Run Salesforce CLI scanner on current file

tasks.json

{
    "version": "2.0.0",
    "tasks": [
        {
            "label": "SFDX: Run Security Scan on Current File",
            "type": "shell",
            "command": "sfdx",
            "args": [
                "scanner:run",
                "-t",
                "${relativeFile}",
                "-c",
                "Security"
            ],
            "group": "build",
            "presentation": {
                "reveal": "always",
                "panel": "shared"
            },
            "problemMatcher": []
        }
    ]
}

Hi Mohith,

when i used your tasks.json file and ran the CMD + SHIFT + B on current file, i got the rules error.

ERROR running scanner:run: Oct 28, 2020 8:26:39 PM net.sourceforge.pmd.RuleSetFactory parseRuleReferenceNode
WARNING: Use Rule name category/apex/errorprone.xml/ApexCSRF instead of the deprecated Rule name category/apex/security.xml/ApexCSRF. PMD 7.0.0 will remove support for this deprecated Rule name usage.
Where do i change the Rule in the file.

Upon taking a look at this file, looks like we have to insert some rule ref elements , but i am not sure where to add:
https://pmd.github.io/latest/pmd_rules_apex_errorprone.html#apexcsrf
Please suggest.

Sounds like issue is very specific to an apex file. Without checking the code it is hard for me to tell.

This is also related to PMD and not related to tasks.json so feel free to raise issue on PMD repo for help!

Hey Mohith,

Thanks for the example task file, how do we set it up to be globally available?

Hello,

Can you explain me what do you mean by globally here? Do you mean for all project workspace?

Or to scan all the files?

Hi Mohith

Apologies, I wasn't very clear.

I meant, how can I set up the task so that it is always available in all projects?

Hi Robert,

Unfortunately project scaffold command of sfdx at this point does not let you to add your own scaffold templates.

You can build a salesforce cli plugin if you need this in every project!