@salesforce/core 4.0.0 → 4.0.1

package/lib/crypto/keyChainImpl.js

@@ -9,36 +9,22 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.keyChainImpl = exports.GenericWindowsKeychainAccess = exports.GenericUnixKeychainAccess = exports.GenericKeychainAccess = exports.KeychainAccess = void 0;
 const childProcess = require("child_process");
 const nodeFs = require("fs");
+const fs = require("fs");
 const os = require("os");
-const path = require("path");
 const os_1 = require("os");
+const path = require("path");
 const ts_types_1 = require("@salesforce/ts-types");
+const kit_1 = require("@salesforce/kit");
 const global_1 = require("../global");
-const fs_1 = require("../util/fs");
 const messages_1 = require("../messages");
-messages_1.Messages.importMessagesDirectory(__dirname);
-const messages = messages_1.Messages.load('@salesforce/core', 'encryption', [
-    'missingCredentialProgramError',
-    'credentialProgramAccessError',
-    'keyChainServiceRequiredError',
-    'keyChainAccountRequiredError',
-    'passwordRetryError',
-    'passwordRequiredError',
-    'passwordNotFoundError',
-    'setCredentialError',
-    'keyChainUserCanceledError',
-    'genericKeychainServiceError',
-    'genericKeychainInvalidPermsError',
-]);
+const messages = new messages_1.Messages('@salesforce/core', 'encryption', new Map([["invalidEncryptedFormatError", "The encrypted data is not properly formatted."], ["invalidEncryptedFormatError.actions", ["If attempting to create a scratch org then re-authorize. Otherwise create a new scratch org."]], ["authDecryptError", "Failed to decipher auth data. reason: %s."], ["unsupportedOperatingSystemError", "Unsupported Operating System: %s"], ["missingCredentialProgramError", "Unable to find required security software: %s"], ["credentialProgramAccessError", "Unable to execute security software: %s"], ["passwordRetryError", "Failed to get the password after %i retries."], ["passwordRequiredError", "A password is required."], ["keyChainServiceRequiredError", "Unable to get or set a keychain value without a service name."], ["keyChainAccountRequiredError", "Unable to get or set a keychain value without an account name."], ["keyChainUserCanceledError", "User canceled authentication."], ["keychainPasswordCreationError", "Failed to create a password in the keychain."], ["genericKeychainServiceError", "The service and account specified in %s do not match the version of the toolbelt."], ["genericKeychainServiceError.actions", ["Check your toolbelt version and re-auth."]], ["genericKeychainInvalidPermsError", "Invalid file permissions for secret file"], ["genericKeychainInvalidPermsError.actions", ["Ensure the file %s has the file permission octal value of %s."]], ["passwordNotFoundError", "Could not find password.\n%s"], ["passwordNotFoundError.actions", ["Ensure a valid password is returned with the following command: [%s]"]], ["setCredentialError", "Command failed with response:\n%s"], ["setCredentialError.actions", ["Determine why this command failed to set an encryption key for user %s: [%s]."]], ["macKeychainOutOfSync", "We\u2019ve encountered an error with the Mac keychain being out of sync with your `sfdx` credentials. To fix the problem, sync your credentials by authenticating into your org again using the auth commands."]]));
 const GET_PASSWORD_RETRY_COUNT = 3;
 /**
  * Helper to reduce an array of cli args down to a presentable string for logging.
  *
  * @param optionsArray CLI command args.
  */
-function _optionsToString(optionsArray) {
-    return optionsArray.reduce((accum, element) => `${accum} ${element}`);
-}
+const optionsToString = (optionsArray) => optionsArray.join(' ');
 /**
  * Helper to determine if a program is executable. Returns `true` if the program is executable for the user. For
  * Windows true is always returned.
@@ -47,7 +33,7 @@ function _optionsToString(optionsArray) {
  * @param gid Unix group id.
  * @param uid Unix user id.
  */
-const _isExe = (mode, gid, uid) => {
+const isExe = (mode, gid, uid) => {
     if (process.platform === 'win32') {
         return true;
     }
@@ -58,15 +44,18 @@ const _isExe = (mode, gid, uid) => {
 /**
  * Private helper to validate that a program exists on the file system and is executable.
  *
- * **Throws** *{@link SfdxError}{ name: 'MissingCredentialProgramError' }* When the OS credential program isn't found.
+ * **Throws** *{@link SfError}{ name: 'MissingCredentialProgramError' }* When the OS credential program isn't found.
  *
- * **Throws** *{@link SfdxError}{ name: 'CredentialProgramAccessError' }* When the OS credential program isn't accessible.
+ * **Throws** *{@link SfError}{ name: 'CredentialProgramAccessError' }* When the OS credential program isn't accessible.
  *
  * @param programPath The absolute path of the program.
  * @param fsIfc The file system interface.
  * @param isExeIfc Executable validation function.
  */
-const _validateProgram = async (programPath, fsIfc, isExeIfc) => {
+// eslint-disable-next-line no-underscore-dangle
+const _validateProgram = async (programPath, fsIfc, isExeIfc
+// eslint-disable-next-line @typescript-eslint/require-await
+) => {
     let noPermission;
     try {
         const stats = fsIfc.statSync(programPath);
@@ -97,7 +86,7 @@ class KeychainAccess {
      * Validates the os level program is executable.
      */
     async validateProgram() {
-        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, _isExe);
+        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, isExe);
     }
     /**
      * Returns a password using the native program for credential management.
@@ -135,6 +124,7 @@ class KeychainAccess {
                 return await this.osImpl.onGetCommandClose(code, stdout, stderr, opts, fn);
             }
             catch (e) {
+                // eslint-disable-next-line @typescript-eslint/ban-ts-comment
                 // @ts-ignore
                 if (e.retry) {
                     if (retryCount >= GET_PASSWORD_RETRY_COUNT) {
@@ -171,7 +161,7 @@ class KeychainAccess {
             fn(messages.createError('passwordRequiredError'));
             return;
         }
-        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, _isExe);
+        await _validateProgram(this.osImpl.getProgram(), this.fsIfc, isExe);
         const credManager = this.osImpl.setCommandFunc(opts, childProcess.spawn);
         let stdout = '';
         let stderr = '';
@@ -187,7 +177,7 @@ class KeychainAccess {
         }
         credManager.on('close', 
         // eslint-disable-next-line @typescript-eslint/no-misused-promises
-        async (code) => await this.osImpl.onSetCommandClose(code, stdout, stderr, opts, fn));
+        async (code) => this.osImpl.onSetCommandClose(code, stdout, stderr, opts, fn));
         if (credManager.stdin) {
             credManager.stdin.end();
         }
@@ -199,23 +189,25 @@ exports.KeychainAccess = KeychainAccess;
  *
  * Uses libsecret.
  */
-const _linuxImpl = {
+const linuxImpl = {
     getProgram() {
-        return process.env.SFDX_SECRET_TOOL_PATH || path.join(path.sep, 'usr', 'bin', 'secret-tool');
+        return process.env.SFDX_SECRET_TOOL_PATH ?? path.join(path.sep, 'usr', 'bin', 'secret-tool');
     },
     getProgramOptions(opts) {
         return ['lookup', 'user', opts.account, 'domain', opts.service];
     },
     getCommandFunc(opts, fn) {
-        return fn(_linuxImpl.getProgram(), _linuxImpl.getProgramOptions(opts));
+        return fn(linuxImpl.getProgram(), linuxImpl.getProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onGetCommandClose(code, stdout, stderr, opts, fn) {
         if (code === 1) {
-            const command = `${_linuxImpl.getProgram()} ${_optionsToString(_linuxImpl.getProgramOptions(opts))}`;
+            const command = `${linuxImpl.getProgram()} ${optionsToString(linuxImpl.getProgramOptions(opts))}`;
             const error = messages.createError('passwordNotFoundError', [], [command]);
             // This is a workaround for linux.
             // Calling secret-tool too fast can cause it to return an unexpected error. (below)
-            if (stderr != null && stderr.includes('invalid or unencryptable secret')) {
+            if (stderr?.includes('invalid or unencryptable secret')) {
+                // eslint-disable-next-line @typescript-eslint/ban-ts-comment
                 // @ts-ignore TODO: make an error subclass with this field
                 error.retry = true;
                 // Throwing here allows us to perform a retry in KeychainAccess
@@ -232,15 +224,16 @@ const _linuxImpl = {
         return ['store', "--label='salesforce.com'", 'user', opts.account, 'domain', opts.service];
     },
     setCommandFunc(opts, fn) {
-        const secretTool = fn(_linuxImpl.getProgram(), _linuxImpl.setProgramOptions(opts));
+        const secretTool = fn(linuxImpl.getProgram(), linuxImpl.setProgramOptions(opts));
         if (secretTool.stdin) {
             secretTool.stdin.write(`${opts.password}\n`);
         }
         return secretTool;
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onSetCommandClose(code, stdout, stderr, opts, fn) {
         if (code !== 0) {
-            const command = `${_linuxImpl.getProgram()} ${_optionsToString(_linuxImpl.setProgramOptions(opts))}`;
+            const command = `${linuxImpl.getProgram()} ${optionsToString(linuxImpl.setProgramOptions(opts))}`;
             fn(messages.createError('setCredentialError', [`${stdout} - ${stderr}`], [os.userInfo().username, command]));
         }
         else {
@@ -253,7 +246,7 @@ const _linuxImpl = {
  *
  * /usr/bin/security is a cli front end for OSX keychain.
  */
-const _darwinImpl = {
+const darwinImpl = {
     getProgram() {
         return path.join(path.sep, 'usr', 'bin', 'security');
     },
@@ -261,8 +254,9 @@ const _darwinImpl = {
         return ['find-generic-password', '-a', opts.account, '-s', opts.service, '-g'];
     },
     getCommandFunc(opts, fn) {
-        return fn(_darwinImpl.getProgram(), _darwinImpl.getProgramOptions(opts));
+        return fn(darwinImpl.getProgram(), darwinImpl.getProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onGetCommandClose(code, stdout, stderr, opts, fn) {
         let err;
         if (code !== 0) {
@@ -272,7 +266,7 @@ const _darwinImpl = {
                     break;
                 }
                 default: {
-                    const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.getProgramOptions(opts))}`;
+                    const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.getProgramOptions(opts))}`;
                     err = messages.createError('passwordNotFoundError', [`${stdout} - ${stderr}`], [command]);
                 }
             }
@@ -283,7 +277,7 @@ const _darwinImpl = {
         // stdout. Reference: http://blog.macromates.com/2006/keychain-access-from-shell/
         if (stderr.includes('password')) {
             const match = RegExp(/"(.*)"/).exec(stderr);
-            if (!match || !match[1]) {
+            if (!match?.[1]) {
                 fn(messages.createError('passwordNotFoundError', [`${stdout} - ${stderr}`]));
             }
             else {
@@ -291,7 +285,7 @@ const _darwinImpl = {
             }
         }
         else {
-            const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.getProgramOptions(opts))}`;
+            const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.getProgramOptions(opts))}`;
             fn(messages.createError('passwordNotFoundError', [`${stdout} - ${stderr}`], [command]));
         }
     },
@@ -303,11 +297,12 @@ const _darwinImpl = {
         return result;
     },
     setCommandFunc(opts, fn) {
-        return fn(_darwinImpl.getProgram(), _darwinImpl.setProgramOptions(opts));
+        return fn(darwinImpl.getProgram(), darwinImpl.setProgramOptions(opts));
     },
+    // eslint-disable-next-line @typescript-eslint/require-await
     async onSetCommandClose(code, stdout, stderr, opts, fn) {
         if (code !== 0) {
-            const command = `${_darwinImpl.getProgram()} ${_optionsToString(_darwinImpl.setProgramOptions(opts))}`;
+            const command = `${darwinImpl.getProgram()} ${optionsToString(darwinImpl.setProgramOptions(opts))}`;
             fn(messages.createError('setCredentialError', [`${stdout} - ${stderr}`], [os.userInfo().username, command]));
         }
         else {
@@ -315,31 +310,32 @@ const _darwinImpl = {
         }
     },
 };
-const secretFile = path.join((0, os_1.homedir)(), global_1.Global.SFDX_STATE_FOLDER, 'key.json');
+const getSecretFile = () => path.join(global_1.Global.DIR, 'key.json');
 var SecretField;
 (function (SecretField) {
     SecretField["SERVICE"] = "service";
     SecretField["ACCOUNT"] = "account";
     SecretField["KEY"] = "key";
 })(SecretField || (SecretField = {}));
-async function _writeFile(opts, fn) {
+async function writeFile(opts, fn) {
     try {
         const contents = {
             [SecretField.ACCOUNT]: opts.account,
