upgrade code analyzer to v5

Dockerfile

@@ -336,8 +336,8 @@ ARG GEM_RUBOCOP_RAILS_VERSION=2.33.4
 ARG GEM_RUBOCOP_RAKE_VERSION=0.7.1
 # renovate: datasource=rubygems depName=rubocop-rspec
 ARG GEM_RUBOCOP_RSPEC_VERSION=3.7.0
-# renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+# renovate: datasource=npm depName=@salesforce/code-analyzer
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 # renovate: datasource=pypi depName=snakemake
 ARG PIP_SNAKEMAKE_VERSION=9.13.2
 # renovate: datasource=pypi depName=snakefmt
@@ -1100,8 +1100,8 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOS
 #
 # rubocop installation
 #
-# sfdx-scanner-apex installation
-    && sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+# code-analyzer-apex installation
+    && sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache \
 #

docs/descriptors/salesforce_sfdx_scanner_apex.md

@@ -401,7 +401,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 # Linter install
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache

docs/descriptors/salesforce_sfdx_scanner_aura.md

@@ -398,7 +398,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 # Linter install
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache

docs/descriptors/salesforce_sfdx_scanner_lwc.md

@@ -399,7 +399,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 # Linter install
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache

flavors/salesforce/Dockerfile

@@ -162,7 +162,7 @@ ARG REPOSITORY_TRIVY_VERSION=0.67.2
 # renovate: datasource=github-tags depName=aquasecurity/trivy
 ARG REPOSITORY_TRIVY_SBOM_VERSION=0.67.2
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 # renovate: datasource=pypi depName=snakemake
 ARG PIP_SNAKEMAKE_VERSION=9.13.2
 # renovate: datasource=pypi depName=snakefmt
@@ -491,7 +491,7 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel
 # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/
 #
 # sfdx-scanner-apex installation
-    && sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+    && sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache
 #

linters/salesforce_sfdx_scanner_apex/Dockerfile

@@ -55,7 +55,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.20.5
 # renovate: datasource=npm depName=sfdx-hardis
 ARG SFDX_HARDIS_VERSION=6.7.4
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 #ARG__END
 
 ####################
@@ -179,7 +179,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 #
 # sfdx-scanner-apex installation
-RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache
 #

linters/salesforce_sfdx_scanner_aura/Dockerfile

@@ -55,7 +55,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.20.5
 # renovate: datasource=npm depName=sfdx-hardis
 ARG SFDX_HARDIS_VERSION=6.7.4
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 #ARG__END
 
 ####################
@@ -179,7 +179,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 #
 # sfdx-scanner-aura installation
-RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache
 #

linters/salesforce_sfdx_scanner_lwc/Dockerfile

@@ -55,7 +55,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.20.5
 # renovate: datasource=npm depName=sfdx-hardis
 ARG SFDX_HARDIS_VERSION=6.7.4
 # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
 #ARG__END
 
 ####################
@@ -179,7 +179,7 @@ RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACK
 ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true
 #
 # sfdx-scanner-lwc installation
-RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
     && (npm cache clean --force || true) \
     && rm -rf /root/.npm/_cacache
 #

