Merge pull request #1223 from jamessimone/main

feat: adds allow-list commands

Author: jfeingold35

.gitignore

@@ -9,7 +9,8 @@ package-lock.json
 # debug logs
 npm-error.log
 yarn-error.log
-
+stderr*.txt
+stdout*.txt
 
 # compile source
 lib

.mocharc.json

@@ -1,16 +1,10 @@
 {
-  "require": [
-    "ts-node/register"
-  ],
-  "watch-extensions": "ts",
-  "watch-files": [
-    "src",
-    "test"
-  ],
+  "forbid-only": true,
+  "node-option": ["loader=ts-node/esm"],
   "recursive": true,
   "reporter": "spec",
+  "require": ["ts-node/register"],
   "timeout": 10000,
-  "node-option": [
-    "loader=ts-node/esm"
-  ]
-}
+  "watch-extensions": "ts",
+  "watch-files": ["src", "test"]
+}

COMMANDS.md

@@ -1,10 +1,13 @@
 ## Commands
 
-validate a digital signature for a npm package
+validate a digital signature for a npm package and interact with the allowlist for unsigned packages
 
-- [`sfdx plugins:trust:verify -n <string> [-r <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`]
+- [`sf plugins trust verify`](#sf-plugins-trust-verify)
+- [`sf plugins trust allowlist add`](#sf-plugins-trust-allowlist-add)
+- [`sf plugins trust allowlist list`](#sf-plugins-trust-allowlist-list)
+- [`sf plugins trust allowlist remove`](#sf-plugins-trust-allowlist-remove)
 
-## `sfdx plugins:trust:verify -n <string> [-r <string>] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`
+## `sf plugins trust verify`
 
 ```USAGE
   $ sfdx plugins:trust:verify -n <string> [-r <string>] [--json] [--loglevel
@@ -28,3 +31,80 @@ EXAMPLES
   sfdx plugins:trust:verify --npm @scope/npmName --registry https://npm.pkg.github.com
   sfdx plugins:trust:verify --npm @scope/npmName
 ```
+
+## `sf plugins trust allowlist add`
+
+Add plugins to the unsigned plugin allow list.
+
+```
+USAGE
+  $ sf plugins trust allowlist add -n <value>... [--json] [--flags-dir <value>]
+
+FLAGS
+  -n, --name=<value>...  The npm name of the plugin to add to the allow list. Multiple names can be added in one
+                         invocation by repeating the --name flag.
+
+GLOBAL FLAGS
+  --flags-dir=<value>  Import flag values from a directory.
+  --json               Format output as json.
+
+DESCRIPTION
+  Add plugins to the unsigned plugin allow list.
+
+  Adds one or more plugins to the unsignedPluginAllowList.json file, creating the file if it doesn't exist. Plugins
+  already present in the allow list are skipped.
+
+EXAMPLES
+  sf plugins trust allowlist add --name @scope/my-plugin
+
+  sf plugins trust allowlist add --name @scope/my-plugin --name another-plugin
+```
+
+## `sf plugins trust allowlist list`
+
+List the plugins on the unsigned plugin allowlist.
+
+```
+USAGE
+  $ sf plugins trust allowlist list [--json] [--flags-dir <value>]
+
+GLOBAL FLAGS
+  --flags-dir=<value>  Import flag values from a directory.
+  --json               Format output as json.
+
+DESCRIPTION
+  List the plugins on the unsigned plugin allowlist.
+
+  Prints the contents of the unsignedPluginAllowList.json file as a table.
+
+EXAMPLES
+  sf plugins trust allowlist list
+```
+
+## `sf plugins trust allowlist remove`
+
+Remove plugins from the unsigned plugin allowlist.
+
+```
+USAGE
+  $ sf plugins trust allowlist remove -n <value>... [--json] [--flags-dir <value>]
+
+FLAGS
+  -n, --name=<value>...  The npm name of the plugin to remove from the allowlist. Multiple names can be removed in one
+                         invocation by repeating the --name flag.
+
+GLOBAL FLAGS
+  --flags-dir=<value>  Import flag values from a directory.
+  --json               Format output as json.
+
+DESCRIPTION
+  Remove plugins from the unsigned plugin allowlist.
+
+  Removes one or more plugins from the unsignedPluginAllowList.json file. Plugins not present in the allowlist are
+  skipped.
+
+EXAMPLES
+  sf plugins trust allowlist remove --name @scope/my-plugin
+
+  sf plugins trust allowlist remove --name @scope/my-plugin --name another-plugin
+```

command-snapshot.json

@@ -7,6 +7,30 @@
     "flags": ["flags-dir", "json"],
     "plugin": "@salesforce/plugin-trust"
   },
+  {
+    "alias": [],
+    "command": "plugins:trust:allowlist:add",
+    "flagAliases": [],
+    "flagChars": ["n"],
+    "flags": ["flags-dir", "json", "name"],
+    "plugin": "@salesforce/plugin-trust"
+  },
+  {
+    "alias": [],
+    "command": "plugins:trust:allowlist:list",
+    "flagAliases": [],
+    "flagChars": [],
+    "flags": ["flags-dir", "json"],
+    "plugin": "@salesforce/plugin-trust"
+  },
+  {
+    "alias": [],
+    "command": "plugins:trust:allowlist:remove",
+    "flagAliases": [],
+    "flagChars": ["n"],
+    "flags": ["flags-dir", "json", "name"],
+    "plugin": "@salesforce/plugin-trust"
+  },
   {
     "alias": [],
     "command": "plugins:trust:verify",

messages/allowlist.add.md

@@ -0,0 +1,23 @@
+# summary
+
+Add plugins to the plugin allowlist.
+
+# description
+
+The plugin allowlist lets users automatically install a plugin without being prompted, even when the plugin is unsigned.
+
+This command adds one or more plugins to the `unsignedPluginAllowList.json` file, creating the file if it doesn't exist. Plugins already present in the allowlist are skipped.
+
+# examples
+
+- Add a single plugin to the allowlist:
+
+  <%= config.bin %> <%= command.id %> --name @scope/my-plugin
+
+- Add multiple plugins to the allowlist:
+
+  <%= config.bin %> <%= command.id %> --name @scope/my-plugin --name another-plugin
+
+# flags.name.summary
+
+The npm name of the plugin to add to the allowlist. Add multiple plugins by specifying the `--name` flag multiple times.

