Salesforce: Automated Static Code and Configuration Analysis for Humans

Table of Contents

Reading time: 6 minutes
Audience: Salesforce architects and administrators

Why do we need reviews for?

We live in the age of DevOps. As Salesforce administrators or platform managers, we should demand that our Salesforce deployments are not left out of the continuous quality assurance processes which are an integral part of any DevOps pipeline.

Furthermore, we should also ensure that these quality checks run not only against the Apex code deployed in our Orgs, but that they analyze the Org from a more holistic point of view, including an analysis of the Data Model, and in general of any customizations or configuration changes made in our Orgs. Indeed, for many Salesforce customers, the amount of actual code they write is only a small percentage of how they adapt and customize their Orgs to implement their specific business processes.


But the current implementation of all these checks poses quite a few specific challenges, such as:

–  How can I scan the configuration and customization of my Org to ensure that I am not deviating from Salesforce and industry standard best practices?
– Which static analysis rules should I run/rely on?
– How many of them are enough? When I can be confident that my rule coverage is good?
– How can I detect defects as soon as possible?
– Do I need to be an experienced developer to run the conde analysis and understand its results?
– Getting one report on the current state of the quality code is good, but, how will I be able to evaluate the progress of my team and my code, and correlate it with my deployments?
– Once I scan my code, how can I make the results available to everybody who needs access to the results?
– Can I have all these mechanisms working on auto-pilot? Do I need to be on the lookout for new rules, and to remove outdated or deprecated ones?

Automate the code and configuration review tedious process

Quality Clouds analyzed this problem from the Salesforce customer perspective instead of the technical side. We challenged ourselves to provide a full, auto-pilot, worry-free solution that just provides you with the results you need.

Quality Clouds relies on several strong pillars to achieve this:

– A fully cloud to cloud solution, which requires no code installation whatsoever on your Org
– Quality Clouds specific rules, based on our experience with our Salesforce Customers, which are able to detect technical debt at the level of Org customisation and configuration
– Community-driven rules using the amazing Apex PMD open source project for static APEX code analysis
– The ability to define your own custom rules to ensure that scans against your Orgs will cover areas of specific interest to you
– Automates scheduled scans, on any sandbox belonging to your development lane, from development to production Org, so you’ll get visibility on defects and feedback as soon as possible
– Ability to provide a historical view, not just a snapshot of today’s code status, but how the quality of the code is evolving over time
– Ability to compare scan results across different Orgs, to determine the extent to which they are aligned
– Ability to correlate the code quality with deployments made, with your team/s commits

This whole process can be fully automated in a few minutes. After this, all you have to do is sit back and watch the results show up in your Quality Clouds dashboards. You do not need to know apex, or to concern yourself with ruleset definition and maintenance, Salesforce coding best practices, etc., Everything runs on autopilot and on the background without any impact on your Org’s performance.

This is how Quality Clouds makes verifying the overall quality of your Salesforce Org easy for humans, like you


Start your free trial now and get a free health assessment of your org.

Interested in what we do?
Find out how Quality Clouds can enhance your SaaS platforms' governance, compliance, and quality in real-time.
Quality Clouds
Quality Clouds was created to address a significant gap in the tech industry: the challenge developers face with Salesforce and ServiceNow deployments. Identifying the risks of working on unknown systems, our founders sought to empower developers with essential insights for quality and governance in SaaS projects.

Want to learn more? Let's talk: