Salesforce coding best practice rules

Best practice categories

In order to provide a comprehensive view of the overall quality of your Salesforce Org, Quality Clouds checks for Best Practices at three different levels:

These are best practices which apply to a single configuration element, such as a Lightning Component, Apex Class, Apex Trigger, etc.

These are best practices which apply to the Org as a whole. For instance, having a high ratio of Custom Objects to Standard Objects is considered an over-customisation, and will be reported as an issue.

Every block of duplicated code also generates an issue. The severity of the issue depends on the total number of code lines which are repeated in the Org (size of repeated block x number of lines in the block x number of repetitions)

Best practices on Individual Elements

The table below lists the best practices which Quality Clouds will check on individual code elements in a Salesforce Org, together with the element type to which each one applies. The severity and area of impact of the issues raised when a Best Practice is not followed is also shown in the table.


Best Practice DescriptionConfiguration Element TypeIssue SeverityIssue Impact AreaRulesetAdditional Reference
Apex unit tests should include at least one assertion.    Apex Class   HIGH    Manageability PMD - APEXPMD Rule Definition
Apex unit tests should not use @isTest(seeAllData=true) because it opens up the existing database data for unexpected modification by tests. Apex Class   HIGH    Manageability PMD - APEXPMD Rule Definition
New objects created within loops should be checked to see if they can be created outside them and reused.    Apex Class   HIGH    PerformancePMD - APEXPMD Rule Definition
Avoid DML statements inside loops to avoid hitting the DML governor limit   Apex Class   HIGH    PerformancePMD - APEXPMD Rule Definition
Detect classes declared without explicit sharing mode if DML methods are used.    Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Checks against redirects to user-controlled locations. This prevents attackers from redirecting users to phishing sites.    Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Checks against accessing endpoints under plain http. You should always use https for security.   Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Reports on calls to addError with disabled escaping.   Apex Class   HIGH    SecurityPMD - APEXPDM Rule Definition
The rule makes sure you are using randomly generated IVs and keys for Crypto calls. Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Check to avoid making DML operations in Apex class constructor/init method.    Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Detects the usage of untrusted / unescaped variables in DML queries. Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Checks against calling dangerous methods. Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Detects hardcoded credentials used in requests to an endpoint. Apex Class   HIGH    SecurityPMD - APEXPMD Rule Definition
Non-constructor methods should not have the same name as the enclosing class. Apex Class   HIGH    Manageability PMD - APEXPMD Rule Definition
As triggers do not allow methods like regular classes they are less flexible and suited to apply good encapsulation style. Apex Trigger    HIGH    Manageability PMD - APEXPMD Rule Definition
Global classes should be avoided (especially in managed packages) as they can never be deleted or changed in signature. Apex Class   HIGH    Manageability PMD - APEXPMD Rule Definition
Avoid using with - it's bad news Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
Avoid using accidentally global variables by simply missing the var declaration   Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
In a for-in loop in the variable name is not explicitly scoped to the enclosing scope with the var keyword    Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
Checks for usages of parseInt Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
Improve code portability due to differences in browser treatment of trailing commas in object or array literals.   Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
The numeric literal will have a different value at runtime, which can happen if you provide too much precision in a floating point number.    Lightning    HIGH    Manageability PMD - JavascriptPMD Rule Definition
Possible extra-sensitive PII usage in configuration element - Gender Apex Class   HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible extra-sensitive PII usage in configuration element - Gender Apex Trigger    HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible extra-sensitive PII usage in configuration element - Gender Custom Field    HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible extra-sensitive PII usage in configuration element - Religion Apex Class   HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible extra-sensitive PII usage in configuration element - Religion Apex Trigger    HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible extra-sensitive PII usage in configuration element - Religion Custom Field    HIGH    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Component id must be unique    Apex Page    HIGH    ScalabilityQualityCloudsAPEX Page and APEX Component best practices
 Increase the time interval for calling Apex   Apex Page    HIGH    PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Use the render attribute on Visualforce components to update the component without updating the entire page.    Apex Page    HIGH    PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Whenever you can, choose the My... or My Team's... options rather than All in the "Show" filter.    Report    HIGH    PerformanceQualityCloudsReport Performance Best Practices
 Avoid using if statements without using braces to surround the code block. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid using while statements without using braces to surround the code block.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid using if..else statements without using surrounding braces. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid using for statements without using surrounding braces. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid creating deeply nested if-then statements since they are harder to read and error-prone to maintain.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Methods with numerous parameters are a challenge to maintain, especially if most of them share the same datatype. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Excessive class file lengths are usually indications that the class may be burdened with excessive responsibilities   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given method.    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given type.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given constructor. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Too much cyclomatic complexity.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Classes that have too many fields can become unwieldy and could be redesigned to have fewer fields.    Apex Class   MEDIUM ScalabilityPMD - APEXPMD Rule Definition
 Classes with large numbers of public methods and attributes require disproportionate testing efforts. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Method names should always begin with a lower case character, and should not contain underscores.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Class names should always begin with an upper case character.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 The rule validates you are checking for access permissions before a SOQL/SOSL/DML operation. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Method names should always begin with a lower case character, and should not contain underscores.   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 It is essential to avoid hardcoding IDs    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Empty block statements serve no purpose and should be removed. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 it checks for final variables that should be fully capitalized and non-final variables that should not include underscores.    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid directly accessing Trigger.old and Trigger.new as it can lead to a bug. Apex Trigger    MEDIUM Manageability PMD - APEXPMD Rule Definition
