{"id":33585400,"url":"https://github.com/salesforcecli/plugin-release-management","last_synced_at":"2026-05-23T11:06:41.970Z","repository":{"id":37980345,"uuid":"308121781","full_name":"salesforcecli/plugin-release-management","owner":"salesforcecli","description":null,"archived":false,"fork":false,"pushed_at":"2026-04-18T03:44:44.000Z","size":9976,"stargazers_count":5,"open_issues_count":6,"forks_count":5,"subscribers_count":4,"default_branch":"main","last_synced_at":"2026-04-18T05:41:22.669Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/salesforcecli.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-10-28T19:34:28.000Z","updated_at":"2026-04-18T03:42:47.000Z","dependencies_parsed_at":"2025-11-30T17:06:17.812Z","dependency_job_id":"ea67ace2-9c20-42f0-a953-09a535a8c1c2","html_url":"https://github.com/salesforcecli/plugin-release-management","commit_stats":{"total_commits":849,"total_committers":23,"mean_commits":36.91304347826087,"dds":0.6643109540636043,"last_synced_commit":"a28c1126f2ea90bcaec3daa43411ac7b585ff01d"},"previous_names":[],"tags_count":660,"template":false,"template_full_name":"salesforcecli/plugin-template","purl":"pkg:github/salesforcecli/plugin-release-management","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforcecli%2Fplugin-release-management","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforcecli%2Fplugin-release-management/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforcecli%2Fplugin-release-management/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforcecli%2Fplugin-release-management/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/salesforcecli","download_url":"https://codeload.github.com/salesforcecli/plugin-release-management/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforcecli%2Fplugin-release-management/sbom","scorecard":{"id":796395,"data":{"date":"2025-08-11","repo":{"name":"github.com/salesforcecli/plugin-release-management","commit":"0ec92289c057a5974be8574073f01ab4761e2dc1"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Code-Review","score":0,"reason":"Found 0/6 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/automerge.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/automerge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-github-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/create-github-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/devScripts.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/devScripts.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/failureNotifications.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/failureNotifications.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/notify-slack-on-pr-open.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/notify-slack-on-pr-open.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/onRelease.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/onRelease.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/onRelease.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/onRelease.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/onRelease.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/onRelease.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforcecli/plugin-release-management/validate-pr.yml/main?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  11 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/automerge.yml:1","Warn: no topLevel permission defined: .github/workflows/create-github-release.yml:1","Warn: no topLevel permission defined: .github/workflows/devScripts.yml:1","Warn: no topLevel permission defined: .github/workflows/failureNotifications.yml:1","Warn: no topLevel permission defined: .github/workflows/notify-slack-on-pr-open.yml:1","Warn: no topLevel permission defined: .github/workflows/onRelease.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Warn: no topLevel permission defined: .github/workflows/validate-pr.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: BSD 3-Clause \"New\" or \"Revised\" License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T09:08:17.806Z","repository_id":37980345,"created_at":"2025-08-23T09:08:17.806Z","updated_at":"2025-08-23T09:08:17.806Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32522252,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-02T01:12:54.858Z","status":"online","status_checked_at":"2026-05-02T02:00:05.923Z","response_time":132,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-11-29T07:03:51.443Z","updated_at":"2026-05-23T11:06:41.960Z","avatar_url":"https://github.com/salesforcecli.