sfdx-hardis 6.1.4 → 6.2.0

package/oclif.manifest.json

@@ -132,12 +132,13 @@
         "clear:cache:hardis"
       ]
     },
-    "hardis:config:get": {
+    "hardis:auth:login": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
+      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
       "examples": [
-        "$ sf hardis:project:deploy:sources:metadata"
+        "$ sf hardis:auth:login",
+        "CI=true sf hardis:auth:login"
       ],
       "flags": {
         "json": {
@@ -155,20 +156,28 @@
           "multiple": false,
           "type": "option"
         },
-        "level": {
-          "char": "l",
-          "description": "project,branch or user",
-          "name": "level",
-          "default": "project",
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
           "hasDynamicHelp": false,
           "multiple": false,
-          "options": [
-            "project",
-            "branch",
-            "user"
-          ],
           "type": "option"
         },
+        "devhub": {
+          "char": "h",
+          "description": "Also connect associated DevHub",
+          "name": "devhub",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "scratchorg": {
+          "char": "s",
+          "description": "Scratch org",
+          "name": "scratchorg",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -192,39 +201,38 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:config:get",
+      "id": "hardis:auth:login",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Deploy metadata sources to org",
+      "title": "Login",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "config",
-        "get.js"
+        "auth",
+        "login.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:config:get",
-        "config:hardis:get",
-        "config:get:hardis",
-        "hardis:get:config",
-        "get:hardis:config",
-        "get:config:hardis"
+        "hardis:auth:login",
+        "auth:hardis:login",
+        "auth:login:hardis",
+        "hardis:login:auth",
+        "login:hardis:auth",
+        "login:auth:hardis"
       ]
     },
-    "hardis:auth:login": {
+    "hardis:config:get": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
       "examples": [
-        "$ sf hardis:auth:login",
-        "CI=true sf hardis:auth:login"
+        "$ sf hardis:project:deploy:sources:metadata"
       ],
       "flags": {
         "json": {
@@ -242,28 +250,20 @@
           "multiple": false,
           "type": "option"
         },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
+        "level": {
+          "char": "l",
+          "description": "project,branch or user",
+          "name": "level",
+          "default": "project",
           "hasDynamicHelp": false,
           "multiple": false,
+          "options": [
+            "project",
+            "branch",
+            "user"
+          ],
           "type": "option"
         },
-        "devhub": {
-          "char": "h",
-          "description": "Also connect associated DevHub",
-          "name": "devhub",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "scratchorg": {
-          "char": "s",
-          "description": "Scratch org",
-          "name": "scratchorg",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -287,30 +287,30 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:auth:login",
+      "id": "hardis:config:get",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Login",
+      "title": "Deploy metadata sources to org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "auth",
-        "login.js"
+        "config",
+        "get.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:auth:login",
-        "auth:hardis:login",
-        "auth:login:hardis",
-        "hardis:login:auth",
-        "login:hardis:auth",
-        "login:auth:hardis"
+        "hardis:config:get",
+        "config:hardis:get",
+        "config:get:hardis",
+        "hardis:get:config",
+        "get:hardis:config",
+        "get:config:hardis"
       ]
     },
     "hardis:doc:fieldusage": {
@@ -2331,6 +2331,21 @@
           "allowNo": false,
           "type": "boolean"
         },
+        "username": {
+          "char": "t",
+          "description": "Username of the org you want to authenticate (overrides the interactive prompt)",
+          "name": "username",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "prompt-default": {
+          "char": "e",
+          "description": "Prompt to set the selected org as default",
+          "name": "prompt-default",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -5259,7 +5274,9 @@
       "args": {},
       "description": "\n## Command Behavior\n\n**Exports data from a Salesforce org using an SFDMU (Salesforce Data Migration Utility) project.**\n\nThis command facilitates the extraction of data from your Salesforce environments based on configurations defined in an SFDMU workspace. It's a powerful tool for various data-related tasks, including:\n\n- **Data Backup:** Creating snapshots of your Salesforce data.\n- **Data Migration:** Extracting data for transfer to another Salesforce org or external system.\n- **Reporting and Analysis:** Exporting specific datasets for detailed analysis outside of Salesforce.\n- **Data Seeding:** Preparing data for import into other environments.\n\nKey functionalities:\n\n- **SFDMU Workspace Integration:** Leverages an existing SFDMU workspace (defined by an `export.json` file) to determine which objects and records to export, along with any filtering or transformation rules.\n- **Interactive Workspace Selection:** If the SFDMU workspace path is not provided via the `--path` flag, it interactively prompts the user to select one.\n- **Org Selection:** Ensures that a target Salesforce org is selected (either via the `--target-org` flag or through an interactive prompt) to specify the source of the data export.\n\nSee this article for a practical example:\n\n[![How to detect bad words in Salesforce records using SFDX Data Loader and sfdx-hardis](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-badwords.jpg)](https://nicolas.vuillamy.fr/how-to-detect-bad-words-in-salesforce-records-using-sfdx-data-loader-and-sfdx-hardis-171db40a9bac)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation relies heavily on the SFDMU plugin:\n\n- **SFDMU Integration:** It acts as a wrapper around the `sfdmu` plugin, which performs the actual data export operations. The command provides an assisted interface for SFDMU execution.\n- **`exportData` Utility:** The core logic for executing the SFDMU export process is encapsulated within the `exportData` utility function, which takes the SFDMU workspace path and the source username as arguments.\n- **Interactive Prompts:** Uses `selectDataWorkspace` to allow the user to choose an SFDMU project and `promptOrgUsernameDefault` for selecting the source Salesforce org when not running in a CI environment.\n- **Environment Awareness:** Checks the `isCI` flag to determine whether to run in an interactive mode (prompting for user input) or a non-interactive mode (relying solely on command-line flags).\n- **Required Plugin:** It explicitly lists `sfdmu` as a required plugin, ensuring that the necessary dependency is in place before execution.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:data:export"
+        "$ sf hardis:org:data:export",
+        "$ sf hardis:org:data:export --project-name MyDataProject --target-org my-org@example.com",
