+ Start a Discussion
Anil IngleAnil Ingle 

Any one have sample of “False positive document"

Hello All,

I have run the force.com code scanner on Apex class and Visualforce pages. The scanner reports some issues. We have solved most of them.
Some "Apex Code Quality" issues are unresolvable so we are want create one "False positive document".

Please let me know, anyone have sample False Positive document.

Thanks in Advance
Best Answer chosen by Anil Ingle
NagendraNagendra (Salesforce Developers) 
Hi Anil,

What are False Positives: A false positive occurs when a bug is flagged as being legitimate, which a tool misinterprets as being an actual issue. This can occur for multiple reasons, but often times it occurs due to not understanding the full context of an application.

What is False Positive Document: It's a type a document which is required when your app have not cleared all security issues related to Salesforce and you request Salesforce to pass your App from Security check along with those risk. 

How to create False Positive Document: There is no specific temple/format as such.

You should just make sure you address following points.
Issue details
  • Why do you think it's not issue
  • If you have any other mechanism to handle issue then you should mentioned that in detail with all the code reference.
  • Relevant Screen shots
Salesforce security review team is really smart and they will understand your point quickly if you provide a valid explanation with details.

Please mark this as solved if the information helps.