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# plugin-release-management\n\n[![NPM](https://img.shields.io/npm/v/@salesforce/plugin-release-management.svg?label=@salesforce/plugin-release-management)](https://www.npmjs.com/package/@salesforce/plugin-release-management) [![Downloads/week](https://img.shields.io/npm/dw/@salesforce/plugin-release-management.svg)](https://npmjs.org/package/@salesforce/plugin-release-management) [![License](https://img.shields.io/badge/License-BSD%203--Clause-brightgreen.svg)](https://raw.githubusercontent.com/salesforcecli/plugin-release-management/main/LICENSE.txt)\n\nPlugin designed to handle all tasks related to signing, releasing, and testing npm packages.\n\n## Releases\n\nThe following steps are automated for package releases\n\n### Version Bump | Prerelease | ChangeLog\n\nThis plugin will not bump your package version for you. Use https://github.com/salesforcecli/github-workflows?tab=readme-ov-file#githubrelease and conventional commit tags to manage that.\n\nIt used to.\n\n### Build\n\nAfter determining the next version, the plugin builds the package using `yarn build`. This means that you must have a `build` script included in the package.json\n\n### Signing\n\nIf you pass the `--sign (-s)` flag into the release command, then the plugin will sign the package and verify that the signature exists in S3.\n\n### Publishing\n\nOnce the package has been built and signed it will be published to npm. The command will not exit until the new version is found on the npm registry.\n\n## Install\n\n```bash\nsfdx plugins:install release-management@x.y.z\n```\n\n## Issues\n\nPlease report any issues at https://github.com/forcedotcom/cli/issues\n\n## Contributing\n\n1. Please read our [Code of Conduct](CODE_OF_CONDUCT.md)\n2. Create a new issue before starting your project so that we can keep track of\n   what you are trying to add/fix. That way, we can also offer suggestions or\n   let you know if there is already an effort in progress.\n3. Fork this repository.\n4. [Build the plugin locally](#build)\n5. Create a _topic_ branch in your fork. Note, this step is recommended but technically not required if contributing using a fork.\n6. Edit the code in your fork.\n7. Write appropriate tests for your changes. Try to achieve at least 95% code coverage on any new code. No pull request will be accepted without unit tests.\n8. Sign CLA (see [CLA](#cla) below).\n9. Send us a pull request when you are done. We'll review your code, suggest any needed changes, and merge it in.\n\n### CLA\n\nExternal contributors will be required to sign a Contributor's License\nAgreement. You can do so by going to https://cla.salesforce.com/sign-cla.\n\n### Build\n\nTo build the plugin locally, make sure to have yarn installed and run the following commands:\n\n```bash\n# Clone the repository\ngit clone git@github.com:salesforcecli/plugin-release-management\n\n# Install the dependencies and compile\nyarn install\nyarn build\n```\n\nTo use your plugin, run using the local `./bin/dev` or `./bin/dev.cmd` file.\n\n```bash\n# Run using local run file.\n./bin/dev npm\n```\n\nThere should be no differences when running via the Salesforce CLI or using the local run file. However, it can be useful to link the plugin to do some additional testing or run your commands from anywhere on your machine.\n\n```bash\n# Link your plugin to the sfdx cli\nsfdx plugins:link .\n# To verify\nsfdx plugins\n```\n\n# Commands\n\n\u003c!-- commands --\u003e\n\n- [`sfdx channel promote`](#sfdx-channel-promote)\n- [`sfdx cli artifacts compare`](#sfdx-cli-artifacts-compare)\n- [`sfdx cli install jit test`](#sfdx-cli-install-jit-test)\n- [`sfdx cli install test`](#sfdx-cli-install-test)\n- [`sfdx cli release automerge`](#sfdx-cli-release-automerge)\n- [`sfdx cli release build`](#sfdx-cli-release-build)\n- [`sfdx cli releasenotes`](#sfdx-cli-releasenotes)\n- [`sfdx cli tarballs prepare`](#sfdx-cli-tarballs-prepare)\n- [`sfdx cli tarballs smoke`](#sfdx-cli-tarballs-smoke)\n- [`sfdx cli tarballs verify`](#sfdx-cli-tarballs-verify)\n- [`sfdx cli versions inspect`](#sfdx-cli-versions-inspect)\n- [`sfdx dependabot automerge`](#sfdx-dependabot-automerge)\n- [`sfdx github check closed`](#sfdx-github-check-closed)\n- [`sfdx npm dependencies pin`](#sfdx-npm-dependencies-pin)\n- [`sfdx npm package release`](#sfdx-npm-package-release)\n- [`sfdx plugins trust verify`](#sfdx-plugins-trust-verify)\n- [`sfdx repositories`](#sfdx-repositories)\n\n## `sfdx channel promote`\n\npromote a s3 channel\n\n```\nUSAGE\n  $ sfdx channel promote -t \u003cvalue\u003e -c sf|sfdx [--json] [--flags-dir \u003cvalue\u003e] [-d] [-C \u003cvalue\u003e] [-p win|macos|deb...]