@oclif/plugin-warn-if-update-available

warns if there is a newer version of CLI released

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

mdonnalleysalesforce-releases

Keywords

oclif-plugin

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:child-process-spawn	AI (semgrep): spawn() is used to run the local Node.js get_version script in the background for update checks — core, documented functionality of this oclif plugin.	ai	2026/04/24
phantom-deps	phantom-dep:@oclif/command	AI (phantom-deps): @oclif/command is a declared dependency in the same org scope; this is a legitimate oclif plugin dependency, not a phantom dep concern.	ai	2026/04/24
npm-metadata	suspicious-initial-version	AI (npm-metadata): 0.0.0 is a known pattern in the oclif ecosystem for initial/template versions; publisher dickeyxxx has a strong track record with 974 approved packages.	ai	2026/04/24
phantom-deps	phantom-dep:@oclif/config	AI (phantom-deps): @oclif/config is a same-org dependency declared in package.json; phantom detection is a false positive for this oclif plugin package.	ai	2026/04/24
semgrep	semgrep:child-process-import	AI (semgrep): Package's core purpose is CLI update checking; child_process usage is expected and consistent with this functionality across all versions.	ai	2026/04/23
provenance	no-provenance	AI (provenance): Salesforce/oclif packages historically do not publish with Sigstore provenance; publisher is well-established and trusted.	ai	2026/04/21

Versions (showing 68 of 168)

Version	Deps	Published
2.0.37	7 / 17	2023-05-14
2.0.36	7 / 17	2023-04-23
2.0.35	7 / 17	2023-04-16
2.0.34	7 / 17	2023-04-16
2.0.33	7 / 17	2023-03-26
2.0.32	7 / 17	2023-03-19
2.0.31	7 / 17	2023-03-12
2.0.30	7 / 17	2023-03-05
2.0.29	7 / 17	2023-02-28
2.0.28	7 / 17	2023-02-19
2.0.27	7 / 17	2023-02-12
2.0.26	7 / 17	2023-02-05
2.0.25	7 / 17	2023-02-05
2.0.24	7 / 17	2023-01-29
2.0.23	7 / 17	2023-01-24
2.0.22	7 / 17	2023-01-24
2.0.21	7 / 17	2023-01-23
2.0.20	7 / 17	2023-01-22
2.0.19	7 / 17	2023-01-15
2.0.18	7 / 17	2023-01-01
2.0.17	7 / 17	2022-12-18
2.0.16	7 / 17	2022-12-11
2.0.15	7 / 17	2022-12-04
2.0.14	7 / 17	2022-11-13
2.0.13	7 / 17	2022-11-06
2.0.12	7 / 17	2022-10-30
2.0.11	7 / 17	2022-10-30
2.0.10	7 / 17	2022-10-23
2.0.9	7 / 17	2022-10-16
2.0.8	7 / 17	2022-10-09
2.0.7	7 / 17	2022-10-09
2.0.6	7 / 17	2022-09-27
2.0.5	7 / 17	2022-09-27
2.0.4	7 / 17	2022-01-06
2.0.3	7 / 17	2021-12-17
2.0.2	7 / 17	2021-12-07
2.0.1	7 / 17	2021-12-01
2.0.0	7 / 17	2021-09-29
1.7.3	9 / 17	2021-11-29
1.7.2	9 / 17	2021-11-23
1.7.0	9 / 16	2019-02-20
1.5.4	8 / 15	2018-10-13
1.5.3	8 / 15	2018-09-14
1.5.2	8 / 15	2018-08-28
1.5.1	8 / 15	2018-08-22
1.5.0	8 / 15	2018-08-21
1.4.0	8 / 15	2018-08-17
1.3.9	8 / 15	2018-05-10
1.3.8	8 / 15	2018-05-03
1.3.7	8 / 15	2018-05-01
1.3.6	8 / 15	2018-04-25
1.3.5	8 / 15	2018-04-24
1.3.4	8 / 15	2018-04-24
1.3.3	8 / 15	2018-04-20
1.3.2	8 / 15	2018-04-20
1.3.1	8 / 15	2018-04-18
1.3.0	8 / 15	2018-04-08
1.2.5	8 / 15	2018-04-08
1.2.4	8 / 15	2018-04-07
1.2.3	8 / 15	2018-03-25
1.2.2	8 / 15	2018-03-24
1.2.1	8 / 15	2018-03-24
1.2.0	8 / 15	2018-03-24
1.1.0	7 / 15	2018-03-24
1.0.2	7 / 15	2018-03-24
1.0.1	7 / 15	2018-03-24
1.0.0	7 / 15	2018-03-24
0.0.0	2 / 14	2018-03-24