             [SecretField.KEY]: opts.password,
             [SecretField.SERVICE]: opts.service,
         };
-        await fs_1.fs.mkdirp(path.dirname(secretFile));
-        await fs_1.fs.writeFile(secretFile, JSON.stringify(contents, null, 4), { mode: '600' });
+        const secretFile = getSecretFile();
+        await fs.promises.mkdir(path.dirname(secretFile), { recursive: true });
+        await fs.promises.writeFile(secretFile, JSON.stringify(contents, null, 4), { mode: '600' });
         fn(null, contents);
     }
     catch (err) {
         fn(err);
     }
 }
-async function _readFile() {
+async function readFile() {
     // The file and access is validated before this method is called
-    const fileContents = await fs_1.fs.readJsonMap(secretFile);
+    const fileContents = (0, kit_1.parseJsonMap)(await fs.promises.readFile(getSecretFile(), 'utf8'));
     return {
         account: (0, ts_types_1.ensureString)(fileContents[SecretField.ACCOUNT]),
         password: (0, ts_types_1.asString)(fileContents[SecretField.KEY]),
@@ -358,7 +354,7 @@ class GenericKeychainAccess {
             if (fileAccessError == null) {
                 // read it's contents
                 try {
-                    const { service, account, password } = await _readFile();
+                    const { service, account, password } = await readFile();
                     // validate service name and account just because
                     if (opts.service === service && opts.account === account) {
                         fn(null, password);
@@ -366,20 +362,18 @@ class GenericKeychainAccess {
                     else {
                         // if the service and account names don't match then maybe someone or something is editing
                         // that file. #donotallow
-                        fn(messages.createError('genericKeychainServiceError', [secretFile]));
+                        fn(messages.createError('genericKeychainServiceError', [getSecretFile()]));
                     }
                 }
                 catch (readJsonErr) {
                     fn(readJsonErr);
                 }
             }
+            else if (fileAccessError.code === 'ENOENT') {
+                fn(messages.createError('passwordNotFoundError'));
+            }
             else {
-                if (fileAccessError.code === 'ENOENT') {
-                    fn(messages.createError('passwordNotFoundError'));
-                }
-                else {
-                    fn(fileAccessError);
-                }
+                fn(fileAccessError);
             }
         });
     }
@@ -391,7 +385,7 @@ class GenericKeychainAccess {
                 // file not found
                 if (fileAccessError.code === 'ENOENT') {
                     // create the file
-                    await _writeFile.call(this, opts, fn);
+                    await writeFile.call(this, opts, fn);
                 }
                 else {
                     fn(fileAccessError);
@@ -399,14 +393,15 @@ class GenericKeychainAccess {
             }
             else {
                 // the existing file validated. we can write the updated key
-                await _writeFile.call(this, opts, fn);
+                await writeFile.call(this, opts, fn);
             }
         });
     }
+    // eslint-disable-next-line class-methods-use-this
     async isValidFileAccess(cb) {
         try {
             const root = (0, os_1.homedir)();
-            await fs_1.fs.access(path.join(root, global_1.Global.SFDX_STATE_FOLDER), fs_1.fs.constants.R_OK | fs_1.fs.constants.X_OK | fs_1.fs.constants.W_OK);
+            await fs.promises.access(path.join(root, global_1.Global.SFDX_STATE_FOLDER), fs.constants.R_OK | fs.constants.X_OK | fs.constants.W_OK);
             await cb(null);
         }
         catch (err) {
@@ -426,13 +421,15 @@ class GenericUnixKeychainAccess extends GenericKeychainAccess {
                 await cb(err);
             }
             else {
-                const stats = await fs_1.fs.stat(secretFile);
+                const secretFile = getSecretFile();
+                const stats = await fs.promises.stat(secretFile);
                 const octalModeStr = (stats.mode & 0o777).toString(8);
                 const EXPECTED_OCTAL_PERM_VALUE = '600';
                 if (octalModeStr === EXPECTED_OCTAL_PERM_VALUE) {
                     await cb(null);
                 }
                 else {
+                    // eslint-disable-next-line @typescript-eslint/no-floating-promises
                     cb(messages.createError('genericKeychainInvalidPermsError', [secretFile], [secretFile, EXPECTED_OCTAL_PERM_VALUE]));
                 }
             }
@@ -451,7 +448,7 @@ class GenericWindowsKeychainAccess extends GenericKeychainAccess {
             }
             else {
                 try {
-                    await fs_1.fs.access(secretFile, fs_1.fs.constants.R_OK | fs_1.fs.constants.W_OK);
+                    await fs.promises.access(getSecretFile(), fs.constants.R_OK | fs.constants.W_OK);
                     await cb(null);
                 }
                 catch (e) {
@@ -470,8 +467,8 @@ exports.keyChainImpl = {
     generic_unix: new GenericUnixKeychainAccess(),
     // eslint-disable-next-line camelcase
     generic_windows: new GenericWindowsKeychainAccess(),
-    darwin: new KeychainAccess(_darwinImpl, nodeFs),
-    linux: new KeychainAccess(_linuxImpl, nodeFs),
+    darwin: new KeychainAccess(darwinImpl, nodeFs),
+    linux: new KeychainAccess(linuxImpl, nodeFs),
     validateProgram: _validateProgram,
 };
 //# sourceMappingURL=keyChainImpl.js.map

package/lib/crypto/secureBuffer.d.ts

@@ -5,7 +5,7 @@ import { Optional } from '@salesforce/ts-types';
  *
  * @param buffer A buffer containing the decrypted secret.
  */
-export declare type DecipherCallback<T> = (buffer: Buffer) => T;
+export type DecipherCallback<T> = (buffer: Buffer) => T;
 /**
  * Used to store and retrieve a sensitive information in memory. This is not meant for at rest encryption.
