Software InsightsAll Posts

Typescript

Insights and articles on Typescript

The audit plugin has grown from 22 checks to 23, added four new threat surfaces, and gained a fully configurable scoring model. Here is what changed and why it matters.

TL;DR: New checks cover flows without sharing, hardcoded credentials, guest user access, and public group over-sharing. The scoring model is now fully configurable via --scoring-config. SOQLs and Tooling queries live in JSON files outside the code.
SalesforceSecuritysf pluginCLITypeScriptOpen Source

We had a working Python script. Here is why we rewrote it as a native sf plugin, and the design decisions that made 22 parallel security checks practical.

TL;DR: A layered architecture, a cache dependency system to avoid redundant API calls, and a configurable scoring model.
SalesforceArchitectureTypeScriptsf pluginSecurityOpen Source

© 2025 CloudCounsel Ltd. All rights reserved. Expert software development insights and consulting.