Merge pull request #1558 from forcedotcom/m2d/v4.4.0

Main2Dev @W-16095971@ Merging main to dev after v4.4.0

Author: jfeingold35

.eslintrc.json

@@ -13,5 +13,8 @@
 	},
 	"plugins": [
 		"@typescript-eslint"
-	]
+	],
+	"rules": {
+		"sf-plugin/only-extend-SfCommand": "off"
+	}
 }

.github/workflows/create-release-branch.yml

@@ -145,7 +145,7 @@ jobs:
           git checkout -b release-$NEW_VERSION
           git push --set-upstream origin release-$NEW_VERSION
           # Now that we're done with the interim branch, delete it.
-          git push -d ${NEW_VERSION}-interim
+          git push -d origin ${NEW_VERSION}-interim
           # Output the release branch name so we can use it in later jobs.
           echo "branch_name=release-$NEW_VERSION" >> "$GITHUB_OUTPUT"
   # Run all the various tests against the newly created branch.

html-templates/simple.mustache

@@ -65,7 +65,7 @@
 	<script type="text/javascript" language="javascript"
 		src="https://cdn.datatables.net/1.10.21/js/jquery.dataTables.min.js"></script>
 	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/rowgroup/1.1.2/js/dataTables.rowGroup.min.js"></script>
-    <script type="text/javascript" language="javascript" src="https://cdn.jsdelivr.net/npm/[email protected]/dist/Chart.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.jsdelivr.net/npm/[email protected]/dist/Chart.min.js"></script>
 	<script type="text/javascript" class="init">
 
 	// BEGIN - Placeholders filled in by the scanner
@@ -294,11 +294,12 @@
 			});
 		});
 	</script>
+	<title>Salesforce Code Analyzer Report</title>
 </head>
 
 <body>
     <h1 id="reportTitle">Salesforce Code Analyzer Report</h1>
-	<div id="summaryChart"/></div>
+	<div id="summaryChart"></div>
 	<h4 id="summaryFiles"></h4>
 	<h4 id="summaryViolations"></h4>
 	<div class="fw-container">
@@ -319,7 +320,7 @@
 							<th>End Column</th>
 						</tr>
 					</thead>
-					<tbody/>
+					<tbody></tbody>
 				</table>
 			</div>
 		</div>

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@salesforce/sfdx-scanner",
 	"description": "Static code scanner that applies quality and security rules to Apex code, and provides feedback.",
-	"version": "4.3.2",
+	"version": "4.4.0",
 	"author": "Salesforce Code Analyzer Team",
 	"bugs": "https://github.com/forcedotcom/sfdx-scanner/issues",
 	"dependencies": {

retire-js/RetireJsVulns.json

@@ -6491,6 +6491,27 @@
           "https://github.com/advisories/GHSA-c59h-r6p8-q9wc"
         ]
       },
+      {
+        "atOrAbove": "13.4.0",
+        "below": "13.5.0",
+        "cwe": [
+          "CWE-400"
+        ],
+        "severity": "high",
+        "identifiers": {
+          "summary": "Next.js Denial of Service (DoS) condition",
+          "CVE": [
+            "CVE-2024-39693"
+          ],
+          "githubID": "GHSA-fq54-2j52-jc42"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-fq54-2j52-jc42",
+          "https://github.com/vercel/next.js/security/advisories/GHSA-fq54-2j52-jc42",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-39693",
+          "https://github.com/vercel/next.js"
+        ]
+      },
       {
         "atOrAbove": "13.4.0",
         "below": "13.5.1",
@@ -7517,7 +7538,6 @@
         "/pdfjs-dist@(§§version§§)/"
       ],
       "filecontent": [
-        " pdfjs-dist@(§§version§§) ",
         "(?:const|var) pdfjsVersion = ['\"](§§version§§)['\"];",
         "PDFJS.version ?= ?['\"](§§version§§)['\"]",
         "apiVersion: ?['\"](§§version§§)['\"][\\s\\S]*,data(:[a-zA-Z.]{1,6})?,[\\s\\S]*password(:[a-zA-Z.]{1,10})?,[\\s\\S]*disableAutoFetch(:[a-zA-Z.]{1,22})?,[\\s\\S]*rangeChunkSize",

src/commands/scanner/rule/add.ts

@@ -20,6 +20,7 @@ export default class Add extends ScannerCommand {
 	// This defines the flags accepted by this command. The key is the longname, the char property is the shortname,
 	// and summary and description is what's printed when the -h/--help flag is supplied.
 	public static readonly flags = {
+		...ScannerCommand.flags,
 		language: Flags.string({
 			char: 'l',
 			summary: getMessage(BundleName.Add, 'flags.languageSummary'),

src/commands/scanner/rule/describe.ts

@@ -19,6 +19,7 @@ export default class Describe extends ScannerCommand {
 	// This defines the flags accepted by this command. The key is the longname, the char property is the shortname,
 	// and summary and description is what's printed when the -h/--help flag is supplied.
 	public static readonly flags = {
+		...ScannerCommand.flags,
 		rulename: Flags.string({
 			char: 'n',
 			summary: getMessage(BundleName.Describe, 'flags.rulenameSummary'),

src/commands/scanner/rule/list.ts

@@ -22,6 +22,7 @@ export default class List extends ScannerCommand {
 	// This defines the flags accepted by this command. The key is the longname, the char property is the shortname,
 	// and summary and description is what's printed when the -h/--help flag is supplied.
 	public static readonly flags = {
+		...ScannerCommand.flags,
 		verbose: Flags.boolean({
 			summary: getMessage(BundleName.Common, 'flags.verboseSummary')
 		}),

src/commands/scanner/rule/remove.ts

@@ -21,6 +21,7 @@ export default class Remove extends ScannerCommand {
 	// This defines the flags accepted by this command. The key is the longname, the char property is the shortname,
 	// and summary and description is what's printed when the -h/--help flag is supplied.
 	public static readonly flags = {
+		...ScannerCommand.flags,
 		verbose: Flags.boolean({
 			summary: getMessage(BundleName.Common, 'flags.verboseSummary')
 		}),

src/lib/ScannerRunCommand.ts

@@ -9,6 +9,7 @@ export abstract class ScannerRunCommand extends ScannerCommand {
 	 * here to avoid duplicate code.
 	 */
 	public static readonly flags = {
+		...ScannerCommand.flags,
 		verbose: Flags.boolean({
 			summary: getMessage(BundleName.Common, 'flags.verboseSummary')
 		}),