  *

package/lib/deviceOauthService.d.ts

@@ -1,7 +1,7 @@
 import { AsyncCreatable } from '@salesforce/kit';
-import { OAuth2Config } from 'jsforce/lib/oauth2';
-import { Nullable, JsonMap } from '@salesforce/ts-types';
-import { AuthInfo } from './org/authInfo';
+import { OAuth2Config } from 'jsforce';
+import { JsonMap, Nullable } from '@salesforce/ts-types';
+import { AuthInfo } from './org';
 export interface DeviceCodeResponse extends JsonMap {
     device_code: string;
     interval: number;

package/lib/deviceOauthService.js

@@ -9,17 +9,15 @@
 /* eslint-disable @typescript-eslint/ban-types */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DeviceOauthService = void 0;
-const url_1 = require("url");
 const transport_1 = require("jsforce/lib/transport");
 const kit_1 = require("@salesforce/kit");
 const ts_types_1 = require("@salesforce/ts-types");
+const FormData = require("form-data");
 const logger_1 = require("./logger");
-const authInfo_1 = require("./org/authInfo");
-const sfdxError_1 = require("./sfdxError");
-const connection_1 = require("./org/connection");
+const org_1 = require("./org");
+const sfError_1 = require("./sfError");
 const messages_1 = require("./messages");
-messages_1.Messages.importMessagesDirectory(__dirname);
-const messages = messages_1.Messages.load('@salesforce/core', 'auth', ['pollingTimeout']);
+const messages = new messages_1.Messages('@salesforce/core', 'auth', new Map([["targetOrgNotSet", "A default user is not set."], ["targetOrgNotSet.actions", ["Run the \"sfdx auth\" commands with --setdefaultusername to connect to an org and set it as your default org.", "Run \"force:org:create\" with --setdefaultusername to create a scratch org and set it as your default org.", "Run \"sfdx config:set defaultusername=<username>\" to set your default username."]], ["portInUse", "Cannot start the OAuth redirect server on port %s."], ["portInUse.actions", ["Kill the process running on port %s or use a custom connected app and update OauthLocalPort in the sfdx-project.json file."]], ["invalidRequestMethod", "Invalid request method: %s"], ["invalidRequestUri", "Invalid request uri: %s"], ["pollingTimeout", "The device authorization request timed out. After executing force:auth:device:login, you must approve access to the device within 10 minutes. This can happen if the URL wasn\u2019t copied into the browser, login was not attempted, or the 2FA process was not completed within 10 minutes. Request authorization again."], ["serverErrorHTMLResponse", "<html><head><style>body {background-color:#F4F6F9; font-family: Arial, sans-serif; font-size: 0.8125rem; line-height: 1.5rem; color: #16325c;} #center {margin: auto; width: 370px; padding: 100px 0px 20px;} #logo-container {margin-left: auto; margin-right: auto; text-align: center;} #logo {max-width: 180px; max-height: 113px; margin-bottom: 2rem; border: 0;} #header {font-size: 1.5rem; text-align: center; margin-bottom: 1rem;} #message {background-color: #FFFFFF; margin: 0px auto; padding: 1.25rem; border-radius: 0.25rem; border: 1px solid #D8DDE6;} #footer {height: 24px; width: 370px; text-align: center; font-size: .75rem; position: absolute; bottom: 10;}</style></head><body><div id=\"center\"><div id=\"logo-container\"><img id=\"logo\" aria-hidden=\"true\" name=\"logo\" alt=\"Salesforce\" src=\"data:image/svg+xml;base64,%s\"></div><div id=\"header\">%s</div><div id=\"message\">%s<br/><br/>This is most likely <b>not</b> an error with the Salesforce CLI. Please ensure all information is accurate and try again.</div><div id=\"footer\">&copy; %s Salesforce, Inc. All rights reserved.</div></div></body></html>"], ["missingAuthCode", "No authentication code found on login response."], ["serverSuccessHTMLResponse", "<html><head><style>body {background-color:#F4F6F9; font-family: Arial, sans-serif; font-size: 0.8125rem; line-height: 1.5rem; color: #16325c;} #center {margin: auto; width: 300px; padding: 100px 0px 20px;} #logo-container {margin-left: auto; margin-right: auto; text-align: center;} #logo {max-width: 180px; max-height: 113px; margin-bottom: 2rem; border: 0;} #header {font-size: 1.5rem; text-align: center; margin-bottom: 1rem;} #message {background-color: #FFFFFF; margin: 0px auto; padding: 1.25rem; border-radius: 0.25rem; border: 1px solid #D8DDE6;} #footer {height: 24px; width: 300px; text-align: center; font-size: .75rem; position: absolute; bottom: 10;}</style></head><body><div id=\"center\"><div id=\"logo-container\"><img id=\"logo\" aria-hidden=\"true\" name=\"logo\" alt=\"Salesforce\" src=\"data:image/svg+xml;base64,%s\"></div><div id=\"header\">Authentication Successful</div><div id=\"message\">You've successfully logged in. You can now close this browser tab or window.