@j-schreiber/sf-cli-security-audit 0.8.3 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. package/README.md +3 -3
  2. package/bin/dev.js +8 -0
  3. package/lib/libs/conf-init/auditConfig.js +2 -1
  4. package/lib/libs/conf-init/auditConfig.js.map +1 -1
  5. package/lib/libs/conf-init/policyConfigs.d.ts +6 -0
  6. package/lib/libs/conf-init/policyConfigs.js +14 -0
  7. package/lib/libs/conf-init/policyConfigs.js.map +1 -1
  8. package/lib/libs/core/file-mgmt/auditConfigFileManager.d.ts +1 -1
  9. package/lib/libs/core/file-mgmt/auditConfigFileManager.js.map +1 -1
  10. package/lib/libs/core/file-mgmt/schema.d.ts +1 -0
  11. package/lib/libs/core/file-mgmt/schema.js.map +1 -1
  12. package/lib/libs/core/mdapi/anySettingsMetadata.d.ts +25 -0
  13. package/lib/libs/core/mdapi/anySettingsMetadata.js +56 -0
  14. package/lib/libs/core/mdapi/anySettingsMetadata.js.map +1 -0
  15. package/lib/libs/core/policies/policy.js +5 -1
  16. package/lib/libs/core/policies/policy.js.map +1 -1
  17. package/lib/libs/core/policies/settingsPolicy.d.ts +10 -0
  18. package/lib/libs/core/policies/settingsPolicy.js +66 -0
  19. package/lib/libs/core/policies/settingsPolicy.js.map +1 -0
  20. package/lib/libs/core/policyRegistry.js +5 -0
  21. package/lib/libs/core/policyRegistry.js.map +1 -1
  22. package/lib/libs/core/registries/rules/enforceSettings.d.ts +12 -0
  23. package/lib/libs/core/registries/rules/enforceSettings.js +55 -0
  24. package/lib/libs/core/registries/rules/enforceSettings.js.map +1 -0
  25. package/lib/libs/core/registries/settings.d.ts +8 -0
  26. package/lib/libs/core/registries/settings.js +51 -0
  27. package/lib/libs/core/registries/settings.js.map +1 -0
  28. package/lib/libs/core/registries/types.d.ts +1 -0
  29. package/lib/libs/core/registries/types.js +2 -0
  30. package/lib/libs/core/registries/types.js.map +1 -1
  31. package/messages/policies.general.md +8 -0
  32. package/messages/rules.settings.md +7 -0
  33. package/oclif.lock +13606 -10113
  34. package/oclif.manifest.json +79 -79
  35. package/package.json +13 -41
package/oclif.manifest.json CHANGED
@@ -1,83 +1,5 @@
1
1
  {
2
2
  "commands": {
3
- "org:scan:user-perms": {
4
- "aliases": [],
5
- "args": {},
6
- "description": "The target org is scanned \"in memory\" and searches Profiles and Permission Sets for the named user permissions. This command does not need an audit config and does not create a report file.",
7
- "examples": [
8
- "Search for multiple permissions on MyTargetOrg\n<%= config.bin %> <%= command.id %> -o MyTargetOrg -n AuthorApex -n ModifyMetadata"
9
- ],
10
- "flags": {
11
- "json": {
12
- "description": "Format output as json.",
13
- "helpGroup": "GLOBAL",
14
- "name": "json",
15
- "allowNo": false,
16
- "type": "boolean"
17
- },
18
- "flags-dir": {
19
- "helpGroup": "GLOBAL",
20
- "name": "flags-dir",
21
- "summary": "Import flag values from a directory.",
22
- "hasDynamicHelp": false,
23
- "multiple": false,
24
- "type": "option"
25
- },
26
- "name": {
27
- "char": "n",
28
- "description": "You can specify any valid user permission on your org, such as \"AuthorApex\", \"CustomizeApplication\" or \"ViewSetup\". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml. Currently, the names are not validated: If you have a typo (such as \"AutorApex\", the scan will retun 0 results).",
29
- "name": "name",
30
- "required": true,
31
- "summary": "One or more permissions to be searched for.",
32
- "hasDynamicHelp": false,
33
- "multiple": true,
34
- "type": "option"
35
- },
36
- "target-org": {
37
- "char": "o",
38
- "name": "target-org",
39
- "noCacheDefault": true,
40
- "required": true,
41
- "summary": "The target org to scan.",
42
- "hasDynamicHelp": true,
43
- "multiple": false,