+        "$ sf hardis:org:data:export --path ./scripts/data/MyDataProject --no-prompt --target-org my-org@example.com"
       ],
       "flags": {
         "json": {
@@ -5277,6 +5294,14 @@
           "multiple": false,
           "type": "option"
         },
+        "project-name": {
+          "char": "n",
+          "description": "Name of the sfdmu project to use (if not defined, you will be prompted to select one)",
+          "name": "project-name",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
         "path": {
           "char": "p",
           "description": "Path to the sfdmu workspace folder",
@@ -5285,6 +5310,13 @@
           "multiple": false,
           "type": "option"
         },
+        "no-prompt": {
+          "char": "r",
+          "description": "Do not prompt for Org, use default org",
+          "name": "no-prompt",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -5376,7 +5408,10 @@
       "args": {},
       "description": "Import/Load data in an org using a [SFDX Data Loader](https://help.sfdmu.com/) Project\n\nIf you need to run this command in a production org, you need to either:\n\n- Define **sfdmuCanModify** in your .sfdx-hardis.yml config file. (Example: `sfdmuCanModify: prod-instance.my.salesforce.com`)\n- Define an environment variable SFDMU_CAN_MODIFY. (Example: `SFDMU_CAN_MODIFY=prod-instance.my.salesforce.com`)\n\nSee article:\n\n[![How to detect bad words in Salesforce records using SFDX Data Loader and sfdx-hardis](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-badwords.jpg)](https://nicolas.vuillamy.fr/how-to-detect-bad-words-in-salesforce-records-using-sfdx-data-loader-and-sfdx-hardis-171db40a9bac)\n",
       "examples": [
-        "$ sf hardis:org:data:import"
+        "$ sf hardis:org:data:import",
+        "$ sf hardis:org:data:import --project-name MyDataProject --target-org my-org@example.com",
+        "$ sf hardis:org:data:import --path ./scripts/data/MyDataProject --no-prompt --target-org my-org@example.com",
+        "$ SFDMU_CAN_MODIFY=prod-instance.my.salesforce.com sf hardis:org:data:import --project-name MyDataProject --target-org prod@example.com"
       ],
       "flags": {
         "json": {
@@ -5394,6 +5429,14 @@
           "multiple": false,
           "type": "option"
         },
+        "project-name": {
+          "char": "n",
+          "description": "Name of the sfdmu project to use (if not defined, you will be prompted to select one)",
+          "name": "project-name",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
         "path": {
           "char": "p",
           "description": "Path to the sfdmu workspace folder",
@@ -5402,6 +5445,13 @@
           "multiple": false,
           "type": "option"
         },
+        "no-prompt": {
+          "char": "r",
+          "description": "Do not prompt for Org, use default org",
+          "name": "no-prompt",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -7611,16 +7661,13 @@
         "limits:monitor:org:hardis"
       ]
     },
-    "hardis:org:refresh:after-refresh": {
+    "hardis:org:purge:apexlog": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Restores all previously backed-up Connected Apps (including Consumer Secrets) to a Salesforce org after a sandbox refresh.**\n\nThis command is the second step in the sandbox refresh process. It scans the backup folder created before the refresh, allows selection of which Connected Apps to restore, and automates their deletion and redeployment to the refreshed org, ensuring all credentials and configuration are preserved.\n\nKey functionalities:\n\n- **Backup Folder Selection:** Prompts the user to select the correct backup folder for the sandbox instance.\n- **Connected App Discovery:** Scans the backup for all Connected App metadata files.\n- **User Selection:** Allows interactive or flag-based selection of which Connected Apps to restore.\n- **Validation:** Ensures all selected apps exist in the backup and validates user input.\n- **Org Cleanup:** Deletes existing Connected Apps from the refreshed org to allow clean redeployment.\n- **Deployment:** Deploys the selected Connected Apps (with secrets) to the org.\n- **Summary and Reporting:** Provides a summary of restored apps and their status.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is designed to be run after a sandbox refresh, using the backup created by the before-refresh command.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Backup Folder Handling:** Prompts for and validates the backup folder under `scripts/sandbox-refresh/`.\n- **Metadata Scanning:** Uses glob patterns to find all `*.connectedApp - meta.xml` files in the backup.\n- **Selection Logic:** Supports `--all`, `--name`, and interactive selection of apps to restore.\n- **Validation:** Checks that all requested apps exist in the backup and provides clear errors if not.\n- **Org Operations:** Deletes existing Connected Apps from the org before redeployment to avoid conflicts.\n- **Deployment:** Uses utility functions to deploy Connected Apps and their secrets to the org.\n- **Error Handling:** Handles and reports errors at each step, including parsing and deployment issues.\n\n</details>\n",
+      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:refresh:after-refresh",
-        "$ sf hardis:org:refresh:after-refresh --name \"MyConnectedApp\" // Process specific app, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --name \"App1,App2,App3\" // Process multiple apps, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --all // Process all apps, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --target-org myDevOrg"
+        "$ sf hardis:org:purge:apexlog",
+        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
       ],
       "flags": {
         "json": {
@@ -7638,37 +7685,23 @@
           "multiple": false,
           "type": "option"
         },
-        "target-org": {
-          "char": "o",
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        },
-        "name": {
-          "char": "n",
-          "description": "Connected App name(s) to process (bypasses selection prompt). For multiple apps, separate with commas (e.g., \"App1,App2\")",
-          "name": "name",
-          "summary": "Filter according to Name criteria",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
         },
-        "all": {
-          "char": "a",
-          "description": "If set, all Connected Apps from the local repository will be processed. Takes precedence over --name if both are specified.",
-          "name": "all",
-          "summary": "Process all Connected Apps without selection prompt",
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
           "allowNo": false,
           "type": "boolean"
         },
         "websocket": {
           "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
-          "summary": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7676,78 +7709,90 @@
         "skipauth": {
           "description": "Skip authentication check when a default username is required",
           "name": "skipauth",
-          "summary": "Skip authentication check when a default username is required",
           "allowNo": false,
           "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:refresh:after-refresh",
+      "id": "hardis:org:purge:apexlog",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Restore Connected Apps after org refresh",
-      "requiresProject": true,
+      "title": "Purge Apex Logs",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "refresh",
