fix: replace request with got for HTTP calls

command-snapshot.json

@@ -1,12 +1,7 @@
 [
-    {
-        "command": "plugins:trust:verify",
-        "plugin": "@salesforce/plugin-trust",
-        "flags": [
-            "json",
-            "loglevel",
-            "npm",
-            "registry"
-        ]
-    }
-]
+  {
+    "command": "plugins:trust:verify",
+    "plugin": "@salesforce/plugin-trust",
+    "flags": ["json", "loglevel", "npm", "registry"]
+  }
+]

package.json

@@ -12,6 +12,9 @@
     "@oclif/core": "^1.6.3",
     "@salesforce/command": "^5.0.4",
     "@salesforce/core": "^3.10.1",
+    "got": "^11",
+    "proxy-agent": "^5.0.0",
+    "proxy-from-env": "^1.1.0",
     "npm": "^8.12.1",
     "npm-run-path": "^4.0.1",
     "shelljs": "^0.8.4",
@@ -27,6 +30,7 @@
     "@salesforce/ts-sinon": "1.3.21",
     "@types/shelljs": "^0.8.9",
     "@types/sinon-chai": "^3.2.5",
+    "@types/proxy-from-env": "^1.0.1",
     "@typescript-eslint/eslint-plugin": "^4.2.0",
     "@typescript-eslint/parser": "^4.2.0",
     "chai": "^4.2.0",

src/shared/installationVerification.ts

@@ -18,14 +18,15 @@ import * as crypto from 'crypto';
 import * as fs from 'fs';
 import { mkdir } from 'fs/promises';
 import { Logger, SfError } from '@salesforce/core';
-import * as request from 'request';
+import got from 'got';
+import * as ProxyAgent from 'proxy-agent';
+import { getProxyForUrl } from 'proxy-from-env';
 import { NpmModule, NpmMeta } from '../shared/npmCommand';
 import { NpmName } from './NpmName';
 
 const CRYPTO_LEVEL = 'RSA-SHA256';
 export const ALLOW_LIST_FILENAME = 'unsignedPluginAllowList.json';
 export const DEFAULT_REGISTRY = 'https://registry.npmjs.org/';
-export type IRequest = (url: string, cb?: request.RequestCallback) => void;
 
 export interface ConfigContext {
   configDir?: string;
@@ -149,9 +150,6 @@ export class InstallationVerification implements Verifier {
   // config derived from the cli environment
   private config: ConfigContext;
 
-  // Reference for the http client;
-  private readonly requestImpl: IRequest;
-
   // Reference for fs
   private fsImpl;
 
@@ -160,9 +158,8 @@ export class InstallationVerification implements Verifier {
 
   private logger: Logger;
 
-  public constructor(requestImpl?: IRequest, fsImpl?: unknown) {
+  public constructor(fsImpl?: unknown) {
     // why? dependency injection is better than sinon
-    this.requestImpl = requestImpl ? requestImpl : request;
     this.fsImpl = fsImpl ? fsImpl : fs;
     this.readFileAsync = utilPromisify(this.fsImpl.readFile);
     this.unlinkAsync = utilPromisify(this.fsImpl.unlink);
@@ -272,36 +269,16 @@ export class InstallationVerification implements Verifier {
    *
    * @param url host url.
    */
-  public getSigningContent(url: string): Promise<Readable> {
-    return new Promise((resolve, reject) => {
-      this.requestImpl(url, (err: Error, response: request.RequestResponse, responseData) => {
-        if (err) {
-          return reject(err);
-        } else {
-          if (response && response.statusCode === 200) {
-            // The verification api expects a readable
-            return resolve(
-              new Readable({
-                read(): void {
-                  this.push(responseData);
-                  this.push(null);
-                },
-              })
-            );
-          } else {
-            return reject(
-              new SfError(
-                `A request to url ${url} failed with error code: [${
-                  // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
-                  (response as { statusCode: string }) ? response.statusCode : 'undefined'
-                }]`,
-                'ErrorGettingContent'
-              )
-            );
-          }
-        }
-      });
+  public async getSigningContent(url: string): Promise<Readable> {
+    const res = await got.get({
+      url,
+      timeout: { request: 10000 },
+      agent: { https: ProxyAgent(getProxyForUrl(url)) },
     });
+    if (res.statusCode !== 200) {
+      throw new SfError(`A request to url ${url} failed with error code: [${res.statusCode}]`, 'ErrorGettingContent');
+    }
+    return Readable.from(Buffer.from(res.body));
   }
 
   /**