44
- "type": "option"
45
- },
46
- "api-version": {
47
- "description": "Override the api version used for api requests made by this command",
48
- "name": "api-version",
49
- "hasDynamicHelp": false,
50
- "multiple": false,
51
- "type": "option"
52
- }
53
- },
54
- "hasDynamicHelp": true,
55
- "hiddenAliases": [],
56
- "id": "org:scan:user-perms",
57
- "pluginAlias": "@j-schreiber/sf-cli-security-audit",
58
- "pluginName": "@j-schreiber/sf-cli-security-audit",
59
- "pluginType": "core",
60
- "strict": true,
61
- "summary": "Performs a quick scan for specific user permissions.",
62
- "enableJsonFlag": true,
63
- "isESM": true,
64
- "relativePath": [
65
- "lib",
66
- "commands",
67
- "org",
68
- "scan",
69
- "user-perms.js"
70
- ],
71
- "aliasPermutations": [],
72
- "permutations": [
73
- "org:scan:user-perms",
74
- "scan:org:user-perms",
75
- "scan:user-perms:org",
76
- "org:user-perms:scan",
77
- "user-perms:org:scan",
78
- "user-perms:scan:org"
79
- ]
80
- },
81
3
  "org:audit:init": {
82
4
  "aliases": [],
83
5
  "args": {},
@@ -249,7 +171,85 @@
249
171
  "run:org:audit",
250
172
  "run:audit:org"
251
173
  ]
174
+ },
175
+ "org:scan:user-perms": {
176
+ "aliases": [],
177
+ "args": {},
178
+ "description": "The target org is scanned \"in memory\" and searches Profiles and Permission Sets for the named user permissions. This command does not need an audit config and does not create a report file.",
179
+ "examples": [
180
+ "Search for multiple permissions on MyTargetOrg\n<%= config.bin %> <%= command.id %> -o MyTargetOrg -n AuthorApex -n ModifyMetadata"
181
+ ],
182
+ "flags": {
183
+ "json": {
184
+ "description": "Format output as json.",
185
+ "helpGroup": "GLOBAL",
186
+ "name": "json",
187
+ "allowNo": false,
188
+ "type": "boolean"
189
+ },
190
+ "flags-dir": {
191
+ "helpGroup": "GLOBAL",
192
+ "name": "flags-dir",
193
+ "summary": "Import flag values from a directory.",
194
+ "hasDynamicHelp": false,
195
+ "multiple": false,
196
+ "type": "option"
197
+ },
198
+ "name": {
199
+ "char": "n",
200
+ "description": "You can specify any valid user permission on your org, such as \"AuthorApex\", \"CustomizeApplication\" or \"ViewSetup\". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml. Currently, the names are not validated: If you have a typo (such as \"AutorApex\", the scan will retun 0 results).",
201
+ "name": "name",
202
+ "required": true,
203
+ "summary": "One or more permissions to be searched for.",
204
+ "hasDynamicHelp": false,
205
+ "multiple": true,
206
+ "type": "option"
207
+ },
208
+ "target-org": {
209
+ "char": "o",
210
+ "name": "target-org",
211
+ "noCacheDefault": true,
212
+ "required": true,
213
+ "summary": "The target org to scan.",
214
+ "hasDynamicHelp": true,
215
+ "multiple": false,
216
+ "type": "option"
217
+ },
218
+ "api-version": {
219
+ "description": "Override the api version used for api requests made by this command",
220
+ "name": "api-version",
221
+ "hasDynamicHelp": false,
222
+ "multiple": false,
223
+ "type": "option"
224
+ }
225
+ },
226
+ "hasDynamicHelp": true,
227
+ "hiddenAliases": [],
228
+ "id": "org:scan:user-perms",
229
+ "pluginAlias": "@j-schreiber/sf-cli-security-audit",
230
+ "pluginName": "@j-schreiber/sf-cli-security-audit",
231
+ "pluginType": "core",
232
+ "strict": true,
233
+ "summary": "Performs a quick scan for specific user permissions.",
234
+ "enableJsonFlag": true,
235
+ "isESM": true,
236
+ "relativePath": [
237
+ "lib",
238
+ "commands",
239
+ "org",
240
+ "scan",
241
+ "user-perms.js"
242
+ ],
243
+ "aliasPermutations": [],
244
+ "permutations": [
245
+ "org:scan:user-perms",
246
+ "scan:org:user-perms",
247
+ "scan:user-perms:org",
248
+ "org:user-perms:scan",
249
+ "user-perms:org:scan",
