@salesforce/plugin-trust 2.4.11 → 2.4.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -26,6 +26,13 @@ const hook = async function (options) {
|
|
|
26
26
|
if (options.plugin && options.plugin.type === 'npm') {
|
|
27
27
|
const logger = await core_1.Logger.child('verifyInstallSignature');
|
|
28
28
|
const plugin = options.plugin;
|
|
29
|
+
// skip if the plugin version being installed is listed in the CLI's JIT config
|
|
30
|
+
if (plugin.tag &&
|
|
31
|
+
plugin.name in options.config.pjson.oclif.jitPlugins &&
|
|
32
|
+
options.config.pjson.oclif.jitPlugins?.[plugin.name] === plugin.tag) {
|
|
33
|
+
logger.debug(`Skipping verification for ${options.plugin.name} because it is listed in the CLI's JIT config.`);
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
29
36
|
logger.debug('parsing npm name');
|
|
30
37
|
const npmName = NpmName_1.NpmName.parse(plugin.name);
|
|
31
38
|
logger.debug(`npmName components: ${JSON.stringify(npmName, null, 4)}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyInstallSignature.js","sourceRoot":"","sources":["../../src/hooks/verifyInstallSignature.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAGH,2CAAmD;AACnD,sCAAiC;AACjC,iFAM4C;AAE5C,+CAA4C;AAE5C;;GAEG;AACH,MAAa,yBAAyB;IAC7B,MAAM,CAAC,KAAK,CAAC,OAAgB,EAAE,aAA4B;QAChE,MAAM,OAAO,GAAG,IAAI,6CAAkB,EAAE,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,IAAI,mDAAwB,EAAE,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACrG,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAND,8DAMC;AAEM,MAAM,IAAI,GAA2B,KAAK,WAAW,OAAO;IACjE,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,KAAK,EAAE;QACnD,MAAM,MAAM,GAAG,MAAM,aAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAE9B,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACjC,MAAM,OAAO,GAAG,iBAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,CAAC,KAAK,CAAC,uBAAuB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QAExE,OAAO,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,QAAQ,CAAC;QAErC,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;YACjC,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SACpC;QAED,MAAM,aAAa,GAAkB;YACnC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ;YACjC,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS;YACnC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO;YAC/B,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI;SAC7B,CAAC;QAEF,MAAM,OAAO,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACxE,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QAEhE,IAAI;YACF,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACnC,MAAM,IAAA,gEAAqC,EAAC,aAAa,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;YAC9G,SAAE,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;SAC7C;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,GAAG,GAAG,KAAgB,CAAC;YAC7B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SACjB;KACF;SAAM;QACL,MAAM,IAAA,mCAAQ,GAAE,CAAC;KAClB;AACH,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"verifyInstallSignature.js","sourceRoot":"","sources":["../../src/hooks/verifyInstallSignature.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAGH,2CAAmD;AACnD,sCAAiC;AACjC,iFAM4C;AAE5C,+CAA4C;AAE5C;;GAEG;AACH,MAAa,yBAAyB;IAC7B,MAAM,CAAC,KAAK,CAAC,OAAgB,EAAE,aAA4B;QAChE,MAAM,OAAO,GAAG,IAAI,6CAAkB,EAAE,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,IAAI,mDAAwB,EAAE,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACrG,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAND,8DAMC;AAEM,MAAM,IAAI,GAA2B,KAAK,WAAW,OAAO;IACjE,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,KAAK,EAAE;QACnD,MAAM,MAAM,GAAG,MAAM,aAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAE9B,+EAA+E;QAC/E,IACE,MAAM,CAAC,GAAG;YACV,MAAM,CAAC,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU;YACpD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,GAAG,EACnE;YACA,MAAM,CAAC,KAAK,CAAC,6BAA6B,OAAO,CAAC,MAAM,CAAC,IAAI,gDAAgD,CAAC,CAAC;YAC/G,OAAO;SACR;QACD,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACjC,MAAM,OAAO,GAAG,iBAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,CAAC,KAAK,CAAC,uBAAuB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QAExE,OAAO,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,QAAQ,CAAC;QAErC,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;YACjC,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SACpC;QAED,MAAM,aAAa,GAAkB;YACnC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ;YACjC,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS;YACnC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO;YAC/B,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI;SAC7B,CAAC;QAEF,MAAM,OAAO,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACxE,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QAEhE,IAAI;YACF,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACnC,MAAM,IAAA,gEAAqC,EAAC,aAAa,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;YAC9G,SAAE,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;SAC7C;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,GAAG,GAAG,KAAgB,CAAC;YAC7B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SACjB;KACF;SAAM;QACL,MAAM,IAAA,mCAAQ,GAAE,CAAC;KAClB;AACH,CAAC,CAAC;AA9CW,QAAA,IAAI,QA8Cf;AAEF,kBAAe,YAAI,CAAC"}
|
package/oclif.manifest.json
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@salesforce/plugin-trust",
|
|
3
3
|
"description": "validate a digital signature for a npm package",
|
|
4
|
-
"version": "2.4.