-        "after-refresh.js"
+        "purge",
+        "apexlog.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:refresh:after-refresh",
-        "org:hardis:refresh:after-refresh",
-        "org:refresh:hardis:after-refresh",
-        "org:refresh:after-refresh:hardis",
-        "hardis:refresh:org:after-refresh",
-        "refresh:hardis:org:after-refresh",
-        "refresh:org:hardis:after-refresh",
-        "refresh:org:after-refresh:hardis",
-        "hardis:refresh:after-refresh:org",
-        "refresh:hardis:after-refresh:org",
-        "refresh:after-refresh:hardis:org",
-        "refresh:after-refresh:org:hardis",
-        "hardis:org:after-refresh:refresh",
-        "org:hardis:after-refresh:refresh",
-        "org:after-refresh:hardis:refresh",
-        "org:after-refresh:refresh:hardis",
-        "hardis:after-refresh:org:refresh",
-        "after-refresh:hardis:org:refresh",
-        "after-refresh:org:hardis:refresh",
-        "after-refresh:org:refresh:hardis",
-        "hardis:after-refresh:refresh:org",
-        "after-refresh:hardis:refresh:org",
-        "after-refresh:refresh:hardis:org",
-        "after-refresh:refresh:org:hardis"
-      ]
-    },
-    "hardis:org:refresh:before-refresh": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Backs up all Connected Apps, their secrets, certificates, and custom settings from a Salesforce org before a sandbox refresh, enabling full restoration after the refresh.**\n\nThis command is essential for Salesforce sandbox refresh operations where Connected Apps (and their Consumer Secrets), certificates, and custom settings would otherwise be lost. It automates the extraction, secure storage, and (optionally) deletion of Connected Apps, ensuring that all credentials and configuration can be restored post-refresh.\n\nKey functionalities:\n\n- **Connected App Discovery:** Lists all Connected Apps in the org, with options to filter by name, process all, or interactively select.\n- **User Selection:** Allows interactive or flag-based selection of which Connected Apps to back up.\n- **Metadata Retrieval:** Retrieves Connected App metadata and saves it in a dedicated project folder for the sandbox instance.\n- **Consumer Secret Extraction:** Attempts to extract Consumer Secrets automatically using browser automation (Puppeteer), or prompts for manual entry if automation fails.\n- **Config Persistence:** Stores the list of selected apps in the project config for use during restoration.\n- **Optional Deletion:** Can delete the Connected Apps from the org after backup, as required for re-upload after refresh.\n- **Certificate Backup:** Retrieves all org certificates and their definitions, saving them for later restoration.\n- **Custom Settings Backup:** Lists all custom settings in the org, allows user selection, and exports their data to JSON files for backup.\n- **Summary and Reporting:** Provides a summary of actions, including which apps, certificates, and custom settings were saved and whether secrets were captured.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is designed to be run before a sandbox refresh. It ensures that all Connected Apps, secrets, certificates, and custom settings are safely stored for later restoration.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Salesforce CLI Integration:** Uses `sf org list metadata`, `sf project retrieve start`, and other CLI commands to discover and retrieve Connected Apps, certificates, and custom settings.\n- **Metadata Handling:** Saves Connected App XML files and certificate files in a dedicated folder under `scripts/sandbox-refresh/<sandbox-folder>`.\n- **Consumer Secret Handling:** Uses Puppeteer to automate browser login and extraction of Consumer Secrets, falling back to manual prompts if needed.\n- **Custom Settings Handling:** Lists all custom settings, allows user selection, and exports their data using `sf data tree export` to JSON files.\n- **Config Management:** Updates `config/.sfdx-hardis.yml` with the list of selected apps for later use.\n- **Deletion Logic:** Optionally deletes Connected Apps from the org (required for re-upload after refresh), with user confirmation unless running in CI or with `--delete` flag.\n- **Error Handling:** Provides detailed error messages and guidance if retrieval or extraction fails.\n- **Reporting:** Sends summary and configuration files to the WebSocket client for reporting and traceability.\n\n</details>\n",
-      "examples": [
-        "$ sf hardis:org:refresh:before-refresh",
-        "$ sf hardis:org:refresh:before-refresh --name \"MyConnectedApp\"",
-        "$ sf hardis:org:refresh:before-refresh --name \"App1,App2,App3\"",
-        "$ sf hardis:org:refresh:before-refresh --all",
-        "$ sf hardis:org:refresh:before-refresh --delete"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
+        "hardis:org:purge:apexlog",
+        "org:hardis:purge:apexlog",
+        "org:purge:hardis:apexlog",
+        "org:purge:apexlog:hardis",
+        "hardis:purge:org:apexlog",
+        "purge:hardis:org:apexlog",
+        "purge:org:hardis:apexlog",
+        "purge:org:apexlog:hardis",
+        "hardis:purge:apexlog:org",
+        "purge:hardis:apexlog:org",
+        "purge:apexlog:hardis:org",
+        "purge:apexlog:org:hardis",
+        "hardis:org:apexlog:purge",
+        "org:hardis:apexlog:purge",
+        "org:apexlog:hardis:purge",
+        "org:apexlog:purge:hardis",
+        "hardis:apexlog:org:purge",
+        "apexlog:hardis:org:purge",
+        "apexlog:org:hardis:purge",
+        "apexlog:org:purge:hardis",
+        "hardis:apexlog:purge:org",
+        "apexlog:hardis:purge:org",
+        "apexlog:purge:hardis:org",
+        "apexlog:purge:org:hardis"
+      ]
+    },
+    "hardis:org:purge:flow": {
+      "aliases": [],
+      "args": {},
+      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
+      "examples": [
+        "$ sf hardis:org:purge:flow",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
           "helpGroup": "GLOBAL",
           "name": "flags-dir",
           "summary": "Import flag values from a directory.",
@@ -7755,38 +7800,56 @@
           "multiple": false,
           "type": "option"
         },
-        "target-org": {
-          "char": "o",
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
+        },
+        "name": {
+          "char": "n",
+          "description": "Filter according to Name criteria",
+          "name": "name",
+          "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "delete": {
-          "char": "d",
-          "description": "By default, Connected Apps are not deleted from the org after saving. Set this flag to force their deletion so they will be able to be reuploaded again after refreshing the org.",
-          "name": "delete",
-          "summary": "Delete Connected Apps from org after saving",
+        "status": {
+          "char": "s",
+          "description": "Filter according to Status criteria",
+          "name": "status",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "delete-flow-interviews": {
+          "char": "w",
+          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
+          "name": "delete-flow-interviews",
           "allowNo": false,
           "type": "boolean"
         },
-        "name": {
-          "char": "n",
-          "description": "Connected App name(s) to process. For multiple apps, separate with commas (e.g., \"App1,App2\")",
-          "name": "name",
-          "summary": "Filter according to Name criteria",
