fix: bump proxy-agent to new major version (#500)

* fix: bump proxy-agent to new major version

* fix: add more expectations to nut

* fix: use sf cli config

* refactor: functions over methods

---------

Co-authored-by: mshanemc <[email protected]>

command-snapshot.json

@@ -3,6 +3,8 @@
     "command": "plugins:trust:verify",
     "plugin": "@salesforce/plugin-trust",
     "flags": ["json", "loglevel", "npm", "registry"],
-    "alias": []
+    "alias": [],
+    "flagChars": ["n", "r"],
+    "flagAliases": []
   }
 ]

package.json

@@ -12,26 +12,24 @@
     "@oclif/core": "^2.8.2",
     "@salesforce/core": "^4.0.1",
     "@salesforce/plugin-telemetry": "^2.2.0",
-    "@salesforce/sf-plugins-core": "^2.4.2",
+    "@salesforce/sf-plugins-core": "^3.0.2",
     "@salesforce/telemetry": "^3.2.29",
     "got": "^11",
     "npm": "^8.19.4",
     "npm-run-path": "^4.0.1",
-    "proxy-agent": "^5.0.0",
-    "proxy-from-env": "^1.1.0",
+    "proxy-agent": "^6.2.1",
     "shelljs": "^0.8.4",
     "tslib": "^2"
   },
   "devDependencies": {
-    "@oclif/plugin-command-snapshot": "^3.3.13",
-    "@salesforce/cli-plugins-testkit": "^3.3.5",
+    "@oclif/plugin-command-snapshot": "^4.0.2",
+    "@salesforce/cli-plugins-testkit": "^4.0.1",
     "@salesforce/dev-config": "^4.0.1",
     "@salesforce/dev-scripts": "^5.2.0",
-    "@salesforce/plugin-command-reference": "^2.4.1",
+    "@salesforce/plugin-command-reference": "^3.0.2",
     "@salesforce/prettier-config": "^0.0.3",
     "@salesforce/ts-sinon": "^1.4.6",
-    "@swc/core": "^1.3.39",
-    "@types/proxy-from-env": "^1.0.1",
+    "@swc/core": "1.3.39",
     "@types/shelljs": "^0.8.9",
     "@types/sinon-chai": "^3.2.9",
     "@typescript-eslint/eslint-plugin": "^5.59.6",
@@ -45,7 +43,7 @@
     "eslint-plugin-header": "^3.1.1",
     "eslint-plugin-import": "2.27.5",
     "eslint-plugin-jsdoc": "^43.0.5",
-    "eslint-plugin-sf-plugin": "^1.15.5",
+    "eslint-plugin-sf-plugin": "^1.15.6",
     "husky": "^7.0.4",
     "mocha": "^9.1.3",
     "nyc": "^15.1.0",

src/shared/installationVerification.ts

@@ -13,8 +13,7 @@ import * as fs from 'fs';
 import { mkdir } from 'fs/promises';
 import { Logger, SfError } from '@salesforce/core';
 import got from 'got';
-import * as ProxyAgent from 'proxy-agent';
-import { getProxyForUrl } from 'proxy-from-env';
+import { ProxyAgent } from 'proxy-agent';
 import { Prompter } from '@salesforce/sf-plugins-core';
 import { ux } from '@oclif/core';
 import { NpmModule, NpmMeta } from '../shared/npmCommand';
@@ -215,8 +214,8 @@ export class InstallationVerification implements Verifier {
     logger.debug(`verify | npmMeta.publicKeyUrl: ${npmMeta.publicKeyUrl}`);
 
     const [signatureStream, publicKeyStream] = await Promise.all([
-      this.getSigningContent(npmMeta.signatureUrl),
-      this.getSigningContent(npmMeta.publicKeyUrl),
+      getSigningContent(npmMeta.signatureUrl),
+      getSigningContent(npmMeta.publicKeyUrl),
     ]);
     const info = new CodeVerifierInfo();
     info.dataToVerify = fs.createReadStream(npmMeta.tarballLocalPath, { encoding: 'binary' });
@@ -252,25 +251,6 @@ export class InstallationVerification implements Verifier {
     }
   }
 
