+ Start a Discussion

Apex Code Review Tool

Is there any tool available through which we can review Apex code?
Do you mean like an IDE? What type of tool are you looking for? The posting wasn't clear.

I am looking for any automated tool using which we can do the code review(code analyzer) for Apex just the way we use to review Java code through various tools like PMD, Checkstyle.

Is there any tool which we can use as a plugin to Eclipse or through command line or webbased application and do the review for Apex code.


I don't believe there are any.


When you run test cases you get code coverage stats, but that's about it.





Hi Steve,


Thanks for your response. My concern is not about unit testing. I know Apex has an inbuilt mechanism for unit testing.


I am looking for some tool which i can use purely for code review. Using which we can test the below functionalities

General code smoke test, Comments and Coding Convention, Error Handling, Resource leak, Control structure etc.

Kindly let me know if have any idea of doing these in Apex through some tool.


I don't know of any such tools for Apex


Apex is Java-enough like that perhaps some of the Java tools or Eclipse plug-ins might help with code review, but I'm not sure.  


(There's always your peer programmers!  :-) )


Best, Steve.


I think Checkmarx has more or less what you want.



Rajiv BhattRajiv Bhatt
try the Apex PMD plugin for eclipse which is similar to PMD that is available for Java. Available @ http://codescan.villagechief.com/eclipse/
Jonathan GreenJonathan Green
Rajiv, have you used that elcipse plugin? I tried, it installed into my eclipse (Kepler) but didn't show in Preferences or anywhere else. Is it specfic to an older version of eclipse and everyone would have to downgrade to use it?
Jaap BranderhorstJaap Branderhorst
Salesforce uses Checkmarx for it's code security review for ISV's.
Andrew SturtAndrew Sturt
I was looking for the same thing. Has anyone used Codescan (https://appexchange.salesforce.com/listingDetail?listingId=a0N30000009xZ3WEAU)? It looks like it could be really good, but I'd like to hear from an actual user of the product. As the adage goes, "Self-commendation is no recommendation." Checkmarx has a free trail, while Codescan does not, so I can try Checkmarx for myself.
Bill Anderson 28Bill Anderson 28
You can use PMD with APEX --> https://sourceforge.net/projects/pmd/?source=typ_redirect
Hi there, sorry for the delay in responding here, there is a full product 30 day trial of the CodeScan tool. You can download it from the www.code-scan.com web site. email support@ if you have any questions. 
Gabriele Gallo StampinoGabriele Gallo Stampino
Hello there, did you try Clayton? It is a new tool changing the way teams build apps on the Salesforce platform. It plugs into your code repositories and monitors your development, to make sure that everything you build follows design, coding and security best practices.
Try it here: https://www.getclayton.com/
Steve Fouracre 11Steve Fouracre 11
I can say CodeScan is good but there are some limitations. For instance if you want to get statistics on how well good unit tests have been built to see if developers are adhering to best practices per class, per project and whole system. If you want to know if a function does have a unit test built for it. If you want to know how many DMLs or SOQLs etc will be called from a function and all the functions it references. Also enforce coding standards from the start rather than just identifying the issues after code is built. CodeScan and other tools cant do this. But SES can do these things and more http://www.selfevolvingsoftware.com/
Apex PMD is my static analysis tool of choice. There's no substitute for a good code review by your peers, though! I've started doing some reviews of Salesforce sample code (http://force-code.com/high-quality-apex-code-review-2/) to demonstrate the process and hopefully get a conversation going around the importance of reviews and best practices in Apex coding. Take a look if you get a chance!