+        "allowpurgefailure": {
+          "char": "f",
+          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
+          "name": "allowpurgefailure",
+          "allowNo": true,
+          "type": "boolean"
+        },
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
+          "default": "https://login.salesforce.com",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "all": {
-          "char": "a",
-          "description": "If set, all Connected Apps from the org will be processed. Takes precedence over --name if both are specified.",
-          "name": "all",
-          "summary": "Process all Connected Apps without selection prompt",
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
           "allowNo": false,
           "type": "boolean"
         },
@@ -7802,61 +7865,80 @@
           "name": "skipauth",
           "allowNo": false,
           "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:refresh:before-refresh",
+      "id": "hardis:org:purge:flow",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "requiresProject": true,
+      "title": "Purge Flow versions",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "refresh",
-        "before-refresh.js"
+        "purge",
+        "flow.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:refresh:before-refresh",
-        "org:hardis:refresh:before-refresh",
-        "org:refresh:hardis:before-refresh",
-        "org:refresh:before-refresh:hardis",
-        "hardis:refresh:org:before-refresh",
-        "refresh:hardis:org:before-refresh",
-        "refresh:org:hardis:before-refresh",
-        "refresh:org:before-refresh:hardis",
-        "hardis:refresh:before-refresh:org",
-        "refresh:hardis:before-refresh:org",
-        "refresh:before-refresh:hardis:org",
-        "refresh:before-refresh:org:hardis",
-        "hardis:org:before-refresh:refresh",
-        "org:hardis:before-refresh:refresh",
-        "org:before-refresh:hardis:refresh",
-        "org:before-refresh:refresh:hardis",
-        "hardis:before-refresh:org:refresh",
-        "before-refresh:hardis:org:refresh",
-        "before-refresh:org:hardis:refresh",
-        "before-refresh:org:refresh:hardis",
-        "hardis:before-refresh:refresh:org",
-        "before-refresh:hardis:refresh:org",
-        "before-refresh:refresh:hardis:org",
-        "before-refresh:refresh:org:hardis"
+        "hardis:org:purge:flow",
+        "org:hardis:purge:flow",
+        "org:purge:hardis:flow",
+        "org:purge:flow:hardis",
+        "hardis:purge:org:flow",
+        "purge:hardis:org:flow",
+        "purge:org:hardis:flow",
+        "purge:org:flow:hardis",
+        "hardis:purge:flow:org",
+        "purge:hardis:flow:org",
+        "purge:flow:hardis:org",
+        "purge:flow:org:hardis",
+        "hardis:org:flow:purge",
+        "org:hardis:flow:purge",
+        "org:flow:hardis:purge",
+        "org:flow:purge:hardis",
+        "hardis:flow:org:purge",
+        "flow:hardis:org:purge",
+        "flow:org:hardis:purge",
+        "flow:org:purge:hardis",
+        "hardis:flow:purge:org",
+        "flow:hardis:purge:org",
+        "flow:purge:hardis:org",
+        "flow:purge:org:hardis"
       ]
     },
-    "hardis:org:retrieve:packageconfig": {
+    "hardis:org:refresh:after-refresh": {
       "aliases": [],
       "args": {},
-      "description": "\n**Retrieves the installed package configuration from a Salesforce org and optionally updates the local project configuration.**\n\nThis command is useful for maintaining an accurate record of installed packages within your Salesforce project, which is crucial for managing dependencies and ensuring consistent deployments across environments.\n\nKey functionalities:\n\n- **Package Listing:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a list of all installed packages.\n- **Configuration Update:** Offers the option to update your local project's configuration with the retrieved list of installed packages. This can be beneficial for automating package installations during environment setup or CI/CD processes.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Org Connection:** It establishes a connection to the target Salesforce org using the provided or prompted username.\n- **Metadata Retrieval:** It utilizes `MetadataUtils.listInstalledPackages` to query the Salesforce org and obtain details about the installed packages.\n- **Interactive Prompt:** It uses the `prompts` library to ask the user whether they want to update their local project configuration with the retrieved package list.\n- **Configuration Management:** If the user confirms, it calls `managePackageConfig` to update the project's configuration file (likely `.sfdx-hardis.yml`) with the new package information.\n- **User Feedback:** Provides clear messages to the user about the success of the package retrieval and configuration update.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Restores all previously backed-up Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata to a Salesforce org after a sandbox refresh.**\n\nThis command is the second step in the sandbox refresh process. It scans the backup folder created before the refresh, allows interactive or flag-driven selection of items to restore, and automates cleanup and redeployment to the refreshed org while preserving credentials and configuration.\n\nKey functionalities:\n\n- **Choose a backup to restore:** Lets you pick the saved sandbox project that contains the artifacts to restore.\n- **Select which items to restore:** Finds Connected App XMLs, certificates, custom settings and other artifacts and lets you pick what to restore (or restore all).\n- **Safety checks and validation:** Confirms files exist and prompts before making changes to the target org.\n- **Prepare org for restore:** Optionally cleans up existing Connected Apps so saved apps can be re-deployed without conflict.\n- **Redeploy saved artifacts:** Restores Connected Apps (with saved secrets), certificates, SAML SSO configs, custom settings and other metadata.\n- **Handle SAML configs:** Cleans and updates SAML XML files and helps you choose certificates to wire into restored configs.\n- **Restore records:** Optionally runs data import from selected SFDMU workspaces to restore record data.\n- **Reporting & persistence:** Sends restore reports and can update project config to record what was restored.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run after a sandbox refresh to re-apply saved metadata, credentials and data.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Backup Folder Handling:** Reads the immediate subfolders of `scripts/sandbox-refresh/` and validates the chosen project contains the expected `manifest/` and `force-app` layout.\n- **Metadata & Deployment APIs:** Uses `sf project deploy start --manifest` for package-based deploys, `sf project deploy start --metadata-dir` for MDAPI artifacts (certificates), and utility functions for Connected App deployment that preserve consumer secrets.\n- **SAML Handling:** Queries active certificates via tooling API, updates SAML XML files, and deploys using `sf project deploy start -m SamlSsoConfig`.\n- **Records Handling:** Uses interactive selection of SFDMU workspaces and runs data import utilities to restore records.\n- **Error Handling & Summary:** Aggregates results, logs success/warnings/errors, and returns a structured result indicating which items were restored and any failures.\n\n</details>\n",
