Scans for unsafe contexts, hardcoded IDs, and other issues to optimize your Flows.

Features/Commands

Use our side bar or the Command Palette and type Flow Scanner to see the list of all available commands.

• Scan Flows allows choosing either a directory or a selection of flows to run the analysis against. More information on the default rules can be found in the core documentation.
• Fix Flows will apply available fixes automatically.
• Open Documentation can be used to reference the documentation.

Configuration Options

Key	Description	Default Value
lightningFlowScanner.SpecifyFiles	Specify flow file paths instead of a root directory.	false
lightningFlowScanner.NamingConvention	Specify a REGEX expression to use as Flow Naming convention.	"[A-Za-z0-9]+_[A-Za-z0-9]+"
lightningFlowScanner.APIVersion	Specify an expression to validate the API version, i.e. '===50'(use at least 50).	">50"
lightningFlowScanner.Reset	Reset all configurations on every scan	false

Development Setup

1. Clone the repo:

   git clone https://github.com/Flow-Scanner/lightning-flow-scanner-vsx.git

2. Install dependencies:

   npm install

3. run locally

   npm run watch
   

4. build vsix

   npm run build
   

Note on the original project

The original lightning-flow-scanner-vsce package was unpublished from the Visual Studio Marketplace after a Remote Code Execution (RCE) vulnerability was identified in its core dependency, lightning-flow-scanner-core. This issue, caused by unsafe custom rule loading, has been fully resolved in the v5.1.0 release of the core library. The lightning-flow-scanner-vsx fork, focusses on security and maintainability.

If you'd like to help us enhance Lightning Flow Scanner, please consider having a look at the Contributing Guidelines.