This document discusses static code analysis tools for Salesforce, including the Force.com Security Source Scanner and PMD. It describes how static code analysis can find bugs early by examining code without executing it. It provides details on the Force.com Scanner's security and quality profiles and limitations. It also explains how PMD works by scanning code for issues defined in rulesets and generating reports with potential bugs and violations.