megalinter/descriptors/salesforce.megalinter-descriptor.yml

@@ -64,39 +64,37 @@ linters:
     linter_spdx_license: BSD-3-Clause
     config_file_name: apex-pmd-ruleset.xml
     cli_executable: sf
-    cli_config_arg_name: "--pmdconfig"
+    cli_config_arg_name: "--config-file"
     cli_lint_extra_args:
-      - "scanner:run"
-      - "--engine"
-      - "pmd"
-      - "--target"
-      - '"./**/*"'
-      - "--severity-threshold"
-      - "2"
-      - "--outfile"
-      - "{{REPORT_FOLDER}}/sfdx-scanner-report-apex.csv"
-      - "--format"
-      - "csv"
+      - "code-analyzer run"
+      - "--rule-selector"
+      - "pmd:Recommended"
+      - "--workspace"
+      - "."
+      - "--output-file"
+      - "{{REPORT_FOLDER}}/code-analyzer-report-apex.csv"
+      - "--view"
+      - "table"
     cli_lint_mode: project
     cli_help_extra_args:
-      - "scanner:run"
+      - "code-analyzer run"
     cli_help_extra_commands:
-      - "sf scanner:rule:list"
+      - "sf code-analyzer rules"
     cli_version_extra_args:
-      - "plugins"
+      - "plugins --core"
     cli_version_arg_name: ""
-    version_extract_regex: "(?<=@salesforce/sfdx-scanner )\\d+(\\.\\d+)+"
+    version_extract_regex: "(?<=code-analyzer )\\d+(\\.\\d+)+"
     cli_lint_errors_count: regex_sum
-    cli_lint_errors_regex: "found ([0-9]+) violation"
+    cli_lint_errors_regex: "severity: [1-3]"
     examples:
-      - "sf scanner:run"
+      - "sf code-analyzer run --rule-selector pmd:Recommended --workspace . --output-file results.csv"
     install:
       dockerfile:
         - |-
-          # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-          ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+          # renovate: datasource=npm depName=@salesforce/code-analyzer
+          ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
         - |-
-          RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+          RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
               && (npm cache clean --force || true) \
               && rm -rf /root/.npm/_cacache
     ide:
@@ -151,37 +149,39 @@ linters:
     cli_config_arg_name: ".eslintrc-aura.json"
     cli_executable: sf
     cli_lint_extra_args:
-      - "scanner:run"
-      - "--engine"
+      - "code-analyzer run"
+      - "--rule-selector"
       - "eslint"
+      - "--workspace"
+      - "."
       - "--target"
       - "**/aura/**/*.js"
       - "--severity-threshold"
       - "2"
-      - "--outfile"
-      - "{{REPORT_FOLDER}}/sfdx-scanner-report-aura.csv"
-      - "--format"
-      - "csv"
+      - "--output-file"
+      - "{{REPORT_FOLDER}}/code-analyzer-report-aura.csv"
+      - "--view"
+      - "table"
     cli_lint_mode: project
     cli_help_extra_args:
-      - "scanner:run"
+      - "code-analyzer run"
     cli_help_extra_commands:
-      - "sf scanner:rule:list"
+      - "sf code-analyzer rules --rule-selector eslint"
     cli_version_extra_args:
-      - "plugins"
+      - "plugins --core"
     cli_version_arg_name: ""
-    version_extract_regex: "(?<=@salesforce/sfdx-scanner )\\d+(\\.\\d+)+"
+    version_extract_regex: "(?<=code-analyzer )\\d+(\\.\\d+)+"
     cli_lint_errors_count: regex_sum
-    cli_lint_errors_regex: "found ([0-9]+) violation"
+    cli_lint_errors_regex: "severity: [1-3]"
     examples:
-      - "sf scanner:run"
+      - "sf code-analyzer run --rule-selector eslint --workspace . --file-glob '**/aura/**/*.js' --output-file results.csv"
     install:
       dockerfile:
         - |-
-          # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-          ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+          # renovate: datasource=npm depName=@salesforce/code-analyzer
+          ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
         - |-
-          RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+          RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
               && (npm cache clean --force || true) \
               && rm -rf /root/.npm/_cacache
     ide:
@@ -227,37 +227,39 @@ linters:
     cli_config_arg_name: ".eslintrc-lwc.json"
     cli_executable: sf
     cli_lint_extra_args:
-      - "scanner:run"
-      - "--engine"
-      - "eslint-lwc"
+      - "code-analyzer run"
+      - "--rule-selector"
+      - "eslint:LWC"
+      - "--workspace"
+      - "."
       - "--target"
       - "**/lwc/**/*.js"
       - "--severity-threshold"
       - "2"
-      - "--outfile"
-      - "{{REPORT_FOLDER}}/sfdx-scanner-report-lwc.csv"
-      - "--format"
-      - "csv"
+      - "--output-file"
+      - "{{REPORT_FOLDER}}/code-analyzer-report-lwc.csv"
+      - "--view"
+      - "table"
     cli_lint_mode: project
     cli_help_extra_args:
-      - "scanner:run"
+      - "code-analyzer run"
     cli_help_extra_commands:
-      - "sf scanner:rule:list"
+      - "sf code-analyzer rules --rule-selector eslint:LWC"
     cli_version_extra_args:
-      - "plugins"
+      - "plugins --core"
     cli_version_arg_name: ""
-    version_extract_regex: "(?<=@salesforce/sfdx-scanner )\\d+(\\.\\d+)+"
+    version_extract_regex: "(?<=code-analyzer )\\d+(\\.\\d+)+"
     cli_lint_errors_count: regex_sum
-    cli_lint_errors_regex: "found ([0-9]+) violation"
+    cli_lint_errors_regex: "severity: [1-3]"
     examples:
-      - "sf scanner:run"
+      - "sf code-analyzer run --rule-selector eslint:LWC --workspace . --target '**/lwc/**/*.js' --output-file report.csv"
     install:
       dockerfile:
         - |-
-          # renovate: datasource=npm depName=@salesforce/sfdx-scanner
-          ARG SALESFORCE_SFDX_SCANNER_VERSION=4.12.0
+          # renovate: datasource=npm depName=@salesforce/code-analyzer
+          ARG SALESFORCE_SFDX_SCANNER_VERSION=5.5.0
         - |-
-          RUN sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \
+          RUN sf plugins install @salesforce/code-analyzer@${SALESFORCE_SFDX_SCANNER_VERSION} \
               && (npm cache clean --force || true) \
               && rm -rf /root/.npm/_cacache
     ide: