sfdx-hardis 6.11.1 → 6.11.3

package/oclif.manifest.json

@@ -132,13 +132,12 @@
         "clear:cache:hardis"
       ]
     },
-    "hardis:auth:login": {
+    "hardis:config:get": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
       "examples": [
-        "$ sf hardis:auth:login",
-        "CI=true CI_COMMIT_REF_NAME=monitoring_myclient sf hardis:auth:login"
+        "$ sf hardis:project:deploy:sources:metadata"
       ],
       "flags": {
         "json": {
@@ -156,28 +155,20 @@
           "multiple": false,
           "type": "option"
         },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
+        "level": {
+          "char": "l",
+          "description": "project,branch or user",
+          "name": "level",
+          "default": "project",
           "hasDynamicHelp": false,
           "multiple": false,
+          "options": [
+            "project",
+            "branch",
+            "user"
+          ],
           "type": "option"
         },
-        "devhub": {
-          "char": "h",
-          "description": "Also connect associated DevHub",
-          "name": "devhub",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "scratchorg": {
-          "char": "s",
-          "description": "Scratch org",
-          "name": "scratchorg",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -201,38 +192,39 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:auth:login",
+      "id": "hardis:config:get",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Login",
+      "title": "Deploy metadata sources to org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "auth",
-        "login.js"
+        "config",
+        "get.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:auth:login",
-        "auth:hardis:login",
-        "auth:login:hardis",
-        "hardis:login:auth",
-        "login:hardis:auth",
-        "login:auth:hardis"
+        "hardis:config:get",
+        "config:hardis:get",
+        "config:get:hardis",
+        "hardis:get:config",
+        "get:hardis:config",
+        "get:config:hardis"
       ]
     },
-    "hardis:config:get": {
+    "hardis:auth:login": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
+      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
       "examples": [
-        "$ sf hardis:project:deploy:sources:metadata"
+        "$ sf hardis:auth:login",
+        "CI=true CI_COMMIT_REF_NAME=monitoring_myclient sf hardis:auth:login"
       ],
       "flags": {
         "json": {
@@ -250,20 +242,28 @@
           "multiple": false,
           "type": "option"
         },
-        "level": {
-          "char": "l",
-          "description": "project,branch or user",
-          "name": "level",
-          "default": "project",
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
           "hasDynamicHelp": false,
           "multiple": false,
-          "options": [
-            "project",
-            "branch",
-            "user"
-          ],
           "type": "option"
         },
+        "devhub": {
+          "char": "h",
+          "description": "Also connect associated DevHub",
+          "name": "devhub",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "scratchorg": {
+          "char": "s",
+          "description": "Scratch org",
+          "name": "scratchorg",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -287,30 +287,30 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:config:get",
+      "id": "hardis:auth:login",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Deploy metadata sources to org",
+      "title": "Login",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "config",
-        "get.js"
+        "auth",
+        "login.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:config:get",
-        "config:hardis:get",
-        "config:get:hardis",
-        "hardis:get:config",
-        "get:hardis:config",
-        "get:config:hardis"
+        "hardis:auth:login",
+        "auth:hardis:login",
+        "auth:login:hardis",
+        "hardis:login:auth",
+        "login:hardis:auth",
+        "login:auth:hardis"
       ]
     },
     "hardis:doc:fieldusage": {
@@ -5539,12 +5539,15 @@
         "import:data:org:hardis"
       ]
     },
-    "hardis:org:files:export": {
+    "hardis:org:diagnose:audittrail": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Exports file attachments (ContentVersion, Attachment) from a Salesforce org based on a predefined configuration.**\n\nThis command enables the mass download of files associated with Salesforce records, providing a robust solution for backing up files, migrating them to other systems, or integrating them with external document management solutions.\n\nKey functionalities:\n\n- **Configuration-Driven Export:** Relies on an `export.json` file within a designated file export project to define the export criteria, including the SOQL query for parent records, file types to export, output naming conventions, and file size filtering.\n- **File Size Filtering:** Supports minimum file size filtering via the `fileSizeMin` configuration parameter (in KB). Files smaller than the specified size will be skipped during export.\n- **File Validation:** After downloading each file, validates the integrity by:\n  - **Checksum Validation:** For ContentVersion files, compares MD5 checksum with Salesforce's stored checksum\n  - **Size Validation:** For both ContentVersion and Attachment files, verifies actual file size matches expected size\n  - **Status Tracking:** Files are categorized with specific statuses: `success` (valid files), `failed` (download errors), `skipped` (filtered files), `invalid` (downloaded but failed validation)\n  - All validation results are logged in the CSV export log for audit purposes\n- **Resume/Restart Capability:** \n  - **Resume Mode:** When `--resume` flag is used (default in CI environments), checks existing downloaded files for validity. Valid files are skipped, invalid files are re-downloaded.\n  - **Restart Mode:** When resume is disabled, clears the output folder and starts a fresh export.\n  - **Interactive Mode:** When existing files are found and `--resume` is not explicitly specified (non-CI environments), prompts the user to choose between resume or restart.\n- **Interactive Project Selection:** If the file export project path is not provided via the `--path` flag, it interactively prompts the user to select one.\n- **Configurable Export Options:** Allows overriding default export settings such as `chunksize` (number of records processed in a batch), `polltimeout` (timeout for Bulk API calls), and `startchunknumber` (to resume a failed export).\n- **Support for ContentVersion and Attachment:** Handles both modern Salesforce Files (ContentVersion) and older Attachments.\n\nSee this article for a practical example:\n\n[![How to mass download notes and attachments files from a Salesforce org](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-mass-download.jpg)](https://nicolas.vuillamy.fr/how-to-mass-download-notes-and-attachments-files-from-a-salesforce-org-83a028824afd)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **FilesExporter Class:** The core logic is encapsulated within the `FilesExporter` class, which orchestrates the entire export process.\n- **SOQL Queries (Bulk API):** It uses Salesforce Bulk API queries to efficiently retrieve large volumes of parent record IDs and file metadata, including checksums and file sizes.\n- **File Download:** Downloads the actual file content from Salesforce.\n- **File Validation:** After each successful download, validates file integrity by comparing checksums (ContentVersion) and file sizes (both ContentVersion and Attachment) against Salesforce metadata.\n- **Resume Logic:** In resume mode, checks for existing files before downloading, validates their integrity, and only re-downloads invalid or missing files. This enables efficient recovery from interrupted exports.\n- **File System Operations:** Writes the downloaded files to the local file system, organizing them into folders based on the configured naming conventions.\n- **Configuration Loading:** Reads the `export.json` file to get the export configuration. It also allows for interactive overriding of these settings.\n- **Interactive Prompts:** Uses `selectFilesWorkspace` to allow the user to choose a file export project, `promptFilesExportConfiguration` for customizing export options, and prompts for resume/restart choice when existing files are found.\n- **Error Handling:** Includes mechanisms to handle potential errors during the export process, such as network issues, API limits, and file validation failures. Each file is assigned a specific status (`success`, `failed`, `skipped`, `invalid`) for comprehensive tracking and troubleshooting.\n</details>\n",
+      "description": "Export Audit trail into a CSV file with selected criteria, and highlight suspect actions\n\nAlso detects updates of Custom Settings values (disable by defining `SKIP_AUDIT_TRAIL_CUSTOM_SETTINGS=true`)\n\nRegular setup actions performed in major orgs are filtered.\n\n- \"\"\n  - createScratchOrg\n  - changedsenderemail\n  - deleteScratchOrg\n  - loginasgrantedtopartnerbt\n- Certificate and Key Management\n  - insertCertificate\n- Custom App Licenses\n  - addeduserpackagelicense\n  - granteduserpackagelicense\n  - revokeduserpackagelicense\n- Customer Portal\n  - createdcustomersuccessuser\n  - CSPUserDisabled\n- Currency\n  - updateddatedexchrate\n- Data Management\n  - queueMembership\n- Email Administration\n  - dkimRotationPreparationSuccessful\n  - dkimRotationSuccessful\n- External Objects\n  - xdsEncryptedFieldChange\n- Groups\n  - groupMembership\n- Holidays\n  - holiday_insert\n- Inbox mobile and legacy desktop apps\n  - enableSIQUserNonEAC\n  - siqUserAcceptedTOS\n- Manage Users\n  - activateduser\n  - createduser\n  - changedcommunitynickname\n  - changedemail\n  - changedfederationid\n  - changedpassword\n  - changedinteractionuseroffon\n  - changedinteractionuseronoff\n  - changedmarketinguseroffon\n  - changedmarketinguseronoff\n  - changedofflineuseroffon\n  - changedprofileforuserstdtostd\n  - changedprofileforuser\n  - changedprofileforusercusttostd\n  - changedprofileforuserstdtocust\n  - changedroleforusertonone\n  - changedroleforuser\n  - changedroleforuserfromnone\n  - changedUserAdminVerifiedStatusVerified\n  - changedUserEmailVerifiedStatusUnverified\n  - changedUserEmailVerifiedStatusVerified\n  - changedknowledgeuseroffon\n  - changedsfcontentuseroffon\n  - changedsupportuseroffon\n  - changedusername\n  - changedUserPhoneNumber\n  - changedUserPhoneVerifiedStatusUnverified\n  - changedUserPhoneVerifiedStatusVerified\n  - deactivateduser\n  - deleteAuthenticatorPairing\n  - deleteTwoFactorInfo2\n  - deleteTwoFactorTempCode\n  - frozeuser\n  - insertAuthenticatorPairing\n  - insertTwoFactorInfo2\n  - insertTwoFactorTempCode\n  - lightningloginenroll\n  - PermSetAssign\n  - PermSetGroupAssign\n  - PermSetGroupUnassign\n  - PermSetLicenseAssign\n  - PermSetUnassign\n  - PermSetLicenseUnassign\n  - registeredUserPhoneNumber\n  - resetpassword\n  - suNetworkAdminLogin\n  - suNetworkAdminLogout\n  - suOrgAdminLogin\n  - suOrgAdminLogout\n  - unfrozeuser\n  - useremailchangesent\n- Mobile Administration\n  - assigneduserstomobileconfig\n- Reporting Snapshots\n  - createdReportJob\n  - deletedReportJob\n- Sandboxes\n  - DeleteSandbox\n\nBy default, deployment user defined in .sfdx-hardis.yml targetUsername property will be excluded.\n\nYou can define additional users to exclude in .sfdx-hardis.yml **monitoringExcludeUsernames** property.\n\nYou can also add more sections / actions considered as not suspect using property **monitoringAllowedSectionsActions**\n\nExample:\n\n```yaml\nmonitoringExcludeUsernames:\n  - deploymentuser@cloudity.com\n  - marketingcloud@cloudity.com\n  - integration-user@cloudity.com\n\nmonitoringAllowedSectionsActions:\n  \"Some section\": [] // Will ignore all actions from such section\n  \"Some other section\": [\"actionType1\",\"actionType2\",\"actionType3\"] // Will ignore only those 3 actions from section \"Some other section\". Other actions in the same section will be considered as suspect.\n```\n\n## Excel output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-excel.jpg)\n\n## Local output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-local.jpg)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-suspect-audit-trail/) and can output Grafana, Slack and MsTeams Notifications.\n",
       "examples": [
-        "$ sf hardis:org:files:export"
+        "$ sf hardis:org:diagnose:audittrail",
+        "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com",
+        "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com,bertrand@titi.com",
+        "$ sf hardis:org:diagnose:audittrail --lastndays 5"
       ],
       "flags": {
         "json": {
@@ -5562,48 +5565,30 @@
           "multiple": false,
           "type": "option"
         },
-        "path": {
-          "char": "p",
-          "description": "Path to the file export project",
-          "name": "path",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "chunksize": {
-          "char": "c",
-          "description": "Number of records to add in a chunk before it is processed",
-          "name": "chunksize",
-          "default": 1000,
+        "excludeusers": {
+          "char": "e",
+          "description": "Comma-separated list of usernames to exclude",
+          "name": "excludeusers",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "polltimeout": {
+        "lastndays": {
           "char": "t",
-          "description": "Timeout in MS for Bulk API calls",
-          "name": "polltimeout",
-          "default": 300000,
+          "description": "Number of days to extract from today (included)",
+          "name": "lastndays",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "startchunknumber": {
-          "char": "s",
-          "description": "Chunk number to start from",
-          "name": "startchunknumber",
-          "default": 0,
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "resume": {
-          "char": "r",
-          "description": "Resume previous export by checking existing files (default in CI)",
-          "name": "resume",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -5642,13 +5627,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:files:export",
+      "id": "hardis:org:diagnose:audittrail",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Export files",
+      "title": "Diagnose content of Setup Audit Trail",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -5656,43 +5641,43 @@
         "commands",
         "hardis",
         "org",
-        "files",
-        "export.js"
+        "diagnose",
+        "audittrail.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:files:export",
-        "org:hardis:files:export",
-        "org:files:hardis:export",
-        "org:files:export:hardis",
-        "hardis:files:org:export",
-        "files:hardis:org:export",
-        "files:org:hardis:export",
-        "files:org:export:hardis",
-        "hardis:files:export:org",
-        "files:hardis:export:org",
-        "files:export:hardis:org",
-        "files:export:org:hardis",
-        "hardis:org:export:files",
-        "org:hardis:export:files",
-        "org:export:hardis:files",
-        "org:export:files:hardis",
-        "hardis:export:org:files",
-        "export:hardis:org:files",
-        "export:org:hardis:files",
-        "export:org:files:hardis",
-        "hardis:export:files:org",
-        "export:hardis:files:org",
-        "export:files:hardis:org",
-        "export:files:org:hardis"
+        "hardis:org:diagnose:audittrail",
+        "org:hardis:diagnose:audittrail",
+        "org:diagnose:hardis:audittrail",
+        "org:diagnose:audittrail:hardis",
+        "hardis:diagnose:org:audittrail",
+        "diagnose:hardis:org:audittrail",
+        "diagnose:org:hardis:audittrail",
+        "diagnose:org:audittrail:hardis",
+        "hardis:diagnose:audittrail:org",
+        "diagnose:hardis:audittrail:org",
+        "diagnose:audittrail:hardis:org",
+        "diagnose:audittrail:org:hardis",
+        "hardis:org:audittrail:diagnose",
+        "org:hardis:audittrail:diagnose",
+        "org:audittrail:hardis:diagnose",
+        "org:audittrail:diagnose:hardis",
+        "hardis:audittrail:org:diagnose",
+        "audittrail:hardis:org:diagnose",
+        "audittrail:org:hardis:diagnose",
+        "audittrail:org:diagnose:hardis",
+        "hardis:audittrail:diagnose:org",
+        "audittrail:hardis:diagnose:org",
+        "audittrail:diagnose:hardis:org",
+        "audittrail:diagnose:org:hardis"
       ]
     },
-    "hardis:org:files:import": {
+    "hardis:org:diagnose:instanceupgrade": {
       "aliases": [],
       "args": {},
-      "description": "\nThis command facilitates the mass upload of files into Salesforce, allowing you to populate records with associated documents, images, or other file types. It's a crucial tool for data migration, content seeding, or synchronizing external file repositories with Salesforce.\n\nKey functionalities:\n\n- **Configuration-Driven Import:** Relies on an `export.json` file within a designated file export project (created using `sf hardis:org:configure:files`) to determine which files to import and how they should be associated with Salesforce records.\n- **Interactive Project Selection:** If the file import project path is not provided via the `--path` flag, it interactively prompts the user to select one.\n- **Overwrite Option:** The `--overwrite` flag allows you to replace existing files in Salesforce with local versions that have the same name. Be aware that this option doubles the number of API calls used.\n- **Support for ContentVersion and Attachment:** Handles both modern Salesforce Files (ContentVersion) and older Attachments.\n\nSee this article for how to export files, which is often a prerequisite for importing:\n\n[![How to mass download notes and attachments files from a Salesforce org](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-mass-download.jpg)](https://nicolas.vuillamy.fr/how-to-mass-download-notes-and-attachments-files-from-a-salesforce-org-83a028824afd)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **FilesImporter Class:** The core logic is encapsulated within the `FilesImporter` class, which orchestrates the entire import process.\n- **File System Scan:** Scans the local file system within the configured project directory to identify files for import.\n- **Salesforce API Interaction:** Uses Salesforce APIs (e.g., ContentVersion, Attachment) to upload files and associate them with records.\n- **Configuration Loading:** Reads the `export.json` file to get the import configuration, including SOQL queries to identify parent records for file association.\n- **Interactive Prompts:** Uses `selectFilesWorkspace` to allow the user to choose a file import project and `prompts` for confirming the overwrite behavior.\n- **Error Handling:** Includes mechanisms to handle potential errors during the import process, such as API limits or file upload failures.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Retrieves and displays the scheduled upgrade date for a Salesforce org's instance.**\n\nThis command provides crucial information about when your Salesforce instance will be upgraded to the next major release (Spring, Summer, or Winter). This is vital for release planning, testing, and ensuring compatibility with upcoming Salesforce features.\n\nKey functionalities:\n\n- **Instance Identification:** Determines the Salesforce instance name of your target org.\n- **Upgrade Date Retrieval:** Fetches the planned start time of the next major core service upgrade for that instance from the Salesforce Status API.\n- **Days Until Upgrade:** Calculates and displays the number of days remaining until the next major upgrade.\n- **Severity-Based Logging:** Adjusts the log severity (info, warning) based on the proximity of the upgrade date, providing a visual cue for urgency.\n- **Notifications:** Sends notifications to configured channels (e.g., Slack, MS Teams, Grafana) with the upgrade information, making it suitable for automated monitoring.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Query:** It first queries the `Organization` object in Salesforce to get the `InstanceName` of the target org.\n- **Salesforce Status API Integration:** It makes an HTTP GET request to the Salesforce Status API (`https://api.status.salesforce.com/v1/instances/{instanceName}/status`) to retrieve detailed information about the instance, including scheduled maintenances.\n- **Data Parsing:** It parses the JSON response from the Status API to extract the relevant major release upgrade information.\n- **Date Calculation:** Uses the `moment` library to calculate the difference in days between the current date and the planned upgrade date.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including the instance name, upgrade date, and days remaining, along with relevant metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the upgrade status and proximity.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:files:import"
+        "$ sf hardis:org:diagnose:instanceupgrade"
       ],
       "flags": {
         "json": {
@@ -5710,21 +5695,6 @@
           "multiple": false,
           "type": "option"
         },
-        "path": {
-          "char": "p",
-          "description": "Path to the file export project",
-          "name": "path",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "overwrite": {
-          "char": "f",
-          "description": "Override existing files (doubles the number of API calls)",
-          "name": "overwrite",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -5763,13 +5733,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:files:import",
+      "id": "hardis:org:diagnose:instanceupgrade",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Import files",
+      "title": "Get Instance Upgrade date",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -5777,44 +5747,46 @@
         "commands",
         "hardis",
         "org",
-        "files",
-        "import.js"
+        "diagnose",
+        "instanceupgrade.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:files:import",
-        "org:hardis:files:import",
-        "org:files:hardis:import",
-        "org:files:import:hardis",
-        "hardis:files:org:import",
-        "files:hardis:org:import",
-        "files:org:hardis:import",
-        "files:org:import:hardis",
-        "hardis:files:import:org",
-        "files:hardis:import:org",
-        "files:import:hardis:org",
-        "files:import:org:hardis",
-        "hardis:org:import:files",
-        "org:hardis:import:files",
-        "org:import:hardis:files",
-        "org:import:files:hardis",
-        "hardis:import:org:files",
