Salesforce Lightning CLI

3.0.0 verified Sat Apr 25 auth: no javascript maintenance

Salesforce Lightning CLI (v3.0.0) is a code review tool for scanning Lightning component code for issues related to LockerService. It is based on ESLint and flags unsupported/private APIs, incorrect component code, and general JS issues. It is bundled with Salesforce CLI and also available as a Heroku plugin. It has two rule sets: unmodifiable security rules and customizable style rules. The project appears to be in maintenance mode, with the preferred usage now being through sfdx force:lightning:lint. No updates since 2018.

Common errors

error 'heroku' is not recognized as an internal or external command ↓

cause Heroku Toolbelt is not installed or not in PATH.

fix

Install Heroku Toolbelt from https://devcenter.heroku.com/articles/getting-started-with-nodejs#set-up, or use Salesforce CLI instead.

error Error: Cannot find module 'salesforce-lightning-cli' ↓

cause Plugin not installed or incorrect installation path.

fix

Run heroku plugins:install salesforce-lightning-cli or use sfdx force:lightning:lint which is bundled with Salesforce CLI.

error No files matching pattern: **/*Controller.js ↓

cause The --files pattern did not match any files in the specified directory.

fix

Verify the directory path and the glob pattern. Use recursive glob (double asterisk) if files are in subdirectories.

Warnings

deprecated The Heroku plugin installation method is deprecated. Use Salesforce CLI (sfdx) instead. ↓

fix Install Salesforce CLI from https://developer.salesforce.com/tools/sfdxcli and run `sfdx force:lightning:lint`.

gotcha Lightning CLI only runs on local files. It does not fetch code from the server. ↓

fix Use Metadata API or Force.com IDE to download components to your machine before linting.

gotcha The --config argument only allows customization of style rules, not security rules. ↓

fix Security rules are non-modifiable. Copy the default style rules file from lib/code-style-rules.js and modify those.

deprecated LockerService is being deprecated in favor of Lightning Web Security. Lightning CLI may not be updated for new security requirements. ↓

fix Consider migrating to newer linting tools that support Lightning Web Security.

Install

npm install salesforce-lightning-cli

yarn add salesforce-lightning-cli

pnpm add salesforce-lightning-cli

Imports

Lightning CLI
wrong
```
heroku lightning:lint [path]
```
correct
```
sfdx force:lightning:lint [path]
```
The preferred way to run is via sfdx, not heroku. The heroku plugin is legacy.
Custom rules config
wrong
```
sfdx force:lightning:lint --config [file] [path]
```
correct
```
sfdx force:lightning:lint [path] --config [file]
```
Config file path must come after the folder path. Only style rules can be overridden.
Filtering files
wrong
```
sfdx force:lightning:lint [path] --files *.js
```
correct
```
sfdx force:lightning:lint [path] --files **/*Controller.js
```
The --files argument accepts glob patterns. Use double asterisk for recursive matching.

Quickstart

Runs Lightning CLI linting on a directory, filtering to controller files, and showing warnings.

sfdx force:lightning:lint ./path/to/lightning/components/ --files **/*Controller.js --verbose