[BUG] Unable to install sfdx-scanner: FailedDigitalSignatureVerification

forcedotcom / sfdx-scanner

MIT License

209 stars 49 forks source link

[BUG] Unable to install sfdx-scanner: FailedDigitalSignatureVerification #453

Closed nvuillam closed 2 years ago

nvuillam commented 3 years ago

Describe the bug Unable to install sfdx-scanner become of digital signature error

To Reproduce

$ sfdx plugins:install @salesforce/sfdx-scanner
    FailedDigitalSignatureVerification: A digital signature is specified for this plugin but it didn't verify against the certificate.

Expected behavior sfdx-scanner to be installed :)

Desktop

Latest sfdx-cli
latest sfdx-scanner

Same behaviour on Windows or on CI (Github actions - alpine linux)

"Business stopping" -> Can not release a new version of MegaLinter, which is widely used

No workaround ( i tried npm set strict-ssl false , but same result )

jbartolotta-sfdc commented 3 years ago

@nvuillam - We are looking into this. I will report back within 1 hour.

jbartolotta-sfdc commented 3 years ago

@nvuillam We have verified that this is not a security issue, it is a configuration issue that we will need time to address.

We have changed the default installation version to the previous version(2.9.1). sfdx plugins:install @salesforce/sfdx-scanner should now succeed for you.

Thanks for reporting this. Sorry for the inconvenience.

nvuillam commented 3 years ago

Thanks for your quick feedback :)

vishu-shedbal-marlabs commented 2 years ago

Thanks for your quick feedback :)

Did it get installed ? in vscode ? after using that command ?

nvuillam commented 2 years ago

@vishu-shedbal-marlabs latest version works fine for me now Not on your side ?

ranekere-sfdc commented 2 years ago

The issue has been fixed and please upgrade to the latest version. Closing this issue. Feel free to open a new issue if needed.