Closed pavelt-addepar closed 3 months ago
This is working as intended. As per our docs the command "Lists all the generally available rules in the catalog that are enabled by default." So pmd-appexchange rules are not included. You can find out more about the pmd-appexchange rules in our docs (link here)
We do want to improve how we display the currently configured rule catalog (not just the default one), but that is something in our long term roadmap.
Thank you for the quick response - that's good to know!
Description: The command
sf scanner rule list
does not listpmd-appexchange
rules.Documentation:
Output of
sf scanner rule list --verbose
:Steps To Reproduce:
Using
sdfx-scanner@4.0.0
executesf scanner rule list --verbose
(as above). In the output it's visible that it's loading filecategory/apex/sfca_apex_security.xml
fromsfca-pmd-apex-0.12.jar
. Open the jar file and then open the XML file - and pick a rule at random - for instanceAvoidHardcodedCredentials
. That rule does not appear in the result/output.As a result, the
pmd-appexchange
engine does not appear anywhere in the results.Expected Behavior:
pmd-appexchange
rules should be listed in the output.Desktop:
@salesforce/cli/2.35.6 darwin-arm64 node-v20.11.1
sdfx-scanner@4.0.0
Urgency: Not urgent.