-        "import:hardis:org:files",
-        "import:org:hardis:files",
-        "import:org:files:hardis",
-        "hardis:import:files:org",
-        "import:hardis:files:org",
-        "import:files:hardis:org",
-        "import:files:org:hardis"
+        "hardis:org:diagnose:instanceupgrade",
+        "org:hardis:diagnose:instanceupgrade",
+        "org:diagnose:hardis:instanceupgrade",
+        "org:diagnose:instanceupgrade:hardis",
+        "hardis:diagnose:org:instanceupgrade",
+        "diagnose:hardis:org:instanceupgrade",
+        "diagnose:org:hardis:instanceupgrade",
+        "diagnose:org:instanceupgrade:hardis",
+        "hardis:diagnose:instanceupgrade:org",
+        "diagnose:hardis:instanceupgrade:org",
+        "diagnose:instanceupgrade:hardis:org",
+        "diagnose:instanceupgrade:org:hardis",
+        "hardis:org:instanceupgrade:diagnose",
+        "org:hardis:instanceupgrade:diagnose",
+        "org:instanceupgrade:hardis:diagnose",
+        "org:instanceupgrade:diagnose:hardis",
+        "hardis:instanceupgrade:org:diagnose",
+        "instanceupgrade:hardis:org:diagnose",
+        "instanceupgrade:org:hardis:diagnose",
+        "instanceupgrade:org:diagnose:hardis",
+        "hardis:instanceupgrade:diagnose:org",
+        "instanceupgrade:hardis:diagnose:org",
+        "instanceupgrade:diagnose:hardis:org",
+        "instanceupgrade:diagnose:org:hardis"
       ]
     },
-    "hardis:org:fix:listviewmine": {
+    "hardis:org:diagnose:legacyapi": {
       "aliases": [],
       "args": {},
-      "description": "Fix listviews whose scope Mine has been replaced by Everything\n\n[![Invalid scope:Mine, not allowed ? Deploy your ListViews anyway !](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-scope-mine.jpg)](https://nicolas.vuillamy.fr/invalid-scope-mine-not-allowed-deploy-your-listviews-anyway-443aceca8ac7)\n\nList of ListViews can be:\n\n- read from .sfdx-hardis.yml file in property **listViewsToSetToMine**\n- sent in argument listviews\n\nNote: property **listViewsToSetToMine** can be auto-generated by command hardis:work:save if .sfdx-hardis.yml contains the following configuration\n\n```yaml\nautoCleanTypes:\n  - listViewsMine\n```\n\n- Example of sfdx-hardis.yml property `listViewsToSetToMine`:\n\n```yaml\nlistViewsToSetToMine:\n  - \"force-app/main/default/objects/Operation__c/listViews/MyCurrentOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Operation__c/listViews/MyFinalizedOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/Default_Opportunity_Pipeline.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MyCurrentSubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MySubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Account/listViews/MyActivePartners.listView-meta.xml\"\n```\n\n- If manually written, this could also be:\n\n```yaml\nlistViewsToSetToMine:\n  - \"Operation__c:MyCurrentOperations\"\n  - \"Operation__c:MyFinalizedOperations\"\n  - \"Opportunity:Default_Opportunity_Pipeline\"\n  - \"Opportunity:MyCurrentSubscriptions\"\n  - \"Opportunity:MySubscriptions\"\n  - \"Account:MyActivePartners\"\n```\n\nTroubleshooting: if you need to run this command from an alpine-linux based docker image, use this workaround in your dockerfile:\n\n```dockerfile\n# Do not use puppeteer embedded chromium\nRUN apk add --update --no-cache chromium\nENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=\"true\"\nENV CHROMIUM_PATH=\"/usr/bin/chromium-browser\"\nENV PUPPETEER_EXECUTABLE_PATH=\"$\\{CHROMIUM_PATH}\" // remove \\ before {\n```\n",
+      "description": "Checks if an org uses retired or someday retired API version\n\n\nSee article below\n\n[![Handle Salesforce API versions Deprecation like a pro](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-deprecated-api.jpg)](https://nicolas.vuillamy.fr/handle-salesforce-api-versions-deprecation-like-a-pro-335065f52238)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-deprecated-api-calls/) and can output Grafana, Slack and MsTeams Notifications.\n",
       "examples": [
-        "$ sf hardis:org:fix:listviewmine",
-        "$ sf hardis:org:fix:listviewmine --listviews Opportunity:MySubscriptions,Account:MyActivePartners"
+        "$ sf hardis:org:diagnose:legacyapi",
+        "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com",
+        "$ sf hardis:org:diagnose:legacyapi --outputfile 'c:/path/to/folder/legacyapi.csv'",
+        "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com --outputfile ./tmp/legacyapi.csv"
       ],
       "flags": {
         "json": {
@@ -5832,10 +5804,28 @@
           "multiple": false,
           "type": "option"
         },
-        "listviews": {
+        "eventtype": {
+          "char": "e",
+          "description": "Type of EventLogFile event to analyze",
+          "name": "eventtype",
+          "default": "ApiTotalUsage",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "limit": {
           "char": "l",
-          "description": "Comma-separated list of listviews following format Object:ListViewName\nExample: Contact:MyContacts,Contact:MyActiveContacts,Opportunity:MYClosedOpportunities",
-          "name": "listviews",
+          "description": "Number of latest EventLogFile events to analyze",
+          "name": "limit",
+          "default": 999,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -5878,59 +5868,57 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:fix:listviewmine",
+      "id": "hardis:org:diagnose:legacyapi",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Fix listviews with ",
-      "requiresProject": true,
+      "title": "Check for legacy API use",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "fix",
-        "listviewmine.js"
+        "diagnose",
+        "legacyapi.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:fix:listviewmine",
-        "org:hardis:fix:listviewmine",
-        "org:fix:hardis:listviewmine",
-        "org:fix:listviewmine:hardis",
-        "hardis:fix:org:listviewmine",
-        "fix:hardis:org:listviewmine",
-        "fix:org:hardis:listviewmine",
-        "fix:org:listviewmine:hardis",
-        "hardis:fix:listviewmine:org",
-        "fix:hardis:listviewmine:org",
-        "fix:listviewmine:hardis:org",
-        "fix:listviewmine:org:hardis",
-        "hardis:org:listviewmine:fix",
-        "org:hardis:listviewmine:fix",
-        "org:listviewmine:hardis:fix",
-        "org:listviewmine:fix:hardis",
-        "hardis:listviewmine:org:fix",
-        "listviewmine:hardis:org:fix",
-        "listviewmine:org:hardis:fix",
-        "listviewmine:org:fix:hardis",
-        "hardis:listviewmine:fix:org",
-        "listviewmine:hardis:fix:org",
-        "listviewmine:fix:hardis:org",
-        "listviewmine:fix:org:hardis"
+        "hardis:org:diagnose:legacyapi",
+        "org:hardis:diagnose:legacyapi",
+        "org:diagnose:hardis:legacyapi",
+        "org:diagnose:legacyapi:hardis",
+        "hardis:diagnose:org:legacyapi",
+        "diagnose:hardis:org:legacyapi",
+        "diagnose:org:hardis:legacyapi",
+        "diagnose:org:legacyapi:hardis",
+        "hardis:diagnose:legacyapi:org",
+        "diagnose:hardis:legacyapi:org",
+        "diagnose:legacyapi:hardis:org",
+        "diagnose:legacyapi:org:hardis",
+        "hardis:org:legacyapi:diagnose",
+        "org:hardis:legacyapi:diagnose",
+        "org:legacyapi:hardis:diagnose",
+        "org:legacyapi:diagnose:hardis",
+        "hardis:legacyapi:org:diagnose",
+        "legacyapi:hardis:org:diagnose",
+        "legacyapi:org:hardis:diagnose",
+        "legacyapi:org:diagnose:hardis",
+        "hardis:legacyapi:diagnose:org",
+        "legacyapi:hardis:diagnose:org",
+        "legacyapi:diagnose:hardis:org",
+        "legacyapi:diagnose:org:hardis"
       ]
     },
-    "hardis:org:generate:packagexmlfull": {
+    "hardis:org:diagnose:licenses": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
+      "description": "\n**Lists and analyzes User Licenses and Permission Set Licenses subscribed and used in a Salesforce org.**\n\nThis command provides a comprehensive overview of your Salesforce license consumption. It's particularly useful for:\n\n- **License Management:** Understanding which licenses are active, how many are available, and how many are being used.\n- **Cost Optimization:** Identifying unused or underutilized licenses that could be reallocated or decommissioned.\n- **Compliance:** Ensuring that your organization is compliant with Salesforce licensing agreements.\n- **Monitoring:** Tracking license usage trends over time.\n\nKey functionalities:\n\n- **User License Details:** Retrieves information about standard and custom User Licenses, including `MasterLabel`, `Name`, `TotalLicenses`, and `UsedLicenses`.\n- **Permission Set License Details:** Retrieves information about Permission Set Licenses, including `MasterLabel`, `PermissionSetLicenseKey`, `TotalLicenses`, and `UsedLicenses`.\n- **Used Licenses Filter:** The `--usedonly` flag allows you to filter the report to show only licenses that have at least one `UsedLicenses` count greater than zero.\n- **CSV Report Generation:** Generates a CSV file containing all the retrieved license information, suitable for detailed analysis.\n- **Notifications:** Sends notifications to configured channels (e.g., Grafana, Slack, MS Teams) with a summary of license usage, including lists of active and used licenses.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It executes SOQL queries against the `UserLicense` and `PermissionSetLicense` objects in Salesforce to retrieve license data.\n- **Data Transformation:** It processes the query results, reformatting the data to be more readable and consistent for reporting purposes (e.g., removing `Id` and `attributes`, renaming `PermissionSetLicenseKey` to `Name`).\n- **Data Aggregation:** It aggregates license information, creating a `licensesByKey` object for quick lookups and a `usedLicenses` array for a concise list of actively used licenses.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of license data.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the license extraction process and the used licenses.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:generate:packagexmlfull",
-        "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
-        "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
+        "$ sf hardis:org:diagnose:licenses"
       ],
       "flags": {
         "json": {
@@ -5949,12 +5937,20 @@
           "type": "option"
         },
         "outputfile": {
-          "description": "Output package.xml file",
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
           "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
+        "usedonly": {
+          "char": "u",
+          "description": "Filter to have only used licenses",
+          "name": "usedonly",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -5962,13 +5958,6 @@
           "allowNo": false,
           "type": "boolean"
         },
-        "no-prompt": {
-          "char": "n",
-          "description": "Do not prompt for org username, use the default one",
-          "name": "no-prompt",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "websocket": {
           "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
@@ -6000,13 +5989,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:generate:packagexmlfull",
+      "id": "hardis:org:diagnose:licenses",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Generate Full Org package.xml",
+      "title": "List licenses subscribed and used in a Salesforce org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -6014,43 +6003,43 @@
         "commands",
         "hardis",
         "org",
-        "generate",
-        "packagexmlfull.js"
+        "diagnose",
+        "licenses.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:generate:packagexmlfull",
-        "org:hardis:generate:packagexmlfull",
-        "org:generate:hardis:packagexmlfull",
-        "org:generate:packagexmlfull:hardis",
-        "hardis:generate:org:packagexmlfull",
-        "generate:hardis:org:packagexmlfull",
-        "generate:org:hardis:packagexmlfull",
-        "generate:org:packagexmlfull:hardis",
-        "hardis:generate:packagexmlfull:org",
-        "generate:hardis:packagexmlfull:org",
-        "generate:packagexmlfull:hardis:org",
-        "generate:packagexmlfull:org:hardis",
-        "hardis:org:packagexmlfull:generate",
-        "org:hardis:packagexmlfull:generate",
-        "org:packagexmlfull:hardis:generate",
-        "org:packagexmlfull:generate:hardis",
-        "hardis:packagexmlfull:org:generate",
-        "packagexmlfull:hardis:org:generate",
-        "packagexmlfull:org:hardis:generate",
-        "packagexmlfull:org:generate:hardis",
-        "hardis:packagexmlfull:generate:org",
-        "packagexmlfull:hardis:generate:org",
-        "packagexmlfull:generate:hardis:org",
-        "packagexmlfull:generate:org:hardis"
+        "hardis:org:diagnose:licenses",
+        "org:hardis:diagnose:licenses",
+        "org:diagnose:hardis:licenses",
+        "org:diagnose:licenses:hardis",
+        "hardis:diagnose:org:licenses",
+        "diagnose:hardis:org:licenses",
+        "diagnose:org:hardis:licenses",
+        "diagnose:org:licenses:hardis",
+        "hardis:diagnose:licenses:org",
+        "diagnose:hardis:licenses:org",
+        "diagnose:licenses:hardis:org",
+        "diagnose:licenses:org:hardis",
+        "hardis:org:licenses:diagnose",
+        "org:hardis:licenses:diagnose",
+        "org:licenses:hardis:diagnose",
+        "org:licenses:diagnose:hardis",
+        "hardis:licenses:org:diagnose",
+        "licenses:hardis:org:diagnose",
+        "licenses:org:hardis:diagnose",
+        "licenses:org:diagnose:hardis",
+        "hardis:licenses:diagnose:org",
+        "licenses:hardis:diagnose:org",
+        "licenses:diagnose:hardis:org",
+        "licenses:diagnose:org:hardis"
       ]
     },
-    "hardis:org:monitor:all": {
+    "hardis:org:diagnose:releaseupdates": {
       "aliases": [],
       "args": {},
-      "description": "Monitor org, generate reports and sends notifications\n\nYou can disable some commands defining either a **monitoringDisable** property in `.sfdx-hardis.yml`, or a comma separated list in env variable **MONITORING_DISABLE**\n\nExample in .sfdx-hardis.yml:\n  \n```yaml\nmonitoringDisable:\n  - METADATA_STATUS\n  - MISSING_ATTRIBUTES\n  - UNUSED_METADATAS\n```\n  \nExample in env var:\n\n```sh\nMONITORING_DISABLE=METADATA_STATUS,MISSING_ATTRIBUTES,UNUSED_METADATAS\n```\n\nA [default list of monitoring commands](https://sfdx-hardis.cloudity.com/salesforce-monitoring-home/#monitoring-commands) is used, if you want to override it you can define property **monitoringCommands** in your .sfdx-hardis.yml file\n\nExample:\n\n```yaml\nmonitoringCommands:\n  - title: My Custom command\n    command: sf my:custom:command\n  - title: My Custom command 2\n    command: sf my:other:custom:command\n```\n\nYou can force the daily run of all commands by defining env var `MONITORING_IGNORE_FREQUENCY=true`\n\nThe default list of commands is the following:\n\n| Key | Description | Command | Frequency |\n| :---: | :---- | :---- | :-----: |\n| [AUDIT_TRAIL](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | Detect suspect setup actions in major org | [sf hardis:org:diagnose:audittrail](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | daily |\n| [LEGACY_API](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | Detect calls to deprecated API versions | [sf hardis:org:diagnose:legacyapi](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | daily |\n| [ORG_LIMITS](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | Detect if org limits are close to be reached | [sf hardis:org:monitor:limits](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | daily |\n| [UNSECURED_CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | Detect unsecured Connected Apps in an org | [sf hardis:org:diagnose:unsecure-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | daily |\n| [LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | Extract licenses information | [sf hardis:org:diagnose:licenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | weekly |\n| [LINT_ACCESS](https://sfdx-hardis.cloudity.com/hardis/lint/access) | Detect custom elements with no access rights defined in permission sets | [sf hardis:lint:access](https://sfdx-hardis.cloudity.com/hardis/lint/access) | weekly |\n| [UNUSED_LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | Detect permission set licenses that are assigned to users that do not need them | [sf hardis:org:diagnose:unusedlicenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | weekly |\n| [UNUSED_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users without recent logins | [sf hardis:org:diagnose:unusedusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ACTIVE_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users with recent logins | [sf hardis:org:diagnose:unusedusers --returnactiveusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ORG_INFO](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | Get org info + SF instance info + next major upgrade date | [sf hardis:org:diagnose:instanceupgrade](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | weekly |\n| [RELEASE_UPDATES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | Gather warnings about incoming and overdue Release Updates | [sf hardis:org:diagnose:releaseupdates](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | weekly |\n| [UNUSED_METADATAS](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | Detect custom labels and custom permissions that are not in use | [sf hardis:lint:unusedmetadatas](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | weekly |\n| [UNUSED_APEX_CLASSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | Detect unused Apex classes in an org | [sf hardis:org:diagnose:unused-apex-classes](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | weekly |\n| [CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | Detect unused Connected Apps in an org | [sf hardis:org:diagnose:unused-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | weekly |\n| [METADATA_STATUS](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | Detect inactive metadata | [sf hardis:lint:metadatastatus](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | weekly |\n| [MISSING_ATTRIBUTES](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | Detect missing description on custom field | [sf hardis:lint:missingattributes](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | weekly |\n\n",
+      "description": "Export Release Updates into a CSV file with selected criteria, and highlight Release Updates that should be checked.\n\nBefore publishing **Breaking Changes** ❌, Salesforce announce them in the setup menu [**Release Updates**](https://help.salesforce.com/s/articleView?id=sf.release_updates.htm&type=5)\n\n⚠️ Some of them are very important, because if you don't make the related upgrades in time (ex: before Winter 25) , your production org can crash !\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-release-updates/) and can output Grafana, Slack and MsTeams Notifications.\n",
       "examples": [
-        "$ sf hardis:org:monitor:all"
+        "$ sf hardis:org:diagnose:releaseupdates"
       ],
       "flags": {
         "json": {
@@ -6068,6 +6057,14 @@
           "multiple": false,
           "type": "option"
         },
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -6106,159 +6103,62 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:monitor:all",
+      "id": "hardis:org:diagnose:releaseupdates",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Monitor org",
-      "monitoringCommandsDefault": [
-        {
-          "key": "AUDIT_TRAIL",
-          "title": "Detect suspect setup actions in major org",
-          "command": "sf hardis:org:diagnose:audittrail",
-          "frequency": "daily"
-        },
-        {
-          "key": "LEGACY_API",
-          "title": "Detect calls to deprecated API versions",
-          "command": "sf hardis:org:diagnose:legacyapi",
-          "frequency": "daily"
-        },
-        {
-          "key": "ORG_LIMITS",
-          "title": "Detect if org limits are close to be reached",
-          "command": "sf hardis:org:monitor:limits",
-          "frequency": "daily"
-        },
-        {
-          "key": "UNSECURED_CONNECTED_APPS",
-          "title": "Detect unsecured Connected Apps in an org",
-          "command": "sf hardis:org:diagnose:unsecure-connected-apps",
-          "frequency": "daily"
-        },
-        {
-          "key": "LICENSES",
-          "title": "Extract licenses information",
-          "command": "sf hardis:org:diagnose:licenses",
-          "frequency": "weekly"
-        },
-        {
-          "key": "LINT_ACCESS",
-          "title": "Detect custom elements with no access rights defined in permission sets",
-          "command": "sf hardis:lint:access",
-          "frequency": "weekly"
-        },
-        {
-          "key": "UNUSED_LICENSES",
-          "title": "Detect permission set licenses that are assigned to users that do not need them",
-          "command": "sf hardis:org:diagnose:unusedlicenses",
-          "frequency": "weekly"
-        },
-        {
-          "key": "UNUSED_USERS",
-          "title": "Detect active users without recent logins",
-          "command": "sf hardis:org:diagnose:unusedusers",
-          "frequency": "weekly"
-        },
-        {
-          "key": "ACTIVE_USERS",
-          "title": "Detect active users with recent logins",
-          "command": "sf hardis:org:diagnose:unusedusers --returnactiveusers",
-          "frequency": "weekly"
-        },
-        {
-          "key": "ORG_INFO",
-          "title": "Get org info + SF instance info + next major upgrade date",
-          "command": "sf hardis:org:diagnose:instanceupgrade",
-          "frequency": "weekly"
-        },
-        {
-          "key": "RELEASE_UPDATES",
-          "title": "Gather warnings about incoming and overdue Release Updates",
-          "command": "sf hardis:org:diagnose:releaseupdates",
-          "frequency": "weekly"
-        },
-        {
-          "key": "UNUSED_METADATAS",
-          "title": "Detect custom labels and custom permissions that are not in use",
-          "command": "sf hardis:lint:unusedmetadatas",
-          "frequency": "weekly"
-        },
-        {
-          "key": "UNUSED_APEX_CLASSES",
-          "title": "Detect unused Apex classes in an org",
-          "command": "sf hardis:org:diagnose:unused-apex-classes",
-          "frequency": "weekly"
-        },
-        {
-          "key": "CONNECTED_APPS",
-          "title": "Detect unused Connected Apps in an org",
-          "command": "sf hardis:org:diagnose:unused-connected-apps",
-          "frequency": "weekly"
-        },
-        {
-          "key": "METADATA_STATUS",
-          "title": "Detect inactive metadata",
-          "command": "sf hardis:lint:metadatastatus",
-          "frequency": "weekly"
-        },
-        {
-          "key": "MISSING_ATTRIBUTES",
-          "title": "Detect missing description on custom field",
-          "command": "sf hardis:lint:missingattributes",
-          "frequency": "weekly"
-        }
-      ],
-      "requiresProject": true,
-      "triggerNotification": true,
+      "title": "Check Release Updates of an org",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "monitor",
-        "all.js"
+        "diagnose",
+        "releaseupdates.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:monitor:all",
-        "org:hardis:monitor:all",
-        "org:monitor:hardis:all",
-        "org:monitor:all:hardis",
-        "hardis:monitor:org:all",
-        "monitor:hardis:org:all",
-        "monitor:org:hardis:all",
-        "monitor:org:all:hardis",
-        "hardis:monitor:all:org",
-        "monitor:hardis:all:org",
-        "monitor:all:hardis:org",
-        "monitor:all:org:hardis",
-        "hardis:org:all:monitor",
-        "org:hardis:all:monitor",
-        "org:all:hardis:monitor",
-        "org:all:monitor:hardis",
-        "hardis:all:org:monitor",
-        "all:hardis:org:monitor",
-        "all:org:hardis:monitor",
-        "all:org:monitor:hardis",
-        "hardis:all:monitor:org",
-        "all:hardis:monitor:org",
-        "all:monitor:hardis:org",
-        "all:monitor:org:hardis"
+        "hardis:org:diagnose:releaseupdates",
+        "org:hardis:diagnose:releaseupdates",
+        "org:diagnose:hardis:releaseupdates",
+        "org:diagnose:releaseupdates:hardis",
+        "hardis:diagnose:org:releaseupdates",
+        "diagnose:hardis:org:releaseupdates",
+        "diagnose:org:hardis:releaseupdates",
+        "diagnose:org:releaseupdates:hardis",
+        "hardis:diagnose:releaseupdates:org",
+        "diagnose:hardis:releaseupdates:org",
+        "diagnose:releaseupdates:hardis:org",
+        "diagnose:releaseupdates:org:hardis",
+        "hardis:org:releaseupdates:diagnose",
+        "org:hardis:releaseupdates:diagnose",
+        "org:releaseupdates:hardis:diagnose",
+        "org:releaseupdates:diagnose:hardis",
+        "hardis:releaseupdates:org:diagnose",
+        "releaseupdates:hardis:org:diagnose",
+        "releaseupdates:org:hardis:diagnose",
+        "releaseupdates:org:diagnose:hardis",
+        "hardis:releaseupdates:diagnose:org",
+        "releaseupdates:hardis:diagnose:org",
+        "releaseupdates:diagnose:hardis:org",
+        "releaseupdates:diagnose:org:hardis"
       ]
     },
-    "hardis:org:monitor:backup": {
+    "hardis:org:diagnose:storage-stats": {
       "aliases": [],
       "args": {},
-      "description": "Retrieve sfdx sources in the context of a monitoring backup\n\nThe command exists in 2 modes: filtered(default & recommended) and full.\n\n## Filtered mode (default, better performances)\n\nAutomatically skips metadatas from installed packages with namespace.  \n\nYou can remove more metadata types from backup, especially in case you have too many metadatas and that provokes a crash, using:\n\n- Manual update of `manifest/package-skip-items.xml` config file (then commit & push in the same branch)\n\n  - Works with full wildcard (`<members>*</members>`) , named metadata (`<members>Account.Name</members>`) or partial wildcards names (`<members>pi__*</members>` , `<members>*__dlm</members>` , or `<members>prefix*suffix</members>`)\n\n- Environment variable MONITORING_BACKUP_SKIP_METADATA_TYPES (example: `MONITORING_BACKUP_SKIP_METADATA_TYPES=CustomLabel,StaticResource,Translation`): that will be applied to all monitoring branches.\n\n## Full mode\n\nActivate it with **--full** parameter, or variable MONITORING_BACKUP_MODE_FULL=true\n\nIgnores filters (namespaces items & manifest/package-skip-items.xml) to retrieve ALL metadatas, including those you might not care about (reports, translations...)\n\nAs we can retrieve only 10000 files by call, the list of all metadatas will be chunked to make multiple calls (and take more time than filtered mode)\n\n- if you use `--full-apply-filters` , manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES filters will be applied anyway\n- if you use `--exclude-namespaces` , namespaced items will be ignored\n\n_With those both options, it's like if you are not using --full, but with chunked metadata download_\n\n## In CI/CD\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-metadata-backup/) and can output Grafana, Slack and MsTeams Notifications.\n\n## Troubleshooting\n\nIf you have unknown errors (it happens !), you can investigate using the full command with smaller chunks.\n\nExample: `sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters --max-by-chunk 500`\n\nIt will allow you the identify the responsible metadata and ignore it using package-skip-items.xml or MONITORING_BACKUP_SKIP_METADATA_TYPES env variable.\n\n## Documentation\n\n[Doc generation (including visual flows)](https://sfdx-hardis.cloudity.com/hardis/doc/project2markdown/) is triggered at the end of the command.\n\nIf you want to also upload HTML Documentation on your Salesforce Org as static resource, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_ORG=\"true\"**\n\nIf you want to also upload HTML Documentation on Cloudflare, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_CLOUDFLARE=\"true\"**\n\n- If you want to generate the documentation in multiple languages, define variable SFDX_DOC_LANGUAGES (ex: SFDX_DOC_LANGUAGES=en,fr,de)\n- You can define one Cloudflare site by language, for example with the following variables:\n  - CLOUDFLARE_PROJECT_NAME_EN=cloudity-demo-english\n  - CLOUDFLARE_PROJECT_NAME_FR=cloudity-demo-french\n  - CLOUDFLARE_PROJECT_NAME_DE=cloudity-demo-german\n\nIf Flow history doc always display a single state, you probably need to update your workflow configuration:\n\n- on Gitlab: Env variable [`GIT_FETCH_EXTRA_FLAGS: --depth 10000`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.gitlab-ci.yml#L11)\n- on GitHub: [`fetch-depth: 0`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.github/workflows/org-monitoring.yml#L58)\n- on Azure: [`fetchDepth: \"0\"`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/azure-pipelines.yml#L39)\n- on Bitbucket: [`step: clone: depth: full`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/bitbucket-pipelines.yml#L18)\n",
+      "description": "**Extracts and analyzes Data Storage usage for a Salesforce org, providing detailed per-object breakdowns with flexible grouping options.**\n\nThis command provides a comprehensive overview of your Salesforce data storage consumption. It's particularly useful for:\n\n- **Storage Management:** Understanding which SObjects consume the most storage and how usage has evolved over time.\n- **Cost Optimization:** Identifying storage-heavy objects that could be candidates for data archival or cleanup strategies.\n- **Capacity Planning:** Tracking storage trends to predict when additional capacity will be needed.\n- **Compliance & Governance:** Monitoring data growth patterns to ensure alignment with data retention policies.\n\nKey functionalities:\n\n- **Storage Limits Analysis:** Retrieves and displays org data storage limits, including total capacity, used storage, remaining storage, and percentage used. Detects and alerts on over-usage scenarios.\n- **SObject Discovery & Filtering:** Automatically discovers all SObjects in the org and filters them to focus on production/custom objects (excludes metadata types, platform-only objects, and cached empty objects).\n- **Interactive Selection:** Prompts the user to select which SObjects to analyze and choose breakdown fields (date fields, RecordType, custom fields, or relationship fields).\n- **Flexible Breakdown Field:** Supports grouping by any field including:\n  - Date/DateTime fields (`CreatedDate`, `LastModifiedDate`, custom date fields)\n  - RecordType (`RecordType.Name`)\n  - Custom fields (`Status__c`, picklists, text fields)\n  - Nested relationship fields (`SBQQ__Quote__r.RecordType.Name`)\n- **Date Granularity Options:** For date/datetime fields, choose between:\n  - Year-based grouping (`CALENDAR_YEAR`)\n  - Month-based grouping (`CALENDAR_MONTH`)\n  - Day-based grouping (exact date)\n- **WHERE Clause Filtering:** Apply SOQL WHERE conditions to filter records before calculating storage (e.g., only active records, records from the last year).\n- **Storage Estimation:** Estimates storage usage for each object using an average record size heuristic (2 KB per record) and calculates the percentage of org quota consumed.\n- **Dual CSV Reports:** Generates two CSV files: a detailed breakdown by selected field and a totals-per-object summary, both suitable for spreadsheet analysis and reporting.\n- **Empty Objects Cache:** Maintains a per-user cache of objects detected with zero records to optimize subsequent runs by skipping empty tables.\n- **Progress Tracking:** Sends WebSocket progress messages for integration with external UIs and monitoring dashboards.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Limits Retrieval:** Calls `conn.limits()` to retrieve the `DataStorageMB` object containing `Max` and `Remaining` values. Handles negative `Remaining` values (over-usage scenarios) by calculating `overUsageMB` and adjusting display values.\n- **SObject Discovery:** Uses `conn.metadata.list([{ type: 'CustomObject' }])` to get custom objects and `conn.describeGlobal()` to get all SObjects. Filters by object capabilities (`layoutable`, `queryable`, `retrieveable`, `createable`, `updateable`, `deletable`) and excludes metadata types (`__mdt` suffix) and cached empty objects.\n- **User Interaction:** Uses `prompts` for interactive multi-select of SObjects, breakdown field selection, granularity choice (for date fields), and optional WHERE conditions. All objects are pre-selected by default for user convenience.\n- **Field Validation:** Recursively validates breakdown fields including nested relationships (e.g., `SBQQ__Quote__r.RecordType.Name`) by traversing the relationship chain and checking field existence on each related object. Automatically handles special cases like `RecordType` -> `RecordTypeId` and `__r` -> `__c` conversions.\n- **Dynamic Query Generation:** Builds SOQL queries based on field type and granularity:\n  - For date fields with year granularity: `SELECT CALENDAR_YEAR(<Field>) breakdown, COUNT(Id) total FROM <SObject> [WHERE ...] GROUP BY CALENDAR_YEAR(<Field>) ORDER BY CALENDAR_YEAR(<Field>)`\n  - For date fields with month granularity: `SELECT CALENDAR_YEAR(<Field>) year, CALENDAR_MONTH(<Field>) month, COUNT(Id) total FROM <SObject> [WHERE ...] GROUP BY CALENDAR_YEAR(<Field>), CALENDAR_MONTH(<Field>) ORDER BY CALENDAR_YEAR(<Field>), CALENDAR_MONTH(<Field>)`\n  - For non-date fields: `SELECT <Field> breakdown, COUNT(Id) total FROM <SObject> [WHERE ...] GROUP BY <Field> ORDER BY <Field>`\n- **WHERE Clause Support:** Accepts user-provided WHERE conditions via flag (`--where`) or interactive prompt. Injects the condition into all SOQL queries for consistent filtering across all objects.\n- **Storage Calculation:** Applies a conservative average record size of 2 KB (2048 bytes) to estimate storage consumption. Calculates both MB usage and percentage of org quota for each object and breakdown value.\n- **Report Generation:** Uses `generateCsvFile` and `generateReportPath` helpers to create two CSV files in the reports directory:\n  - Detailed breakdown: includes all statistics per breakdown value per object (e.g., by year, by month, by RecordType)\n  - Totals summary: includes only aggregate totals per object\n  - File naming includes breakdown field, granularity (for date fields), and `-filtered` suffix when WHERE clause is applied\n- **Caching Mechanism:** Writes a JSON cache file per authenticated username (sanitized) in the reports directory (`<username>_empty_tables_cache.json`) containing an array of empty object names. The cache is updated after each run with newly detected empty objects.\n- **Progress & UX:** Uses `WebSocketClient` to emit start/step/end progress messages for external monitoring. Outputs summary tables with `uxLogTable` and status messages with `uxLog`.\n- **Return Value:** Returns a JSON object containing `tableStorageInfos` (all rows), `tableStorageInfosTotals` (summary rows), `storageLimits` (org limits object), and `outputFiles` (paths to generated CSV/XLSX reports).\n</details>\n\n![](https://sfdx-hardis.cloudity.com/assets/images/storage-usage-year-breakdown.png)\n\n![](https://sfdx-hardis.cloudity.com/assets/images/storage-usage-total.png)\n",
       "examples": [
-        "$ sf hardis:org:monitor:backup",
-        "$ sf hardis:org:monitor:backup --full",
-        "$ sf hardis:org:monitor:backup --full --exclude-namespaces",
-        "$ sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters"
+        "$ sf hardis:org:diagnose:storage-stats",
+        "$ sf hardis:org:diagnose:storage-stats --breakdown-field \"CreatedDate\"",
+        "$ sf hardis:org:diagnose:storage-stats -b \"RecordType.Name\"",
+        "$ sf hardis:org:diagnose:storage-stats --where \"CreatedDate = LAST_N_DAYS:365\"",
+        "$ sf hardis:org:diagnose:storage-stats -w \"Status__c = 'Active'\"",
+        "$ sf hardis:org:diagnose:storage-stats -b \"LastModifiedDate\" -w \"IsDeleted = false\""
       ],
       "flags": {
         "json": {
@@ -6276,53 +6176,26 @@
           "multiple": false,
           "type": "option"
         },
-        "full": {
-          "description": "Dot not take in account filtering using package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES. Efficient but much much slower !",
-          "name": "full",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "max-by-chunk": {
-          "char": "m",
-          "description": "If mode --full is activated, maximum number of metadatas in a package.xml chunk",
-          "name": "max-by-chunk",
-          "default": 3000,
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "exclude-namespaces": {
-          "char": "e",
-          "description": "If mode --full is activated, exclude namespaced metadatas",
-          "name": "exclude-namespaces",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "full-apply-filters": {
-          "char": "z",
-          "description": "If mode --full is activated, apply filters of manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES anyway",
-          "name": "full-apply-filters",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "start-chunk": {
-          "description": "Use this parameter to troubleshoot a specific chunk. It will be used as the first chunk to retrieve",
-          "name": "start-chunk",
-          "default": 1,
+        "breakdown-field": {
+          "char": "b",
+          "description": "Field to use for storage stats breakdown. Example: \"CreatedDate\", \"LastModifiedDate\", \"RecordType.Name\", or custom fields like \"Status__c\"",
+          "name": "breakdown-field",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "skip-doc": {
-          "description": "Skip the generation of project documentation at the end of the command",
-          "name": "skip-doc",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
+        "where": {
+          "char": "w",
+          "description": "WHERE clause to filter records in the query (without the WHERE keyword). Example: \"CreatedDate = LAST_N_DAYS:365\" or \"Status__c = 'Active'\"",
+          "name": "where",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -6365,58 +6238,57 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:monitor:backup",
+      "id": "hardis:org:diagnose:storage-stats",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Backup DX sources",
+      "title": "Extract Data Storage stats",
       "requiresProject": true,
-      "triggerNotification": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "monitor",
-        "backup.js"
+        "diagnose",
+        "storage-stats.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:monitor:backup",
-        "org:hardis:monitor:backup",
-        "org:monitor:hardis:backup",
-        "org:monitor:backup:hardis",
-        "hardis:monitor:org:backup",
-        "monitor:hardis:org:backup",
-        "monitor:org:hardis:backup",
-        "monitor:org:backup:hardis",
-        "hardis:monitor:backup:org",
-        "monitor:hardis:backup:org",
-        "monitor:backup:hardis:org",
-        "monitor:backup:org:hardis",
-        "hardis:org:backup:monitor",
-        "org:hardis:backup:monitor",
-        "org:backup:hardis:monitor",
-        "org:backup:monitor:hardis",
-        "hardis:backup:org:monitor",
-        "backup:hardis:org:monitor",
-        "backup:org:hardis:monitor",
-        "backup:org:monitor:hardis",
-        "hardis:backup:monitor:org",
-        "backup:hardis:monitor:org",
-        "backup:monitor:hardis:org",
-        "backup:monitor:org:hardis"
+        "hardis:org:diagnose:storage-stats",
+        "org:hardis:diagnose:storage-stats",
+        "org:diagnose:hardis:storage-stats",
+        "org:diagnose:storage-stats:hardis",
+        "hardis:diagnose:org:storage-stats",
+        "diagnose:hardis:org:storage-stats",
+        "diagnose:org:hardis:storage-stats",
+        "diagnose:org:storage-stats:hardis",
+        "hardis:diagnose:storage-stats:org",
+        "diagnose:hardis:storage-stats:org",
+        "diagnose:storage-stats:hardis:org",
+        "diagnose:storage-stats:org:hardis",
+        "hardis:org:storage-stats:diagnose",
+        "org:hardis:storage-stats:diagnose",
+        "org:storage-stats:hardis:diagnose",
+        "org:storage-stats:diagnose:hardis",
+        "hardis:storage-stats:org:diagnose",
+        "storage-stats:hardis:org:diagnose",
+        "storage-stats:org:hardis:diagnose",
+        "storage-stats:org:diagnose:hardis",
+        "hardis:storage-stats:diagnose:org",
+        "storage-stats:hardis:diagnose:org",
+        "storage-stats:diagnose:hardis:org",
+        "storage-stats:diagnose:org:hardis"
       ]
     },
-    "hardis:org:monitor:limits": {
+    "hardis:org:diagnose:unsecure-connected-apps": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Checks the current usage of various Salesforce org limits and sends notifications if thresholds are exceeded.**\n\nThis command is a critical component of proactive Salesforce org management, helping administrators and developers monitor resource consumption and prevent hitting critical limits that could impact performance or functionality. It provides early warnings when limits are approaching their capacity.\n\nKey functionalities:\n\n- **Limit Retrieval:** Fetches a comprehensive list of all Salesforce org limits using the Salesforce CLI.\n- **Usage Calculation:** Calculates the percentage of each limit that is currently being used.\n- **Threshold-Based Alerting:** Assigns a severity (success, warning, or error) to each limit based on configurable thresholds:\n  - **Warning:** If usage exceeds 50% (configurable via `LIMIT_THRESHOLD_WARNING` environment variable).\n  - **Error:** If usage exceeds 75% (configurable via `LIMIT_THRESHOLD_ERROR` environment variable).\n- **CSV Report Generation:** Generates a CSV file containing all org limits, their current usage, maximum allowed, and calculated percentage used, along with the assigned severity.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of limits that have exceeded the warning or error thresholds.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-limits/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce CLI Integration:** It executes the `sf org limits list` command to retrieve the current org limits. It parses the JSON output of this command.\n- **Data Processing:** It iterates through the retrieved limits, calculates the `used` and `percentUsed` values, and assigns a `severity` (success, warning, error) based on the configured thresholds.\n- **Environment Variable Configuration:** Reads `LIMIT_THRESHOLD_WARNING` and `LIMIT_THRESHOLD_ERROR` environment variables to set the warning and error thresholds for limit usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of org limits.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and detailed metrics for each limit, which can be consumed by monitoring dashboards like Grafana.\n- **Exit Code Management:** Sets the process exit code to 1 if any limit is in an 'error' state, indicating a critical issue.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Detects unsecured Connected Apps in a Salesforce org and generates detailed reports for security analysis.**\n\nThis command is a critical security diagnostic tool that helps administrators identify Connected Apps that may pose security risks due to improper configuration. It provides comprehensive analysis of OAuth tokens and Connected App security settings to ensure proper access control.\n\nKey functionalities:\n\n- **OAuth Token Analysis:** Queries all OAuth tokens in the org using SOQL to retrieve comprehensive token information including app names, users, authorization status, and usage statistics.\n- **Security Status Assessment:** Evaluates each Connected App's security configuration by checking the `IsUsingAdminAuthorization` flag to determine if admin pre-approval is required.\n- **Unsecured App Detection:** Identifies Connected Apps that allow users to authorize themselves without admin approval, which can pose security risks.\n- **Detailed Reporting:** Generates two comprehensive CSV reports:\n  - **OAuth Tokens Report:** Lists all OAuth tokens with security status, user information, and usage data\n  - **Connected Apps Summary:** Aggregates unsecured Connected Apps with counts of associated OAuth tokens\n- **Visual Indicators:** Uses status icons (❌ for unsecured, ✅ for secured) to provide immediate visual feedback on security status.\n- **Security Recommendations:** Provides actionable guidance on how to secure Connected Apps through proper configuration.\n- **Notifications:** Sends alerts to configured channels (Grafana, Slack, MS Teams) with security findings and attached reports.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-security/) and can output Grafana, Slack and MsTeams Notifications.\n\n<iframe width=\"560\" height=\"315\" src=\"https://www.youtube.com/embed/jHv8yrSK8Dg\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen></iframe>\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query Execution:** Executes a comprehensive SOQL query on the `OauthToken` object, joining with `AppMenuItem` and `User` objects to gather complete security context.\n- **Security Analysis Logic:** Analyzes the `AppMenuItem.IsUsingAdminAuthorization` field to determine if a Connected App requires admin pre-approval for user authorization.\n- **Data Transformation:** Processes raw SOQL results to add security status indicators and reorganize data for optimal reporting and analysis.\n- **Aggregation Processing:** Groups OAuth tokens by Connected App name to provide summary statistics and identify the most problematic applications.\n- **Report Generation:** Uses `generateCsvFile` to create structured CSV reports with proper formatting and metadata for easy analysis and sharing.\n- **Notification Integration:** Integrates with the `NotifProvider` to send security alerts with detailed metrics, including the number of unsecured Connected Apps and associated OAuth tokens.\n- **File Management:** Generates multiple output formats (CSV, XLSX) and manages file paths using `generateReportPath` for consistent report organization.\n- **Connection Management:** Uses `setConnectionVariables` to ensure proper authentication context for notification providers that require org connection details.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:monitor:limits"