       "examples": [
-        "$ sf hardis:org:retrieve:packageconfig",
-        "sf hardis:org:retrieve:packageconfig -u myOrg"
+        "$ sf hardis:org:refresh:after-refresh",
+        "$ sf hardis:org:refresh:after-refresh --name \"MyConnectedApp\" // Process specific app, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --name \"App1,App2,App3\" // Process multiple apps, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --all // Process all apps, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --target-org myDevOrg"
       ],
       "flags": {
         "json": {
@@ -7874,16 +7956,37 @@
           "multiple": false,
           "type": "option"
         },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
+        "target-org": {
+          "char": "o",
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        },
+        "name": {
+          "char": "n",
+          "description": "Connected App name(s) to process (bypasses selection prompt). For multiple apps, separate with commas (e.g., \"App1,App2\")",
+          "name": "name",
+          "summary": "Filter according to Name criteria",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "all": {
+          "char": "a",
+          "description": "If set, all Connected Apps from the local repository will be processed. Takes precedence over --name if both are specified.",
+          "name": "all",
+          "summary": "Process all Connected Apps without selection prompt",
           "allowNo": false,
           "type": "boolean"
         },
         "websocket": {
           "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
+          "summary": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7891,79 +7994,68 @@
         "skipauth": {
           "description": "Skip authentication check when a default username is required",
           "name": "skipauth",
+          "summary": "Skip authentication check when a default username is required",
           "allowNo": false,
           "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:retrieve:packageconfig",
+      "id": "hardis:org:refresh:after-refresh",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Retrieve package configuration from an org",
-      "requiresProject": false,
+      "title": "Restore Connected Apps after org refresh",
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "retrieve",
-        "packageconfig.js"
+        "refresh",
+        "after-refresh.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:retrieve:packageconfig",
-        "org:hardis:retrieve:packageconfig",
-        "org:retrieve:hardis:packageconfig",
-        "org:retrieve:packageconfig:hardis",
-        "hardis:retrieve:org:packageconfig",
-        "retrieve:hardis:org:packageconfig",
-        "retrieve:org:hardis:packageconfig",
-        "retrieve:org:packageconfig:hardis",
-        "hardis:retrieve:packageconfig:org",
-        "retrieve:hardis:packageconfig:org",
-        "retrieve:packageconfig:hardis:org",
-        "retrieve:packageconfig:org:hardis",
-        "hardis:org:packageconfig:retrieve",
-        "org:hardis:packageconfig:retrieve",
-        "org:packageconfig:hardis:retrieve",
-        "org:packageconfig:retrieve:hardis",
-        "hardis:packageconfig:org:retrieve",
-        "packageconfig:hardis:org:retrieve",
-        "packageconfig:org:hardis:retrieve",
-        "packageconfig:org:retrieve:hardis",
-        "hardis:packageconfig:retrieve:org",
-        "packageconfig:hardis:retrieve:org",
-        "packageconfig:retrieve:hardis:org",
-        "packageconfig:retrieve:org:hardis"
+        "hardis:org:refresh:after-refresh",
+        "org:hardis:refresh:after-refresh",
+        "org:refresh:hardis:after-refresh",
+        "org:refresh:after-refresh:hardis",
+        "hardis:refresh:org:after-refresh",
+        "refresh:hardis:org:after-refresh",
+        "refresh:org:hardis:after-refresh",
+        "refresh:org:after-refresh:hardis",
+        "hardis:refresh:after-refresh:org",
+        "refresh:hardis:after-refresh:org",
+        "refresh:after-refresh:hardis:org",
+        "refresh:after-refresh:org:hardis",
+        "hardis:org:after-refresh:refresh",
+        "org:hardis:after-refresh:refresh",
+        "org:after-refresh:hardis:refresh",
+        "org:after-refresh:refresh:hardis",
+        "hardis:after-refresh:org:refresh",
+        "after-refresh:hardis:org:refresh",
+        "after-refresh:org:hardis:refresh",
+        "after-refresh:org:refresh:hardis",
+        "hardis:after-refresh:refresh:org",
+        "after-refresh:hardis:refresh:org",
+        "after-refresh:refresh:hardis:org",
+        "after-refresh:refresh:org:hardis"
       ]
     },
-    "hardis:org:purge:apexlog": {
+    "hardis:org:refresh:before-refresh": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Backs up all Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata from a Salesforce org before a sandbox refresh, enabling full restoration after the refresh.**\n\nThis command prepares a complete backup prior to a sandbox refresh. It creates a dedicated project under `scripts/sandbox-refresh/<sandbox-folder>`, retrieves metadata and data, attempts to capture Connected App consumer secrets, and can optionally delete the apps so they can be reuploaded after the refresh.\n\nKey functionalities:\n\n- **Create a save project:** Generates a dedicated project folder to store all artifacts for the sandbox backup.\n- **Find and select Connected Apps:** Lists Connected Apps in the org and lets you pick specific apps, use a name filter, or process all apps.\n- **Save metadata for restore:** Builds a manifest and retrieves the metadata types you choose so they can be restored after the refresh.\n- **Capture Consumer Secrets:** Attempts to capture Connected App consumer secrets automatically (opens a browser session when possible) and falls back to a short manual prompt when needed.\n- **Collect certificates:** Saves certificate files and their definitions so they can be redeployed later.\n- **Export custom settings & records:** Lets you pick custom settings to export as JSON and optionally export records using configured data workspaces.\n- **Persist choices & report:** Stores your backup choices in project config and sends report files for traceability.\n- **Optional cleanup:** Can delete backed-up Connected Apps from the org so they can be re-uploaded cleanly after the refresh.\n- **Interactive safety checks:** Prompts you to confirm package contents and other potentially destructive actions; sensible defaults are chosen where appropriate.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run before a sandbox refresh so that all credentials, certificates, metadata and data can be restored afterwards.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Salesforce CLI Integration:** Uses `sf org list metadata`, `sf project retrieve start`, `sf project generate`, `sf project deploy start`, and `sf data tree export`/`import` where applicable.\n- **Metadata Handling:** Writes and reads package XML files under the generated project (`manifest/`), copies MDAPI certificate artifacts into `force-app/main/default/certs`, and produces `package-metadata-to-restore.xml` for post-refresh deployment.\n- **Consumer Secret Handling:** Uses `puppeteer-core` with an executable path from `getChromeExecutablePath()` (env var `PUPPETEER_EXECUTABLE_PATH` may be required). Falls back to manual prompt when browser automation cannot be used.\n- **Data & Records:** Exports custom settings to JSON and supports exporting records through SFDMU workspaces chosen interactively.\n- **Config & Reporting:** Updates project/user config under `config/.sfdx-hardis.yml#refreshSandboxConfig` and reports artifacts to the WebSocket client.\n- **Error Handling:** Provides clear error messages and a summary response object indicating success/failure and which secrets were captured.\n\n</details>\n",
