semantic-release-sfdx
Advanced tools
semantic-release plugin for publishing an SFDX package
You must have SFDX installed and connected to your DevHub (see Authorization in the Salesforce DX Developer Guide).
To enable this plugin, simply add the following to your package.json or release configuration file.
{
"release": {
"plugins": ["semantic-release-sfdx"]
}
}
By default this plugin uses the DevHub which is set in your defaultdevhubusername sfdx config.
To use another DevHub, set the environment variable SFDX_DEFAULTDEVHUBUSERNAME (see Salesforce CLI Setup Guide).
static config via package.json
{
"release": {
"plugins": [
[
"semantic-release-sfdx",
{
"codecoverage": true,
"promote": true,
"installationkey": "mysecretkey"
}
]
]
}
}
dynamic config via release.config.js
module.exports = {
plugins: [
[
'semantic-release-sfdx',
{
codecoverage: process.env.PROMOTE_PACKAGE_VERSION === 'true',
promote: process.env.PROMOTE_PACKAGE_VERSION === 'true',
installationkey: process.env.INSTALLATIONKEY,
},
],
],
}
verifyConditionsTo disable the verification of your SFDX project, DevHub and installationkey:
{
"release": {
"plugins": [
"semantic-release-sfdx",
{
"verifyConditions": false
}
]
}
}
See a second generation package being released with this plugin here.
Thanks to https://github.com/carlos-cubas/semantic-release-gcp.git for kicking off point
FAQs
Set of semantic-release plugins to publish SFDX Package
We found that semantic-release-sfdx demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.