# Analyze

Analyse the project for various issues

* [`sfp analyze`](#sfp-analyze)

## `sfp analyze`

Analyse the project for various issues

```
USAGE
  $ sfp analyze [--json] [--repository <value>] [-e <value>] [-t <value>] [--sfp-server-url <value>] [-p
    <value>... | -s <value> | -d <value>] [--exclude-linters duplicates|compliance|architecture|code-analyzer...]
    [--fail-on duplicates|compliance|architecture|code-analyzer...] [--show-aliasfy-notes] [--fail-on-unclaimed]
    [--output-format markdown|json|github|sarif] [--output-file <value>] [--report-dir <value>] [--compliance-rules
    <value>] [--generate-compliance-config] [--changed-files <value>] [--base-ref <value>] [--head-ref <value>]
    [--provider anthropic|openai|google|github-copilot] [--create-check] [--publish-results] [--code-analyzer-config
    <value>] [--code-analyzer-engines <value>] [--duplicates-config <value>] [--commit-sha <value>] [--pr-number
    <value>] [--base-branch <value>] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]

FLAGS
  -d, --domain=<value>                 The domain to analyse for duplicate packages
  -e, --email=<value>                  Email address for authenticated user. Ignored if --application-token is provided.
                                       Can be set via SFP_SERVER_USER env var.
  -p, --package=<value>...             The name of the package to analyse
  -s, --source-path=<value>            The path to the source file to analyse
  -t, --application-token=<value>      Application token for CI/CD authentication. Can be set via SFP_SERVER_TOKEN env
                                       var (CLI flags take precedence over env vars).
      --base-branch=<value>            Target branch for branch rule matching (e.g., main, release/1.0). Used to resolve
                                       server-side analyze config branch rules.
      --base-ref=<value>               Base commit/branch for git diff comparison (e.g., origin/main, abc123def)
      --changed-files=<value>          Analyze only specified changed files (comma-separated paths)
      --code-analyzer-config=<value>   Path to Code Analyzer config file (defaults to config/code-analyzer.yml)
      --code-analyzer-engines=<value>  Comma-separated list of Code Analyzer engines to run: pmd, cpd, eslint (default:
                                       all)
      --commit-sha=<value>             Commit SHA for CI check creation (used with --pr-number to create checks without
                                       CI env vars)
      --compliance-rules=<value>       Path to compliance rules YAML file (defaults to config/compliance-rules.yaml)
      --create-check                   Create check/status on PR via server API (requires server connection)
      --duplicates-config=<value>      Path to duplicates config YAML file (default: config/duplicates.yaml)
      --exclude-linters=<option>...    [default: ] Comma-separated list of linters to exclude (e.g., duplicates,
                                       architecture)
                                       <options: duplicates|compliance|architecture|code-analyzer>
      --fail-on=<option>...            [default: ] Comma-separated list of linters that should fail the command if
                                       issues are found
                                       <options: duplicates|compliance|architecture|code-analyzer>
      --[no-]fail-on-unclaimed         Whether to fail when duplicates are found in unclaimed packages
      --generate-compliance-config     Generate a sample compliance rules configuration file
      --head-ref=<value>               [default: HEAD] Head commit/branch for git diff comparison (defaults to HEAD)
      --loglevel=<option>              [default: info] logging level for this command invocation
                                       <options: trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL>
      --output-file=<value>            Write output to file (useful with --output-format sarif)
      --output-format=<option>         [default: markdown] Format for the analysis output (markdown, json, github,
                                       sarif)
                                       <options: markdown|json|github|sarif>
      --pr-number=<value>              Pull request number for CI check association (used with --commit-sha)
      --provider=<option>              AI provider for architecture analysis (takes precedence over env var
                                       auto-detection)
                                       <options: anthropic|openai|google|github-copilot>
      --publish-results                Store analysis results to server for dashboards (requires server connection)
      --report-dir=<value>             Directory where analysis reports should be written
      --repository=<value>             The repository identifier. E.g `owner/repo` for GitHub/GitLab or
                                       `org/project/repo` for Azure DevOps
      --sfp-server-url=<value>         URL of the SFP server. Can be set via SFP_SERVER_URL env var or config: sfp
                                       config:set server-url
      --[no-]show-aliasfy-notes        Show aliasfy notes for packages that are aliasfied

GLOBAL FLAGS
  --json  Format output as json.

DESCRIPTION
  Analyse the project for various issues

ALIASES
  $ sfp source analyze
  $ sfp project analyze

EXAMPLES
  $ sfp project:analyze

  $ sfp project:analyze -p core,utils

  $ sfp project:analyze -s ./custom-path

  $ sfp project:analyze --fail-on-duplicates --json

  $ sfp project:analyze --exclude-linters duplicates

  $ sfp project:analyze --fail-on duplicates

  $ sfp project:analyze --fail-on compliance

  $ sfp project:analyze --compliance-rules config/my-rules.yaml

  $ sfp project:analyze --generate-compliance-config

  $ sfp project:analyze --changed-files "src/classes/MyClass.cls,src/triggers/MyTrigger.trigger"

  $ # AI architecture analysis (requires AI provider auth):

  $ ANTHROPIC_API_KEY=xxx sfp project:analyze

  $ OPENAI_API_KEY=xxx sfp project:analyze --exclude-linters duplicates,compliance

  $ # Explicit provider selection (takes precedence over env vars):

  $ sfp project:analyze --provider github-copilot

  $ sfp project:analyze --provider anthropic

  $ # Local analysis with custom git refs:

  $ sfp project:analyze --base-ref origin/main

  $ sfp project:analyze --base-ref abc123 --head-ref def456

  $ # Use external OpenCode server for testing:

  $ sfp project:analyze --opencode-server http://127.0.0.1:19999

  $ # Server integration - create check on PR:

  $ sfp project:analyze --create-check

  $ # Server integration - create check and store results for dashboards:

  $ sfp project:analyze --create-check --publish-results

  $ # Code analyzer - run all engines (PMD, CPD, ESLint):

  $ sfp project:analyze

  $ # Code analyzer - run only PMD for Apex:

  $ sfp project:analyze --code-analyzer-engines pmd

  $ # Code analyzer - run PMD and ESLint:

  $ sfp project:analyze --code-analyzer-engines pmd,eslint

  $ # Code analyzer - with custom config:

  $ sfp project:analyze --code-analyzer-config ./my-rules.yml
```

*See code:* [*src/commands/analyze.ts*](https://source.flxbl.io/flxbl/sfp-pro)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp/sfp-community/cli-reference-v51-release-v3/advanced/analyze.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.