\n    [-s \u003cvalue\u003e] [-m \u003cvalue\u003e] [-i] [-x] [-T linux-x64|linux-arm|win32-x64|win32-x86|darwin-x64...] [-v \u003cvalue\u003e]\n\nFLAGS\n  -C, --promote-from-channel=\u003cvalue\u003e     the channel name that you want to promote\n  -T, --architecture-target=\u003coption\u003e...  comma-separated targets to promote (e.g.: linux-arm,win32-x64)\n                                         \u003coptions: linux-x64|linux-arm|win32-x64|win32-x86|darwin-x64\u003e\n  -c, --cli=\u003coption\u003e                     (required) the cli name to promote\n                                         \u003coptions: sf|sfdx\u003e\n  -d, --dryrun                           If true, only show what would happen\n  -i, --[no-]indexes                     append the promoted urls into the index files\n  -m, --max-age=\u003cvalue\u003e                  [default: 300] cache control max-age in seconds\n  -p, --platform=\u003coption\u003e...             the platform to promote\n                                         \u003coptions: win|macos|deb\u003e\n  -s, --sha=\u003cvalue\u003e                      the short sha to promote\n  -t, --promote-to-channel=\u003cvalue\u003e       (required) [default: stable] the channel name that you are promoting to\n  -v, --version=\u003cvalue\u003e                  the version of the candidate to be promoted, which must exist already in s3.\n                                         Used to fetch the correct sha\n  -x, --[no-]xz                          also upload xz\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  promote a s3 channel\n\n  promote a s3 channel\n\nEXAMPLES\n  $ sfdx channel promote --candidate latest-rc --target latest --platform win --platform mac\n```\n\n_See code: [src/commands/channel/promote.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/channel/promote.ts)_\n\n## `sfdx cli artifacts compare`\n\nLook for breaking changes in artifacts (schemas and snapshots) from plugins. Must be run in CLI directory.\n\n```\nUSAGE\n  $ sfdx cli artifacts compare [--json] [--flags-dir \u003cvalue\u003e] [-p \u003cvalue\u003e...] [-r \u003cvalue\u003e] [-c \u003cvalue\u003e]\n\nFLAGS\n  -c, --current=\u003cvalue\u003e    Current CLI version to compare against. Defaults to the version on the CLI in the current\n                           directory.\n  -p, --plugin=\u003cvalue\u003e...  List of plugins to check for breaking changes.\n  -r, --previous=\u003cvalue\u003e   Previous CLI version to compare against. Defaults to the last published version.\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nEXAMPLES\n  $ sfdx cli artifacts compare\n```\n\n_See code: [src/commands/cli/artifacts/compare.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/artifacts/compare.ts)_\n\n## `sfdx cli install jit test`\n\nTest that all JIT plugins can be successfully installed.\n\n```\nUSAGE\n  $ sfdx cli install jit test [--json] [--flags-dir \u003cvalue\u003e] [-j \u003cvalue\u003e...]\n\nFLAGS\n  -j, --jit-plugin=\u003cvalue\u003e...  JIT plugin(s) to test, example: @salesforce/plugin-community\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nEXAMPLES\n  $ sfdx cli install jit test\n```\n\n_See code: [src/commands/cli/install/jit/test.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/install/jit/test.ts)_\n\n## `sfdx cli install test`\n\ninstall sf or sfdx\n\n```\nUSAGE\n  $ sfdx cli install test -c sf|sfdx -m installer|npm|tarball [--json] [--flags-dir \u003cvalue\u003e] [--channel\n    legacy|stable|stable-rc|latest|latest-rc] [--output-file \u003cvalue\u003e]\n\nFLAGS\n  -c, --cli=\u003coption\u003e         (required) the cli to install\n                             \u003coptions: sf|sfdx\u003e\n  -m, --method=\u003coption\u003e      (required) the installation method to use\n                             \u003coptions: installer|npm|tarball\u003e\n      --channel=\u003coption\u003e     [default: stable] the channel to install from\n                             \u003coptions: legacy|stable|stable-rc|latest|latest-rc\u003e\n      --output-file=\u003cvalue\u003e  [default: test-results.json] the file to write the JSON results to (must be .json)\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  install sf or sfdx\n\n  install sf or sfdx\n\nEXAMPLES\n  $ sfdx cli install test --cli sfdx --method installer\n\n  $ sfdx cli install test --cli sfdx --method npm\n\n  $ sfdx cli install test --cli sfdx --method tarball\n\n  $ sfdx cli install test --cli sf --method tarball\n\n  $ sfdx cli install test --cli sf --method tarball --channel stable-rc\n```\n\n_See code: [src/commands/cli/install/test.