250
+ "user-perms:scan:org"
251
+ ]
252
252
  }
253
253
  },
254
- "version": "0.8.3"
254
+ "version": "0.9.0"
255
255
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@j-schreiber/sf-cli-security-audit",
3
3
  "description": "Salesforce CLI plugin to automate highly configurable security audits",
4
- "version": "0.8.3",
4
+ "version": "0.9.0",
5
5
  "repository": {
6
6
  "type": "https",
7
7
  "url": "https://github.com/j-schreiber/js-sf-cli-security-audit"
@@ -23,21 +23,19 @@
23
23
  "zod": "4"
24
24
  },
25
25
  "devDependencies": {
26
- "@oclif/plugin-command-snapshot": "^5.1.9",
27
- "@oclif/test": "^4.1.13",
28
26
  "@release-it/conventional-changelog": "^10.0.1",
29
27
  "@salesforce/cli-plugins-testkit": "^5.3.10",
30
- "@salesforce/dev-scripts": "11",
28
+ "@salesforce/dev-scripts": "^11.0.4",
29
+ "@salesforce/plugin-command-reference": "^3.1.79",
31
30
  "@types/js-yaml": "^4.0.9",
32
- "@types/node": "^24.2.1",
33
- "eslint": "8",
31
+ "@types/node": "25",
34
32
  "eslint-plugin-sf-plugin": "^1.18.6",
35
33
  "husky": "^9.1.7",
36
34
  "oclif": "^4.14.0",
37
35
  "release-it": "^19.0.3",
38
- "ts-node": "^10.9.2",
39
- "tsx": "^4.19.2",
40
- "typescript": "^5.8.3"
36
+ "tsx": "^4.21.0",
37
+ "typescript": "^5.8.3",
38
+ "wireit": "^0.14.12"
41
39
  },
42
40
  "engines": {
43
41
  "node": ">=18.0.0"
@@ -63,7 +61,8 @@
63
61
  "bin": "sf",
64
62
  "topicSeparator": " ",
65
63
  "devPlugins": [
66
- "@oclif/plugin-help"
64
+ "@oclif/plugin-help",
65
+ "@salesforce/plugin-command-reference"
67
66
  ],
68
67
  "topics": {
69
68
  "org": {
@@ -85,9 +84,7 @@
85
84
  "docs": "sf-docs",
86
85
  "format": "wireit",
87
86
  "pretty-quick-staged": "pretty-quick --staged",
88
- "link-check": "wireit",
89
87
  "lint": "wireit",
90
- "postpack": "sf-clean --ignore-signing-artifacts",
91
88
  "prepack": "sf-prepack",
92
89
  "test": "wireit",
93
90
  "test:nuts": "nyc mocha \"**/*.nut.ts\" --slow 4500 --timeout 600000 --parallel",
@@ -158,6 +155,7 @@
158
155
  "dependencies": [
159
156
  "test:compile",
160
157
  "test:only",
158
+ "test:command-reference",
161
159
  "lint"
162
160
  ]
163
161
  },
@@ -177,7 +175,7 @@
177
175
  "output": []
178
176
  },
179
177
  "test:command-reference": {
180
- "command": "node --loader ts-node/esm --no-warnings=ExperimentalWarning \"./bin/dev.js\" commandreference:generate --erroronwarnings",
178
+ "command": "node --import tsx \"./bin/dev.js\" commandreference:generate --error-on-warnings",
181
179
  "files": [
182
180
  "src/**/*.ts",
183
181
  "messages/**",
@@ -187,33 +185,6 @@
187
185
  "tmp/root"
188
186
  ]
189
187
  },
190
- "test:deprecation-policy": {
191
- "command": "node --loader ts-node/esm --no-warnings=ExperimentalWarning \"./bin/dev.js\" snapshot:compare",
192
- "files": [
193
- "src/**/*.ts"
194
- ],
195
- "output": [],
196
- "dependencies": [
197
- "compile"
198
- ]
199
- },
200
- "test:json-schema": {
201
- "command": "node --loader ts-node/esm --no-warnings=ExperimentalWarning \"./bin/dev.js\" schema:compare",
202
- "files": [
203
- "src/**/*.ts",
204
- "schemas"
205
- ],
206
- "output": []
207
- },
208
- "link-check": {
209
- "command": "node -e \"process.exit(process.env.CI ? 0 : 1)\" || linkinator \"**/*.md\" --skip \"CHANGELOG.md|node_modules|test/|confluence.internal.salesforce.com|my.salesforce.com|%s\" --markdown --retry --directory-listing --verbosity error",
210
- "files": [
211
- "./*.md",
212
- "./!(CHANGELOG).md",
213
- "messages/**/*.md"
214
- ],
215
- "output": []
216
- },
217
188
  "readme": {
218
189
  "dependencies": [
219
190
  "build"
@@ -231,5 +202,6 @@
231
202
  "directories": {
232
203
  "lib": "lib",
233
204
  "test": "test"
234
- }
205
+ },
206
+ "packageManager": "yarn@4.12.0"
235
207
  }