 Empty Catch Block finds instances where an exception is caught, but nothing is done Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Empty If Statement finds instances where a condition is checked but nothing is done about it.    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid empty try or finally blocks    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Sosl calls within loops can cause governor limit exceptions.    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Avoid empty while statements   Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Complexity directly affects maintenance costs is determined by the number of decision points in a method plus one for the method entry.    Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 Makes sure that all values obtained from URL parameters are properly escaped / sanitized to avoid XSS attacks. Apex Class   MEDIUM Manageability PMD - APEXPMD Rule Definition
 The rule validates you are checking for access permissions before a SOQL/SOSL/DML operation. Apex Trigger    MEDIUM Manageability PMD - APEXPMD Rule Definition
 Too much cyclomatic complexity.   Apex Trigger    MEDIUM Manageability PMD - APEXPMD Rule Definition
 Complexity directly affects maintenance costs is determined by the number of decision points in a method plus one for the method entry.    Apex Trigger    MEDIUM Manageability PMD - APEXPMD Rule Definition
 Variables should start with a lowercase character   Apex Trigger    MEDIUM Manageability PMD - APEXPMD Rule Definition
 Issue not identified    All    MEDIUM Manageability QualityClouds
 When a function does use returns they should all have a value, or all with no value.    Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Avoid assignments in operands; this can make code more complicated and harder to read. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Avoid using for statements without using curly braces. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Avoid using if..else statements without using curly braces. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Avoid using if statements without using curly braces. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 The else block in a if-else-construct is unnecessary if the if block contains a return. Then the content of the else block can be put outside.  Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 An unnecessary Block is present. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 A return , break , continue , or throw statement should be the last in a block.    Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Avoid using while statements without using curly braces.   Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Using == in condition may lead to unexpected results, as the variables are automatically casted to be of the same type. Lightning    MEDIUM Manageability PMD - JavascriptPMD Rule Definition
 Use only one <apex:form> tag on a page Apex Page    MEDIUM Manageability QualityCloudsAPEX Page and APEX Component best practices
 Avoid using data grids Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Combine all CSS files into a single file   Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Combine all JavaScript files into a single file Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Include JavaScript files using a standard HTML <script> tag right before your closing </apex:page> tag instead of using <apex:includeScript>;.  Apex Page    MEDIUM Manageability QualityCloudsAPEX Page and APEX Component best practices
 Include JavaScript files using a standard HTML <script> tag right before your closing </apex:page> tag instead of using <apex:includeScript>;.  Apex Component MEDIUM Manageability QualityCloudsAPEX Page and APEX Component best practices
 Displaying the Content of a Static Resource   Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Unnecessary HTML increases the size of the component tree and the processing time for Ajax requests.   Apex Component MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Unnecessary HTML increases the size of the component tree and the processing time for Ajax requests.   Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Reduce the number of records displayed on the page Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Use fewer images Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Use static resources to serve CSS files, as well as images, JavaScript, and other non-changing files. Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Use static resources to serve images, as well as CSS, JavaScript, and other non-changing files. Apex Page    MEDIUM PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Use a static resource to upload content that it can be referenced in a Visualforce page    Apex Page    MEDIUM Manageability QualityCloudsAPEX Page and APEX Component best practices
 Use the equals or not equal to operators instead of contains or does not contain Report    MEDIUM PerformanceQualityCloudsReport Performance Best Practices
 Choose AND rather than OR for filter logic    Report    MEDIUM PerformanceQualityCloudsReport Performance Best Practices
 Always use the starting and ending date values to limit the report scope.   Report    MEDIUM PerformanceQualityCloudsReport Performance Best Practices
 Try using relative date values such as THIS WEEK, NEXT MONTH, or TOMORROW. Report    MEDIUM PerformanceQualityCloudsReport Performance Best Practices
 Select Hide Details in Advanced Filters if you only need a summary of the data and to reduce loading time.   Report    MEDIUM PerformanceQualityCloudsReport Performance Best Practices
 Unnecessary parentheses should be removed.    Lightning    LOW Manageability PMD - JavascriptPMD Rule Definition
 Create a custom component to show and hide data Apex Page    LOW PerformanceQualityCloudsAPEX Page and APEX Component best practices
 Page names should always begin with an upper case character.    Apex Page    LOW Manageability QualityCloudsAPEX Page and APEX Component best practices
 Possible PII usage in configuration element  - Email Apex Class   WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element - Email Apex Trigger    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Email Custom Field    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Passport Apex Class   WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Passport Apex Trigger    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Passport Custom Field    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Nationality Apex Class   WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Nationality Apex Trigger    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Nationality Custom Field    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Address Apex Class   WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Address Apex Trigger    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Possible PII usage in configuration element  - Address Custom Field    WARNING    SecurityQualityCloudsGDPR - General Data Protection Regulation
 Reduce the number of fields in the report by removing unnecessary columns or fields.    Report    WARNING    PerformanceQualityCloudsReport Performance Best Practices

Avoid  the use of several variables declaration of the same type on one line.  

Apex Class  

HIGH   

Manageability

PMD - APEX

PMD Rule Definition

ApexDoc comments are present for classes, methods, and properties that are public or global, excluding overrides and test classes  

Apex Class  

 MEDIUM

Manageability

PMD - APEX

PMD Rule Definition

Missing ApexDoc @description

Apex Class  

MEDIUM

Manageability

PMD - APEX

PMD Rule Definition


What's here