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/install/test.ts)_\n\n## `sfdx cli release automerge`\n\nAttempt to automerge nightly PR\n\n```\nUSAGE\n  $ sfdx cli release automerge (--owner \u003cvalue\u003e --repo \u003cvalue\u003e) --pull-number \u003cvalue\u003e [--json] [--flags-dir \u003cvalue\u003e] [-d]\n    [--verbose]\n\nFLAGS\n  -d, --dry-run              Run all checks, but do not merge PR\n      --owner=\u003cvalue\u003e        (required) Github owner (org), example: salesforcecli\n      --pull-number=\u003cvalue\u003e  (required) Github pull request number to merge\n      --repo=\u003cvalue\u003e         (required) Github repo, example: sfdx-cli\n      --verbose              Show additional debug output\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  Attempt to automerge nightly PR\n\n  Attempt to automerge nightly PR\n\nEXAMPLES\n  $ sfdx cli release automerge --owner salesforcecli --repo sfdx-cli --pul-number 1049\n```\n\n_See code: [src/commands/cli/release/automerge.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/release/automerge.ts)_\n\n## `sfdx cli release build`\n\nbuilds a new release from a designated starting point and optionally creates PR in Github\n\n```\nUSAGE\n  $ sfdx cli release build -c \u003cvalue\u003e [--json] [--flags-dir \u003cvalue\u003e] [-d \u003cvalue\u003e] [-g \u003cvalue\u003e] [--build-only]\n    [--resolutions] [--only \u003cvalue\u003e...] [--pinned-deps] [--jit] [--label \u003cvalue\u003e...] [--patch] [--empty]\n    [--pr-base-branch \u003cvalue\u003e]\n\nFLAGS\n  -c, --release-channel=\u003cvalue\u003e          (required) the channel intended for this release, examples: nightly, latest-rc,\n                                         latest, dev, beta, etc...\n  -d, --start-from-npm-dist-tag=\u003cvalue\u003e  the npm dist-tag to start the release from, examples: nightly, latest-rc\n  -g, --start-from-github-ref=\u003cvalue\u003e    a Github ref to start the release from, examples: main, 7.144.0, f476e8e\n      --build-only                       only build the release, do not git add/commit/push\n      --empty                            create an empty release PR for pushing changes to later (version will still be\n                                         bumped)\n      --[no-]jit                         bump the versions of the packages listed in the jitPlugins (just-in-time)\n                                         section\n      --label=\u003cvalue\u003e...                 add one or more labels to the Github PR\n      --only=\u003cvalue\u003e...                  only bump the version of the packages passed in, uses latest if version is not\n                                         provided\n      --patch                            bump the release as a patch of an existing version, not a new minor version\n      --[no-]pinned-deps                 bump the versions of the packages listed in the pinnedDependencies section\n      --pr-base-branch=\u003cvalue\u003e           base branch to create the PR against; if not specified, the build determines\n                                         the branch for you\n      --[no-]resolutions                 bump the versions of packages listed in the resolutions section\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  builds a new release from a designated starting point and optionally creates PR in Github\n\n  builds a new release from a designated starting point and optionally creates PR in Github\n\nALIASES\n  $ sfdx cli latestrc build\n\nEXAMPLES\n  $ sfdx cli release build\n\n  $ sfdx cli release build --patch\n\n  $ sfdx cli release build --start-from-npm-dist-tag latest-rc --patch\n\n  $ sfdx cli release build --start-from-github-ref 7.144.0\n\n  $ sfdx cli release build --start-from-github-ref main\n\n  $ sfdx cli release build --start-from-github-ref f476e8e\n\n  $ sfdx cli release build --start-from-github-ref main --prerelease beta\n\n  $ sfdx cli release build --build-only\n\n  $ sfdx cli release build --only @salesforce/plugin-source,@salesforce/plugin-info@1.2.3\n```\n\n_See code: [src/commands/cli/release/build.