Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@salesforce/plugin-command-reference
Advanced tools
@salesforce/plugin-command-reference
Generate the Salesforce CLI command reference guide.
First install the plugin.
$ sfdx plugins:install @salesforce/plugin-command-reference
Ensure any plugins are installed that you with to generate documentation for.
$ sfdx plugins:install salesforcedx@latest-rc
Now we can generate the documentation for the latest-rc tag.
$ sfdx commandreference --plugins salesforcedx
Note: Warnings will occur for missing properties in plugins. Those have to be fixed in the plugin itself.
Add to your Salesforce CLI Plugin
To add this to your plugin to catch warning at development time, add it as a dev plugin in the project.json.
"oclif": {
"devPlugins": [
"@salesforce/plugin-command-reference"
]
}
Then you can run this in your plugin's CI.
./bin/run commandreference --plugins <name-of-your-plugin> --error-on-warnings
Local Development
If you need to make changes to this repository, the easiest thing to do is to link it to your Salesforce CLI. After you cloned this plugin, run the following from this plugin directory:
sfdx plugins:link .
Now, you can install any plugins you want and run the command reference generation on them.
sfdx plugins:install salesforcedx
sfdx plugins:install config
sfdx plugins:install alias
sfdx plugins:install auth
sfdx commandreference --plugins salesforcedx,alias,config,auth
Commands
sf commandreference:generate
generate the command reference guide located
generate the command reference guide located
USAGE
$ sf commandreference:generate
OPTIONS
-d, --outputdir=outputdir [default: ./tmp/root] output directory to put generated files
-p, --plugins=plugins comma separated list of plugin names to be part of the generation. Defaults to
the oclif plugin in the current working directory
-s, --ditamap-suffix=ditamap-suffix [default: unified] unique suffix to append to generated ditamap
--erroronwarnings fail the command if there are any warnings
--hidden show hidden commands
--json Format output as json.
Keywords
FAQs
Generate the Salesforce CLI command reference guide
The npm package @salesforce/plugin-command-reference receives a total of 22,031 weekly downloads. As such, @salesforce/plugin-command-reference popularity was classified as popular.
We found that @salesforce/plugin-command-reference demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 47 open source maintainers collaborating on the project.
Package last updated on 15 Sep 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025