Is @salesforce/plugin-trust safe to use?

@salesforce/plugin-trust has no known vulnerabilities on the latest version (3.8.0). DepScope rates its health at 70/100 (moderate risk).

What is the latest version of @salesforce/plugin-trust?

The latest version of @salesforce/plugin-trust is 3.8.0, released 2026-04-30.

Does @salesforce/plugin-trust have known vulnerabilities?

No known vulnerabilities on the latest version of @salesforce/plugin-trust.

Is @salesforce/plugin-trust deprecated?

No, @salesforce/plugin-trust is actively maintained. Latest release: 3.8.0 (2026-04-30).

What are alternatives to @salesforce/plugin-trust?

Popular alternatives to @salesforce/plugin-trust in npm include: semver, ansi-styles, minimatch, debug, brace-expansion.

What license does @salesforce/plugin-trust use?

@salesforce/plugin-trust is licensed under Apache-2.0.

@salesforce/plugin-trust

npmv3.8.0

validate a digital signature for a npm package

License Apache-2.0permissive277 versions7 maintainers11 deps

salesforcecli/plugin-trust

/ 100

Health

safe to use

@salesforce/[email protected] is safe to use (health: 70/100)

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

5/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (11)

@oclif/core @salesforce/core @salesforce/kit @salesforce/plugin-info @salesforce/sf-plugins-core got npm npm-run-path proxy-agent semver shelljs

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@salesforce/plugin-trust

@salesforce/plugin-trust

npmv3.8.0

validate a digital signature for a npm package

License Apache-2.0permissive277 versions7 maintainers11 deps

salesforcecli/plugin-trust

/ 100

Health

safe to use

@salesforce/[email protected] is safe to use (health: 70/100)

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

5/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (11)

@oclif/core @salesforce/core @salesforce/kit @salesforce/plugin-info @salesforce/sf-plugins-core got npm npm-run-path proxy-agent semver shelljs

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@salesforce/plugin-trust