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/release/build.ts)_\n\n## `sfdx cli releasenotes`\n\npull all relevant information for writing release notes.\n\n```\nUSAGE\n  $ sfdx cli releasenotes -c sf|sfdx [--json] [--flags-dir \u003cvalue\u003e] [-s \u003cvalue\u003e] [-m]\n\nFLAGS\n  -c, --cli=\u003coption\u003e   (required) the cli to pull information for\n                       \u003coptions: sf|sfdx\u003e\n  -m, --markdown       format the output in markdown\n  -s, --since=\u003cvalue\u003e  the version number of the previous release. Defaults to the latest-rc version on npm\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  pull all relevant information for writing release notes.\n  Requires the GH_TOKEN to be set in the environment.\n\n  pull all relevant information for writing release notes.\n  Requires the GH_TOKEN to be set in the environment.\n\nEXAMPLES\n  $ sfdx cli releasenotes --cli sf\n\n  $ sfdx cli releasenotes --cli sfdx\n\n  $ sfdx cli releasenotes --cli sf --since 1.0.0\n\n  $ sfdx cli releasenotes --cli sfdx --since 7.19.0\n\n  $ sfdx cli releasenotes --cli sf \u003e changes.txt\n\n  $ sfdx cli releasenotes --cli sf --markdown \u003e changes.md\n```\n\n_See code: [src/commands/cli/releasenotes.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/releasenotes.ts)_\n\n## `sfdx cli tarballs prepare`\n\nremove unnecessary files from node_modules\n\n```\nUSAGE\n  $ sfdx cli tarballs prepare [--json] [--flags-dir \u003cvalue\u003e] [-d] [-t] [--verbose]\n\nFLAGS\n  -d, --dryrun   only show what would be removed from node_modules\n  -t, --types    remove all types (.d.ts) files from node_modules\n      --verbose  show all files paths being removed\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  remove unnecessary files from node_modules\n\n  remove unnecessary files from node_modules\n\nEXAMPLES\n  $ sfdx cli tarballs prepare\n```\n\n_See code: [src/commands/cli/tarballs/prepare.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/tarballs/prepare.ts)_\n\n## `sfdx cli tarballs smoke`\n\nsmoke tests for the sf CLI\n\n```\nUSAGE\n  $ sfdx cli tarballs smoke [--json] [--flags-dir \u003cvalue\u003e] [--verbose]\n\nFLAGS\n  --verbose  show the --help output for each command\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  smoke tests for the sf CLI\n  Tests that the CLI and every command can be initialized.\n\n  smoke tests for the sf CLI\n  Tests that the CLI and every command can be initialized.\n\nEXAMPLES\n  $ sfdx cli tarballs smoke\n\n  $ sfdx cli tarballs smoke\n```\n\n_See code: [src/commands/cli/tarballs/smoke.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/tarballs/smoke.ts)_\n\n## `sfdx cli tarballs verify`\n\nverify that tarballs are ready to be uploaded\n\n```\nUSAGE\n  $ sfdx cli tarballs verify [--json] [--flags-dir \u003cvalue\u003e] [-c sf|sfdx] [-w \u003cvalue\u003e]\n\nFLAGS\n  -c, --cli=\u003coption\u003e                     [default: sfdx] the cli to verify\n                                         \u003coptions: sf|sfdx\u003e\n  -w, --windows-username-buffer=\u003cvalue\u003e  [default: 41] the number of characters to allow for windows usernames\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  verify that tarballs are ready to be uploaded\n\n  verify that tarballs are ready to be uploaded\n\nEXAMPLES\n  $ sfdx cli tarballs verify\n\n  $ sfdx cli tarballs verify --cli sfdx\n\n  $ sfdx cli tarballs verify --cli sf\n```\n\n_See code: [src/commands/cli/tarballs/verify.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/tarballs/verify.ts)_\n\n## `sfdx cli versions inspect`\n\ninspect the CLI version across all install paths\n\n```\nUSAGE\n  $ sfdx cli versions inspect -c stable|stable-rc|latest|latest-rc|nightly... -l archive|npm... [--json] [--flags-dir\n    \u003cvalue\u003e] [-d \u003cvalue\u003e...] [-s] [--ignore-missing]\n\nFLAGS\n  -c, --channels=\u003coption\u003e...     (required) the channel you want to inspect (for achives, latest and latest-rc are\n                                 translated to stable and stable-rc. And vice-versa for npm)\n                                 \u003coptions: stable|stable-rc|latest|latest-rc|nightly\u003e\n  -d, --dependencies=\u003cvalue\u003e...  glob pattern of dependencies you want to see the version of\n  -l, --locations=\u003coption\u003e...    (required) the location you want to inspect\n                                 \u003coptions: archive|npm\u003e\n  -s, --salesforce               show versions of salesforce owned dependencies\n      --ignore-missing           skip missing archives. Useful when supporting new architectures in oclif\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  inspect the CLI version across all install paths\n\n  inspect the CLI version across all install paths\n\nEXAMPLES\n  $ sfdx cli versions inspect -l archive -c stable\n\n  $ sfdx cli versions inspect -l archive -c stable-rc\n\n  $ sfdx cli versions inspect -l archive npm -c stable\n\n  $ sfdx cli versions inspect -l archive npm -c latest\n\n  $ sfdx cli versions inspect -l archive npm -c latest latest-rc\n\n  $ sfdx cli versions inspect -l archive npm -c stable stable-rc\n\n  $ sfdx cli versions inspect -l npm -c latest --salesforce\n\n  $ sfdx cli versions inspect -l npm -c latest -d @salesforce/core\n\n  $ sfdx cli versions inspect -l npm -c latest -d @salesforce/\\*\\*/ salesforce-alm\n\n  $ sfdx cli versions inspect -l npm -c latest -d chalk -s\n```\n\n_See code: [src/commands/cli/versions/inspect.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/cli/versions/inspect.ts)_\n\n## `sfdx dependabot automerge`\n\nautomatically merge one green, mergeable PR up to the specified maximum bump type\n\n```\nUSAGE\n  $ sfdx dependabot automerge -m major|minor|patch [--json] [--flags-dir \u003cvalue\u003e] [-o \u003cvalue\u003e -r \u003cvalue\u003e] [-d] [-s]\n    [--merge-method merge|squash|rebase]\n\nFLAGS\n  -d, --dryrun                     only show what would happen if you consolidated dependabot PRs\n  -m, --max-version-bump=\u003coption\u003e  (required) [default: minor] the maximum version bump you want to be included\n                                   \u003coptions: major|minor|patch\u003e\n  -o, --owner=\u003cvalue\u003e              the organization that the repository belongs to. This defaults to the owner specified\n                                   in the package.json\n  -r, --repo=\u003cvalue\u003e               the repository you want to consolidate PRs on. This defaults to the repository\n                                   specified in the package.json\n  -s, --skip-ci                    add [skip ci] to the merge commit title\n      --merge-method=\u003coption\u003e      [default: merge] merge method to use\n                                   \u003coptions: merge|squash|rebase\u003e\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  automatically merge one green, mergeable PR up to the specified maximum bump type\n\n  automatically merge one green, mergeable PR up to the specified maximum bump type\n\nEXAMPLES\n  $ sfdx dependabot automerge --max-version-bump patch\n\n  $ sfdx dependabot automerge --max-version-bump minor\n\n  $ sfdx dependabot automerge --max-version-bump major\n```\n\n_See code: [src/commands/dependabot/automerge.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/dependabot/automerge.ts)_\n\n## `sfdx github check closed`\n\nShow open Github issues with GUS WI\n\n```\nUSAGE\n  $ sfdx github check closed -o \u003cvalue\u003e --github-token \u003cvalue\u003e [--json] [--flags-dir \u003cvalue\u003e]\n\nFLAGS\n  -o, --gus=\u003cvalue\u003e           (required) Username/alias of your GUS org connection\n      --github-token=\u003cvalue\u003e  (required) [env: GITHUB_TOKEN] Github token--store this in the environment as GITHUB_TOKEN\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  Show open Github issues with GUS WI\n\n  Description of a command.\n\nEXAMPLES\n  $ sfdx github check closed -o me@gus.com\n```\n\n_See code: [src/commands/github/check/closed.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/github/check/closed.ts)_\n\n## `sfdx npm dependencies pin`\n\nlock a list of dependencies to a target tag or default to 'latest', place these entries in 'pinnedDependencies' entry in the package.json\n\n```\nUSAGE\n  $ sfdx npm dependencies pin [--json] [--flags-dir \u003cvalue\u003e] [-d] [-t \u003cvalue\u003e]\n\nFLAGS\n  -d, --dryrun       If true, will not make any changes to the package.json\n  -t, --tag=\u003cvalue\u003e  [default: latest] The name of the tag you want, e.g. 'latest-rc', or 'latest'\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  lock a list of dependencies to a target tag or default to 'latest', place these entries in 'pinnedDependencies' entry\n  in the package.json\n\n  lock a list of dependencies to a target tag or default to 'latest', place these entries in 'pinnedDependencies' entry\n  in the package.json\n```\n\n_See code: [src/commands/npm/dependencies/pin.