@salesforce/b2c-cli — Greenflagged

A Salesforce B2C Commerce CLI

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

ire-npm-team-userjimjagsalesforce-releasesjasonschroeder-sfdcmobifylwc-adminsalesforce-admin

Keywords

salesforcecommerce-cloudsfccb2ccliecommercedeveloper-toolsdeploymentwebdavoclif

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): Transition to GitHub Actions publisher with SLSA attestation is the expected CI/CD pattern for this Salesforce org package.	ai	2026/04/27
source-diff	large-new-source-files	AI (source-diff): Salesforce org CLI with SLSA provenance; large file count reflects legitimate feature expansion across versions.	ai	2026/04/27
publish-pattern	new-deps-added	AI (publish-pattern): @inquirer/prompts is a well-established interactive prompt library; not a suspicious dependency.	ai	2026/04/27
phantom-deps	phantom-dep:@oclif/plugin-not-found	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25
phantom-deps	phantom-dep:@oclif/plugin-help	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25
phantom-deps	phantom-dep:@oclif/plugin-warn-if-update-available	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25
phantom-deps	phantom-dep:@oclif/plugin-autocomplete	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25
phantom-deps	phantom-dep:@oclif/plugin-plugins	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25
phantom-deps	phantom-dep:@oclif/plugin-version	AI (phantom-deps): oclif plugins are loaded via oclif config array, not direct imports. This is standard oclif CLI architecture and not a real phantom dependency issue.	ai	2026/04/25

Versions (showing 46 of 46)

Version	Deps	Published
1.12.1	14 / 23	2026-05-29
1.12.0	14 / 23	2026-05-26
1.11.0	14 / 23	2026-05-20
1.10.0	14 / 23	2026-05-13
1.9.0	14 / 23	2026-05-08
1.8.1	14 / 23	2026-04-25
1.8.0	14 / 23	2026-04-24
1.7.1	14 / 23	2026-04-23
1.7.0	14 / 23	2026-04-22
1.6.0	14 / 23	2026-04-22
1.5.0	14 / 23	2026-04-21
1.4.0	14 / 23	2026-04-17
1.3.2	14 / 23	2026-04-14
1.3.1	14 / 23	2026-04-14
1.3.0	14 / 23	2026-04-13
1.2.0	14 / 23	2026-04-09
1.1.0	14 / 23	2026-04-06
1.0.1	14 / 23	2026-04-01
1.0.0	14 / 23	2026-03-30
0.10.1	14 / 23	2026-03-24
0.10.0	14 / 23	2026-03-22
0.9.0	14 / 23	2026-03-19
0.8.0	14 / 23	2026-03-18
0.7.4	14 / 23	2026-03-16
0.7.3	14 / 23	2026-03-13
0.7.2	14 / 23	2026-03-13
0.7.1	14 / 23	2026-03-11
0.7.0	14 / 23	2026-03-10
0.6.0	14 / 23	2026-03-09
0.5.6	14 / 23	2026-03-05
0.5.5	14 / 23	2026-03-02
0.5.4	14 / 23	2026-02-25
0.5.3	14 / 23	2026-02-25
0.5.2	14 / 23	2026-02-24
0.5.1	14 / 23	2026-02-24
0.5.0	14 / 23	2026-02-24
0.4.1	14 / 23	2026-02-13
0.4.0	14 / 23	2026-02-12
0.3.0	12 / 22	2026-01-30
0.2.1	12 / 22	2026-01-26
0.2.0	12 / 22	2026-01-22
0.1.0	11 / 21	2026-01-19
0.0.8	11 / 21	2026-01-16
0.0.7	11 / 21	2026-01-16
0.0.5	11 / 21	2026-01-16
0.0.1	0 / 0	2026-01-16