+        "$ sf hardis:org:diagnose:unsecure-connected-apps"
       ],
       "flags": {
         "json": {
@@ -6480,59 +6352,58 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:monitor:limits",
+      "id": "hardis:org:diagnose:unsecure-connected-apps",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Check org limits",
-      "requiresProject": true,
-      "triggerNotification": true,
+      "title": "Detect Unsecured Connected Apps",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "monitor",
-        "limits.js"
+        "diagnose",
+        "unsecure-connected-apps.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:monitor:limits",
-        "org:hardis:monitor:limits",
-        "org:monitor:hardis:limits",
-        "org:monitor:limits:hardis",
-        "hardis:monitor:org:limits",
-        "monitor:hardis:org:limits",
-        "monitor:org:hardis:limits",
-        "monitor:org:limits:hardis",
-        "hardis:monitor:limits:org",
-        "monitor:hardis:limits:org",
-        "monitor:limits:hardis:org",
-        "monitor:limits:org:hardis",
-        "hardis:org:limits:monitor",
-        "org:hardis:limits:monitor",
-        "org:limits:hardis:monitor",
-        "org:limits:monitor:hardis",
-        "hardis:limits:org:monitor",
-        "limits:hardis:org:monitor",
-        "limits:org:hardis:monitor",
-        "limits:org:monitor:hardis",
-        "hardis:limits:monitor:org",
-        "limits:hardis:monitor:org",
-        "limits:monitor:hardis:org",
-        "limits:monitor:org:hardis"
+        "hardis:org:diagnose:unsecure-connected-apps",
+        "org:hardis:diagnose:unsecure-connected-apps",
+        "org:diagnose:hardis:unsecure-connected-apps",
+        "org:diagnose:unsecure-connected-apps:hardis",
+        "hardis:diagnose:org:unsecure-connected-apps",
+        "diagnose:hardis:org:unsecure-connected-apps",
+        "diagnose:org:hardis:unsecure-connected-apps",
+        "diagnose:org:unsecure-connected-apps:hardis",
+        "hardis:diagnose:unsecure-connected-apps:org",
+        "diagnose:hardis:unsecure-connected-apps:org",
+        "diagnose:unsecure-connected-apps:hardis:org",
+        "diagnose:unsecure-connected-apps:org:hardis",
+        "hardis:org:unsecure-connected-apps:diagnose",
+        "org:hardis:unsecure-connected-apps:diagnose",
+        "org:unsecure-connected-apps:hardis:diagnose",
+        "org:unsecure-connected-apps:diagnose:hardis",
+        "hardis:unsecure-connected-apps:org:diagnose",
+        "unsecure-connected-apps:hardis:org:diagnose",
+        "unsecure-connected-apps:org:hardis:diagnose",
+        "unsecure-connected-apps:org:diagnose:hardis",
+        "hardis:unsecure-connected-apps:diagnose:org",
+        "unsecure-connected-apps:hardis:diagnose:org",
+        "unsecure-connected-apps:diagnose:hardis:org",
+        "unsecure-connected-apps:diagnose:org:hardis"
       ]
     },
-    "hardis:org:purge:apexlog": {
+    "hardis:org:diagnose:unused-apex-classes": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
+      "description": "List all async Apex classes (Batch,Queueable,Schedulable) that has not been called for more than 365 days.\n  \nThe result class list probably can be removed from the project, and that will improve your test classes performances 😊\n\nThe number of unused day is overridable using --days option. \n\nThe command uses queries on AsyncApexJob and CronTrigger technical tables to build the result.\n\nApex Classes CreatedBy and CreatedOn fields are calculated from MIN(date from git, date from org)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-apex-classes/) and can output Grafana, Slack and MsTeams Notifications.\n\n![](https://sfdx-hardis.cloudity.com/assets/images/screenshot-monitoring-unused-apex-grafana.jpg)\n",
       "examples": [
-        "$ sf hardis:org:purge:apexlog",
-        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
+        "$ sf hardis:org:diagnose:unused-apex-classes",
+        "$ sf hardis:org:diagnose:unused-apex-classes --days 700"
       ],
       "flags": {
         "json": {
@@ -6550,12 +6421,21 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "days": {
+          "char": "t",
+          "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
+          "name": "days",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
         },
         "debug": {
           "char": "d",
@@ -6595,13 +6475,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:apexlog",
+      "id": "hardis:org:diagnose:unused-apex-classes",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Apex Logs",
+      "title": "Detect unused Apex classes in an org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -6609,45 +6489,43 @@
         "commands",
         "hardis",
         "org",
-        "purge",
-        "apexlog.js"
+        "diagnose",
+        "unused-apex-classes.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:apexlog",
-        "org:hardis:purge:apexlog",
-        "org:purge:hardis:apexlog",
-        "org:purge:apexlog:hardis",
-        "hardis:purge:org:apexlog",
-        "purge:hardis:org:apexlog",
-        "purge:org:hardis:apexlog",
-        "purge:org:apexlog:hardis",
-        "hardis:purge:apexlog:org",
-        "purge:hardis:apexlog:org",
-        "purge:apexlog:hardis:org",
-        "purge:apexlog:org:hardis",
-        "hardis:org:apexlog:purge",
-        "org:hardis:apexlog:purge",
-        "org:apexlog:hardis:purge",
-        "org:apexlog:purge:hardis",
-        "hardis:apexlog:org:purge",
-        "apexlog:hardis:org:purge",
-        "apexlog:org:hardis:purge",
-        "apexlog:org:purge:hardis",
-        "hardis:apexlog:purge:org",
-        "apexlog:hardis:purge:org",
-        "apexlog:purge:hardis:org",
-        "apexlog:purge:org:hardis"
+        "hardis:org:diagnose:unused-apex-classes",
+        "org:hardis:diagnose:unused-apex-classes",
+        "org:diagnose:hardis:unused-apex-classes",
+        "org:diagnose:unused-apex-classes:hardis",
+        "hardis:diagnose:org:unused-apex-classes",
+        "diagnose:hardis:org:unused-apex-classes",
+        "diagnose:org:hardis:unused-apex-classes",
+        "diagnose:org:unused-apex-classes:hardis",
+        "hardis:diagnose:unused-apex-classes:org",
+        "diagnose:hardis:unused-apex-classes:org",
+        "diagnose:unused-apex-classes:hardis:org",
+        "diagnose:unused-apex-classes:org:hardis",
+        "hardis:org:unused-apex-classes:diagnose",
+        "org:hardis:unused-apex-classes:diagnose",
+        "org:unused-apex-classes:hardis:diagnose",
+        "org:unused-apex-classes:diagnose:hardis",
+        "hardis:unused-apex-classes:org:diagnose",
+        "unused-apex-classes:hardis:org:diagnose",
+        "unused-apex-classes:org:hardis:diagnose",
+        "unused-apex-classes:org:diagnose:hardis",
+        "hardis:unused-apex-classes:diagnose:org",
+        "unused-apex-classes:hardis:diagnose:org",
+        "unused-apex-classes:diagnose:hardis:org",
+        "unused-apex-classes:diagnose:org:hardis"
       ]
     },
-    "hardis:org:purge:flow": {
+    "hardis:org:diagnose:unused-connected-apps": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Identifies and reports on potentially unused Connected Apps in a Salesforce org, suggesting candidates for deletion or deactivation.**\n\nThis command helps improve org security and reduce technical debt by pinpointing Connected Apps that are no longer actively used. Connected Apps can pose security risks if left unmonitored, and cleaning them up contributes to a healthier Salesforce environment.\n\nKey functionalities:\n\n- **Connected App Data Collection:** Gathers information about all Connected Apps in the org, including creation and last modified dates, and associated users.\n- **Usage Analysis:** Analyzes `LoginHistory` and `OAuthToken` records to determine the last usage date of each Connected App.\n- **Inactivity Detection:** Flags Connected Apps as potentially unused if they have no recent login history or OAuth token usage.\n- **Accessibility Check:** Examines Connected App metadata to identify if they are accessible (e.g., if they require admin approval and have no profiles or permission sets assigned).\n- **Ignored Apps:** Automatically ignores a predefined list of common Salesforce Connected Apps (e.g., `Salesforce CLI`, `Salesforce Mobile Dashboards`). You can extend this list by defining the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n- **CSV Report Generation:** Generates a CSV file containing details of all analyzed Connected Apps, including their usage status, last usage date, and reasons for being flagged as potentially unused.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of potentially unused Connected Apps.\n\n**Default Ignored Connected Apps:**\n\n- Ant Migration Tool\n- Chatter Desktop\n- Chatter Mobile for BlackBerry\n- Force.com IDE\n- OIQ_Integration\n- Salesforce CLI\n- Salesforce Files\n- Salesforce Mobile Dashboards\n- Salesforce Touch\n- Salesforce for Outlook\n- SalesforceA\n- SalesforceA for Android\n- SalesforceA for iOS\n- SalesforceDX Namespace Registry\n- SalesforceIQ\n\nYou can add more ignored apps by defining a comma-separated list of names in the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n\n_Example: \nALLOWED_INACTIVE_CONNECTED_APPS=My App 1,My App 2, My App 3_\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-connected-apps/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It performs SOQL queries against `ConnectedApplication`, `LoginHistory`, and `OAuthToken` objects to gather comprehensive data about Connected Apps and their usage.\n- **Temporary SFDX Project:** It creates a temporary SFDX project to retrieve Connected App metadata, allowing for local parsing and analysis of their XML files.\n- **Metadata Parsing:** It parses the `connectedApp-meta.xml` files to check for `isAdminApproved` and the presence of `profileName` or `permissionsetName` to determine accessibility.\n- **Data Correlation:** It correlates data from various Salesforce objects to build a complete picture of each Connected App's usage and status.\n- **Date Calculation:** Uses `moment` to calculate the time since the last OAuth token usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused Connected Apps.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **File System Operations:** Uses `fs-extra` for creating and removing temporary directories and files.\n- **Environment Variable Reading:** Reads the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable to customize the list of ignored Connected Apps.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:purge:flow",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
+        "$ sf hardis:org:diagnose:unused-connected-apps"
       ],
       "flags": {
         "json": {
@@ -6665,48 +6543,10 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "name": {
-          "char": "n",
-          "description": "Filter according to Name criteria",
-          "name": "name",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "status": {
-          "char": "s",
-          "description": "Filter according to Status criteria",
-          "name": "status",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "delete-flow-interviews": {
-          "char": "w",
-          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
-          "name": "delete-flow-interviews",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "allowpurgefailure": {
+        "outputfile": {
           "char": "f",
-          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
-          "name": "allowpurgefailure",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
-          "default": "https://login.salesforce.com",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -6749,13 +6589,30 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:flow",
+      "id": "hardis:org:diagnose:unused-connected-apps",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Flow versions",
+      "title": "Unused Connected Apps in an org",
+      "allowedInactiveConnectedApps": [
+        "Ant Migration Tool",
+        "Chatter Desktop",
+        "Chatter Mobile for BlackBerry",
+        "Force.com IDE",
+        "OIQ_Integration",
+        "Salesforce CLI",
+        "Salesforce Files",
+        "Salesforce Mobile Dashboards",
+        "Salesforce Touch",
+        "Salesforce for Outlook",
+        "SalesforceA",
+        "SalesforceA for Android",
+        "SalesforceA for iOS",
+        "SalesforceDX Namespace Registry",
+        "SalesforceIQ"
+      ],
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -6763,46 +6620,44 @@
         "commands",
         "hardis",
         "org",
-        "purge",
-        "flow.js"
+        "diagnose",
+        "unused-connected-apps.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:flow",
-        "org:hardis:purge:flow",
-        "org:purge:hardis:flow",
-        "org:purge:flow:hardis",
-        "hardis:purge:org:flow",
-        "purge:hardis:org:flow",
-        "purge:org:hardis:flow",
-        "purge:org:flow:hardis",
-        "hardis:purge:flow:org",
-        "purge:hardis:flow:org",
-        "purge:flow:hardis:org",
-        "purge:flow:org:hardis",
-        "hardis:org:flow:purge",
-        "org:hardis:flow:purge",
-        "org:flow:hardis:purge",
-        "org:flow:purge:hardis",
-        "hardis:flow:org:purge",
-        "flow:hardis:org:purge",
-        "flow:org:hardis:purge",
-        "flow:org:purge:hardis",
-        "hardis:flow:purge:org",
-        "flow:hardis:purge:org",
-        "flow:purge:hardis:org",
-        "flow:purge:org:hardis"
+        "hardis:org:diagnose:unused-connected-apps",
+        "org:hardis:diagnose:unused-connected-apps",
+        "org:diagnose:hardis:unused-connected-apps",
+        "org:diagnose:unused-connected-apps:hardis",
+        "hardis:diagnose:org:unused-connected-apps",
+        "diagnose:hardis:org:unused-connected-apps",
+        "diagnose:org:hardis:unused-connected-apps",
+        "diagnose:org:unused-connected-apps:hardis",
+        "hardis:diagnose:unused-connected-apps:org",
+        "diagnose:hardis:unused-connected-apps:org",
+        "diagnose:unused-connected-apps:hardis:org",
+        "diagnose:unused-connected-apps:org:hardis",
+        "hardis:org:unused-connected-apps:diagnose",
+        "org:hardis:unused-connected-apps:diagnose",
+        "org:unused-connected-apps:hardis:diagnose",
+        "org:unused-connected-apps:diagnose:hardis",
+        "hardis:unused-connected-apps:org:diagnose",
+        "unused-connected-apps:hardis:org:diagnose",
+        "unused-connected-apps:org:hardis:diagnose",
+        "unused-connected-apps:org:diagnose:hardis",
+        "hardis:unused-connected-apps:diagnose:org",
+        "unused-connected-apps:hardis:diagnose:org",
+        "unused-connected-apps:diagnose:hardis:org",
+        "unused-connected-apps:diagnose:org:hardis"
       ]
     },
-    "hardis:org:diagnose:audittrail": {
+    "hardis:org:diagnose:unusedlicenses": {
       "aliases": [],
       "args": {},
-      "description": "Export Audit trail into a CSV file with selected criteria, and highlight suspect actions\n\nAlso detects updates of Custom Settings values (disable by defining `SKIP_AUDIT_TRAIL_CUSTOM_SETTINGS=true`)\n\nRegular setup actions performed in major orgs are filtered.\n\n- \"\"\n  - createScratchOrg\n  - changedsenderemail\n  - deleteScratchOrg\n  - loginasgrantedtopartnerbt\n- Certificate and Key Management\n  - insertCertificate\n- Custom App Licenses\n  - addeduserpackagelicense\n  - granteduserpackagelicense\n  - revokeduserpackagelicense\n- Customer Portal\n  - createdcustomersuccessuser\n  - CSPUserDisabled\n- Currency\n  - updateddatedexchrate\n- Data Management\n  - queueMembership\n- Email Administration\n  - dkimRotationPreparationSuccessful\n  - dkimRotationSuccessful\n- External Objects\n  - xdsEncryptedFieldChange\n- Groups\n  - groupMembership\n- Holidays\n  - holiday_insert\n- Inbox mobile and legacy desktop apps\n  - enableSIQUserNonEAC\n  - siqUserAcceptedTOS\n- Manage Users\n  - activateduser\n  - createduser\n  - changedcommunitynickname\n  - changedemail\n  - changedfederationid\n  - changedpassword\n  - changedinteractionuseroffon\n  - changedinteractionuseronoff\n  - changedmarketinguseroffon\n  - changedmarketinguseronoff\n  - changedofflineuseroffon\n  - changedprofileforuserstdtostd\n  - changedprofileforuser\n  - changedprofileforusercusttostd\n  - changedprofileforuserstdtocust\n  - changedroleforusertonone\n  - changedroleforuser\n  - changedroleforuserfromnone\n  - changedUserAdminVerifiedStatusVerified\n  - changedUserEmailVerifiedStatusUnverified\n  - changedUserEmailVerifiedStatusVerified\n  - changedknowledgeuseroffon\n  - changedsfcontentuseroffon\n  - changedsupportuseroffon\n  - changedusername\n  - changedUserPhoneNumber\n  - changedUserPhoneVerifiedStatusUnverified\n  - changedUserPhoneVerifiedStatusVerified\n  - deactivateduser\n  - deleteAuthenticatorPairing\n  - deleteTwoFactorInfo2\n  - deleteTwoFactorTempCode\n  - frozeuser\n  - insertAuthenticatorPairing\n  - insertTwoFactorInfo2\n  - insertTwoFactorTempCode\n  - lightningloginenroll\n  - PermSetAssign\n  - PermSetGroupAssign\n  - PermSetGroupUnassign\n  - PermSetLicenseAssign\n  - PermSetUnassign\n  - PermSetLicenseUnassign\n  - registeredUserPhoneNumber\n  - resetpassword\n  - suNetworkAdminLogin\n  - suNetworkAdminLogout\n  - suOrgAdminLogin\n  - suOrgAdminLogout\n  - unfrozeuser\n  - useremailchangesent\n- Mobile Administration\n  - assigneduserstomobileconfig\n- Reporting Snapshots\n  - createdReportJob\n  - deletedReportJob\n- Sandboxes\n  - DeleteSandbox\n\nBy default, deployment user defined in .sfdx-hardis.yml targetUsername property will be excluded.\n\nYou can define additional users to exclude in .sfdx-hardis.yml **monitoringExcludeUsernames** property.\n\nYou can also add more sections / actions considered as not suspect using property **monitoringAllowedSectionsActions**\n\nExample:\n\n```yaml\nmonitoringExcludeUsernames:\n  - deploymentuser@cloudity.com\n  - marketingcloud@cloudity.com\n  - integration-user@cloudity.com\n\nmonitoringAllowedSectionsActions:\n  \"Some section\": [] // Will ignore all actions from such section\n  \"Some other section\": [\"actionType1\",\"actionType2\",\"actionType3\"] // Will ignore only those 3 actions from section \"Some other section\". Other actions in the same section will be considered as suspect.\n```\n\n## Excel output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-excel.jpg)\n\n## Local output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-local.jpg)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-suspect-audit-trail/) and can output Grafana, Slack and MsTeams Notifications.\n",
+      "description": "\n## Command Behavior\n\n**Detects and suggests the deletion of unused Permission Set License Assignments in a Salesforce org.**\n\nWhen a Permission Set (PS) linked to a Permission Set License (PSL) is assigned to a user, a Permission Set License Assignment (PSLA) is automatically created. However, when that PS is unassigned from the user, the PSLA is *not* automatically deleted. This can lead to organizations being charged for unused PSLAs, representing a hidden cost and technical debt.\n\nThis command identifies such useless PSLAs and provides options to delete them, helping to optimize license usage and reduce unnecessary expenses.\n\nKey functionalities:\n\n- **PSLA Detection:** Queries the Salesforce org to find all active PSLAs.\n- **Usage Verification:** Correlates PSLAs with actual Permission Set Assignments and Permission Set Group Assignments to determine if the underlying Permission Sets are still assigned to the user.\n- **Special Case Handling:** Accounts for specific scenarios where profiles might implicitly assign PSLAs (e.g., `Salesforce API Only` profile assigning `SalesforceAPIIntegrationPsl`) and allows for always excluding certain PSLAs from the unused check.\n- **Reporting:** Generates a CSV report of all identified unused PSLAs, including the user and the associated Permission Set License.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of unused PSLAs.\n- **Interactive Deletion:** In non-CI environments, it offers an interactive prompt to bulk delete the identified unused PSLAs.\n\nMany thanks to [Vincent Finet](https://www.linkedin.com/in/vincentfinet/) for the inspiration during his great speaker session at [French Touch Dreamin '23](https://frenchtouchdreamin.com/), and his kind agreement for reusing such inspiration in this command 😊\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-licenses/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves extensive querying of Salesforce objects and data correlation:\n\n- **SOQL Queries (Bulk API):** It uses `bulkQuery` and `bulkQueryChunksIn` to efficiently retrieve large volumes of data from `PermissionSetLicenseAssign`, `PermissionSetLicense`, `PermissionSet`, `PermissionSetGroupComponent`, and `PermissionSetAssignment` objects.\n- **Data Correlation:** It meticulously correlates data across these objects to determine if a `PermissionSetLicenseAssign` record has a corresponding active assignment to a Permission Set or Permission Set Group for the same user.\n- **Filtering Logic:** It applies complex filtering logic to exclude PSLAs that are genuinely in use or are part of predefined exceptions (e.g., `alwaysExcludeForActiveUsersPermissionSetLicenses`).\n- **Bulk Deletion:** If the user opts to delete unused PSLAs, it uses `bulkUpdate` with the `delete` operation to efficiently remove multiple records.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused PSLAs.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Interaction:** Uses `prompts` for interactive confirmation before performing deletion operations.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:audittrail",
-        "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com",