</div><div id=\"footer\">&copy; %s Salesforce, Inc. All rights reserved.</div></div></body></html>"], ["serverSfdcImage", "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAyNjIgMTg0IiBzdHlsZT0iZW5hYmxlLWJhY2tncm91bmQ6bmV3IDAgMCAyNjIgMTg0OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzAwQTFFMDt9Cgkuc3Qxe2ZpbGw6I0ZGRkZGRjt9Cjwvc3R5bGU+Cjx0aXRsZT5sb2dvLXNhbGVzZm9yY2U8L3RpdGxlPgo8ZGVzYz5DcmVhdGVkIHdpdGggU2tldGNoLjwvZGVzYz4KPGcgaWQ9IlRlc3QtQiI+Cgk8ZyBpZD0iTW9iaWxlLU5hdi0tLVRlc3QtQi1feDI4XzBfeDI5XyI+CgkJPGcgaWQ9Ikdyb3VwIj4KCQkJPGcgaWQ9ImxvZ28tc2FsZXNmb3JjZSI+CgkJCQk8cGF0aCBpZD0iRmlsbC0xIiBjbGFzcz0ic3QwIiBkPSJNMTA5LjIsMjAuOWM4LjQtOC43LDIwLjEtMTQuMiwzMy0xNC4yYzE3LjIsMCwzMi4xLDkuNiw0MC4xLDIzLjhjNi45LTMuMSwxNC42LTQuOCwyMi43LTQuOAoJCQkJCWMzMSwwLDU2LDI1LjMsNTYsNTYuNXMtMjUuMSw1Ni41LTU2LDU2LjVjLTMuOCwwLTcuNS0wLjQtMTEtMS4xYy03LDEyLjUtMjAuNCwyMS0zNS44LDIxYy02LjQsMC0xMi41LTEuNS0xNy45LTQuMQoJCQkJCWMtNy4xLDE2LjctMjMuNywyOC41LTQzLDI4LjVjLTIwLjEsMC0zNy4zLTEyLjctNDMuOS0zMC42Yy0yLjksMC42LTUuOSwwLjktOC45LDAuOWMtMjQsMC00My40LTE5LjYtNDMuNC00My45CgkJCQkJYzAtMTYuMiw4LjctMzAuNCwyMS43LTM4Yy0yLjctNi4xLTQuMi0xMi45LTQuMi0yMC4xQzE4LjUsMjMuNiw0MS4yLDEsNjksMUM4NS40LDEsMTAwLDguOCwxMDkuMiwyMC45Ii8+CgkJCQk8cGF0aCBpZD0iQ29tYmluZWQtU2hhcGUiIGNsYXNzPSJzdDEiIGQ9Ik0zOC43LDk1LjRsMS4xLTIuOWMwLjItMC41LDAuNS0wLjMsMC43LTAuMmMwLjMsMC4yLDAuNSwwLjMsMC45LDAuNmMzLjEsMiw2LDIsNi45LDIKCQkJCQljMi4zLDAsMy44LTEuMiwzLjgtMi45di0wLjFjMC0xLjgtMi4yLTIuNS00LjgtMy4zbC0wLjYtMC4yYy0zLjUtMS03LjMtMi41LTcuMy02Ljl2LTAuMWMwLTQuMiwzLjQtNy4yLDguMy03LjJsMC41LDAKCQkJCQljMi45LDAsNS42LDAuOCw3LjYsMi4xYzAuMiwwLjEsMC40LDAuMywwLjMsMC42Yy0wLjEsMC4zLTEsMi42LTEuMSwyLjljLTAuMiwwLjUtMC43LDAuMi0wLjcsMC4yYy0xLjgtMS00LjUtMS43LTYuOC0xLjcKCQkJCQljLTIuMSwwLTMuNCwxLjEtMy40LDIuNnYwLjFjMCwxLjcsMi4zLDIuNSw0LjksMy4zbDAuNSwwLjFjMy41LDEuMSw3LjIsMi42LDcuMiw2Ljl2MC4xYzAsNC42LTMuMyw3LjQtOC42LDcuNAoJCQkJCWMtMi42LDAtNS4xLTAuNC03LjgtMS44Yy0wLjUtMC4zLTEtMC41LTEuNS0wLjlDMzguNyw5NS45LDM4LjUsOTUuOCwzOC43LDk1LjR6IE0xMTYuNyw5NS40bDEuMS0yLjljMC4yLTAuNSwwLjYtMC4zLDAuNy0wLjIKCQkJCQljMC4zLDAuMiwwLjUsMC4zLDAuOSwwLjZjMy4xLDIsNiwyLDYuOSwyYzIuMywwLDMuOC0xLjIsMy44LTIuOXYtMC4xYzAtMS44LTIuMi0yLjUtNC44LTMuM2wtMC42LTAuMmMtMy41LTEtNy4zLTIuNS03LjMtNi45CgkJCQkJdi0wLjFjMC00LjIsMy40LTcuMiw4LjMtNy4ybDAuNSwwYzIuOSwwLDUuNiwwLjgsNy42LDIuMWMwLjIsMC4xLDAuNCwwLjMsMC4zLDAuNmMtMC4xLDAuMy0xLDIuNi0xLjEsMi45CgkJCQkJYy0wLjIsMC41LTAuNywwLjItMC43LDAuMmMtMS44LTEtNC41LTEuNy02LjgtMS43Yy0yLjEsMC0zLjQsMS4xLTMuNCwyLjZ2MC4xYzAsMS43LDIuMywyLjUsNC45LDMuM2wwLjUsMC4xCgkJCQkJYzMuNSwxLjEsNy4yLDIuNiw3LjIsNi45djAuMWMwLDQuNi0zLjMsNy40LTguNiw3LjRjLTIuNiwwLTUuMS0wLjQtNy44LTEuOGMtMC41LTAuMy0xLTAuNS0xLjUtMC45CgkJCQkJQzExNi44LDk1LjksMTE2LjYsOTUuOCwxMTYuNyw5NS40eiBNMTc0LjUsODEuN2MwLjQsMS41LDAuNywzLjEsMC43LDQuOHMtMC4yLDMuMy0wLjcsNC44Yy0wLjQsMS41LTEuMSwyLjgtMiwzLjkKCQkJCQljLTAuOSwxLjEtMi4xLDItMy40LDIuNmMtMS40LDAuNi0zLDAuOS00LjgsMC45Yy0xLjgsMC0zLjQtMC4zLTQuOC0wLjljLTEuNC0wLjYtMi41LTEuNS0zLjQtMi42Yy0wLjktMS4xLTEuNi0yLjQtMi0zLjkKCQkJCQljLTAuNC0xLjUtMC43LTMuMS0wLjctNC44YzAtMS43LDAuMi0zLjMsMC43LTQuOGMwLjQtMS41LDEuMS0yLjgsMi0zLjljMC45LTEuMSwyLjEtMiwzLjQtMi42YzEuNC0wLjYsMy0xLDQuOC0xCgkJCQkJYzEuOCwwLDMuNCwwLjMsNC44LDFjMS40LDAuNiwyLjUsMS41LDMuNCwyLjZDMTczLjQsNzguOSwxNzQuMSw4MC4yLDE3NC41LDgxLjd6IE0xNzAsODYuNGMwLTIuNi0wLjUtNC42LTEuNC02CgkJCQkJYy0wLjktMS40LTIuNC0yLjEtNC4zLTIuMWMtMiwwLTMuNCwwLjctNC4zLDIuMWMtMC45LDEuNC0xLjQsMy40LTEuNCw2YzAsMi42LDAuNSw0LjYsMS40LDYuMWMwLjksMS40LDIuMywyLjEsNC4zLDIuMQoJCQkJCWMyLDAsMy40LTAuNyw0LjMtMi4xQzE2OS42LDkxLjEsMTcwLDg5LDE3MCw4Ni40eiBNMjExLjEsOTMuOWwxLjEsM2MwLjEsMC40LTAuMiwwLjUtMC4yLDAuNWMtMS43LDAuNy00LDEuMS02LjMsMS4xCgkJCQkJYy0zLjksMC02LjgtMS4xLTguOC0zLjNjLTItMi4yLTMtNS4yLTMtOC45YzAtMS43LDAuMi0zLjMsMC43LTQuOGMwLjUtMS41LDEuMi0yLjgsMi4yLTMuOWMxLTEuMSwyLjItMiwzLjYtMi42CgkJCQkJYzEuNC0wLjYsMy4xLTEsNS0xYzEuMywwLDIuNCwwLjEsMy4zLDAuMmMxLDAuMiwyLjQsMC41LDMsMC44YzAuMSwwLDAuNCwwLjIsMC4zLDAuNWMtMC40LDEuMi0wLjcsMi0xLjEsMwoJCQkJCWMtMC4yLDAuNS0wLjUsMC4zLTAuNSwwLjNjLTEuNS0wLjUtMi45LTAuNy00LjctMC43Yy0yLjIsMC0zLjksMC43LTQuOSwyLjJjLTEuMSwxLjQtMS43LDMuMy0xLjcsNS45YzAsMi44LDAuNyw0LjgsMS45LDYuMQoJCQkJCWMxLjIsMS4zLDIuOSwxLjksNS4xLDEuOWMwLjksMCwxLjctMC4xLDIuNC0wLjJjMC43LTAuMSwxLjQtMC4zLDIuMS0wLjZDMjEwLjUsOTMuNiwyMTAuOSw5My41LDIxMS4xLDkzLjl6IE0yMzMuOCw4MC44CgkJCQkJYzEsMy40LDAuNSw2LjMsMC40LDYuNWMwLDAuNC0wLjQsMC40LTAuNCwwLjRsLTE1LjEsMGMwLjEsMi4zLDAuNiwzLjksMS44LDVjMS4xLDEuMSwyLjgsMS44LDUuMiwxLjhjMy42LDAsNS4xLTAuNyw2LjItMS4xCgkJCQkJYzAsMCwwLjQtMC4xLDAuNiwwLjNsMSwyLjhjMC4yLDAuNSwwLDAuNi0wLjEsMC43Yy0wLjksMC41LTMuMiwxLjUtNy42LDEuNWMtMi4xLDAtNC0wLjMtNS41LTAuOWMtMS41LTAuNi0yLjgtMS40LTMuOC0yLjUKCQkJCQljLTEtMS4xLTEuNy0yLjQtMi4yLTMuOGMtMC41LTEuNS0wLjctMy4xLTAuNy00LjhjMC0xLjcsMC4yLTMuMywwLjctNC44YzAuNC0xLjUsMS4xLTIuOCwyLTMuOWMwLjktMS4xLDIuMS0yLDMuNS0yLjYKCQkJCQljMS40LTAuNywzLjEtMSw1LTFjMS42LDAsMy4xLDAuMyw0LjMsMC45YzAuOSwwLjQsMS45LDEuMSwyLjksMi4yQzIzMi41LDc3LjksMjMzLjQsNzkuNCwyMzMuOCw4MC44eiBNMjE4LjgsODRoMTAuNwoJCQkJCWMtMC4xLTEuNC0wLjQtMi42LTEtMy42Yy0wLjktMS40LTIuMi0yLjItNC4yLTIuMmMtMiwwLTMuNCwwLjgtNC4zLDIuMkMyMTkuNCw4MS4zLDIxOS4xLDgyLjUsMjE4LjgsODR6IE0xMTMuMSw4MC44CgkJCQkJYzEsMy40LDAuNSw2LjMsMC41LDYuNWMwLDAuNC0wLjQsMC40LTAuNCwwLjRsLTE1LjEsMGMwLjEsMi4zLDAuNiwzLjksMS44LDVjMS4xLDEuMSwyLjgsMS44LDUuMiwxLjhjMy42LDAsNS4xLTAuNyw2LjItMS4xCgkJCQkJYzAsMCwwLjQtMC4xLDAuNiwwLjNsMSwyLjhjMC4yLDAuNSwwLDAuNi0wLjEsMC43Yy0wLjksMC41LTMuMiwxLjUtNy42LDEuNWMtMi4xLDAtNC0wLjMtNS41LTAuOWMtMS41LTAuNi0yLjgtMS40LTMuOC0yLjUKCQkJCQljLTEtMS4xLTEuNy0yLjQtMi4yLTMuOGMtMC41LTEuNS0wLjctMy4xLTAuNy00LjhjMC0xLjcsMC4yLTMuMywwLjctNC44YzAuNC0xLjUsMS4xLTIuOCwyLTMuOWMwLjktMS4xLDIuMS0yLDMuNS0yLjYKCQkJCQljMS40LTAuNywzLjEtMSw1LTFjMS42LDAsMy4xLDAuMyw0LjMsMC45YzAuOSwwLjQsMS45LDEuMSwyLjksMi4yQzExMS44LDc3LjksMTEyLjgsNzkuNCwxMTMuMSw4MC44eiBNOTguMSw4NGgxMC44CgkJCQkJYy0wLjEtMS40LTAuNC0yLjYtMS0zLjZjLTAuOS0xLjQtMi4yLTIuMi00LjItMi4yYy0yLDAtMy40LDAuOC00LjMsMi4yQzk4LjcsODEuMyw5OC40LDgyLjUsOTguMSw4NHogTTcxLjYsODMuMgoJCQkJCWMwLDAsMS4yLDAuMSwyLjUsMC4zdi0wLjZjMC0yLTAuNC0zLTEuMi0zLjZjLTAuOC0wLjYtMi4xLTEtMy43LTFjMCwwLTMuNywwLTYuNiwxLjVjLTAuMSwwLjEtMC4yLDAuMS0wLjIsMC4xCgkJCQkJcy0wLjQsMC4xLTAuNS0wLjJsLTEuMS0yLjljLTAuMi0wLjQsMC4xLTAuNiwwLjEtMC42YzEuNC0xLjEsNC42LTEuNyw0LjYtMS43YzEuMS0wLjIsMi45LTAuNCw0LTAuNGMzLDAsNS4zLDAuNyw2LjksMi4xCgkJCQkJYzEuNiwxLjQsMi40LDMuNiwyLjQsNi43bDAsMTMuOGMwLDAsMCwwLjQtMC4zLDAuNWMwLDAtMC42LDAuMi0xLjEsMC4zYy0wLjUsMC4xLTIuMywwLjUtMy44LDAuN2MtMS41LDAuMy0zLDAuNC00LjYsMC40CgkJCQkJYy0xLjUsMC0yLjgtMC4xLTQtMC40Yy0xLjItMC4zLTIuMi0wLjctMy4xLTEuM2MtMC44LTAuNi0xLjUtMS40LTItMi40Yy0wLjUtMC45LTAuNy0yLjEtMC43LTMuNGMwLTEuMywwLjMtMi41LDAuOC0zLjUKCQkJCQljMC41LTEsMS4zLTEuOCwyLjItMi41YzAuOS0wLjcsMi0xLjEsMy4xLTEuNWMxLjItMC4zLDIuNC0wLjUsMy43LTAuNUM3MC4yLDgzLjIsNzEsODMuMiw3MS42LDgzLjJ6IE02NS42LDkzLjgKCQkJCQljMCwwLDEuNCwxLjEsNC40LDAuOWMyLjItMC4xLDQuMS0wLjUsNC4xLTAuNXYtNi45YzAsMC0xLjktMC4zLTQuMS0wLjNjLTMuMSwwLTQuNCwxLjEtNC40LDEuMWMtMC45LDAuNi0xLjMsMS42LTEuMywyLjkKCQkJCQljMCwwLjgsMC4yLDEuNSwwLjUsMkM2NC45LDkzLjIsNjUsOTMuNCw2NS42LDkzLjh6IE0xOTMuMSw3NS41Yy0wLjEsMC40LTAuOSwyLjUtMS4xLDMuMmMtMC4xLDAuMy0wLjMsMC40LTAuNiwwLjQKCQkJCQljMCwwLTAuOS0wLjItMS43LTAuMmMtMC41LDAtMS4zLDAuMS0yLDAuM2MtMC43LDAuMi0xLjMsMC42LTEuOSwxLjFjLTAuNiwwLjUtMSwxLjMtMS4zLDIuMmMtMC4zLDAuOS0wLjUsMi40LTAuNSw0djExLjIKCQkJCQljMCwwLjMtMC4yLDAuNS0wLjUsMC41aC00Yy0wLjMsMC0wLjUtMC4yLTAuNS0wLjVWNzUuMmMwLTAuMywwLjItMC41LDAuNC0wLjVoMy45YzAuMywwLDAuNCwwLjIsMC40LDAuNVY3NwoJCQkJCWMwLjYtMC44LDEuNi0xLjUsMi41LTEuOWMwLjktMC40LDItMC43LDMuOS0wLjZjMSwwLjEsMi4zLDAuMywyLjUsMC40QzE5Myw3NSwxOTMuMiw3NS4xLDE5My4xLDc1LjV6IE0xNTYsNjUuMQoJCQkJCWMwLjEsMCwwLjQsMC4yLDAuMywwLjVsLTEuMiwzLjJjLTAuMSwwLjItMC4yLDAuNC0wLjcsMC4yYy0wLjEsMC0wLjMtMC4xLTAuOC0wLjJjLTAuMy0wLjEtMC44LTAuMS0xLjItMC4xCgkJCQkJYy0wLjYsMC0xLjEsMC4xLTEuNiwwLjJjLTAuNSwwLjEtMC45LDAuNC0xLjMsMC44Yy0wLjQsMC40LTAuOCwwLjktMS4xLDEuNmMtMC42LDEuNi0wLjgsMy4zLTAuOCwzLjRoNC44CgkJCQkJYzAuNCwwLDAuNSwwLjIsMC41LDAuNWwtMC42LDMuMWMtMC4xLDAuNS0wLjUsMC40LTAuNSwwLjRoLTVMMTQzLjYsOThjLTAuNCwyLTAuOCwzLjctMS4zLDUuMWMtMC41LDEuNC0xLjEsMi40LTIsMy40CgkJCQkJYy0wLjgsMC45LTEuNywxLjYtMi44LDEuOWMtMSwwLjQtMi4zLDAuNi0zLjcsMC42Yy0wLjcsMC0xLjQsMC0yLjItMC4yYy0wLjYtMC4xLTAuOS0wLjItMS40LTAuNGMtMC4yLTAuMS0wLjMtMC4zLTAuMi0wLjYKCQkJCQljMC4xLTAuMywxLTIuNywxLjEtMy4xYzAuMi0wLjQsMC41LTAuMiwwLjUtMC4yYzAuMywwLjEsMC41LDAuMiwwLjgsMC4zYzAuNCwwLjEsMC44LDAuMSwxLjIsMC4xYzAuNywwLDEuMy0wLjEsMS44LTAuMwoJCQkJCWMwLjYtMC4yLDEtMC42LDEuNC0xLjFjMC40LTAuNSwwLjctMS4yLDEuMS0yLjFjMC4zLTAuOSwwLjYtMi4yLDAuOS0zLjdsMy40LTE4LjloLTMuM2MtMC40LDAtMC41LTAuMi0wLjUtMC41bDAuNi0zLjEKCQkJCQljMC4xLTAuNSwwLjUtMC40LDAuNS0wLjRoMy40bDAuMi0xYzAuNS0zLDEuNS01LjMsMy02LjhjMS41LTEuNSwzLjctMi4zLDYuNC0yLjNjMC44LDAsMS41LDAuMSwyLjEsMC4yCgkJCQkJQzE1NSw2NC44LDE1NS41LDY0LjksMTU2LDY1LjF6IE04OC42LDk3LjZjMCwwLjMtMC4yLDAuNS0wLjQsMC41aC00Yy0wLjMsMC0wLjQtMC4yLTAuNC0wLjVWNjUuNWMwLTAuMiwwLjItMC41LDAuNC0wLjVoNAoJCQkJCWMwLjMsMCwwLjQsMC4yLDAuNCwwLjVWOTcuNnoiLz4KCQkJPC9nPgoJCTwvZz4KCTwvZz4KPC9nPgo8L3N2Zz4K"]]));
 async function wait(ms = 1000) {
     return new Promise((resolve) => {
         setTimeout(resolve, ms);
@@ -29,7 +27,9 @@ async function makeRequest(options) {
     const rawResponse = await new transport_1.default().httpRequest(options);
     const response = (0, kit_1.parseJsonMap)(rawResponse.body);
     if (response.error) {
-        const err = new sfdxError_1.SfdxError('Request Failed.');
+        const errorDescription = typeof response.error_description === 'string' ? response.error_description : '';