-  /**
-   * Retrieve url content for a host
-   *
-   * @param url host url.
-   */
-  // left to preserve public API
-  // eslint-disable-next-line class-methods-use-this
-  public async getSigningContent(url: string): Promise<Readable> {
-    const res = await got.get({
-      url,
-      timeout: { request: 10000 },
-      agent: { https: ProxyAgent(getProxyForUrl(url)) },
-    });
-    if (res.statusCode !== 200) {
-      throw new SfError(`A request to url ${url} failed with error code: [${res.statusCode}]`, 'ErrorGettingContent');
-    }
-    return Readable.from(Buffer.from(res.body));
-  }
-
   /**
    * Downloads the tgz file content and stores it in a cache folder
    */
@@ -506,3 +486,20 @@ export async function doInstallationCodeSigningVerification(
     }
   }
 }
+
+/**
+ * Retrieve url content for a host
+ *
+ * @param url host url.
+ */
+const getSigningContent = async (url: string): Promise<Readable> => {
+  const res = await got.get({
+    url,
+    timeout: { request: 10000 },
+    agent: { https: new ProxyAgent() },
+  });
+  if (res.statusCode !== 200) {
+    throw new SfError(`A request to url ${url} failed with error code: [${res.statusCode}]`, 'ErrorGettingContent');
+  }
+  return Readable.from(Buffer.from(res.body));
+};

test/nuts/plugin-install.nut.ts

@@ -16,15 +16,16 @@ describe('plugins:install commands', () => {
   const UNSIGNED_MODULE_NAME = '@mshanemc/plugin-streaming';
   const UNSIGNED_MODULE_NAME2 = '@mshanemc/sfdx-sosl';
   let session: TestSession;
+  let configDir: string;
 
   before(async () => {
     session = await TestSession.create({ devhubAuthStrategy: 'NONE' });
-    await fs.promises.mkdir(path.join(session.homeDir, '.sfdx'), { recursive: true });
+    await fs.promises.mkdir(path.join(session.homeDir, '.sf'), { recursive: true });
 
     const fileData: string = JSON.stringify({ acknowledged: true }, null, 2);
-    await fs.promises.writeFile(path.join(session.homeDir, '.sfdx', 'acknowledgedUsageCollection.json'), fileData);
+    await fs.promises.writeFile(path.join(session.homeDir, '.sf', 'acknowledgedUsageCollection.json'), fileData);
 
-    const configDir = path.join(session.homeDir, '.config', 'sfdx');
+    configDir = path.join(session.homeDir, '.config', 'sf');
     await fs.promises.mkdir(configDir, { recursive: true });
 
     const unsignedMod: string = JSON.stringify([UNSIGNED_MODULE_NAME2], null, 2);
@@ -34,7 +35,7 @@ describe('plugins:install commands', () => {
     execCmd('plugins:link .', {
       cwd: path.dirname(session.dir),
       ensureExitCode: 0,
-      cli: 'sfdx',
+      cli: 'sf',
     });
   });
 
@@ -50,7 +51,7 @@ describe('plugins:install commands', () => {
   it('plugins:install signed plugin', () => {
     const result = execCmd(`plugins:install ${SIGNED_MODULE_NAME}`, {
       ensureExitCode: 0,
-      cli: 'sfdx',
+      cli: 'sf',
     });
     expect(result.shellOutput.stdout).to.contain(`Successfully validated digital signature for ${SIGNED_MODULE_NAME}`);
   });
@@ -61,7 +62,7 @@ describe('plugins:install commands', () => {
       { 'Continue installation': Interaction.No },
       {
         ensureExitCode: 2, // code 2 is the output code for the NO answer
-        cli: 'sfdx',
+        cli: 'sf',
       }
     );
 
@@ -76,7 +77,7 @@ describe('plugins:install commands', () => {
       { 'Continue installation': Interaction.Yes },
       {
         ensureExitCode: 0,
-        cli: 'sfdx',
+        cli: 'sf',
       }
     );
     expect(result.stdout).to.contain('This plugin is not digitally signed and its authenticity cannot be verified.');
@@ -87,10 +88,11 @@ describe('plugins:install commands', () => {
   // yes, macos.  oclif sometimes uses XDG, which also exists on gha's ubuntu and windows runners, but isn't handled by testkit
   // see https://salesforce-internal.slack.com/archives/G02K6C90RBJ/p1669664263661369
   (os.platform() === 'darwin' ? it : it.skip)('plugins:install unsigned plugin in the allow list', () => {
-    expect(fs.existsSync(path.join(session.homeDir, '.config', 'sfdx'))).to.be.true;
+    expect(fs.existsSync(configDir)).to.be.true;
+    expect(fs.existsSync(path.join(configDir, 'unsignedPluginAllowList.json'))).to.be.true;
     const result = execCmd(`plugins:install ${UNSIGNED_MODULE_NAME2}`, {
       ensureExitCode: 0,
-      cli: 'sfdx',
+      cli: 'sf',
     });
     expect(result.shellOutput.stdout).to.contain(
       `The plugin [${UNSIGNED_MODULE_NAME2}] is not digitally signed but it is allow-listed.`