-        "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com,bertrand@titi.com",
-        "$ sf hardis:org:diagnose:audittrail --lastndays 5"
+        "$ sf hardis:org:diagnose:unusedlicenses",
+        "$ sf hardis:org:diagnose:unusedlicenses --fix"
       ],
       "flags": {
         "json": {
@@ -6820,22 +6675,6 @@
           "multiple": false,
           "type": "option"
         },
-        "excludeusers": {
-          "char": "e",
-          "description": "Comma-separated list of usernames to exclude",
-          "name": "excludeusers",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "lastndays": {
-          "char": "t",
-          "description": "Number of days to extract from today (included)",
-          "name": "lastndays",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
         "outputfile": {
           "char": "f",
           "description": "Force the path and name of output report file. Must end with .csv",
@@ -6882,14 +6721,32 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:audittrail",
+      "id": "hardis:org:diagnose:unusedlicenses",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Diagnose content of Setup Audit Trail",
+      "title": "Detect unused Permission Set Licenses (beta)",
       "requiresProject": false,
+      "additionalPermissionSetsToAlwaysGet": [
+        "Sales_User"
+      ],
+      "permSetsPermSetLicenses": [
+        {
+          "permSet": "Sales_User",
+          "permSetLicense": "SalesUserPsl"
+        }
+      ],
+      "profilesPermissionSetLicenses": [
+        {
+          "profile": "Salesforce API Only",
+          "permSetLicense": "SalesforceAPIIntegrationPsl"
+        }
+      ],
+      "alwaysExcludeForActiveUsersPermissionSetLicenses": [
+        "IdentityConnect"
+      ],
       "isESM": true,
       "relativePath": [
         "lib",
@@ -6897,42 +6754,46 @@
         "hardis",
         "org",
         "diagnose",
-        "audittrail.js"
+        "unusedlicenses.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:audittrail",
-        "org:hardis:diagnose:audittrail",
-        "org:diagnose:hardis:audittrail",
-        "org:diagnose:audittrail:hardis",
-        "hardis:diagnose:org:audittrail",
-        "diagnose:hardis:org:audittrail",
-        "diagnose:org:hardis:audittrail",
-        "diagnose:org:audittrail:hardis",
-        "hardis:diagnose:audittrail:org",
-        "diagnose:hardis:audittrail:org",
-        "diagnose:audittrail:hardis:org",
-        "diagnose:audittrail:org:hardis",
-        "hardis:org:audittrail:diagnose",
-        "org:hardis:audittrail:diagnose",
-        "org:audittrail:hardis:diagnose",
-        "org:audittrail:diagnose:hardis",
-        "hardis:audittrail:org:diagnose",
-        "audittrail:hardis:org:diagnose",
-        "audittrail:org:hardis:diagnose",
-        "audittrail:org:diagnose:hardis",
-        "hardis:audittrail:diagnose:org",
-        "audittrail:hardis:diagnose:org",
-        "audittrail:diagnose:hardis:org",
-        "audittrail:diagnose:org:hardis"
+        "hardis:org:diagnose:unusedlicenses",
+        "org:hardis:diagnose:unusedlicenses",
+        "org:diagnose:hardis:unusedlicenses",
+        "org:diagnose:unusedlicenses:hardis",
+        "hardis:diagnose:org:unusedlicenses",
+        "diagnose:hardis:org:unusedlicenses",
+        "diagnose:org:hardis:unusedlicenses",
+        "diagnose:org:unusedlicenses:hardis",
+        "hardis:diagnose:unusedlicenses:org",
+        "diagnose:hardis:unusedlicenses:org",
+        "diagnose:unusedlicenses:hardis:org",
+        "diagnose:unusedlicenses:org:hardis",
+        "hardis:org:unusedlicenses:diagnose",
+        "org:hardis:unusedlicenses:diagnose",
+        "org:unusedlicenses:hardis:diagnose",
+        "org:unusedlicenses:diagnose:hardis",
+        "hardis:unusedlicenses:org:diagnose",
+        "unusedlicenses:hardis:org:diagnose",
+        "unusedlicenses:org:hardis:diagnose",
+        "unusedlicenses:org:diagnose:hardis",
+        "hardis:unusedlicenses:diagnose:org",
+        "unusedlicenses:hardis:diagnose:org",
+        "unusedlicenses:diagnose:hardis:org",
+        "unusedlicenses:diagnose:org:hardis"
       ]
     },
-    "hardis:org:diagnose:instanceupgrade": {
+    "hardis:org:diagnose:unusedusers": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Retrieves and displays the scheduled upgrade date for a Salesforce org's instance.**\n\nThis command provides crucial information about when your Salesforce instance will be upgraded to the next major release (Spring, Summer, or Winter). This is vital for release planning, testing, and ensuring compatibility with upcoming Salesforce features.\n\nKey functionalities:\n\n- **Instance Identification:** Determines the Salesforce instance name of your target org.\n- **Upgrade Date Retrieval:** Fetches the planned start time of the next major core service upgrade for that instance from the Salesforce Status API.\n- **Days Until Upgrade:** Calculates and displays the number of days remaining until the next major upgrade.\n- **Severity-Based Logging:** Adjusts the log severity (info, warning) based on the proximity of the upgrade date, providing a visual cue for urgency.\n- **Notifications:** Sends notifications to configured channels (e.g., Slack, MS Teams, Grafana) with the upgrade information, making it suitable for automated monitoring.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Query:** It first queries the `Organization` object in Salesforce to get the `InstanceName` of the target org.\n- **Salesforce Status API Integration:** It makes an HTTP GET request to the Salesforce Status API (`https://api.status.salesforce.com/v1/instances/{instanceName}/status`) to retrieve detailed information about the instance, including scheduled maintenances.\n- **Data Parsing:** It parses the JSON response from the Status API to extract the relevant major release upgrade information.\n- **Date Calculation:** Uses the `moment` library to calculate the difference in days between the current date and the planned upgrade date.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including the instance name, upgrade date, and days remaining, along with relevant metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the upgrade status and proximity.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Detects and reports on inactive or unused Salesforce user accounts, helping to optimize license usage and enhance security.**\n\nEfficient user management is vital in Salesforce to ensure resources are optimized and costs are controlled. However, inactive or unused user accounts can often go unnoticed, leading to wasted licenses and potential security risks. This tool addresses this challenge by enabling administrators to identify users who haven't logged in within a specified period.\n\nBy analyzing user login activity and last login timestamps, this feature highlights inactive user accounts, allowing administrators to take appropriate action. Whether it's deactivating dormant accounts, freeing up licenses, or ensuring compliance with security policies, this functionality empowers administrators to maintain a lean and secure Salesforce environment.\n\nKey functionalities:\n\n- **Inactivity Detection:** Identifies users who have not logged in for a specified number of days (`--days` flag, default 180 days in CI, 365 days otherwise).\n- **License Type Filtering:** Allows filtering users by license type using `--licensetypes` (e.g., `all-crm`, `all-paying`) or specific license identifiers using `--licenseidentifiers`.\n  - `all-crm`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT` licenses.\n  - `all-paying`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT`, `PID_Customer_Community`, `PID_Customer_Community_Login`, `PID_Partner_Community`, `PID_Partner_Community_Login` licenses.\n  - Note: You can see the full list of available license identifiers in [Salesforce Documentation](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/sfdx_cli_reference/sforce_api_objects_userlicense.htm).\n- **Active User Retrieval:** The `--returnactiveusers` flag inverts the command, allowing you to retrieve active users who *have* logged in during the specified period.\n- **CSV Report Generation:** Generates a CSV file containing details of all identified users (inactive or active), including their last login date, profile, and license information.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of inactive or active users.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-inactive-users/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query (Bulk API):** It uses `bulkQuery` to efficiently retrieve user records from the Salesforce `User` object. The SOQL query dynamically constructs its WHERE clause based on the `--days`, `--licensetypes`, `--licenseidentifiers`, and `--returnactiveusers` flags.\n- **Interactive Prompts:** Uses `prompts` to interactively ask the user for the number of inactive days and license types if not provided via flags.\n- **License Mapping:** Internally maps common license type aliases (e.g., `all-crm`) to their corresponding Salesforce `LicenseDefinitionKey` values.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of users.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides a summary of the findings in the console, indicating the number of inactive or active users found.\n</details>",
       "examples": [
-        "$ sf hardis:org:diagnose:instanceupgrade"
+        "$ sf hardis:org:diagnose:unusedusers",
+        "$ sf hardis:org:diagnose:unusedusers --days 365",
+        "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm",
+        "$ sf hardis:org:diagnose:unusedusers --days 60 --licenseidentifiers SFDC,AUL,AUL1",
+        "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm --returnactiveusers"
       ],
       "flags": {
         "json": {
@@ -6950,6 +6811,49 @@
           "multiple": false,
           "type": "option"
         },
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "days": {
+          "char": "t",
+          "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
+          "name": "days",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "licensetypes": {
+          "char": "l",
+          "description": "Type of licenses to check. If set, do not use licenseidentifiers option. In CI, default is all-crm",
+          "name": "licensetypes",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "options": [
+            "all",
+            "all-crm",
+            "all-paying"
+          ],
+          "type": "option"
+        },
+        "licenseidentifiers": {
+          "char": "i",
+          "description": "Comma-separated list of license identifiers, in case licensetypes is not used.. Identifiers available at https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_userlicense.htm",
+          "name": "licenseidentifiers",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "returnactiveusers": {
+          "description": "Inverts the command by returning the active users",
+          "name": "returnactiveusers",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -6988,13 +6892,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:instanceupgrade",
+      "id": "hardis:org:diagnose:unusedusers",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Get Instance Upgrade date",
+      "title": "Detect unused Users in Salesforce",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -7003,45 +6907,42 @@
         "hardis",
         "org",
         "diagnose",
-        "instanceupgrade.js"
+        "unusedusers.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:instanceupgrade",
-        "org:hardis:diagnose:instanceupgrade",
-        "org:diagnose:hardis:instanceupgrade",
-        "org:diagnose:instanceupgrade:hardis",
-        "hardis:diagnose:org:instanceupgrade",
-        "diagnose:hardis:org:instanceupgrade",
-        "diagnose:org:hardis:instanceupgrade",
-        "diagnose:org:instanceupgrade:hardis",
-        "hardis:diagnose:instanceupgrade:org",
-        "diagnose:hardis:instanceupgrade:org",
-        "diagnose:instanceupgrade:hardis:org",
-        "diagnose:instanceupgrade:org:hardis",
-        "hardis:org:instanceupgrade:diagnose",
-        "org:hardis:instanceupgrade:diagnose",
-        "org:instanceupgrade:hardis:diagnose",
-        "org:instanceupgrade:diagnose:hardis",
-        "hardis:instanceupgrade:org:diagnose",
-        "instanceupgrade:hardis:org:diagnose",
-        "instanceupgrade:org:hardis:diagnose",
-        "instanceupgrade:org:diagnose:hardis",
-        "hardis:instanceupgrade:diagnose:org",
-        "instanceupgrade:hardis:diagnose:org",
-        "instanceupgrade:diagnose:hardis:org",
-        "instanceupgrade:diagnose:org:hardis"
+        "hardis:org:diagnose:unusedusers",
+        "org:hardis:diagnose:unusedusers",
+        "org:diagnose:hardis:unusedusers",
+        "org:diagnose:unusedusers:hardis",
+        "hardis:diagnose:org:unusedusers",
+        "diagnose:hardis:org:unusedusers",
+        "diagnose:org:hardis:unusedusers",
+        "diagnose:org:unusedusers:hardis",
+        "hardis:diagnose:unusedusers:org",
+        "diagnose:hardis:unusedusers:org",
+        "diagnose:unusedusers:hardis:org",
+        "diagnose:unusedusers:org:hardis",
+        "hardis:org:unusedusers:diagnose",
+        "org:hardis:unusedusers:diagnose",
+        "org:unusedusers:hardis:diagnose",
+        "org:unusedusers:diagnose:hardis",
+        "hardis:unusedusers:org:diagnose",
+        "unusedusers:hardis:org:diagnose",
+        "unusedusers:org:hardis:diagnose",
+        "unusedusers:org:diagnose:hardis",
+        "hardis:unusedusers:diagnose:org",
+        "unusedusers:hardis:diagnose:org",
+        "unusedusers:diagnose:hardis:org",
+        "unusedusers:diagnose:org:hardis"
       ]
     },
-    "hardis:org:diagnose:legacyapi": {
+    "hardis:org:files:export": {
       "aliases": [],
       "args": {},
-      "description": "Checks if an org uses retired or someday retired API version\n\n\nSee article below\n\n[![Handle Salesforce API versions Deprecation like a pro](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-deprecated-api.jpg)](https://nicolas.vuillamy.fr/handle-salesforce-api-versions-deprecation-like-a-pro-335065f52238)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-deprecated-api-calls/) and can output Grafana, Slack and MsTeams Notifications.\n",
+      "description": "\n## Command Behavior\n\n**Exports file attachments (ContentVersion, Attachment) from a Salesforce org based on a predefined configuration.**\n\nThis command enables the mass download of files associated with Salesforce records, providing a robust solution for backing up files, migrating them to other systems, or integrating them with external document management solutions.\n\nKey functionalities:\n\n- **Configuration-Driven Export:** Relies on an `export.json` file within a designated file export project to define the export criteria, including the SOQL query for parent records, file types to export, output naming conventions, and file size filtering.\n- **File Size Filtering:** Supports minimum file size filtering via the `fileSizeMin` configuration parameter (in KB). Files smaller than the specified size will be skipped during export.\n- **File Validation:** After downloading each file, validates the integrity by:\n  - **Checksum Validation:** For ContentVersion files, compares MD5 checksum with Salesforce's stored checksum\n  - **Size Validation:** For both ContentVersion and Attachment files, verifies actual file size matches expected size\n  - **Status Tracking:** Files are categorized with specific statuses: `success` (valid files), `failed` (download errors), `skipped` (filtered files), `invalid` (downloaded but failed validation)\n  - All validation results are logged in the CSV export log for audit purposes\n- **Resume/Restart Capability:** \n  - **Resume Mode:** When `--resume` flag is used (default in CI environments), checks existing downloaded files for validity. Valid files are skipped, invalid files are re-downloaded.\n  - **Restart Mode:** When resume is disabled, clears the output folder and starts a fresh export.\n  - **Interactive Mode:** When existing files are found and `--resume` is not explicitly specified (non-CI environments), prompts the user to choose between resume or restart.\n- **Interactive Project Selection:** If the file export project path is not provided via the `--path` flag, it interactively prompts the user to select one.\n- **Configurable Export Options:** Allows overriding default export settings such as `chunksize` (number of records processed in a batch), `polltimeout` (timeout for Bulk API calls), and `startchunknumber` (to resume a failed export).\n- **Support for ContentVersion and Attachment:** Handles both modern Salesforce Files (ContentVersion) and older Attachments.\n\nSee this article for a practical example:\n\n[![How to mass download notes and attachments files from a Salesforce org](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-mass-download.jpg)](https://nicolas.vuillamy.fr/how-to-mass-download-notes-and-attachments-files-from-a-salesforce-org-83a028824afd)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **FilesExporter Class:** The core logic is encapsulated within the `FilesExporter` class, which orchestrates the entire export process.\n- **SOQL Queries (Bulk API):** It uses Salesforce Bulk API queries to efficiently retrieve large volumes of parent record IDs and file metadata, including checksums and file sizes.\n- **File Download:** Downloads the actual file content from Salesforce.\n- **File Validation:** After each successful download, validates file integrity by comparing checksums (ContentVersion) and file sizes (both ContentVersion and Attachment) against Salesforce metadata.\n- **Resume Logic:** In resume mode, checks for existing files before downloading, validates their integrity, and only re-downloads invalid or missing files. This enables efficient recovery from interrupted exports.\n- **File System Operations:** Writes the downloaded files to the local file system, organizing them into folders based on the configured naming conventions.\n- **Configuration Loading:** Reads the `export.json` file to get the export configuration. It also allows for interactive overriding of these settings.\n- **Interactive Prompts:** Uses `selectFilesWorkspace` to allow the user to choose a file export project, `promptFilesExportConfiguration` for customizing export options, and prompts for resume/restart choice when existing files are found.\n- **Error Handling:** Includes mechanisms to handle potential errors during the export process, such as network issues, API limits, and file validation failures. Each file is assigned a specific status (`success`, `failed`, `skipped`, `invalid`) for comprehensive tracking and troubleshooting.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:legacyapi",
-        "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com",
-        "$ sf hardis:org:diagnose:legacyapi --outputfile 'c:/path/to/folder/legacyapi.csv'",
-        "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com --outputfile ./tmp/legacyapi.csv"
+        "$ sf hardis:org:files:export"
       ],
       "flags": {
         "json": {
@@ -7059,32 +6960,48 @@
           "multiple": false,
           "type": "option"
         },
-        "eventtype": {
-          "char": "e",
-          "description": "Type of EventLogFile event to analyze",
-          "name": "eventtype",
-          "default": "ApiTotalUsage",
+        "path": {
+          "char": "p",
+          "description": "Path to the file export project",
+          "name": "path",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "limit": {
-          "char": "l",
-          "description": "Number of latest EventLogFile events to analyze",
-          "name": "limit",
-          "default": 999,
+        "chunksize": {
+          "char": "c",
+          "description": "Number of records to add in a chunk before it is processed",
+          "name": "chunksize",
+          "default": 1000,
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
+        "polltimeout": {
+          "char": "t",
+          "description": "Timeout in MS for Bulk API calls",
+          "name": "polltimeout",
+          "default": 300000,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "startchunknumber": {
+          "char": "s",
+          "description": "Chunk number to start from",
+          "name": "startchunknumber",
+          "default": 0,
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
+        "resume": {
+          "char": "r",
+          "description": "Resume previous export by checking existing files (default in CI)",
+          "name": "resume",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -7123,13 +7040,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:legacyapi",
+      "id": "hardis:org:files:export",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Check for legacy API use",
+      "title": "Export files",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -7137,43 +7054,43 @@
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "legacyapi.js"
+        "files",
+        "export.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:legacyapi",
-        "org:hardis:diagnose:legacyapi",
-        "org:diagnose:hardis:legacyapi",
-        "org:diagnose:legacyapi:hardis",
-        "hardis:diagnose:org:legacyapi",
-        "diagnose:hardis:org:legacyapi",
-        "diagnose:org:hardis:legacyapi",
-        "diagnose:org:legacyapi:hardis",
-        "hardis:diagnose:legacyapi:org",
-        "diagnose:hardis:legacyapi:org",
-        "diagnose:legacyapi:hardis:org",
-        "diagnose:legacyapi:org:hardis",
-        "hardis:org:legacyapi:diagnose",
-        "org:hardis:legacyapi:diagnose",
-        "org:legacyapi:hardis:diagnose",
-        "org:legacyapi:diagnose:hardis",
-        "hardis:legacyapi:org:diagnose",
-        "legacyapi:hardis:org:diagnose",
-        "legacyapi:org:hardis:diagnose",
-        "legacyapi:org:diagnose:hardis",
-        "hardis:legacyapi:diagnose:org",
-        "legacyapi:hardis:diagnose:org",
-        "legacyapi:diagnose:hardis:org",
-        "legacyapi:diagnose:org:hardis"
+        "hardis:org:files:export",
+        "org:hardis:files:export",
+        "org:files:hardis:export",
+        "org:files:export:hardis",
+        "hardis:files:org:export",
+        "files:hardis:org:export",
+        "files:org:hardis:export",
+        "files:org:export:hardis",
+        "hardis:files:export:org",
+        "files:hardis:export:org",
+        "files:export:hardis:org",
+        "files:export:org:hardis",
+        "hardis:org:export:files",
+        "org:hardis:export:files",
+        "org:export:hardis:files",
+        "org:export:files:hardis",
+        "hardis:export:org:files",
+        "export:hardis:org:files",
