Merge pull request #1519 from forcedotcom/release-4.3.0

RELEASE @W-16039195@: Conducting v4.3.0 release.

Author: stephen-carter-at-sf

.github/ISSUE_TEMPLATE/0-scanner_run_bug.yml

@@ -77,7 +77,7 @@ body:
     description: |
       What do you get from the command "sf plugins"?
     placeholder: |
-      Example: @salesforce/sfdx-scanner 4.1.0 (latest-beta)
+      Example: @salesforce/sfdx-scanner 4.3.0 (latest)
   validations:
     required: true
 - type: textarea

.github/ISSUE_TEMPLATE/1-scanner_run_dfa_bug.yml

@@ -81,7 +81,7 @@ body:
     description: |
       What do you get from the command "sf plugins"?
     placeholder: |
-      Example: @salesforce/sfdx-scanner 4.1.0 (latest-beta)
+      Example: @salesforce/sfdx-scanner 4.3.0 (latest)
   validations:
     required: true
 - type: input

.github/ISSUE_TEMPLATE/2-scanner_run_false_result.yml

@@ -71,7 +71,7 @@ body:
     description: |
       What do you get from the command "sf plugins"?
     placeholder: |
-      Example: @salesforce/sfdx-scanner 4.1.0 (latest-beta)
+      Example: @salesforce/sfdx-scanner 4.3.0 (latest)
   validations:
     required: true
 - type: textarea

.github/ISSUE_TEMPLATE/3-scanner_run_dfa_false_result.yml

@@ -58,7 +58,7 @@ body:
     description: |
       What do you get from the command "sf plugins"?
     placeholder: |
-      Example: @salesforce/sfdx-scanner 4.1.0 (latest-beta)
+      Example: @salesforce/sfdx-scanner 4.3.0 (latest)
   validations:
     required: true
 - type: input

.github/workflows/publish-to-npm.yml

@@ -53,7 +53,7 @@ jobs:
     with:
       ctc: false # We've been told we don't have to care about this until someone makes us care.
       sign: true
-      tag: latest-beta-rc # Publish as a release candidate, so we can do our validations against it.
+      tag: latest-rc # Publish as a release candidate, so we can do our validations against it.
       githubTag: ${{ github.event.release.tag_name || inputs.tag }}
     secrets: inherit
   # Step 3: Run smoke tests against the release candidate.
@@ -81,7 +81,7 @@ jobs:
           java-version: '11' # For now, Java version is hardcoded.
       # Install SF, and the release candidate version.
       - run: npm install -g @salesforce/cli
-      - run: sf plugins install @salesforce/sfdx-scanner@latest-beta-rc
+      - run: sf plugins install @salesforce/sfdx-scanner@latest-rc
       # Log the installed plugins for easier debugging.
       - run: sf plugins
       # Attempt to run the smoke tests.
@@ -102,7 +102,7 @@ jobs:
           node-version: 'lts/*'
       - run: |
           echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
-          npm dist-tag add @salesforce/sfdx-scanner@${{ github.event.release.tag_name || inputs.tag }} latest-beta
+          npm dist-tag add @salesforce/sfdx-scanner@${{ github.event.release.tag_name || inputs.tag }} latest
   # Step 5: Create a Pull Request for merging `main` into `dev`
   create-main2dev-pull-request:
     needs: promote-to-latest

.gitignore

@@ -159,3 +159,7 @@ pmd-cataloger/bin
 sfge*.log.gz
 
 npm-shrinkwrap.json
+/cli-messaging/out/
+
+# Cache file(s)
+/.sfge-cache/fileToEntryMapData.json

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@salesforce/sfdx-scanner",
 	"description": "Static code scanner that applies quality and security rules to Apex code, and provides feedback.",
-	"version": "4.2.0",
+	"version": "4.3.0",
 	"author": "Salesforce Code Analyzer Team",
 	"bugs": "https://github.com/forcedotcom/sfdx-scanner/issues",
 	"dependencies": {

pmd-appexchange/docs/AvoidApiSessionId.md

@@ -3,14 +3,14 @@ AvoidApiSessionId[](#avoidapisessionid)
 
 **Violation:**
 
-   Session ID use is not approved.
+   Session ID use may not be approved.
 
 
 **Priority:** High (2)
 
 **Description:**
 
-   Detects use of Api.Session_ID to retrieve a session ID.
+   Detects use of Api.Session_ID to retrieve a session ID. For more guidance on approved use cases, read the [Session Id Guidance][https://partners.salesforce.com/sfc/servlet.shepherd/version/download/0684V00000O83jT?asPdf=false&operationContext=CHATTER] document.
 
 **Example(s):**
 

pmd-appexchange/docs/AvoidApiSessionIdInXML.md

@@ -10,7 +10,7 @@ AvoidApiSessionIdInXML[](#avoidapisessionidinxml)
 
 **Description:**
 
-   Detects use of Api.Session_ID to retrieve a session ID.
+   Detects use of Api.Session_ID to retrieve a session ID. For more guidance on approved use cases, read the [Session Id Guidance][https://partners.salesforce.com/sfc/servlet.shepherd/version/download/0684V00000O83jT?asPdf=false&operationContext=CHATTER] document.
 
 **Example(s):**