       "examples": [
-        "$ sf hardis:org:purge:apexlog",
-        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
+        "$ sf hardis:org:refresh:before-refresh",
+        "$ sf hardis:org:refresh:before-refresh --name \"MyConnectedApp\"",
+        "$ sf hardis:org:refresh:before-refresh --name \"App1,App2,App3\"",
+        "$ sf hardis:org:refresh:before-refresh --all",
+        "$ sf hardis:org:refresh:before-refresh --delete"
       ],
       "flags": {
         "json": {
@@ -7981,17 +8073,38 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
+        "target-org": {
+          "char": "o",
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         },
-        "debug": {
+        "delete": {
           "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
+          "description": "By default, Connected Apps are not deleted from the org after saving. Set this flag to force their deletion so they will be able to be reuploaded again after refreshing the org.",
+          "name": "delete",
+          "summary": "Delete Connected Apps from org after saving",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "name": {
+          "char": "n",
+          "description": "Connected App name(s) to process. For multiple apps, separate with commas (e.g., \"App1,App2\")",
+          "name": "name",
+          "summary": "Filter according to Name criteria",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "all": {
+          "char": "a",
+          "description": "If set, all Connected Apps from the org will be processed. Takes precedence over --name if both are specified.",
+          "name": "all",
+          "summary": "Process all Connected Apps without selection prompt",
           "allowNo": false,
           "type": "boolean"
         },
@@ -8007,78 +8120,61 @@
           "name": "skipauth",
           "allowNo": false,
           "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:apexlog",
+      "id": "hardis:org:refresh:before-refresh",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Apex Logs",
-      "requiresProject": false,
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "purge",
-        "apexlog.js"
+        "refresh",
+        "before-refresh.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:apexlog",
-        "org:hardis:purge:apexlog",
-        "org:purge:hardis:apexlog",
-        "org:purge:apexlog:hardis",
-        "hardis:purge:org:apexlog",
-        "purge:hardis:org:apexlog",
-        "purge:org:hardis:apexlog",
-        "purge:org:apexlog:hardis",
-        "hardis:purge:apexlog:org",
-        "purge:hardis:apexlog:org",
-        "purge:apexlog:hardis:org",
-        "purge:apexlog:org:hardis",
-        "hardis:org:apexlog:purge",
-        "org:hardis:apexlog:purge",
-        "org:apexlog:hardis:purge",
-        "org:apexlog:purge:hardis",
-        "hardis:apexlog:org:purge",
-        "apexlog:hardis:org:purge",
-        "apexlog:org:hardis:purge",
-        "apexlog:org:purge:hardis",
-        "hardis:apexlog:purge:org",
-        "apexlog:hardis:purge:org",
-        "apexlog:purge:hardis:org",
-        "apexlog:purge:org:hardis"
+        "hardis:org:refresh:before-refresh",
+        "org:hardis:refresh:before-refresh",
+        "org:refresh:hardis:before-refresh",
+        "org:refresh:before-refresh:hardis",
+        "hardis:refresh:org:before-refresh",
+        "refresh:hardis:org:before-refresh",
+        "refresh:org:hardis:before-refresh",
+        "refresh:org:before-refresh:hardis",
+        "hardis:refresh:before-refresh:org",
+        "refresh:hardis:before-refresh:org",
+        "refresh:before-refresh:hardis:org",
+        "refresh:before-refresh:org:hardis",
+        "hardis:org:before-refresh:refresh",
+        "org:hardis:before-refresh:refresh",
+        "org:before-refresh:hardis:refresh",
+        "org:before-refresh:refresh:hardis",
+        "hardis:before-refresh:org:refresh",
+        "before-refresh:hardis:org:refresh",
+        "before-refresh:org:hardis:refresh",
+        "before-refresh:org:refresh:hardis",
+        "hardis:before-refresh:refresh:org",
+        "before-refresh:hardis:refresh:org",
+        "before-refresh:refresh:hardis:org",
+        "before-refresh:refresh:org:hardis"
       ]
     },
-    "hardis:org:purge:flow": {
+    "hardis:org:retrieve:packageconfig": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
+      "description": "\n**Retrieves the installed package configuration from a Salesforce org and optionally updates the local project configuration.**\n\nThis command is useful for maintaining an accurate record of installed packages within your Salesforce project, which is crucial for managing dependencies and ensuring consistent deployments across environments.\n\nKey functionalities:\n\n- **Package Listing:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a list of all installed packages.\n- **Configuration Update:** Offers the option to update your local project's configuration with the retrieved list of installed packages. This can be beneficial for automating package installations during environment setup or CI/CD processes.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Org Connection:** It establishes a connection to the target Salesforce org using the provided or prompted username.\n- **Metadata Retrieval:** It utilizes `MetadataUtils.listInstalledPackages` to query the Salesforce org and obtain details about the installed packages.\n- **Interactive Prompt:** It uses the `prompts` library to ask the user whether they want to update their local project configuration with the retrieved package list.\n- **Configuration Management:** If the user confirms, it calls `managePackageConfig` to update the project's configuration file (likely `.sfdx-hardis.yml`) with the new package information.\n- **User Feedback:** Provides clear messages to the user about the success of the package retrieval and configuration update.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:purge:flow",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
+        "$ sf hardis:org:retrieve:packageconfig",
+        "sf hardis:org:retrieve:packageconfig -u myOrg"
       ],
       "flags": {
         "json": {
@@ -8096,52 +8192,6 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "name": {
-          "char": "n",
-          "description": "Filter according to Name criteria",
-          "name": "name",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "status": {
-          "char": "s",
-          "description": "Filter according to Status criteria",
-          "name": "status",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "delete-flow-interviews": {
-          "char": "w",
-          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
-          "name": "delete-flow-interviews",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "allowpurgefailure": {
-          "char": "f",
-          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
-          "name": "allowpurgefailure",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