+        "export:org:hardis:files",
+        "export:org:files:hardis",
+        "hardis:export:files:org",
+        "export:hardis:files:org",
+        "export:files:hardis:org",
+        "export:files:org:hardis"
       ]
     },
-    "hardis:org:diagnose:licenses": {
+    "hardis:org:files:import": {
       "aliases": [],
       "args": {},
-      "description": "\n**Lists and analyzes User Licenses and Permission Set Licenses subscribed and used in a Salesforce org.**\n\nThis command provides a comprehensive overview of your Salesforce license consumption. It's particularly useful for:\n\n- **License Management:** Understanding which licenses are active, how many are available, and how many are being used.\n- **Cost Optimization:** Identifying unused or underutilized licenses that could be reallocated or decommissioned.\n- **Compliance:** Ensuring that your organization is compliant with Salesforce licensing agreements.\n- **Monitoring:** Tracking license usage trends over time.\n\nKey functionalities:\n\n- **User License Details:** Retrieves information about standard and custom User Licenses, including `MasterLabel`, `Name`, `TotalLicenses`, and `UsedLicenses`.\n- **Permission Set License Details:** Retrieves information about Permission Set Licenses, including `MasterLabel`, `PermissionSetLicenseKey`, `TotalLicenses`, and `UsedLicenses`.\n- **Used Licenses Filter:** The `--usedonly` flag allows you to filter the report to show only licenses that have at least one `UsedLicenses` count greater than zero.\n- **CSV Report Generation:** Generates a CSV file containing all the retrieved license information, suitable for detailed analysis.\n- **Notifications:** Sends notifications to configured channels (e.g., Grafana, Slack, MS Teams) with a summary of license usage, including lists of active and used licenses.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It executes SOQL queries against the `UserLicense` and `PermissionSetLicense` objects in Salesforce to retrieve license data.\n- **Data Transformation:** It processes the query results, reformatting the data to be more readable and consistent for reporting purposes (e.g., removing `Id` and `attributes`, renaming `PermissionSetLicenseKey` to `Name`).\n- **Data Aggregation:** It aggregates license information, creating a `licensesByKey` object for quick lookups and a `usedLicenses` array for a concise list of actively used licenses.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of license data.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the license extraction process and the used licenses.\n</details>\n",
+      "description": "\nThis command facilitates the mass upload of files into Salesforce, allowing you to populate records with associated documents, images, or other file types. It's a crucial tool for data migration, content seeding, or synchronizing external file repositories with Salesforce.\n\nKey functionalities:\n\n- **Configuration-Driven Import:** Relies on an `export.json` file within a designated file export project (created using `sf hardis:org:configure:files`) to determine which files to import and how they should be associated with Salesforce records.\n- **Interactive Project Selection:** If the file import project path is not provided via the `--path` flag, it interactively prompts the user to select one.\n- **Overwrite Option:** The `--overwrite` flag allows you to replace existing files in Salesforce with local versions that have the same name. Be aware that this option doubles the number of API calls used.\n- **Support for ContentVersion and Attachment:** Handles both modern Salesforce Files (ContentVersion) and older Attachments.\n\nSee this article for how to export files, which is often a prerequisite for importing:\n\n[![How to mass download notes and attachments files from a Salesforce org](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-mass-download.jpg)](https://nicolas.vuillamy.fr/how-to-mass-download-notes-and-attachments-files-from-a-salesforce-org-83a028824afd)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **FilesImporter Class:** The core logic is encapsulated within the `FilesImporter` class, which orchestrates the entire import process.\n- **File System Scan:** Scans the local file system within the configured project directory to identify files for import.\n- **Salesforce API Interaction:** Uses Salesforce APIs (e.g., ContentVersion, Attachment) to upload files and associate them with records.\n- **Configuration Loading:** Reads the `export.json` file to get the import configuration, including SOQL queries to identify parent records for file association.\n- **Interactive Prompts:** Uses `selectFilesWorkspace` to allow the user to choose a file import project and `prompts` for confirming the overwrite behavior.\n- **Error Handling:** Includes mechanisms to handle potential errors during the import process, such as API limits or file upload failures.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:licenses"
+        "$ sf hardis:org:files:import"
       ],
       "flags": {
         "json": {
@@ -7191,18 +7108,18 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
+        "path": {
+          "char": "p",
+          "description": "Path to the file export project",
+          "name": "path",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "usedonly": {
-          "char": "u",
-          "description": "Filter to have only used licenses",
-          "name": "usedonly",
+        "overwrite": {
+          "char": "f",
+          "description": "Override existing files (doubles the number of API calls)",
+          "name": "overwrite",
           "allowNo": false,
           "type": "boolean"
         },
@@ -7244,13 +7161,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:licenses",
+      "id": "hardis:org:files:import",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "List licenses subscribed and used in a Salesforce org",
+      "title": "Import files",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -7258,43 +7175,44 @@
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "licenses.js"
+        "files",
+        "import.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:licenses",
-        "org:hardis:diagnose:licenses",
-        "org:diagnose:hardis:licenses",
-        "org:diagnose:licenses:hardis",
-        "hardis:diagnose:org:licenses",
-        "diagnose:hardis:org:licenses",
-        "diagnose:org:hardis:licenses",
-        "diagnose:org:licenses:hardis",
-        "hardis:diagnose:licenses:org",
-        "diagnose:hardis:licenses:org",
-        "diagnose:licenses:hardis:org",
-        "diagnose:licenses:org:hardis",
-        "hardis:org:licenses:diagnose",
-        "org:hardis:licenses:diagnose",
-        "org:licenses:hardis:diagnose",
-        "org:licenses:diagnose:hardis",
-        "hardis:licenses:org:diagnose",
-        "licenses:hardis:org:diagnose",
-        "licenses:org:hardis:diagnose",
-        "licenses:org:diagnose:hardis",
-        "hardis:licenses:diagnose:org",
-        "licenses:hardis:diagnose:org",
-        "licenses:diagnose:hardis:org",
-        "licenses:diagnose:org:hardis"
+        "hardis:org:files:import",
+        "org:hardis:files:import",
+        "org:files:hardis:import",
+        "org:files:import:hardis",
+        "hardis:files:org:import",
+        "files:hardis:org:import",
+        "files:org:hardis:import",
+        "files:org:import:hardis",
+        "hardis:files:import:org",
+        "files:hardis:import:org",
+        "files:import:hardis:org",
+        "files:import:org:hardis",
+        "hardis:org:import:files",
+        "org:hardis:import:files",
+        "org:import:hardis:files",
+        "org:import:files:hardis",
+        "hardis:import:org:files",
+        "import:hardis:org:files",
+        "import:org:hardis:files",
+        "import:org:files:hardis",
+        "hardis:import:files:org",
+        "import:hardis:files:org",
+        "import:files:hardis:org",
+        "import:files:org:hardis"
       ]
     },
-    "hardis:org:diagnose:releaseupdates": {
+    "hardis:org:fix:listviewmine": {
       "aliases": [],
       "args": {},
-      "description": "Export Release Updates into a CSV file with selected criteria, and highlight Release Updates that should be checked.\n\nBefore publishing **Breaking Changes** ❌, Salesforce announce them in the setup menu [**Release Updates**](https://help.salesforce.com/s/articleView?id=sf.release_updates.htm&type=5)\n\n⚠️ Some of them are very important, because if you don't make the related upgrades in time (ex: before Winter 25) , your production org can crash !\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-release-updates/) and can output Grafana, Slack and MsTeams Notifications.\n",
+      "description": "Fix listviews whose scope Mine has been replaced by Everything\n\n[![Invalid scope:Mine, not allowed ? Deploy your ListViews anyway !](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-scope-mine.jpg)](https://nicolas.vuillamy.fr/invalid-scope-mine-not-allowed-deploy-your-listviews-anyway-443aceca8ac7)\n\nList of ListViews can be:\n\n- read from .sfdx-hardis.yml file in property **listViewsToSetToMine**\n- sent in argument listviews\n\nNote: property **listViewsToSetToMine** can be auto-generated by command hardis:work:save if .sfdx-hardis.yml contains the following configuration\n\n```yaml\nautoCleanTypes:\n  - listViewsMine\n```\n\n- Example of sfdx-hardis.yml property `listViewsToSetToMine`:\n\n```yaml\nlistViewsToSetToMine:\n  - \"force-app/main/default/objects/Operation__c/listViews/MyCurrentOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Operation__c/listViews/MyFinalizedOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/Default_Opportunity_Pipeline.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MyCurrentSubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MySubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Account/listViews/MyActivePartners.listView-meta.xml\"\n```\n\n- If manually written, this could also be:\n\n```yaml\nlistViewsToSetToMine:\n  - \"Operation__c:MyCurrentOperations\"\n  - \"Operation__c:MyFinalizedOperations\"\n  - \"Opportunity:Default_Opportunity_Pipeline\"\n  - \"Opportunity:MyCurrentSubscriptions\"\n  - \"Opportunity:MySubscriptions\"\n  - \"Account:MyActivePartners\"\n```\n\nTroubleshooting: if you need to run this command from an alpine-linux based docker image, use this workaround in your dockerfile:\n\n```dockerfile\n# Do not use puppeteer embedded chromium\nRUN apk add --update --no-cache chromium\nENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=\"true\"\nENV CHROMIUM_PATH=\"/usr/bin/chromium-browser\"\nENV PUPPETEER_EXECUTABLE_PATH=\"$\\{CHROMIUM_PATH}\" // remove \\ before {\n```\n",
       "examples": [
-        "$ sf hardis:org:diagnose:releaseupdates"
+        "$ sf hardis:org:fix:listviewmine",
+        "$ sf hardis:org:fix:listviewmine --listviews Opportunity:MySubscriptions,Account:MyActivePartners"
       ],
       "flags": {
         "json": {
@@ -7312,10 +7230,10 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
+        "listviews": {
+          "char": "l",
+          "description": "Comma-separated list of listviews following format Object:ListViewName\nExample: Contact:MyContacts,Contact:MyActiveContacts,Opportunity:MYClosedOpportunities",
+          "name": "listviews",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7358,57 +7276,59 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:releaseupdates",
+      "id": "hardis:org:fix:listviewmine",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Check Release Updates of an org",
-      "requiresProject": false,
+      "title": "Fix listviews with ",
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "releaseupdates.js"
+        "fix",
+        "listviewmine.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:releaseupdates",
-        "org:hardis:diagnose:releaseupdates",
-        "org:diagnose:hardis:releaseupdates",
-        "org:diagnose:releaseupdates:hardis",
-        "hardis:diagnose:org:releaseupdates",
-        "diagnose:hardis:org:releaseupdates",
-        "diagnose:org:hardis:releaseupdates",
-        "diagnose:org:releaseupdates:hardis",
-        "hardis:diagnose:releaseupdates:org",
-        "diagnose:hardis:releaseupdates:org",
-        "diagnose:releaseupdates:hardis:org",
-        "diagnose:releaseupdates:org:hardis",
-        "hardis:org:releaseupdates:diagnose",
-        "org:hardis:releaseupdates:diagnose",
-        "org:releaseupdates:hardis:diagnose",
-        "org:releaseupdates:diagnose:hardis",
-        "hardis:releaseupdates:org:diagnose",
-        "releaseupdates:hardis:org:diagnose",
-        "releaseupdates:org:hardis:diagnose",
-        "releaseupdates:org:diagnose:hardis",
-        "hardis:releaseupdates:diagnose:org",
-        "releaseupdates:hardis:diagnose:org",
-        "releaseupdates:diagnose:hardis:org",
-        "releaseupdates:diagnose:org:hardis"
+        "hardis:org:fix:listviewmine",
+        "org:hardis:fix:listviewmine",
+        "org:fix:hardis:listviewmine",
+        "org:fix:listviewmine:hardis",
+        "hardis:fix:org:listviewmine",
+        "fix:hardis:org:listviewmine",
+        "fix:org:hardis:listviewmine",
+        "fix:org:listviewmine:hardis",
+        "hardis:fix:listviewmine:org",
+        "fix:hardis:listviewmine:org",
+        "fix:listviewmine:hardis:org",
+        "fix:listviewmine:org:hardis",
+        "hardis:org:listviewmine:fix",
+        "org:hardis:listviewmine:fix",
+        "org:listviewmine:hardis:fix",
+        "org:listviewmine:fix:hardis",
+        "hardis:listviewmine:org:fix",
+        "listviewmine:hardis:org:fix",
+        "listviewmine:org:hardis:fix",
+        "listviewmine:org:fix:hardis",
+        "hardis:listviewmine:fix:org",
+        "listviewmine:hardis:fix:org",
+        "listviewmine:fix:hardis:org",
+        "listviewmine:fix:org:hardis"
       ]
     },
-    "hardis:org:diagnose:storage-stats": {
+    "hardis:org:generate:packagexmlfull": {
       "aliases": [],
       "args": {},
-      "description": "**Extracts and analyzes Data Storage usage for a Salesforce org, providing detailed per-object breakdowns with yearly trends.**\n\nThis command provides a comprehensive overview of your Salesforce data storage consumption. It's particularly useful for:\n\n- **Storage Management:** Understanding which SObjects consume the most storage and how usage has evolved over time.\n- **Cost Optimization:** Identifying storage-heavy objects that could be candidates for data archival or cleanup strategies.\n- **Capacity Planning:** Tracking storage trends to predict when additional capacity will be needed.\n- **Compliance & Governance:** Monitoring data growth patterns to ensure alignment with data retention policies.\n\nKey functionalities:\n\n- **Storage Limits Analysis:** Retrieves and displays org data storage limits, including total capacity, used storage, remaining storage, and percentage used. Detects and alerts on over-usage scenarios.\n- **SObject Discovery & Filtering:** Automatically discovers all SObjects in the org and filters them to focus on production/custom objects (excludes metadata types, platform-only objects, and cached empty objects).\n- **Interactive Selection:** Prompts the user to select which SObjects to analyze and choose between `CreatedDate` or `LastModifiedDate` for temporal breakdown.\n- **Yearly Storage Breakdown:** Executes grouped SOQL queries per object to calculate record counts by year, providing historical growth trends.\n- **Storage Estimation:** Estimates storage usage for each object using an average record size heuristic (2 KB per record) and calculates the percentage of org quota consumed.\n- **Dual CSV Reports:** Generates two CSV files: a detailed by-year breakdown and a totals-per-object summary, both suitable for spreadsheet analysis and reporting.\n- **Empty Objects Cache:** Maintains a per-user cache of objects detected with zero records to optimize subsequent runs by skipping empty tables.\n- **Progress Tracking:** Sends WebSocket progress messages for integration with external UIs and monitoring dashboards.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Limits Retrieval:** Calls `conn.limits()` to retrieve the `DataStorageMB` object containing `Max` and `Remaining` values. Handles negative `Remaining` values (over-usage scenarios) by calculating `overUsageMB` and adjusting display values.\n- **SObject Discovery:** Uses `conn.metadata.list([{ type: 'CustomObject' }])` to get custom objects and `conn.describeGlobal()` to get all SObjects. Filters by object capabilities (`layoutable`, `queryable`, `retrieveable`, `createable`, `updateable`, `deletable`) and excludes metadata types (`__mdt` suffix) and cached empty objects.\n- **User Interaction:** Uses `prompts` for interactive multi-select of SObjects and single-select for date field choice. All objects are pre-selected by default for user convenience.\n- **Yearly Aggregation Queries:** For each selected SObject, executes a grouped SOQL query: `SELECT CALENDAR_YEAR(<DateField>) year, COUNT(Id) total FROM <SObject> GROUP BY CALENDAR_YEAR(<DateField>) ORDER BY CALENDAR_YEAR(<DateField>) DESC`. Handles query errors gracefully (logs error and continues with next object).\n- **Storage Calculation:** Applies a conservative average record size of 2 KB (2048 bytes) to estimate storage consumption. Calculates both MB usage and percentage of org quota for each object and year.\n- **Report Generation:** Uses `generateCsvFile` and `generateReportPath` helpers to create two CSV files in the reports directory:\n  - Detailed breakdown: includes all yearly statistics per object\n  - Totals summary: includes only aggregate totals per object\n- **Caching Mechanism:** Writes a JSON cache file per authenticated username (sanitized) in the reports directory (`<username>_empty_tables_cache.json`) containing an array of empty object names. The cache is updated after each run with newly detected empty objects.\n- **Progress & UX:** Uses `WebSocketClient` to emit start/step/end progress messages for external monitoring. Outputs summary tables with `uxLogTable` and status messages with `uxLog`.\n- **Return Value:** Returns a JSON object containing `tableStorageInfos` (all rows), `tableStorageInfosTotals` (summary rows), `storageLimits` (org limits object), and `outputFiles` (paths to generated CSV/XLSX reports).\n</details>\n\n![](https://sfdx-hardis.cloudity.com/assets/images/storage-usage-year-breakdown.png)\n\n![](https://sfdx-hardis.cloudity.com/assets/images/storage-usage-total.png)\n",
+      "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:storage-stats"
+        "$ sf hardis:org:generate:packagexmlfull",
+        "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
+        "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
       ],
       "flags": {
         "json": {
@@ -7427,8 +7347,7 @@
           "type": "option"
         },
         "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
+          "description": "Output package.xml file",
           "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -7441,6 +7360,13 @@
           "allowNo": false,
           "type": "boolean"
         },
+        "no-prompt": {
+          "char": "n",
+          "description": "Do not prompt for org username, use the default one",
+          "name": "no-prompt",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "websocket": {
           "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
@@ -7472,57 +7398,57 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:storage-stats",
+      "id": "hardis:org:generate:packagexmlfull",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Extract Data Storage stats",
-      "requiresProject": true,
+      "title": "Generate Full Org package.xml",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "storage-stats.js"
+        "generate",
+        "packagexmlfull.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:storage-stats",
-        "org:hardis:diagnose:storage-stats",
-        "org:diagnose:hardis:storage-stats",
-        "org:diagnose:storage-stats:hardis",
-        "hardis:diagnose:org:storage-stats",
-        "diagnose:hardis:org:storage-stats",
-        "diagnose:org:hardis:storage-stats",
-        "diagnose:org:storage-stats:hardis",
-        "hardis:diagnose:storage-stats:org",
-        "diagnose:hardis:storage-stats:org",
-        "diagnose:storage-stats:hardis:org",
-        "diagnose:storage-stats:org:hardis",
-        "hardis:org:storage-stats:diagnose",
-        "org:hardis:storage-stats:diagnose",
-        "org:storage-stats:hardis:diagnose",
-        "org:storage-stats:diagnose:hardis",
-        "hardis:storage-stats:org:diagnose",
-        "storage-stats:hardis:org:diagnose",
-        "storage-stats:org:hardis:diagnose",
-        "storage-stats:org:diagnose:hardis",
-        "hardis:storage-stats:diagnose:org",
-        "storage-stats:hardis:diagnose:org",
-        "storage-stats:diagnose:hardis:org",
-        "storage-stats:diagnose:org:hardis"
-      ]
+        "hardis:org:generate:packagexmlfull",
+        "org:hardis:generate:packagexmlfull",
+        "org:generate:hardis:packagexmlfull",
+        "org:generate:packagexmlfull:hardis",
+        "hardis:generate:org:packagexmlfull",
+        "generate:hardis:org:packagexmlfull",
+        "generate:org:hardis:packagexmlfull",
+        "generate:org:packagexmlfull:hardis",
+        "hardis:generate:packagexmlfull:org",
+        "generate:hardis:packagexmlfull:org",
+        "generate:packagexmlfull:hardis:org",
+        "generate:packagexmlfull:org:hardis",
+        "hardis:org:packagexmlfull:generate",
+        "org:hardis:packagexmlfull:generate",
+        "org:packagexmlfull:hardis:generate",
+        "org:packagexmlfull:generate:hardis",
+        "hardis:packagexmlfull:org:generate",
+        "packagexmlfull:hardis:org:generate",
+        "packagexmlfull:org:hardis:generate",
+        "packagexmlfull:org:generate:hardis",
+        "hardis:packagexmlfull:generate:org",
+        "packagexmlfull:hardis:generate:org",
+        "packagexmlfull:generate:hardis:org",
+        "packagexmlfull:generate:org:hardis"
+      ]
     },
-    "hardis:org:diagnose:unsecure-connected-apps": {
