@salesforce/core 8.8.0 → 8.8.1

package/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2024, Salesforce.com, Inc.
+Copyright (c) 2025, Salesforce.com, Inc.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

package/lib/org/authInfo.js

@@ -730,13 +730,18 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
     }
     // A callback function for a connection to refresh an access token.  This is used
     // both for a JWT connection and an OAuth connection.
-    async refreshFn(conn, callback) {
+    async refreshFn(_conn, callback) {
         this.logger.info('Access token has expired. Updating...');
         try {
             const fields = this.getFields(true);
+            // This method will request the new access token and save to the current AuthInfo instance (but don't persist them!).
             await this.initAuthOptions(fields);
+            // Persist fields with refreshed access token to auth file.
             await this.save();
-            return await callback(null, fields.accessToken);
+            // Pass new access token to the jsforce's session-refresh callback for proper propagation:
+            // https://jsforce.github.io/jsforce/types/session_refresh_delegate.SessionRefreshFunc.html
+            const { accessToken } = this.getFields(true);
+            return await callback(null, accessToken);
         }
         catch (err) {
             const error = err;

package/lib/org/connection.d.ts

@@ -148,8 +148,12 @@ export declare class Connection<S extends Schema = Schema> extends JSForceConnec
      */
     singleRecordQuery<T extends Record>(soql: string, options?: SingleRecordQueryOptions): Promise<T>;
     /**
-     * Executes a get request on the baseUrl to force an auth refresh
-     * Useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes
+     * Executes a HEAD request on the baseUrl to force an auth refresh.
+     * This is useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes.
+     *
+     * This method issues a request using the current access token to check if it is still valid.
+     * If the request returns 200, no refresh happens, and we keep the token.
+     * If it returns 401, jsforce will request a new token and set it in the connection instance.
      */
     refreshAuth(): Promise<void>;
     private getCachedApiVersion;

package/lib/org/connection.js

@@ -334,14 +334,18 @@ class Connection extends jsforce_node_1.Connection {
         return result.records[0];
     }
     /**
-     * Executes a get request on the baseUrl to force an auth refresh
-     * Useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes
+     * Executes a HEAD request on the baseUrl to force an auth refresh.
+     * This is useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes.
+     *
+     * This method issues a request using the current access token to check if it is still valid.
+     * If the request returns 200, no refresh happens, and we keep the token.
+     * If it returns 401, jsforce will request a new token and set it in the connection instance.
      */
     async refreshAuth() {
         this.logger.debug('Refreshing auth for org.');
         const requestInfo = {
             url: this.baseUrl(),
-            method: 'GET',
+            method: 'HEAD',
         };
         await this.request(requestInfo);
     }

package/lib/org/org.d.ts

@@ -319,7 +319,12 @@ export declare class Org extends AsyncOptionalCreatable<Org.Options> {
      */
     updateLocalInformation(): Promise<Pick<AuthFields, Org.Fields.NAME | Org.Fields.INSTANCE_NAME | Org.Fields.NAMESPACE_PREFIX | Org.Fields.IS_SANDBOX | Org.Fields.IS_SCRATCH | Org.Fields.TRIAL_EXPIRATION_DATE> | undefined>;
     /**
-     * Refreshes the auth for this org's instance by calling HTTP GET on the baseUrl of the connection object.
+     * Executes a HEAD request on the baseUrl to force an auth refresh.
+     * This is useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes.
+     *
+     * This method issues a request using the current access token to check if it is still valid.
+     * If the request returns 200, no refresh happens, and we keep the token.
+     * If it returns 401, jsforce will request a new token and set it in the connection instance.
      */
     refreshAuth(): Promise<void>;
     /**

package/lib/org/org.js

@@ -622,13 +622,18 @@ class Org extends kit_1.AsyncOptionalCreatable {
         }
     }
     /**
-     * Refreshes the auth for this org's instance by calling HTTP GET on the baseUrl of the connection object.
+     * Executes a HEAD request on the baseUrl to force an auth refresh.
+     * This is useful for the raw methods (request, requestRaw) that use the accessToken directly and don't handle refreshes.
+     *
+     * This method issues a request using the current access token to check if it is still valid.
+     * If the request returns 200, no refresh happens, and we keep the token.
+     * If it returns 401, jsforce will request a new token and set it in the connection instance.
      */
     async refreshAuth() {
         this.logger.debug('Refreshing auth for org.');
         const requestInfo = {
             url: this.getConnection().baseUrl(),
-            method: 'GET',
+            method: 'HEAD',
         };
         await this.getConnection().request(requestInfo);
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/core",
-  "version": "8.8.0",
+  "version": "8.8.1",
   "description": "Core libraries to interact with SFDX projects, orgs, and APIs.",
   "main": "lib/index",
   "types": "lib/index.d.ts",