-          "default": "https://login.salesforce.com",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -8180,13 +8230,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:flow",
+      "id": "hardis:org:retrieve:packageconfig",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Flow versions",
+      "title": "Retrieve package configuration from an org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -8194,35 +8244,35 @@
         "commands",
         "hardis",
         "org",
-        "purge",
-        "flow.js"
+        "retrieve",
+        "packageconfig.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:flow",
-        "org:hardis:purge:flow",
-        "org:purge:hardis:flow",
-        "org:purge:flow:hardis",
-        "hardis:purge:org:flow",
-        "purge:hardis:org:flow",
-        "purge:org:hardis:flow",
-        "purge:org:flow:hardis",
-        "hardis:purge:flow:org",
-        "purge:hardis:flow:org",
-        "purge:flow:hardis:org",
-        "purge:flow:org:hardis",
-        "hardis:org:flow:purge",
-        "org:hardis:flow:purge",
-        "org:flow:hardis:purge",
-        "org:flow:purge:hardis",
-        "hardis:flow:org:purge",
-        "flow:hardis:org:purge",
-        "flow:org:hardis:purge",
-        "flow:org:purge:hardis",
-        "hardis:flow:purge:org",
-        "flow:hardis:purge:org",
-        "flow:purge:hardis:org",
-        "flow:purge:org:hardis"
+        "hardis:org:retrieve:packageconfig",
+        "org:hardis:retrieve:packageconfig",
+        "org:retrieve:hardis:packageconfig",
+        "org:retrieve:packageconfig:hardis",
+        "hardis:retrieve:org:packageconfig",
+        "retrieve:hardis:org:packageconfig",
+        "retrieve:org:hardis:packageconfig",
+        "retrieve:org:packageconfig:hardis",
+        "hardis:retrieve:packageconfig:org",
+        "retrieve:hardis:packageconfig:org",
+        "retrieve:packageconfig:hardis:org",
+        "retrieve:packageconfig:org:hardis",
+        "hardis:org:packageconfig:retrieve",
+        "org:hardis:packageconfig:retrieve",
+        "org:packageconfig:hardis:retrieve",
+        "org:packageconfig:retrieve:hardis",
+        "hardis:packageconfig:org:retrieve",
+        "packageconfig:hardis:org:retrieve",
+        "packageconfig:org:hardis:retrieve",
+        "packageconfig:org:retrieve:hardis",
+        "hardis:packageconfig:retrieve:org",
+        "packageconfig:hardis:retrieve:org",
+        "packageconfig:retrieve:hardis:org",
+        "packageconfig:retrieve:org:hardis"
       ]
     },
     "hardis:org:test:apex": {
@@ -9512,6 +9562,238 @@
         "remotesites:audit:project:hardis"
       ]
     },
+    "hardis:project:configure:auth": {
+      "aliases": [],
+      "args": {},
+      "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
+      "examples": [
+        "$ sf hardis:project:configure:auth"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "devhub": {
+          "char": "b",
+          "description": "Configure project DevHub",
+          "name": "devhub",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "summary": "Username or alias of the target org.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        },
+        "target-dev-hub": {
+          "aliases": [
+            "targetdevhubusername"
+          ],
+          "char": "v",
+          "deprecateAliases": true,
+          "name": "target-dev-hub",
+          "noCacheDefault": true,
+          "required": false,
+          "summary": "Username or alias of the Dev Hub org.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        }
+      },
+      "hasDynamicHelp": true,
+      "hiddenAliases": [],
+      "id": "hardis:project:configure:auth",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Configure authentication",
+      "requiresProject": false,
+      "requiresDependencies": [
+        "openssl"
+      ],
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "configure",
+        "auth.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:configure:auth",
+        "project:hardis:configure:auth",
+        "project:configure:hardis:auth",
+        "project:configure:auth:hardis",
+        "hardis:configure:project:auth",
+        "configure:hardis:project:auth",
+        "configure:project:hardis:auth",
+        "configure:project:auth:hardis",
+        "hardis:configure:auth:project",
+        "configure:hardis:auth:project",
+        "configure:auth:hardis:project",
+        "configure:auth:project:hardis",
+        "hardis:project:auth:configure",
+        "project:hardis:auth:configure",
+        "project:auth:hardis:configure",
+        "project:auth:configure:hardis",
+        "hardis:auth:project:configure",
+        "auth:hardis:project:configure",
+        "auth:project:hardis:configure",
+        "auth:project:configure:hardis",
+        "hardis:auth:configure:project",
+        "auth:hardis:configure:project",
+        "auth:configure:hardis:project",
+        "auth:configure:project:hardis"
+      ]
+    },
+    "hardis:project:convert:profilestopermsets": {
+      "aliases": [],
+      "args": {},
+      "description": "\n## Command Behavior\n\n**Converts existing Salesforce Profiles into Permission Sets, facilitating a more granular and recommended security model.**\n\nThis command helps in migrating permissions from Profiles to Permission Sets, which is a best practice for managing user access in Salesforce. It creates a new Permission Set for each specified Profile, adopting a naming convention of `PS_PROFILENAME`.\n\nKey functionalities:\n\n- **Profile to Permission Set Conversion:** Automatically extracts permissions from a Profile and creates a corresponding Permission Set.\n- **Naming Convention:** New Permission Sets are named with a `PS_` prefix followed by the Profile name (e.g., `PS_Standard_User`).\n- **Exclusion Filter:** Allows you to exclude specific Profiles from the conversion process using the `--except` flag.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **External Plugin Integration:** It relies on the `shane-sfdx-plugins` (specifically the `sf shane:profile:convert` command) to perform the actual conversion.\n- **File System Scan:** It reads the contents of the `force-app/main/default/profiles` directory to identify all available Profile metadata files.\n- **Command Execution:** For each identified Profile (that is not excluded), it constructs and executes the `sf shane:profile:convert` command with the appropriate Profile name and desired Permission Set name.\n- **Error Handling:** Includes basic error handling for the external command execution.\n</details>\n",
+      "examples": [
+        "$ sf hardis:project:convert:profilestopermsets"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "except": {
+          "char": "e",
+          "description": "List of filters",
+          "name": "except",
+          "default": [],
+          "hasDynamicHelp": false,
+          "multiple": true,
+          "type": "option"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "hardis:project:convert:profilestopermsets",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Convert Profiles into Permission Sets",
+      "requiresProject": true,
+      "requiresSfdxPlugins": [
+        "shane-sfdx-plugins"
+      ],
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "convert",
+        "profilestopermsets.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:convert:profilestopermsets",
+        "project:hardis:convert:profilestopermsets",
+        "project:convert:hardis:profilestopermsets",
+        "project:convert:profilestopermsets:hardis",
