@salesforce/plugin-trust 2.2.8 → 2.3.0

package/lib/hooks/jitPluginInstall.d.ts

@@ -0,0 +1,3 @@
+import { Hook } from '@oclif/core';
+declare const hook: Hook<'jit_plugin_not_installed'>;
+export default hook;

package/lib/hooks/jitPluginInstall.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/*
+ * Copyright (c) 2022, salesforce.com, inc.
+ * All rights reserved.
+ * Licensed under the BSD 3-Clause license.
+ * For full license text, see LICENSE.txt file in the repo root or https://opensource.org/licenses/BSD-3-Clause
+ */
+const os = require("os");
+const core_1 = require("@salesforce/core");
+const appInsights_1 = require("@salesforce/telemetry/lib/appInsights");
+const hook = async function (opts) {
+    try {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+        global.cliTelemetry?.record({
+            eventName: 'JIT_INSTALL_STARTED',
+            type: 'EVENT',
+            version: opts.config.version,
+            plugin: opts.command.pluginName,
+            command: opts.command.id,
+        });
+        await opts.config.runCommand('plugins:install', [`${opts.command.pluginName}@${opts.pluginVersion}`]);
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+        global.cliTelemetry?.record({
+            eventName: 'JIT_INSTALL_SUCCESS',
+            type: 'EVENT',
+            version: opts.config.version,
+            plugin: opts.command.pluginName,
+            command: opts.command.id,
+        });
+    }
+    catch (error) {
+        const err = error;
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+        global.cliTelemetry?.record({
+            eventName: 'JIT_INSTALL_FAILED',
+            type: 'EVENT',
+            message: err.message,
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-argument, @typescript-eslint/no-unsafe-member-access
+            stackTrace: err?.stack?.replace(new RegExp(os.homedir(), 'g'), appInsights_1.AppInsights.GDPR_HIDDEN),
+            version: opts.config.version,
+            plugin: opts.command.pluginName,
+            command: opts.command.id,
+        });
+        throw new core_1.SfError(`Could not install ${opts.command.pluginName}`, 'JitPluginInstallError');
+    }
+};
+exports.default = hook;
+//# sourceMappingURL=jitPluginInstall.js.map

package/lib/hooks/jitPluginInstall.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jitPluginInstall.js","sourceRoot":"","sources":["../../src/hooks/jitPluginInstall.ts"],"names":[],"mappings":";;AAAA;;;;;GAKG;AACH,yBAAyB;AAEzB,2CAA2C;AAE3C,uEAAoE;AAIpE,MAAM,IAAI,GAAqC,KAAK,WAAW,IAAI;IACjE,IAAI;QACF,yGAAyG;QACzG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC;YAC1B,SAAS,EAAE,qBAAqB;YAChC,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;YAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE;SACzB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QAEtG,yGAAyG;QACzG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC;YAC1B,SAAS,EAAE,qBAAqB;YAChC,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;YAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE;SACzB,CAAC,CAAC;KACJ;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,GAAG,GAAG,KAAc,CAAC;QAE3B,yGAAyG;QACzG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC;YAC1B,SAAS,EAAE,oBAAoB;YAC/B,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,6GAA6G;YAC7G,UAAU,EAAE,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,EAAE,yBAAW,CAAC,WAAW,CAAC;YACvF,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;YAC/B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE;SACzB,CAAC,CAAC;QAEH,MAAM,IAAI,cAAO,CAAC,qBAAqB,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,uBAAuB,CAAC,CAAC;KAC5F;AACH,CAAC,CAAC;AAEF,kBAAe,IAAI,CAAC"}

package/oclif.manifest.json

@@ -1 +1 @@
-{"version":"2.2.8","commands":{"plugins:trust:verify":{"id":"plugins:trust:verify","summary":"Validate a digital signature.","description":"Verifies the digital signature on an npm package matches the signature and key stored at the expected URLs.","strict":true,"pluginName":"@salesforce/plugin-trust","pluginAlias":"@salesforce/plugin-trust","pluginType":"core","aliases":[],"examples":["<%= config.bin %> <%= command.id %> --npm @scope/npmName --registry http://my.repo.org:4874","<%= config.bin %> <%= command.id %> --npm @scope/npmName"],"flags":{"json":{"name":"json","type":"boolean","description":"Format output as json.","helpGroup":"GLOBAL","allowNo":false},"npm":{"name":"npm","type":"option","char":"n","summary":"Specify the npm name. This can include a tag/version.","required":true,"multiple":false},"registry":{"name":"registry","type":"option","char":"r","summary":"The registry name. The behavior is the same as npm.","multiple":false},"loglevel":{"name":"loglevel","type":"option","hidden":true,"multiple":false,"deprecated":{"message":"The loglevel flag is no longer in use on this command. You may use it without error, but it will be ignored.\nSet the log level using the `SFDX_LOG_LEVEL` environment variable."}}},"args":[]}}}
+{"version":"2.3.0","commands":{"plugins:trust:verify":{"id":"plugins:trust:verify","summary":"Validate a digital signature.","description":"Verifies the digital signature on an npm package matches the signature and key stored at the expected URLs.","strict":true,"pluginName":"@salesforce/plugin-trust","pluginAlias":"@salesforce/plugin-trust","pluginType":"core","aliases":[],"examples":["<%= config.bin %> <%= command.id %> --npm @scope/npmName --registry http://my.repo.org:4874","<%= config.bin %> <%= command.id %> --npm @scope/npmName"],"flags":{"json":{"name":"json","type":"boolean","description":"Format output as json.","helpGroup":"GLOBAL","allowNo":false},"npm":{"name":"npm","type":"option","char":"n","summary":"Specify the npm name. This can include a tag/version.","required":true,"multiple":false},"registry":{"name":"registry","type":"option","char":"r","summary":"The registry name. The behavior is the same as npm.","multiple":false},"loglevel":{"name":"loglevel","type":"option","hidden":true,"multiple":false,"deprecated":{"message":"The loglevel flag is no longer in use on this command. You may use it without error, but it will be ignored.\nSet the log level using the `SFDX_LOG_LEVEL` environment variable."}}},"args":[]}}}

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@salesforce/plugin-trust",
     "description": "validate a digital signature for a npm package",
-    "version": "2.2.8",
+    "version": "2.3.0",
     "author": "Salesforce",
     "main": "lib/index.js",
     "bin": {
@@ -9,9 +9,11 @@
     },
     "bugs": "https://github.com/forcedotcom/cli/issues",
     "dependencies": {
-        "@oclif/core": "^1.22.0",
+        "@oclif/core": "^1.25.0",
         "@salesforce/core": "^3.32.12",
+        "@salesforce/plugin-telemetry": "^2.0.5",
         "@salesforce/sf-plugins-core": "^1.22.1",
+        "@salesforce/telemetry": "^3.2.13",
         "got": "^11",
         "npm": "^8.19.3",
         "npm-run-path": "^4.0.1",
@@ -80,7 +82,8 @@
         "hooks": {
             "plugins:preinstall:verify:signature": [
                 "./lib/hooks/verifyInstallSignature.js"
-            ]
+            ],
+            "jit_plugin_not_installed": "./lib/hooks/jitPluginInstall.js"
         },
         "devPlugins": [
             "@oclif/plugin-help",
@@ -123,7 +126,7 @@
         "access": "public"
     },
     "sfdx": {
-        "publicKeyUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.2.8.crt",
-        "signatureUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.2.8.sig"
+        "publicKeyUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.3.0.crt",
+        "signatureUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.3.0.sig"
     }
 }