+        const error = typeof response.error === 'string' ? response.error : 'Unknown';
+        const err = new sfError_1.SfError(`Request Failed: ${error} ${errorDescription}`);
         err.data = Object.assign(response, { status: rawResponse.statusCode });
         throw err;
     }
@@ -59,9 +59,9 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         this.pollingCount = 0;
         this.options = options;
         if (!this.options.clientId)
-            this.options.clientId = authInfo_1.DEFAULT_CONNECTED_APP_INFO.clientId;
+            this.options.clientId = org_1.DEFAULT_CONNECTED_APP_INFO.clientId;
         if (!this.options.loginUrl)
-            this.options.loginUrl = authInfo_1.AuthInfo.getDefaultInstanceUrl();
+            this.options.loginUrl = org_1.AuthInfo.getDefaultInstanceUrl();
     }
     /**
      * Begin the authorization flow by requesting the login
@@ -82,8 +82,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         const deviceFlowRequestUrl = this.getDeviceFlowRequestUrl();
         const pollingOptions = this.getPollingOptions(deviceFlowRequestUrl, loginData.device_code);
         const interval = kit_1.Duration.seconds(loginData.interval).milliseconds;
-        const response = await this.pollForDeviceApproval(pollingOptions, interval);
-        return response;
+        return this.pollForDeviceApproval(pollingOptions, interval);
     }
     /**
      * Creates and saves new AuthInfo
@@ -91,7 +90,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
      * @returns {Promise<AuthInfo>}
      */
     async authorizeAndSave(approval) {
-        const authInfo = await authInfo_1.AuthInfo.create({
+        const authInfo = await org_1.AuthInfo.create({
             oauth2Options: {
                 loginUrl: approval.instance_url,
                 refreshToken: approval.refresh_token,
@@ -108,27 +107,27 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         this.logger.debug(`this.options.loginUrl: ${this.options.loginUrl}`);
     }
     getLoginOptions(url) {
-        const body = new url_1.URLSearchParams();
-        body.append('client_id', (0, ts_types_1.ensureString)(this.options.clientId));
-        body.append('response_type', DeviceOauthService.RESPONSE_TYPE);
-        body.append('scope', DeviceOauthService.SCOPE);
+        const form = new FormData();
+        form.append('client_id', (0, ts_types_1.ensureString)(this.options.clientId));
+        form.append('response_type', DeviceOauthService.RESPONSE_TYPE);
+        form.append('scope', DeviceOauthService.SCOPE);
         return {
             url,
-            headers: connection_1.SFDX_HTTP_HEADERS,
+            headers: { ...org_1.SFDX_HTTP_HEADERS, ...form.getHeaders() },
             method: 'POST',
-            body,
+            body: form.getBuffer(),
         };
     }
     getPollingOptions(url, code) {
-        const body = new url_1.URLSearchParams();
-        body.append('client_id', (0, ts_types_1.ensureString)(this.options.clientId));
-        body.append('grant_type', DeviceOauthService.GRANT_TYPE);
-        body.append('code', code);
+        const form = new FormData();
+        form.append('client_id', (0, ts_types_1.ensureString)(this.options.clientId));
+        form.append('grant_type', DeviceOauthService.GRANT_TYPE);
+        form.append('code', code);
         return {
             url,
-            headers: connection_1.SFDX_HTTP_HEADERS,
+            headers: { ...org_1.SFDX_HTTP_HEADERS, ...form.getHeaders() },
             method: 'POST',
-            body,
+            body: form.getBuffer(),
         };
     }
     getDeviceFlowRequestUrl() {
@@ -140,7 +139,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
             return await makeRequest(httpRequest);
         }
         catch (e) {
-            // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            /* eslint-disable @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/restrict-template-expressions */
             const err = e.data;
             if (err.error && err.status === 400 && err.error === 'authorization_pending') {
                 // do nothing because we're still waiting
@@ -155,6 +154,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
                 }
                 throw err;
             }
+            /* eslint-enable @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/restrict-template-expressions */
         }
     }
     shouldContinuePolling() {
@@ -164,6 +164,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
         this.logger.debug('BEGIN POLLING FOR DEVICE APPROVAL');
