module, you can link it locally:
- In the core module directory, run:
npm run link
- In this CLI project directory, run:
npm link lightning-flow-scanner-core
Want to help improve Lightning Flow Scanner? See our Contributing Guidelines
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