+    "hardis:org:monitor:all": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Detects unsecured Connected Apps in a Salesforce org and generates detailed reports for security analysis.**\n\nThis command is a critical security diagnostic tool that helps administrators identify Connected Apps that may pose security risks due to improper configuration. It provides comprehensive analysis of OAuth tokens and Connected App security settings to ensure proper access control.\n\nKey functionalities:\n\n- **OAuth Token Analysis:** Queries all OAuth tokens in the org using SOQL to retrieve comprehensive token information including app names, users, authorization status, and usage statistics.\n- **Security Status Assessment:** Evaluates each Connected App's security configuration by checking the `IsUsingAdminAuthorization` flag to determine if admin pre-approval is required.\n- **Unsecured App Detection:** Identifies Connected Apps that allow users to authorize themselves without admin approval, which can pose security risks.\n- **Detailed Reporting:** Generates two comprehensive CSV reports:\n  - **OAuth Tokens Report:** Lists all OAuth tokens with security status, user information, and usage data\n  - **Connected Apps Summary:** Aggregates unsecured Connected Apps with counts of associated OAuth tokens\n- **Visual Indicators:** Uses status icons (❌ for unsecured, ✅ for secured) to provide immediate visual feedback on security status.\n- **Security Recommendations:** Provides actionable guidance on how to secure Connected Apps through proper configuration.\n- **Notifications:** Sends alerts to configured channels (Grafana, Slack, MS Teams) with security findings and attached reports.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-security/) and can output Grafana, Slack and MsTeams Notifications.\n\n<iframe width=\"560\" height=\"315\" src=\"https://www.youtube.com/embed/jHv8yrSK8Dg\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen></iframe>\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query Execution:** Executes a comprehensive SOQL query on the `OauthToken` object, joining with `AppMenuItem` and `User` objects to gather complete security context.\n- **Security Analysis Logic:** Analyzes the `AppMenuItem.IsUsingAdminAuthorization` field to determine if a Connected App requires admin pre-approval for user authorization.\n- **Data Transformation:** Processes raw SOQL results to add security status indicators and reorganize data for optimal reporting and analysis.\n- **Aggregation Processing:** Groups OAuth tokens by Connected App name to provide summary statistics and identify the most problematic applications.\n- **Report Generation:** Uses `generateCsvFile` to create structured CSV reports with proper formatting and metadata for easy analysis and sharing.\n- **Notification Integration:** Integrates with the `NotifProvider` to send security alerts with detailed metrics, including the number of unsecured Connected Apps and associated OAuth tokens.\n- **File Management:** Generates multiple output formats (CSV, XLSX) and manages file paths using `generateReportPath` for consistent report organization.\n- **Connection Management:** Uses `setConnectionVariables` to ensure proper authentication context for notification providers that require org connection details.\n</details>\n",
+      "description": "Monitor org, generate reports and sends notifications\n\nYou can disable some commands defining either a **monitoringDisable** property in `.sfdx-hardis.yml`, or a comma separated list in env variable **MONITORING_DISABLE**\n\nExample in .sfdx-hardis.yml:\n  \n```yaml\nmonitoringDisable:\n  - METADATA_STATUS\n  - MISSING_ATTRIBUTES\n  - UNUSED_METADATAS\n```\n  \nExample in env var:\n\n```sh\nMONITORING_DISABLE=METADATA_STATUS,MISSING_ATTRIBUTES,UNUSED_METADATAS\n```\n\nA [default list of monitoring commands](https://sfdx-hardis.cloudity.com/salesforce-monitoring-home/#monitoring-commands) is used, if you want to override it you can define property **monitoringCommands** in your .sfdx-hardis.yml file\n\nExample:\n\n```yaml\nmonitoringCommands:\n  - title: My Custom command\n    command: sf my:custom:command\n  - title: My Custom command 2\n    command: sf my:other:custom:command\n```\n\nYou can force the daily run of all commands by defining env var `MONITORING_IGNORE_FREQUENCY=true`\n\nThe default list of commands is the following:\n\n| Key | Description | Command | Frequency |\n| :---: | :---- | :---- | :-----: |\n| [AUDIT_TRAIL](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | Detect suspect setup actions in major org | [sf hardis:org:diagnose:audittrail](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | daily |\n| [LEGACY_API](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | Detect calls to deprecated API versions | [sf hardis:org:diagnose:legacyapi](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | daily |\n| [ORG_LIMITS](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | Detect if org limits are close to be reached | [sf hardis:org:monitor:limits](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | daily |\n| [UNSECURED_CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | Detect unsecured Connected Apps in an org | [sf hardis:org:diagnose:unsecure-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | daily |\n| [LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | Extract licenses information | [sf hardis:org:diagnose:licenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | weekly |\n| [LINT_ACCESS](https://sfdx-hardis.cloudity.com/hardis/lint/access) | Detect custom elements with no access rights defined in permission sets | [sf hardis:lint:access](https://sfdx-hardis.cloudity.com/hardis/lint/access) | weekly |\n| [UNUSED_LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | Detect permission set licenses that are assigned to users that do not need them | [sf hardis:org:diagnose:unusedlicenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | weekly |\n| [UNUSED_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users without recent logins | [sf hardis:org:diagnose:unusedusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ACTIVE_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users with recent logins | [sf hardis:org:diagnose:unusedusers --returnactiveusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ORG_INFO](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | Get org info + SF instance info + next major upgrade date | [sf hardis:org:diagnose:instanceupgrade](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | weekly |\n| [RELEASE_UPDATES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | Gather warnings about incoming and overdue Release Updates | [sf hardis:org:diagnose:releaseupdates](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | weekly |\n| [UNUSED_METADATAS](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | Detect custom labels and custom permissions that are not in use | [sf hardis:lint:unusedmetadatas](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | weekly |\n| [UNUSED_APEX_CLASSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | Detect unused Apex classes in an org | [sf hardis:org:diagnose:unused-apex-classes](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | weekly |\n| [CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | Detect unused Connected Apps in an org | [sf hardis:org:diagnose:unused-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | weekly |\n| [METADATA_STATUS](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | Detect inactive metadata | [sf hardis:lint:metadatastatus](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | weekly |\n| [MISSING_ATTRIBUTES](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | Detect missing description on custom field | [sf hardis:lint:missingattributes](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | weekly |\n\n",
       "examples": [
-        "$ sf hardis:org:diagnose:unsecure-connected-apps"
+        "$ sf hardis:org:monitor:all"
       ],
       "flags": {
         "json": {
@@ -7540,14 +7466,6 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -7586,58 +7504,159 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:unsecure-connected-apps",
+      "id": "hardis:org:monitor:all",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Detect Unsecured Connected Apps",
-      "requiresProject": false,
+      "title": "Monitor org",
+      "monitoringCommandsDefault": [
+        {
+          "key": "AUDIT_TRAIL",
+          "title": "Detect suspect setup actions in major org",
+          "command": "sf hardis:org:diagnose:audittrail",
+          "frequency": "daily"
+        },
+        {
+          "key": "LEGACY_API",
+          "title": "Detect calls to deprecated API versions",
+          "command": "sf hardis:org:diagnose:legacyapi",
+          "frequency": "daily"
+        },
+        {
+          "key": "ORG_LIMITS",
+          "title": "Detect if org limits are close to be reached",
+          "command": "sf hardis:org:monitor:limits",
+          "frequency": "daily"
+        },
+        {
+          "key": "UNSECURED_CONNECTED_APPS",
+          "title": "Detect unsecured Connected Apps in an org",
+          "command": "sf hardis:org:diagnose:unsecure-connected-apps",
+          "frequency": "daily"
+        },
+        {
+          "key": "LICENSES",
+          "title": "Extract licenses information",
+          "command": "sf hardis:org:diagnose:licenses",
+          "frequency": "weekly"
+        },
+        {
+          "key": "LINT_ACCESS",
+          "title": "Detect custom elements with no access rights defined in permission sets",
+          "command": "sf hardis:lint:access",
+          "frequency": "weekly"
+        },
+        {
+          "key": "UNUSED_LICENSES",
+          "title": "Detect permission set licenses that are assigned to users that do not need them",
+          "command": "sf hardis:org:diagnose:unusedlicenses",
+          "frequency": "weekly"
+        },
+        {
+          "key": "UNUSED_USERS",
+          "title": "Detect active users without recent logins",
+          "command": "sf hardis:org:diagnose:unusedusers",
+          "frequency": "weekly"
+        },
+        {
+          "key": "ACTIVE_USERS",
+          "title": "Detect active users with recent logins",
+          "command": "sf hardis:org:diagnose:unusedusers --returnactiveusers",
+          "frequency": "weekly"
+        },
+        {
+          "key": "ORG_INFO",
+          "title": "Get org info + SF instance info + next major upgrade date",
+          "command": "sf hardis:org:diagnose:instanceupgrade",
+          "frequency": "weekly"
+        },
+        {
+          "key": "RELEASE_UPDATES",
+          "title": "Gather warnings about incoming and overdue Release Updates",
+          "command": "sf hardis:org:diagnose:releaseupdates",
+          "frequency": "weekly"
+        },
+        {
+          "key": "UNUSED_METADATAS",
+          "title": "Detect custom labels and custom permissions that are not in use",
+          "command": "sf hardis:lint:unusedmetadatas",
+          "frequency": "weekly"
+        },
+        {
+          "key": "UNUSED_APEX_CLASSES",
+          "title": "Detect unused Apex classes in an org",
+          "command": "sf hardis:org:diagnose:unused-apex-classes",
+          "frequency": "weekly"
+        },
+        {
+          "key": "CONNECTED_APPS",
+          "title": "Detect unused Connected Apps in an org",
+          "command": "sf hardis:org:diagnose:unused-connected-apps",
+          "frequency": "weekly"
+        },
+        {
+          "key": "METADATA_STATUS",
+          "title": "Detect inactive metadata",
+          "command": "sf hardis:lint:metadatastatus",
+          "frequency": "weekly"
+        },
+        {
+          "key": "MISSING_ATTRIBUTES",
+          "title": "Detect missing description on custom field",
+          "command": "sf hardis:lint:missingattributes",
+          "frequency": "weekly"
+        }
+      ],
+      "requiresProject": true,
+      "triggerNotification": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "unsecure-connected-apps.js"
+        "monitor",
+        "all.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:unsecure-connected-apps",
-        "org:hardis:diagnose:unsecure-connected-apps",
-        "org:diagnose:hardis:unsecure-connected-apps",
-        "org:diagnose:unsecure-connected-apps:hardis",
-        "hardis:diagnose:org:unsecure-connected-apps",
-        "diagnose:hardis:org:unsecure-connected-apps",
-        "diagnose:org:hardis:unsecure-connected-apps",
-        "diagnose:org:unsecure-connected-apps:hardis",
-        "hardis:diagnose:unsecure-connected-apps:org",
-        "diagnose:hardis:unsecure-connected-apps:org",
-        "diagnose:unsecure-connected-apps:hardis:org",
-        "diagnose:unsecure-connected-apps:org:hardis",
-        "hardis:org:unsecure-connected-apps:diagnose",
-        "org:hardis:unsecure-connected-apps:diagnose",
-        "org:unsecure-connected-apps:hardis:diagnose",
-        "org:unsecure-connected-apps:diagnose:hardis",
-        "hardis:unsecure-connected-apps:org:diagnose",
-        "unsecure-connected-apps:hardis:org:diagnose",
-        "unsecure-connected-apps:org:hardis:diagnose",
-        "unsecure-connected-apps:org:diagnose:hardis",
-        "hardis:unsecure-connected-apps:diagnose:org",
-        "unsecure-connected-apps:hardis:diagnose:org",
-        "unsecure-connected-apps:diagnose:hardis:org",
-        "unsecure-connected-apps:diagnose:org:hardis"
+        "hardis:org:monitor:all",
+        "org:hardis:monitor:all",
+        "org:monitor:hardis:all",
+        "org:monitor:all:hardis",
+        "hardis:monitor:org:all",
+        "monitor:hardis:org:all",
+        "monitor:org:hardis:all",
+        "monitor:org:all:hardis",
+        "hardis:monitor:all:org",
+        "monitor:hardis:all:org",
+        "monitor:all:hardis:org",
+        "monitor:all:org:hardis",
+        "hardis:org:all:monitor",
+        "org:hardis:all:monitor",
+        "org:all:hardis:monitor",
+        "org:all:monitor:hardis",
+        "hardis:all:org:monitor",
+        "all:hardis:org:monitor",
+        "all:org:hardis:monitor",
+        "all:org:monitor:hardis",
+        "hardis:all:monitor:org",
+        "all:hardis:monitor:org",
+        "all:monitor:hardis:org",
+        "all:monitor:org:hardis"
       ]
     },
-    "hardis:org:diagnose:unused-apex-classes": {
+    "hardis:org:monitor:backup": {
       "aliases": [],
       "args": {},
-      "description": "List all async Apex classes (Batch,Queueable,Schedulable) that has not been called for more than 365 days.\n  \nThe result class list probably can be removed from the project, and that will improve your test classes performances 😊\n\nThe number of unused day is overridable using --days option. \n\nThe command uses queries on AsyncApexJob and CronTrigger technical tables to build the result.\n\nApex Classes CreatedBy and CreatedOn fields are calculated from MIN(date from git, date from org)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-apex-classes/) and can output Grafana, Slack and MsTeams Notifications.\n\n![](https://sfdx-hardis.cloudity.com/assets/images/screenshot-monitoring-unused-apex-grafana.jpg)\n",
+      "description": "Retrieve sfdx sources in the context of a monitoring backup\n\nThe command exists in 2 modes: filtered(default & recommended) and full.\n\n## Filtered mode (default, better performances)\n\nAutomatically skips metadatas from installed packages with namespace.  \n\nYou can remove more metadata types from backup, especially in case you have too many metadatas and that provokes a crash, using:\n\n- Manual update of `manifest/package-skip-items.xml` config file (then commit & push in the same branch)\n\n  - Works with full wildcard (`<members>*</members>`) , named metadata (`<members>Account.Name</members>`) or partial wildcards names (`<members>pi__*</members>` , `<members>*__dlm</members>` , or `<members>prefix*suffix</members>`)\n\n- Environment variable MONITORING_BACKUP_SKIP_METADATA_TYPES (example: `MONITORING_BACKUP_SKIP_METADATA_TYPES=CustomLabel,StaticResource,Translation`): that will be applied to all monitoring branches.\n\n## Full mode\n\nActivate it with **--full** parameter, or variable MONITORING_BACKUP_MODE_FULL=true\n\nIgnores filters (namespaces items & manifest/package-skip-items.xml) to retrieve ALL metadatas, including those you might not care about (reports, translations...)\n\nAs we can retrieve only 10000 files by call, the list of all metadatas will be chunked to make multiple calls (and take more time than filtered mode)\n\n- if you use `--full-apply-filters` , manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES filters will be applied anyway\n- if you use `--exclude-namespaces` , namespaced items will be ignored\n\n_With those both options, it's like if you are not using --full, but with chunked metadata download_\n\n## In CI/CD\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-metadata-backup/) and can output Grafana, Slack and MsTeams Notifications.\n\n## Troubleshooting\n\nIf you have unknown errors (it happens !), you can investigate using the full command with smaller chunks.\n\nExample: `sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters --max-by-chunk 500`\n\nIt will allow you the identify the responsible metadata and ignore it using package-skip-items.xml or MONITORING_BACKUP_SKIP_METADATA_TYPES env variable.\n\n## Documentation\n\n[Doc generation (including visual flows)](https://sfdx-hardis.cloudity.com/hardis/doc/project2markdown/) is triggered at the end of the command.\n\nIf you want to also upload HTML Documentation on your Salesforce Org as static resource, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_ORG=\"true\"**\n\nIf you want to also upload HTML Documentation on Cloudflare, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_CLOUDFLARE=\"true\"**\n\n- If you want to generate the documentation in multiple languages, define variable SFDX_DOC_LANGUAGES (ex: SFDX_DOC_LANGUAGES=en,fr,de)\n- You can define one Cloudflare site by language, for example with the following variables:\n  - CLOUDFLARE_PROJECT_NAME_EN=cloudity-demo-english\n  - CLOUDFLARE_PROJECT_NAME_FR=cloudity-demo-french\n  - CLOUDFLARE_PROJECT_NAME_DE=cloudity-demo-german\n\nIf Flow history doc always display a single state, you probably need to update your workflow configuration:\n\n- on Gitlab: Env variable [`GIT_FETCH_EXTRA_FLAGS: --depth 10000`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.gitlab-ci.yml#L11)\n- on GitHub: [`fetch-depth: 0`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.github/workflows/org-monitoring.yml#L58)\n- on Azure: [`fetchDepth: \"0\"`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/azure-pipelines.yml#L39)\n- on Bitbucket: [`step: clone: depth: full`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/bitbucket-pipelines.yml#L18)\n",
       "examples": [
-        "$ sf hardis:org:diagnose:unused-apex-classes",
-        "$ sf hardis:org:diagnose:unused-apex-classes --days 700"
+        "$ sf hardis:org:monitor:backup",
+        "$ sf hardis:org:monitor:backup --full",
+        "$ sf hardis:org:monitor:backup --full --exclude-namespaces",
+        "$ sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters"
       ],
       "flags": {
         "json": {
@@ -7655,18 +7674,53 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
+        "full": {
+          "description": "Dot not take in account filtering using package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES. Efficient but much much slower !",
+          "name": "full",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "max-by-chunk": {
+          "char": "m",
+          "description": "If mode --full is activated, maximum number of metadatas in a package.xml chunk",
+          "name": "max-by-chunk",
+          "default": 3000,
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "days": {
-          "char": "t",
-          "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
-          "name": "days",
+        "exclude-namespaces": {
+          "char": "e",
+          "description": "If mode --full is activated, exclude namespaced metadatas",
+          "name": "exclude-namespaces",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "full-apply-filters": {
+          "char": "z",
+          "description": "If mode --full is activated, apply filters of manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES anyway",
+          "name": "full-apply-filters",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "start-chunk": {
+          "description": "Use this parameter to troubleshoot a specific chunk. It will be used as the first chunk to retrieve",
+          "name": "start-chunk",
+          "default": 1,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skip-doc": {
+          "description": "Skip the generation of project documentation at the end of the command",
+          "name": "skip-doc",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "outputfile": {
+          "char": "f",
+          "description": "Force the path and name of output report file. Must end with .csv",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7707,59 +7761,60 @@
           "type": "option"
         }
       },
-      "hasDynamicHelp": true,
-      "hiddenAliases": [],
-      "id": "hardis:org:diagnose:unused-apex-classes",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Detect unused Apex classes in an org",
-      "requiresProject": false,
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "org",
-        "diagnose",
-        "unused-apex-classes.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:org:diagnose:unused-apex-classes",
-        "org:hardis:diagnose:unused-apex-classes",
-        "org:diagnose:hardis:unused-apex-classes",
-        "org:diagnose:unused-apex-classes:hardis",
-        "hardis:diagnose:org:unused-apex-classes",
-        "diagnose:hardis:org:unused-apex-classes",
-        "diagnose:org:hardis:unused-apex-classes",
-        "diagnose:org:unused-apex-classes:hardis",
-        "hardis:diagnose:unused-apex-classes:org",
-        "diagnose:hardis:unused-apex-classes:org",
-        "diagnose:unused-apex-classes:hardis:org",
-        "diagnose:unused-apex-classes:org:hardis",
-        "hardis:org:unused-apex-classes:diagnose",
-        "org:hardis:unused-apex-classes:diagnose",
-        "org:unused-apex-classes:hardis:diagnose",
-        "org:unused-apex-classes:diagnose:hardis",
-        "hardis:unused-apex-classes:org:diagnose",
-        "unused-apex-classes:hardis:org:diagnose",
-        "unused-apex-classes:org:hardis:diagnose",
-        "unused-apex-classes:org:diagnose:hardis",
-        "hardis:unused-apex-classes:diagnose:org",
-        "unused-apex-classes:hardis:diagnose:org",
-        "unused-apex-classes:diagnose:hardis:org",
-        "unused-apex-classes:diagnose:org:hardis"
+      "hasDynamicHelp": true,
+      "hiddenAliases": [],
+      "id": "hardis:org:monitor:backup",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Backup DX sources",
+      "requiresProject": true,
+      "triggerNotification": true,
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "org",
+        "monitor",
+        "backup.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:org:monitor:backup",
+        "org:hardis:monitor:backup",
+        "org:monitor:hardis:backup",
+        "org:monitor:backup:hardis",
+        "hardis:monitor:org:backup",