         let result;
         while (this.shouldContinuePolling()) {
+            // eslint-disable-next-line no-await-in-loop
             result = await this.poll(httpRequest);
             if (result) {
                 this.logger.debug('POLLING FOR DEVICE APPROVAL SUCCESS');
@@ -171,6 +172,7 @@ class DeviceOauthService extends kit_1.AsyncCreatable {
             }
             else {
                 this.logger.debug(`waiting ${interval} ms...`);
+                // eslint-disable-next-line no-await-in-loop
                 await wait(interval);
                 this.pollingCount += 1;
             }

package/lib/exported.d.ts

@@ -1,13 +1,15 @@
 export { OAuth2Config } from 'jsforce';
 export { ConfigFile } from './config/configFile';
+export { TTLConfig } from './config/ttlConfig';
 export { envVars, EnvironmentVariable, SUPPORTED_ENV_VARS, EnvVars } from './config/envVars';
-export { BaseConfigStore, ConfigContents, ConfigEntry, ConfigStore, ConfigValue } from './config/configStore';
-export { GlobalInfo, SfEntry, SfInfo, SfInfoKeys, SfOrg, SfOrgs, SfToken, SfTokens } from './globalInfo';
+export { ConfigContents, ConfigEntry, ConfigStore, ConfigValue } from './config/configStore';
+export { SfTokens, StateAggregator } from './stateAggregator';
 export { DeviceOauthService, DeviceCodeResponse, DeviceCodePollingResponse } from './deviceOauthService';
 export { OrgUsersConfig } from './config/orgUsersConfig';
-export { ConfigPropertyMeta, ConfigPropertyMetaInput, Config, SfdxPropertyKeys, SFDX_ALLOWED_PROPERTIES, } from './config/config';
+export { ConfigPropertyMeta, ConfigPropertyMetaInput, Config, SfdxPropertyKeys, SfConfigProperties, SFDX_ALLOWED_PROPERTIES, SF_ALLOWED_PROPERTIES, } from './config/config';
+export { SandboxRequestCacheEntry, SandboxRequestCache } from './config/sandboxProcessCache';
 export { ConfigInfo, ConfigAggregator } from './config/configAggregator';
-export { AuthFields, AuthInfo, OrgAuthorization } from './org/authInfo';
+export { AuthFields, AuthInfo, AuthSideEffects, OrgAuthorization } from './org/authInfo';
 export { AuthRemover } from './org/authRemover';
 export { Connection, SFDX_HTTP_HEADERS } from './org/connection';
 export { Mode, Global } from './global';
@@ -16,20 +18,21 @@ export { WebOAuthServer } from './webOAuthServer';
 export { SfdcUrl } from './util/sfdcUrl';
 export { getJwtAudienceUrl } from './util/getJwtAudienceUrl';
 export { Fields, FieldValue, LoggerLevel, LoggerLevelValue, LogLine, LoggerOptions, LoggerStream, Logger, } from './logger';
-export { Messages } from './messages';
-export { Org, SandboxProcessObject, StatusEvent, SandboxEvents, SandboxUserAuthResponse, SandboxUserAuthRequest, SandboxRequest, OrgTypes, ResultEvent, ScratchOrgRequest, } from './org';
+export { Messages, StructuredMessage } from './messages';
+export { Org, SandboxProcessObject, StatusEvent, SandboxEvents, SandboxUserAuthResponse, SandboxUserAuthRequest, SandboxRequest, ResumeSandboxRequest, OrgTypes, ResultEvent, ScratchOrgRequest, } from './org';
 export { OrgConfigProperties, ORG_CONFIG_ALLOWED_PROPERTIES } from './org/orgConfigProperties';
-export { PackageDir, NamedPackageDir, PackageDirDependency, SfdxProject, SfdxProjectJson } from './sfdxProject';
-export { SchemaPrinter } from './schema/printer';
+export { PackageDir, NamedPackageDir, PackageDirDependency, SfProject, SfProjectJson } from './sfProject';
 export { SchemaValidator } from './schema/validator';
-export { SfdxError } from './sfdxError';
+export { SchemaPrinter } from './schema/printer';
+export { SfError } from './sfError';
 export { PollingClient } from './status/pollingClient';
 export { CometClient, CometSubscription, StreamingClient, StatusResult } from './status/streamingClient';
 export { MyDomainResolver } from './status/myDomainResolver';
 export { DefaultUserFields, REQUIRED_FIELDS, User, UserFields } from './org/user';
 export { PermissionSetAssignment, PermissionSetAssignmentFields } from './org/permissionSetAssignment';
-export { ScratchOrgCreateOptions, ScratchOrgCreateResult, scratchOrgCreate } from './org/scratchOrgCreate';
-export { ScratchOrgInfo } from './org/scratchOrgInfoApi';
-export * from './util/fs';
+export { ScratchOrgCreateOptions, ScratchOrgCreateResult, scratchOrgCreate, scratchOrgResume, } from './org/scratchOrgCreate';
+export { ScratchOrgInfo } from './org/scratchOrgTypes';
+export { ScratchOrgLifecycleEvent, scratchOrgLifecycleEventName, scratchOrgLifecycleStages, } from './org/scratchOrgLifecycleEvents';
+export { ScratchOrgCache } from './org/scratchOrgCache';
 export * from './util/sfdc';
 export * from './util/sfdcUrl';