Generated on May 22, 2024 via pnpm

Npm

Home

@salesforce/source-deploy-retrieve 7.15.1

JavaScript library to run Salesforce metadata deploys and retrieves

Salesforce

SalesforceDX

metadata

deploy

retrieve

Package summary

issues

licenses

Package created

2 Apr 2020

Version published

9 Apr 2023

Maintainers

Total deps

290

Direct deps

License

BSD-3-Clause

Issues

4 critical severity issues

critical

vm2@3.9.19

vm2 Sandbox Escape vulnerability

Recommendation: None

via: proxy-agent@5.0.0

vm2@3.9.19

vm2 Sandbox Escape vulnerability

Recommendation: None

via: proxy-agent@5.0.0

buffers@0.1.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: unzipper@0.10.11

dtrace-provider@0.6.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: @salesforce/core@3.36.2

Collapse

Expand

5 high severity issues

high

chainsaw@0.1.0

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: unzipper@0.10.11

traverse@0.3.9

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: unzipper@0.10.11

core-js-pure@3.37.1

Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""

via: @salesforce/core@3.36.2

core-js@3.37.1

Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""

via: @salesforce/core@3.36.2

dtrace-provider@0.6.0

Package uses install script: "node scripts/install.js"

via: @salesforce/core@3.36.2

Collapse

Expand

2 low severity issues

low

chainsaw@0.1.0

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: unzipper@0.10.11

traverse@0.3.9

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: unzipper@0.10.11

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

230 Packages, Including:

@babel/runtime-corejs3@7.24.5

@babel/runtime@7.24.5

@salesforce/bunyan@2.0.0

@sindresorhus/is@4.6.0

@szmarczak/http-timer@4.0.6

@tootallnate/once@1.1.2

@types/cacheable-request@6.0.3

@types/http-cache-semantics@4.0.4

@types/keyv@3.1.4

@types/node@12.20.55

@types/node@20.12.12

@types/responselike@1.0.3

@types/semver@7.5.8

abort-controller@3.0.0

acorn-walk@8.3.2

acorn@8.11.3

agent-base@6.0.2

ajv@8.13.0

ansi-escapes@4.3.2

ansi-regex@5.0.1

ansi-styles@4.3.0

archiver-utils@2.1.0

archiver-utils@3.0.4

archiver@5.3.2

asap@2.0.6

ast-types@0.13.4

async@3.2.5

asynckit@0.4.0

balanced-match@1.0.2

base64-js@1.5.1

base64url@3.0.1

binary@0.3.0

bl@4.1.0

bluebird@3.4.7

brace-expansion@1.1.11

brace-expansion@2.0.1

buffer-crc32@0.2.13

buffer-indexof-polyfill@1.0.2

buffer@5.7.1

bytes@3.1.2

cacheable-lookup@5.0.4

cacheable-request@7.0.4

camel-case@4.1.2

capital-case@1.0.4

chalk@4.1.2

change-case@4.1.2

chardet@0.7.0

cli-cursor@3.1.0

clone-response@1.0.3

color-convert@2.0.1

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

23 Packages, Including:

@salesforce/schemas@1.9.0

cli-width@3.0.0

fs.realpath@1.0.0

fstream@1.0.12

glob@6.0.4

glob@7.2.3

graceful-fs@4.2.11

inflight@1.0.6

inherits@2.0.4

listenercount@1.0.1

lru-cache@5.1.1

minimatch@3.1.2

minimatch@5.1.6

mute-stream@0.0.8

once@1.4.0

rimraf@2.4.5

rimraf@2.7.1

sax@1.3.0

semver@7.6.2

setprototypeof@1.2.0

signal-exit@3.0.7

wrappy@1.0.2

yallist@3.1.1

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

11 Packages, Including:

@salesforce/core@3.36.2

@salesforce/kit@1.9.2

@salesforce/source-deploy-retrieve@7.15.1

@salesforce/ts-types@1.7.3

buffer-equal-constant-time@1.0.1

duplexer2@0.1.4

ieee754@1.2.1

shelljs@0.8.5

source-map@0.6.1

sprintf-js@1.1.3

tough-cookie@4.1.4

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

11 Packages, Including:

crc-32@1.2.2

ecdsa-sig-formatter@1.0.11

faye-websocket@0.11.4

faye@1.4.0

js2xmlparser@4.0.2

readdir-glob@1.1.3

rxjs@6.6.7

tunnel-agent@0.6.0

websocket-driver@0.7.4

websocket-extensions@0.1.4

xmlcreate@2.0.4

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

7 Packages, Including:

escodegen@1.14.3

esprima@4.0.1

estraverse@4.3.0

esutils@2.0.3

http-cache-semantics@4.1.1

uri-js@4.4.1

webidl-conversions@3.0.1

N/A

2 Packages, Including:

buffers@0.1.1

dtrace-provider@0.6.0

MIT/X11

Invalid

Not OSI Approved

2 Packages, Including:

chainsaw@0.1.0

traverse@0.3.9

BSD Zero Clause License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

include-copyright

include-license

include-original

Cannot

hold-liable

Must

2 Packages, Including:

tslib@1.14.1

tslib@2.6.2

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

1 Packages, Including:

big-integer@1.6.52

(MIT OR CC0-1.0)

Public Domain

1 Packages, Including:

type-fest@0.21.3

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of @salesforce/source-deploy-retrieve 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
@salesforce/core	3.36.2	232.33 kB	BSD-3-Clause	prod	1 3
@salesforce/kit	1.9.2	29.94 kB	BSD-3-Clause	prod
@salesforce/ts-types	1.7.3	24.61 kB	BSD-3-Clause	prod
archiver	5.3.2	13.02 kB	MIT	prod
fast-xml-parser	4.4.0	164.89 kB	MIT	prod
got	11.8.6	66.14 kB	MIT	prod
graceful-fs	4.2.11	9.57 kB	ISC	prod optional
ignore	5.3.1	14.1 kB	MIT	prod
mime	2.6.0	18.29 kB	MIT	prod
minimatch	5.1.6	12.81 kB	ISC	prod
proxy-agent	5.0.0	7.47 kB	MIT	prod	2
proxy-from-env	1.1.0	7.59 kB	MIT	prod
unzipper	0.10.11	14.26 kB	MIT	prod	1 2 2