Skip to content
/ lightning-flow-scanner-action Public

A GitHub Action for automated analysis and optimization of Salesforce Flow in Pull Requests. Scans metadata for 20+ issues such as hardcoded IDs, unsafe contexts, inefficient SOQL/DML operations, recursion risks, and missing fault handling.

github.com/marketplace/actions/run-flow-scanner

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Flow-Scanner/lightning-flow-scanner-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize your Salesforce Flows.

Lightning Flow Scanner Demo

GitHub Marketplace

Usage

To use this action in your workflow, create a file named .github/workflows/lightning-flow-scanner.yml with the following content:

name: lightning-flow-scanner
on:
  workflow_dispatch:
  pull_request:
jobs:
  action:
    runs-on: ubuntu-latest
    steps:
      - name: Get Latest Version
        uses: actions/checkout@v4
      - name: Run Flow Scanner
        uses: Flow-Scanner/[email protected]
        with:
            severityThreshold: error
            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Also ensure the following:

  • Create a .secrets file in the root of your repository with the following content:
    • GITHUB_TOKEN=<your-personal-access-token(PAT)>
  • Workflows have read and write permissions in the repository.
  • Allow GitHub Actions to create and approve pull requests.

Privacy: Zero user data collected. All processing is client-side. → See Data Handling in our Security Policy.

Run On Pull Requests

on:pull_request will trigger Flow Scanner to scan changed flow files every time a pull request is opened.

Manual Action

on:workflow_dispatch allows you to run the action on all Flows manually, by following these steps: 1. Navigate to the "Actions" tab of your GitHub repository. 2. Click on "Run Flow Scanner" in the list of available workflows. 3. Press the "Run workflow" button to trigger the action.

Configuration

Flow Scanner can be configured and the action will look for a .flow-scanner file in your repository root, such as:

  • .flow-scanner.yaml
  • .flow-scanner.yml
  • .flow-scanner.json

Configuration example(snippet):

rules:
  FlowName:
    severity: warning
  HardcodedId:
    severity: error
  • With severityThreshold: error, only HardcodedId will fail.
  • With severityThreshold: warning, both HardcodedId and FlowName will fail the workflow.

For more information about available rules and configurations, please review the Core Module Documentation.

Development

To debug the action locally you need to ensure you have npm and act installed and follow these steps:

  1. Run npm run build to compile a new version
  2. Run act: Use the act command to run the workflow: act workflow_dispatch --secret-file .secrets

Want to help improve Lightning Flow Scanner? See our Contributing Guidelines.

About

A GitHub Action for automated analysis and optimization of Salesforce Flow in Pull Requests. Scans metadata for 20+ issues such as hardcoded IDs, unsafe contexts, inefficient SOQL/DML operations, recursion risks, and missing fault handling.

github.com/marketplace/actions/run-flow-scanner

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 8

Compliance Hardened Latest
Oct 30, 2025
+ 7 releases

Languages