messages/allowlist.list.md

@@ -0,0 +1,19 @@
+# summary
+
+List the plugins on the plugin allowlist.
+
+# description
+
+The plugin allowlist lets users automatically install a plugin without being prompted, even when the plugin is unsigned.
+
+This command prints the contents of the `unsignedPluginAllowList.json` file as a table.
+
+# examples
+
+- List all plugins on the allowlist:
+
+  <%= config.bin %> <%= command.id %>
+
+# NoPluginsAllowListed
+
+No plugins are currently on the allowlist.

messages/allowlist.remove.md

@@ -0,0 +1,23 @@
+# summary
+
+Remove plugins from the plugin allowlist.
+
+# description
+
+The plugin allowlist lets users automatically install a plugin without being prompted, even when the plugin is unsigned.
+
+This command removes one or more plugins from the `unsignedPluginAllowList.json` file. Plugins not present in the allowlist are skipped.
+
+# examples
+
+- Remove a single plugin from the allowlist:
+
+  <%= config.bin %> <%= command.id %> --name @scope/my-plugin
+
+- Remove multiple plugins from the allowlist:
+
+  <%= config.bin %> <%= command.id %> --name @scope/my-plugin --name another-plugin
+
+# flags.name.summary
+
+The npm name of the plugin to remove from the allowlist. Remove multiple plugins by specifying the `--name` flag multiple times.

package.json

@@ -77,7 +77,23 @@
         "description": "list installed plugins",
         "subtopics": {
           "trust": {
-            "description": "validate a digital signature for a npm package"
+            "description": "validate a digital signature for a npm package",
+            "subtopics": {
+              "allowlist": {
+                "description": "manage the unsigned plugin allowlist",
+                "subtopics": {
+                  "add": {
+                    "description": "adds to the allowlist"
+                  },
+                  "remove": {
+                    "description": "removes from the allowlist"
+                  },
+                  "list": {
+                    "description": "lists plugins in the allowlist"
+                  }
+                }
+              }
+            }
           }
         }
       }

src/commands/plugins/trust/allowlist/add.ts

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2026, Salesforce, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { SfCommand, Flags } from '@salesforce/sf-plugins-core';
+import { Messages } from '@salesforce/core';
+
+import { AllowList, type AllowListResult } from '../../../../shared/allowlist.js';
+
+Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
+const messages = Messages.loadMessages('@salesforce/plugin-trust', 'allowlist.add');
+
+export class AllowListAdd extends SfCommand<AllowListResult> {
+  public static readonly summary = messages.getMessage('summary');
+  public static readonly description = messages.getMessage('description');
+  public static readonly examples = messages.getMessages('examples');
+
+  public static readonly flags = {
+    name: Flags.string({
+      char: 'n',
+      summary: messages.getMessage('flags.name.summary'),
+      required: true,
+      multiple: true,
+    }),
+  };
+
+  public async run(): Promise<AllowListResult> {
+    const { flags } = await this.parse(AllowListAdd);
+    const allowList = new AllowList(this.config.configDir);
+    const existingAllowList = await allowList.get();
+    const results: AllowListResult = [];
+    const addedPlugins: string[] = [];
+
+    for (const name of flags.name) {
+      const shouldAddPlugin = !existingAllowList.includes(name);
+      if (shouldAddPlugin) {
+        addedPlugins.push(name);
+        results.push({ Plugin: name, Status: 'added' });
+      } else {
+        results.push({ Plugin: name, Status: 'skipped', Reason: 'already within allowlist' });
+      }
+    }
+
+    if (addedPlugins.length > 0) {
+      await allowList.save([...existingAllowList, ...addedPlugins]);
+    }
+
+    this.table({
+      data: results,
+    });
+
+    return results;
+  }
+}

src/commands/plugins/trust/allowlist/list.ts

@@ -0,0 +1,46 @@
+/*
+ * Copyright 2026, Salesforce, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { SfCommand } from '@salesforce/sf-plugins-core';
+import { Messages } from '@salesforce/core';
+
+import { AllowList, type AllowListResult } from '../../../../shared/allowlist.js';
+
+Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
+const messages = Messages.loadMessages('@salesforce/plugin-trust', 'allowlist.list');
+
+export class AllowListList extends SfCommand<AllowListResult> {
+  public static readonly summary = messages.getMessage('summary');
+  public static readonly description = messages.getMessage('description');
+  public static readonly examples = messages.getMessages('examples');
+
+  public async run(): Promise<AllowListResult> {
+    const existingAllowList = await new AllowList(this.config.configDir).get();
+
+    if (existingAllowList.length === 0) {
+      this.log(messages.getMessage('NoPluginsAllowListed'));
+      return [];
+    }
+
+    const results: AllowListResult = existingAllowList.map((plugin) => ({ Plugin: plugin }));
+
+    this.table({
+      data: results,
+    });
+
+    return results;
+  }
+}