+        "hardis:convert:project:profilestopermsets",
+        "convert:hardis:project:profilestopermsets",
+        "convert:project:hardis:profilestopermsets",
+        "convert:project:profilestopermsets:hardis",
+        "hardis:convert:profilestopermsets:project",
+        "convert:hardis:profilestopermsets:project",
+        "convert:profilestopermsets:hardis:project",
+        "convert:profilestopermsets:project:hardis",
+        "hardis:project:profilestopermsets:convert",
+        "project:hardis:profilestopermsets:convert",
+        "project:profilestopermsets:hardis:convert",
+        "project:profilestopermsets:convert:hardis",
+        "hardis:profilestopermsets:project:convert",
+        "profilestopermsets:hardis:project:convert",
+        "profilestopermsets:project:hardis:convert",
+        "profilestopermsets:project:convert:hardis",
+        "hardis:profilestopermsets:convert:project",
+        "profilestopermsets:hardis:convert:project",
+        "profilestopermsets:convert:hardis:project",
+        "profilestopermsets:convert:project:hardis"
+      ]
+    },
     "hardis:project:clean:emptyitems": {
       "aliases": [],
       "args": {},
@@ -10997,238 +11279,6 @@
         "xml:clean:project:hardis"
       ]
     },
-    "hardis:project:convert:profilestopermsets": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Converts existing Salesforce Profiles into Permission Sets, facilitating a more granular and recommended security model.**\n\nThis command helps in migrating permissions from Profiles to Permission Sets, which is a best practice for managing user access in Salesforce. It creates a new Permission Set for each specified Profile, adopting a naming convention of `PS_PROFILENAME`.\n\nKey functionalities:\n\n- **Profile to Permission Set Conversion:** Automatically extracts permissions from a Profile and creates a corresponding Permission Set.\n- **Naming Convention:** New Permission Sets are named with a `PS_` prefix followed by the Profile name (e.g., `PS_Standard_User`).\n- **Exclusion Filter:** Allows you to exclude specific Profiles from the conversion process using the `--except` flag.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **External Plugin Integration:** It relies on the `shane-sfdx-plugins` (specifically the `sf shane:profile:convert` command) to perform the actual conversion.\n- **File System Scan:** It reads the contents of the `force-app/main/default/profiles` directory to identify all available Profile metadata files.\n- **Command Execution:** For each identified Profile (that is not excluded), it constructs and executes the `sf shane:profile:convert` command with the appropriate Profile name and desired Permission Set name.\n- **Error Handling:** Includes basic error handling for the external command execution.\n</details>\n",
-      "examples": [
-        "$ sf hardis:project:convert:profilestopermsets"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "except": {
-          "char": "e",
-          "description": "List of filters",
-          "name": "except",
-          "default": [],
-          "hasDynamicHelp": false,
-          "multiple": true,
-          "type": "option"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        }
-      },
-      "hasDynamicHelp": false,
-      "hiddenAliases": [],
-      "id": "hardis:project:convert:profilestopermsets",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Convert Profiles into Permission Sets",
-      "requiresProject": true,
-      "requiresSfdxPlugins": [
-        "shane-sfdx-plugins"
-      ],
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "project",
-        "convert",
-        "profilestopermsets.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:project:convert:profilestopermsets",
-        "project:hardis:convert:profilestopermsets",
-        "project:convert:hardis:profilestopermsets",
-        "project:convert:profilestopermsets:hardis",
-        "hardis:convert:project:profilestopermsets",
-        "convert:hardis:project:profilestopermsets",
-        "convert:project:hardis:profilestopermsets",
-        "convert:project:profilestopermsets:hardis",
-        "hardis:convert:profilestopermsets:project",
-        "convert:hardis:profilestopermsets:project",
-        "convert:profilestopermsets:hardis:project",
-        "convert:profilestopermsets:project:hardis",
-        "hardis:project:profilestopermsets:convert",
-        "project:hardis:profilestopermsets:convert",
-        "project:profilestopermsets:hardis:convert",
-        "project:profilestopermsets:convert:hardis",
-        "hardis:profilestopermsets:project:convert",
-        "profilestopermsets:hardis:project:convert",
-        "profilestopermsets:project:hardis:convert",
-        "profilestopermsets:project:convert:hardis",
-        "hardis:profilestopermsets:convert:project",
-        "profilestopermsets:hardis:convert:project",
-        "profilestopermsets:convert:hardis:project",
-        "profilestopermsets:convert:project:hardis"
-      ]
-    },
-    "hardis:project:configure:auth": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
-      "examples": [
-        "$ sf hardis:project:configure:auth"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "devhub": {
-          "char": "b",
-          "description": "Configure project DevHub",
-          "name": "devhub",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "summary": "Username or alias of the target org.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        },
-        "target-dev-hub": {
-          "aliases": [
-            "targetdevhubusername"
-          ],
-          "char": "v",
-          "deprecateAliases": true,
-          "name": "target-dev-hub",
-          "noCacheDefault": true,
-          "required": false,
-          "summary": "Username or alias of the Dev Hub org.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        }
-      },
-      "hasDynamicHelp": true,
-      "hiddenAliases": [],
-      "id": "hardis:project:configure:auth",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Configure authentication",
-      "requiresProject": false,
-      "requiresDependencies": [
-        "openssl"
-      ],
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "project",
-        "configure",
-        "auth.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:project:configure:auth",
-        "project:hardis:configure:auth",
-        "project:configure:hardis:auth",
-        "project:configure:auth:hardis",
-        "hardis:configure:project:auth",
-        "configure:hardis:project:auth",
-        "configure:project:hardis:auth",
-        "configure:project:auth:hardis",
-        "hardis:configure:auth:project",
-        "configure:hardis:auth:project",
-        "configure:auth:hardis:project",
-        "configure:auth:project:hardis",
-        "hardis:project:auth:configure",
-        "project:hardis:auth:configure",
-        "project:auth:hardis:configure",
-        "project:auth:configure:hardis",
-        "hardis:auth:project:configure",
-        "auth:hardis:project:configure",
-        "auth:project:hardis:configure",
-        "auth:project:configure:hardis",
-        "hardis:auth:configure:project",
-        "auth:hardis:configure:project",
-        "auth:configure:hardis:project",
-        "auth:configure:project:hardis"
-      ]
-    },
     "hardis:project:deploy:notify": {
       "aliases": [],
       "args": {},
@@ -15101,5 +15151,5 @@
       ]
     }
   },
-  "version": "6.1.4"
+  "version": "6.2.0"
 }