The Salesforce CLI Scanner plug-in is a unified tool for static analysis of source code, in multiple languages (including Apex), with a consistent command-line interface and report output. We currently support the PMD rule engine and ESLint. We may add support for more rule engines in the future.
The Salesforce CLI Scanner Plug-in creates "Rule Violations" when the scanner identifies issues. Developers use this information as feedback to fix their code.
You can integrate this plug-in into your CI/CD solution to enforce the rules and expect high-quality code.
All the official documentation on the Salesforce CLI Scanner plug-in is hosted on GitHub Pages. These documents include instructions on how to install the plug-in, the command reference, writing and managing custom rules and an overview of the architecture of the plug-in.
Here is the information on How to Install the plugin
Please check out the Salesforce CLI Scanner Plug-In Command Reference for usage and demo of the plugin.