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/npm/dependencies/pin.ts)_\n\n## `sfdx npm package release`\n\npublish npm package\n\n```\nUSAGE\n  $ sfdx npm package release [--json] [--flags-dir \u003cvalue\u003e] [-d] [-s] [-t \u003cvalue\u003e] [-a \u003cvalue\u003e] [--install] [--prerelease\n    \u003cvalue\u003e] [--verify] [--githubtag \u003cvalue\u003e]\n\nFLAGS\n  -a, --npmaccess=\u003cvalue\u003e   [default: public] access level to use when publishing to npm\n  -d, --dryrun              If true, will not commit changes to repo or push any tags\n  -s, --sign                If true, then the package will be signed and the signature will be uploaded to S3\n  -t, --npmtag=\u003cvalue\u003e      [default: latest] tag to use when publishing to npm\n      --githubtag=\u003cvalue\u003e   given a github tag, release the version specified in the package.json as is. Useful when\n                            you've already done a release and only need npm publish features\n      --[no-]install        run yarn install and build on repository\n      --prerelease=\u003cvalue\u003e  determine the next version as \u003cversion\u003e-\u003cprerelease\u003e.0 if version is not manually set\n      --[no-]verify         verify npm registry has new version after publish and digital signature\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  publish npm package\n\n  publish npm package\n```\n\n_See code: [src/commands/npm/package/release.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/npm/package/release.ts)_\n\n## `sfdx plugins trust verify`\n\nValidate a digital signature.\n\n```\nUSAGE\n  $ sfdx plugins trust verify -n \u003cvalue\u003e [--json] [--flags-dir \u003cvalue\u003e] [-r \u003cvalue\u003e]\n\nFLAGS\n  -n, --npm=\u003cvalue\u003e       (required) Specify the npm name. This can include a tag/version.\n  -r, --registry=\u003cvalue\u003e  The registry name. The behavior is the same as npm.\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  Validate a digital signature.\n\n  Verifies the digital signature on an npm package matches the signature and key stored at the expected URLs.\n\nEXAMPLES\n  $ sfdx plugins trust verify --npm @scope/npmName --registry https://npm.pkg.github.com\n\n  $ sfdx plugins trust verify --npm @scope/npmName\n```\n\n_See code: [@salesforce/plugin-trust](https://github.com/salesforcecli/plugin-trust/blob/3.7.89/src/commands/plugins/trust/verify.ts)_\n\n## `sfdx repositories`\n\nlist repositories owned and supported by Salesforce CLI\n\n```\nUSAGE\n  $ sfdx repositories [--json] [--flags-dir \u003cvalue\u003e] [--columns \u003cvalue\u003e | -x] [--filter \u003cvalue\u003e] [--no-header |\n    [--csv | --no-truncate]] [--output csv|json|yaml |  | ] [--sort \u003cvalue\u003e]\n\nFLAGS\n  -x, --extended         Show extra columns.\n      --columns=\u003cvalue\u003e  Only show provided columns (comma-separated).\n      --csv              Output is csv format.\n      --filter=\u003cvalue\u003e   Filter property by partial string matching, ex: name=foo.\n      --no-header        Hide table header from output.\n      --no-truncate      Do not truncate output to fit screen.\n      --output=\u003coption\u003e  Output in a more machine friendly format.\n                         \u003coptions: csv|json|yaml\u003e\n      --sort=\u003cvalue\u003e     Property to sort by (prepend '-' for descending).\n\nGLOBAL FLAGS\n  --flags-dir=\u003cvalue\u003e  Import flag values from a directory.\n  --json               Format output as json.\n\nDESCRIPTION\n  list repositories owned and supported by Salesforce CLI\n  For more information on the list of repositories, visit https://github.com/salesforcecli/status.\n\n  list repositories owned and supported by Salesforce CLI\n  For more information on the list of repositories, visit https://github.com/salesforcecli/status.\n\nEXAMPLES\n  $ sfdx repositories --columns=url --filter='Name=sfdx-core' --no-header | xargs open\n\n  $ sfdx repositories --json | jq -r '.result[] | select(.name==\"sfdx-core\") | .packages[] | .url\n```\n\n_See code: [src/commands/repositories/index.ts](https://github.com/salesforcecli/plugin-release-management/blob/5.8.26/src/commands/repositories/index.ts)_\n\n\u003c!-- commandsstop --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsalesforcecli%2Fplugin-release-management","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsalesforcecli%2Fplugin-release-management","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsalesforcecli%2Fplugin-release-management/lists"}