Org-Dependent Packages: How to Edit in a Sandbox, Pull Changes, and Create a Merge Request
The complete workflow for org-dependent Salesforce packages: make changes in a sandbox, retrieve them with sf CLI, commit to git, and open a merge request. Step by step.
The archive.
Fetching OmniStudio Metadata with sf CLI: OmniScript, DataRaptor, FlexCard, Integration Procedure
How to retrieve OmniScript, DataRaptor (OmniDataTransform), FlexCard (OmniUiCard), and Integration Procedure metadata from Salesforce using sf CLI, with standard runtime requirements and deployment caveats.
Fetching Code Metadata from Salesforce with sf CLI: ApexClass, ApexTrigger, LWC, Aura
How to retrieve ApexClass, ApexTrigger, LightningComponentBundle, and AuraDefinitionBundle metadata from Salesforce using sf CLI, for admins who oversee developers or need to deploy code.
Fetching Security Metadata from Salesforce with sf CLI: Profile, PermissionSet, Role
How to retrieve Profile, PermissionSet, PermissionSetGroup, MutingPermissionSet, and Role metadata from Salesforce using sf CLI, including partial retrieval patterns for large Profile XML.
Fetching Automation Metadata from Salesforce with sf CLI: Flow, WorkflowRule, ApprovalProcess
How to retrieve Flow, WorkflowRule, ProcessBuilder, and ApprovalProcess metadata from Salesforce using sf CLI, with source format, MDAPI format, and package.xml examples.
Fetching Custom Configuration Metadata from Salesforce with sf CLI
How to retrieve CustomObject, CustomField, Layout, FlexiPage, RecordType, and CompactLayout metadata from Salesforce using sf CLI: source format, MDAPI format, and package.xml.
Connecting sf CLI to Your Salesforce Org: sf org login web Complete Guide
How to connect sf CLI to your Salesforce org using sf org login web. Covers sandbox vs production login, org aliases, and verifying your connection.
Setting Up Your Environment: Terminal, sf CLI, and Git for Salesforce Admins
Step-by-step guide to setting up your terminal, sf CLI, and git on Windows or macOS: everything a Salesforce admin needs before working with metadata.
What is Version Control and Why Every Salesforce Admin Needs It
Version control for Salesforce admins explained from scratch: what it is, why your org needs it, and what you can do with git that you can't do today.
We Built a Real-Time RACI Tool in a Weekend. PartyKit Is Why.
We needed a tool for live RACI alignment. Here is why we picked PartyKit over Firebase and raw WebSockets, what it took to build, and what caught us off guard.
How to Set Up VS Code as Your Git Merge and Diff Tool: Complete Guide
Configure VS Code as your Git merge and diff tool using the built-in merge editor or external mergetool/difftool. Covers --wait flag, 3-way merge editor, and team setup.
How to Configure Meld as Git Merge and Diff Tool on macOS: Complete Setup Guide
Learn how to install and configure Meld as your Git merge and diff tool on macOS. Covers Homebrew setup, Apple Silicon vs Intel paths, and Gatekeeper fixes.
Git difftool vs mergetool: What's the Difference and When to Use Each
git difftool and git mergetool look similar but solve different problems. Learn which command to run, when to run it, and how to configure each independently.
sf-audit v1.0: New Checks, Configurable Scoring, and Externalized Queries
The audit plugin has grown from 22 checks to 23, added four new threat surfaces, and gained a fully configurable scoring model. Here is what changed and why it matters.
Catch Salesforce Security Gaps in One Command
Most Salesforce orgs are carrying security debt they don't know about. This plugin surfaces it in a single command.
How We Built a Native sf Plugin for Salesforce Security
We had a working Python script. Here is why we rewrote it as a native sf plugin, and the design decisions that made 22 parallel security checks practical.
Mixed DML Operations: Enterprise User Provisioning Patterns for Salesforce
Master the complex challenge of mixing setup and non-setup object operations in Salesforce user provisioning workflows with production-proven patterns and error handling strategies.
CPU Timeout Resolution: Advanced Debugging and Architecture Patterns for Salesforce Apex
Master advanced techniques for diagnosing, preventing, and recovering from CPU timeout errors in production Salesforce environments with architectural patterns that scale.
Automatic Document Sharing: From Child to Grandparent Records in Salesforce
Learn how to automatically share documents with grandparent records when uploaded to child records using clean, maintainable Salesforce code patterns.
The Specification Crisis: How Different User Personas Complicate Software Development
Explore how different user personas in software development teams create specification drift, amplified by LLMs, and discover solutions for better collaboration.
How We Reduced Platform Event Delivery Costs by 60% (And You Can Too)
A deep dive into the hidden costs of Salesforce Platform Events and the surprising optimization that saved us 50,000+ delivery allocations per day
Salesforce Org-to-Org Data Migration: Complete Guide with Tools and Best Practices
Learn how to migrate data between Salesforce organizations with proven strategies, tool recommendations, and code solutions. Complete guide covering relationships, attachments, and migration order.
How to Configure Meld as Git Merge and Diff Tool on Windows: Complete Setup Guide
Learn how to set up Meld as your default Git merge and diff tool on Windows. Step-by-step configuration guide with troubleshooting tips and alternative tools comparison.
PowerMock, Testing Private Methods
When refactoring isn't an option, PowerMock's Whitebox.invokeMethod lets you test private Java methods directly. Here's when that's justified and how to do it.
Secure APIs against XEE Attacks (XML Injection Attacks)
Learn how to secure your APIs against XML External Entity (XEE) attacks, including XML Injection and XML Expansion attacks, with practical mitigation steps for Java and RestEasy.
Apache Tomcat Valves, Custom Valve
Learn how to implement and configure custom Apache Tomcat Valves to insert logic into the request processing pipeline before your application code runs.
Input Sanitization: Invalid XML Data, Validation
How to sanitize invalid XML 1.0 characters using a precompiled regex in Java, and how to fix validation failures caused by curl request escaping.