|
|
4
|
+
"version": "2.4.14",
|
|
5
5
|
"author": "Salesforce",
|
|
6
6
|
"main": "lib/index.js",
|
|
7
7
|
"bin": {
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
"dependencies": {
|
|
12
12
|
"@oclif/core": "^2.8.2",
|
|
13
13
|
"@salesforce/core": "^3.33.4",
|
|
14
|
-
"@salesforce/plugin-telemetry": "^2.1.
|
|
14
|
+
"@salesforce/plugin-telemetry": "^2.1.5",
|
|
15
15
|
"@salesforce/sf-plugins-core": "^2",
|
|
16
16
|
"@salesforce/telemetry": "^3.2.13",
|
|
17
17
|
"got": "^11",
|
|
@@ -24,9 +24,9 @@
|
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
26
|
"@oclif/plugin-command-snapshot": "^3.3.9",
|
|
27
|
-
"@salesforce/cli-plugins-testkit": "^3.3.
|
|
27
|
+
"@salesforce/cli-plugins-testkit": "^3.3.5",
|
|
28
28
|
"@salesforce/dev-config": "^3.0.0",
|
|
29
|
-
"@salesforce/dev-scripts": "^4.3.
|
|
29
|
+
"@salesforce/dev-scripts": "^4.3.1",
|
|
30
30
|
"@salesforce/plugin-command-reference": "^2.4.1",
|
|
31
31
|
"@salesforce/prettier-config": "^0.0.2",
|
|
32
32
|
"@salesforce/ts-sinon": "^1.4.6",
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
"@typescript-eslint/eslint-plugin": "^5.33.0",
|
|
38
38
|
"@typescript-eslint/parser": "^5.57.1",
|
|
39
39
|
"chai": "^4.3.7",
|
|
40
|
-
"eslint": "^8.
|
|
40
|
+
"eslint": "^8.39.0",
|
|
41
41
|
"eslint-config-prettier": "^8.8.0",
|
|
42
42
|
"eslint-config-salesforce": "^1.2.0",
|
|
43
43
|
"eslint-config-salesforce-license": "^0.2.0",
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"husky": "^7.0.4",
|
|
50
50
|
"mocha": "^9.1.3",
|
|
51
51
|
"nyc": "^15.1.0",
|
|
52
|
-
"oclif": "^3.
|
|
52
|
+
"oclif": "^3.8.2",
|
|
53
53
|
"prettier": "^2.8.7",
|
|
54
54
|
"pretty-quick": "^3.1.0",
|
|
55
55
|
"shx": "0.3.4",
|
|
@@ -229,7 +229,7 @@
|
|
|
229
229
|
}
|
|
230
230
|
},
|
|
231
231
|
"sfdx": {
|
|
232
|
-
"publicKeyUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.4.
|
|
233
|
-
"signatureUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.4.
|
|
232
|
+
"publicKeyUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.4.14.crt",
|
|
233
|
+
"signatureUrl": "https://developer.salesforce.com/media/salesforce-cli/security/@salesforce/plugin-trust/2.4.14.sig"
|
|
234
234
|
}
|
|
235
235
|
}
|