+        "monitor:hardis:org:backup",
+        "monitor:org:hardis:backup",
+        "monitor:org:backup:hardis",
+        "hardis:monitor:backup:org",
+        "monitor:hardis:backup:org",
+        "monitor:backup:hardis:org",
+        "monitor:backup:org:hardis",
+        "hardis:org:backup:monitor",
+        "org:hardis:backup:monitor",
+        "org:backup:hardis:monitor",
+        "org:backup:monitor:hardis",
+        "hardis:backup:org:monitor",
+        "backup:hardis:org:monitor",
+        "backup:org:hardis:monitor",
+        "backup:org:monitor:hardis",
+        "hardis:backup:monitor:org",
+        "backup:hardis:monitor:org",
+        "backup:monitor:hardis:org",
+        "backup:monitor:org:hardis"
       ]
     },
-    "hardis:org:diagnose:unused-connected-apps": {
+    "hardis:org:monitor:limits": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Identifies and reports on potentially unused Connected Apps in a Salesforce org, suggesting candidates for deletion or deactivation.**\n\nThis command helps improve org security and reduce technical debt by pinpointing Connected Apps that are no longer actively used. Connected Apps can pose security risks if left unmonitored, and cleaning them up contributes to a healthier Salesforce environment.\n\nKey functionalities:\n\n- **Connected App Data Collection:** Gathers information about all Connected Apps in the org, including creation and last modified dates, and associated users.\n- **Usage Analysis:** Analyzes `LoginHistory` and `OAuthToken` records to determine the last usage date of each Connected App.\n- **Inactivity Detection:** Flags Connected Apps as potentially unused if they have no recent login history or OAuth token usage.\n- **Accessibility Check:** Examines Connected App metadata to identify if they are accessible (e.g., if they require admin approval and have no profiles or permission sets assigned).\n- **Ignored Apps:** Automatically ignores a predefined list of common Salesforce Connected Apps (e.g., `Salesforce CLI`, `Salesforce Mobile Dashboards`). You can extend this list by defining the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n- **CSV Report Generation:** Generates a CSV file containing details of all analyzed Connected Apps, including their usage status, last usage date, and reasons for being flagged as potentially unused.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of potentially unused Connected Apps.\n\n**Default Ignored Connected Apps:**\n\n- Ant Migration Tool\n- Chatter Desktop\n- Chatter Mobile for BlackBerry\n- Force.com IDE\n- OIQ_Integration\n- Salesforce CLI\n- Salesforce Files\n- Salesforce Mobile Dashboards\n- Salesforce Touch\n- Salesforce for Outlook\n- SalesforceA\n- SalesforceA for Android\n- SalesforceA for iOS\n- SalesforceDX Namespace Registry\n- SalesforceIQ\n\nYou can add more ignored apps by defining a comma-separated list of names in the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n\n_Example: \nALLOWED_INACTIVE_CONNECTED_APPS=My App 1,My App 2, My App 3_\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-connected-apps/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It performs SOQL queries against `ConnectedApplication`, `LoginHistory`, and `OAuthToken` objects to gather comprehensive data about Connected Apps and their usage.\n- **Temporary SFDX Project:** It creates a temporary SFDX project to retrieve Connected App metadata, allowing for local parsing and analysis of their XML files.\n- **Metadata Parsing:** It parses the `connectedApp-meta.xml` files to check for `isAdminApproved` and the presence of `profileName` or `permissionsetName` to determine accessibility.\n- **Data Correlation:** It correlates data from various Salesforce objects to build a complete picture of each Connected App's usage and status.\n- **Date Calculation:** Uses `moment` to calculate the time since the last OAuth token usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused Connected Apps.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **File System Operations:** Uses `fs-extra` for creating and removing temporary directories and files.\n- **Environment Variable Reading:** Reads the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable to customize the list of ignored Connected Apps.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Checks the current usage of various Salesforce org limits and sends notifications if thresholds are exceeded.**\n\nThis command is a critical component of proactive Salesforce org management, helping administrators and developers monitor resource consumption and prevent hitting critical limits that could impact performance or functionality. It provides early warnings when limits are approaching their capacity.\n\nKey functionalities:\n\n- **Limit Retrieval:** Fetches a comprehensive list of all Salesforce org limits using the Salesforce CLI.\n- **Usage Calculation:** Calculates the percentage of each limit that is currently being used.\n- **Threshold-Based Alerting:** Assigns a severity (success, warning, or error) to each limit based on configurable thresholds:\n  - **Warning:** If usage exceeds 50% (configurable via `LIMIT_THRESHOLD_WARNING` environment variable).\n  - **Error:** If usage exceeds 75% (configurable via `LIMIT_THRESHOLD_ERROR` environment variable).\n- **CSV Report Generation:** Generates a CSV file containing all org limits, their current usage, maximum allowed, and calculated percentage used, along with the assigned severity.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of limits that have exceeded the warning or error thresholds.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-limits/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce CLI Integration:** It executes the `sf org limits list` command to retrieve the current org limits. It parses the JSON output of this command.\n- **Data Processing:** It iterates through the retrieved limits, calculates the `used` and `percentUsed` values, and assigns a `severity` (success, warning, error) based on the configured thresholds.\n- **Environment Variable Configuration:** Reads `LIMIT_THRESHOLD_WARNING` and `LIMIT_THRESHOLD_ERROR` environment variables to set the warning and error thresholds for limit usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of org limits.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and detailed metrics for each limit, which can be consumed by monitoring dashboards like Grafana.\n- **Exit Code Management:** Sets the process exit code to 1 if any limit is in an 'error' state, indicating a critical issue.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:unused-connected-apps"
+        "$ sf hardis:org:monitor:limits"
       ],
       "flags": {
         "json": {
@@ -7823,75 +7878,59 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:unused-connected-apps",
+      "id": "hardis:org:monitor:limits",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Unused Connected Apps in an org",
-      "allowedInactiveConnectedApps": [
-        "Ant Migration Tool",
-        "Chatter Desktop",
-        "Chatter Mobile for BlackBerry",
-        "Force.com IDE",
-        "OIQ_Integration",
-        "Salesforce CLI",
-        "Salesforce Files",
-        "Salesforce Mobile Dashboards",
-        "Salesforce Touch",
-        "Salesforce for Outlook",
-        "SalesforceA",
-        "SalesforceA for Android",
-        "SalesforceA for iOS",
-        "SalesforceDX Namespace Registry",
-        "SalesforceIQ"
-      ],
-      "requiresProject": false,
+      "title": "Check org limits",
+      "requiresProject": true,
+      "triggerNotification": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "unused-connected-apps.js"
+        "monitor",
+        "limits.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:unused-connected-apps",
-        "org:hardis:diagnose:unused-connected-apps",
-        "org:diagnose:hardis:unused-connected-apps",
-        "org:diagnose:unused-connected-apps:hardis",
-        "hardis:diagnose:org:unused-connected-apps",
-        "diagnose:hardis:org:unused-connected-apps",
-        "diagnose:org:hardis:unused-connected-apps",
-        "diagnose:org:unused-connected-apps:hardis",
-        "hardis:diagnose:unused-connected-apps:org",
-        "diagnose:hardis:unused-connected-apps:org",
-        "diagnose:unused-connected-apps:hardis:org",
-        "diagnose:unused-connected-apps:org:hardis",
-        "hardis:org:unused-connected-apps:diagnose",
-        "org:hardis:unused-connected-apps:diagnose",
-        "org:unused-connected-apps:hardis:diagnose",
-        "org:unused-connected-apps:diagnose:hardis",
-        "hardis:unused-connected-apps:org:diagnose",
-        "unused-connected-apps:hardis:org:diagnose",
-        "unused-connected-apps:org:hardis:diagnose",
-        "unused-connected-apps:org:diagnose:hardis",
-        "hardis:unused-connected-apps:diagnose:org",
-        "unused-connected-apps:hardis:diagnose:org",
-        "unused-connected-apps:diagnose:hardis:org",
-        "unused-connected-apps:diagnose:org:hardis"
+        "hardis:org:monitor:limits",
+        "org:hardis:monitor:limits",
+        "org:monitor:hardis:limits",
+        "org:monitor:limits:hardis",
+        "hardis:monitor:org:limits",
+        "monitor:hardis:org:limits",
+        "monitor:org:hardis:limits",
+        "monitor:org:limits:hardis",
+        "hardis:monitor:limits:org",
+        "monitor:hardis:limits:org",
+        "monitor:limits:hardis:org",
+        "monitor:limits:org:hardis",
+        "hardis:org:limits:monitor",
+        "org:hardis:limits:monitor",
+        "org:limits:hardis:monitor",
+        "org:limits:monitor:hardis",
+        "hardis:limits:org:monitor",
+        "limits:hardis:org:monitor",
+        "limits:org:hardis:monitor",
+        "limits:org:monitor:hardis",
+        "hardis:limits:monitor:org",
+        "limits:hardis:monitor:org",
+        "limits:monitor:hardis:org",
+        "limits:monitor:org:hardis"
       ]
     },
-    "hardis:org:diagnose:unusedlicenses": {
+    "hardis:org:purge:apexlog": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Detects and suggests the deletion of unused Permission Set License Assignments in a Salesforce org.**\n\nWhen a Permission Set (PS) linked to a Permission Set License (PSL) is assigned to a user, a Permission Set License Assignment (PSLA) is automatically created. However, when that PS is unassigned from the user, the PSLA is *not* automatically deleted. This can lead to organizations being charged for unused PSLAs, representing a hidden cost and technical debt.\n\nThis command identifies such useless PSLAs and provides options to delete them, helping to optimize license usage and reduce unnecessary expenses.\n\nKey functionalities:\n\n- **PSLA Detection:** Queries the Salesforce org to find all active PSLAs.\n- **Usage Verification:** Correlates PSLAs with actual Permission Set Assignments and Permission Set Group Assignments to determine if the underlying Permission Sets are still assigned to the user.\n- **Special Case Handling:** Accounts for specific scenarios where profiles might implicitly assign PSLAs (e.g., `Salesforce API Only` profile assigning `SalesforceAPIIntegrationPsl`) and allows for always excluding certain PSLAs from the unused check.\n- **Reporting:** Generates a CSV report of all identified unused PSLAs, including the user and the associated Permission Set License.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of unused PSLAs.\n- **Interactive Deletion:** In non-CI environments, it offers an interactive prompt to bulk delete the identified unused PSLAs.\n\nMany thanks to [Vincent Finet](https://www.linkedin.com/in/vincentfinet/) for the inspiration during his great speaker session at [French Touch Dreamin '23](https://frenchtouchdreamin.com/), and his kind agreement for reusing such inspiration in this command 😊\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-licenses/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves extensive querying of Salesforce objects and data correlation:\n\n- **SOQL Queries (Bulk API):** It uses `bulkQuery` and `bulkQueryChunksIn` to efficiently retrieve large volumes of data from `PermissionSetLicenseAssign`, `PermissionSetLicense`, `PermissionSet`, `PermissionSetGroupComponent`, and `PermissionSetAssignment` objects.\n- **Data Correlation:** It meticulously correlates data across these objects to determine if a `PermissionSetLicenseAssign` record has a corresponding active assignment to a Permission Set or Permission Set Group for the same user.\n- **Filtering Logic:** It applies complex filtering logic to exclude PSLAs that are genuinely in use or are part of predefined exceptions (e.g., `alwaysExcludeForActiveUsersPermissionSetLicenses`).\n- **Bulk Deletion:** If the user opts to delete unused PSLAs, it uses `bulkUpdate` with the `delete` operation to efficiently remove multiple records.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused PSLAs.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Interaction:** Uses `prompts` for interactive confirmation before performing deletion operations.\n</details>\n",
+      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:unusedlicenses",
-        "$ sf hardis:org:diagnose:unusedlicenses --fix"
+        "$ sf hardis:org:purge:apexlog",
+        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
       ],
       "flags": {
         "json": {
@@ -7909,13 +7948,12 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
         },
         "debug": {
           "char": "d",
@@ -7955,79 +7993,59 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:unusedlicenses",
+      "id": "hardis:org:purge:apexlog",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Detect unused Permission Set Licenses (beta)",
+      "title": "Purge Apex Logs",
       "requiresProject": false,
-      "additionalPermissionSetsToAlwaysGet": [
-        "Sales_User"
-      ],
-      "permSetsPermSetLicenses": [
-        {
-          "permSet": "Sales_User",
-          "permSetLicense": "SalesUserPsl"
-        }
-      ],
-      "profilesPermissionSetLicenses": [
-        {
-          "profile": "Salesforce API Only",
-          "permSetLicense": "SalesforceAPIIntegrationPsl"
-        }
-      ],
-      "alwaysExcludeForActiveUsersPermissionSetLicenses": [
-        "IdentityConnect"
-      ],
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "unusedlicenses.js"
+        "purge",
+        "apexlog.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:unusedlicenses",
-        "org:hardis:diagnose:unusedlicenses",
-        "org:diagnose:hardis:unusedlicenses",
-        "org:diagnose:unusedlicenses:hardis",
-        "hardis:diagnose:org:unusedlicenses",
-        "diagnose:hardis:org:unusedlicenses",
-        "diagnose:org:hardis:unusedlicenses",
-        "diagnose:org:unusedlicenses:hardis",
-        "hardis:diagnose:unusedlicenses:org",
-        "diagnose:hardis:unusedlicenses:org",
-        "diagnose:unusedlicenses:hardis:org",
-        "diagnose:unusedlicenses:org:hardis",
-        "hardis:org:unusedlicenses:diagnose",
-        "org:hardis:unusedlicenses:diagnose",
-        "org:unusedlicenses:hardis:diagnose",
-        "org:unusedlicenses:diagnose:hardis",
-        "hardis:unusedlicenses:org:diagnose",
-        "unusedlicenses:hardis:org:diagnose",
-        "unusedlicenses:org:hardis:diagnose",
-        "unusedlicenses:org:diagnose:hardis",
-        "hardis:unusedlicenses:diagnose:org",
-        "unusedlicenses:hardis:diagnose:org",
-        "unusedlicenses:diagnose:hardis:org",
-        "unusedlicenses:diagnose:org:hardis"
+        "hardis:org:purge:apexlog",
+        "org:hardis:purge:apexlog",
+        "org:purge:hardis:apexlog",
+        "org:purge:apexlog:hardis",
+        "hardis:purge:org:apexlog",
+        "purge:hardis:org:apexlog",
+        "purge:org:hardis:apexlog",
+        "purge:org:apexlog:hardis",
+        "hardis:purge:apexlog:org",
+        "purge:hardis:apexlog:org",
+        "purge:apexlog:hardis:org",
+        "purge:apexlog:org:hardis",
+        "hardis:org:apexlog:purge",
+        "org:hardis:apexlog:purge",
+        "org:apexlog:hardis:purge",
+        "org:apexlog:purge:hardis",
+        "hardis:apexlog:org:purge",
+        "apexlog:hardis:org:purge",
+        "apexlog:org:hardis:purge",
+        "apexlog:org:purge:hardis",
+        "hardis:apexlog:purge:org",
+        "apexlog:hardis:purge:org",
+        "apexlog:purge:hardis:org",
+        "apexlog:purge:org:hardis"
       ]
     },
-    "hardis:org:diagnose:unusedusers": {
+    "hardis:org:purge:flow": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Detects and reports on inactive or unused Salesforce user accounts, helping to optimize license usage and enhance security.**\n\nEfficient user management is vital in Salesforce to ensure resources are optimized and costs are controlled. However, inactive or unused user accounts can often go unnoticed, leading to wasted licenses and potential security risks. This tool addresses this challenge by enabling administrators to identify users who haven't logged in within a specified period.\n\nBy analyzing user login activity and last login timestamps, this feature highlights inactive user accounts, allowing administrators to take appropriate action. Whether it's deactivating dormant accounts, freeing up licenses, or ensuring compliance with security policies, this functionality empowers administrators to maintain a lean and secure Salesforce environment.\n\nKey functionalities:\n\n- **Inactivity Detection:** Identifies users who have not logged in for a specified number of days (`--days` flag, default 180 days in CI, 365 days otherwise).\n- **License Type Filtering:** Allows filtering users by license type using `--licensetypes` (e.g., `all-crm`, `all-paying`) or specific license identifiers using `--licenseidentifiers`.\n  - `all-crm`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT` licenses.\n  - `all-paying`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT`, `PID_Customer_Community`, `PID_Customer_Community_Login`, `PID_Partner_Community`, `PID_Partner_Community_Login` licenses.\n  - Note: You can see the full list of available license identifiers in [Salesforce Documentation](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/sfdx_cli_reference/sforce_api_objects_userlicense.htm).\n- **Active User Retrieval:** The `--returnactiveusers` flag inverts the command, allowing you to retrieve active users who *have* logged in during the specified period.\n- **CSV Report Generation:** Generates a CSV file containing details of all identified users (inactive or active), including their last login date, profile, and license information.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of inactive or active users.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-inactive-users/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query (Bulk API):** It uses `bulkQuery` to efficiently retrieve user records from the Salesforce `User` object. The SOQL query dynamically constructs its WHERE clause based on the `--days`, `--licensetypes`, `--licenseidentifiers`, and `--returnactiveusers` flags.\n- **Interactive Prompts:** Uses `prompts` to interactively ask the user for the number of inactive days and license types if not provided via flags.\n- **License Mapping:** Internally maps common license type aliases (e.g., `all-crm`) to their corresponding Salesforce `LicenseDefinitionKey` values.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of users.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides a summary of the findings in the console, indicating the number of inactive or active users found.\n</details>",
+      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:diagnose:unusedusers",
-        "$ sf hardis:org:diagnose:unusedusers --days 365",
-        "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm",
-        "$ sf hardis:org:diagnose:unusedusers --days 60 --licenseidentifiers SFDC,AUL,AUL1",
-        "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm --returnactiveusers"
+        "$ sf hardis:org:purge:flow",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
       ],
       "flags": {
         "json": {
@@ -8045,49 +8063,52 @@
           "multiple": false,
           "type": "option"
         },
-        "outputfile": {
-          "char": "f",
-          "description": "Force the path and name of output report file. Must end with .csv",
-          "name": "outputfile",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
         },
-        "days": {
-          "char": "t",
-          "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
-          "name": "days",
+        "name": {
+          "char": "n",
+          "description": "Filter according to Name criteria",
+          "name": "name",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "licensetypes": {
-          "char": "l",
-          "description": "Type of licenses to check. If set, do not use licenseidentifiers option. In CI, default is all-crm",
-          "name": "licensetypes",
+        "status": {
+          "char": "s",
+          "description": "Filter according to Status criteria",
+          "name": "status",
           "hasDynamicHelp": false,
           "multiple": false,
-          "options": [
-            "all",
-            "all-crm",
-            "all-paying"
-          ],
           "type": "option"
         },
-        "licenseidentifiers": {
-          "char": "i",
-          "description": "Comma-separated list of license identifiers, in case licensetypes is not used.. Identifiers available at https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_userlicense.htm",
-          "name": "licenseidentifiers",
+        "delete-flow-interviews": {
+          "char": "w",
+          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
+          "name": "delete-flow-interviews",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "allowpurgefailure": {
+          "char": "f",
+          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
+          "name": "allowpurgefailure",
+          "allowNo": true,
+          "type": "boolean"
+        },
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
+          "default": "https://login.salesforce.com",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "returnactiveusers": {
-          "description": "Inverts the command by returning the active users",
-          "name": "returnactiveusers",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -8126,13 +8147,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:diagnose:unusedusers",
+      "id": "hardis:org:purge:flow",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Detect unused Users in Salesforce",
+      "title": "Purge Flow versions",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -8140,35 +8161,35 @@
         "commands",
         "hardis",
         "org",
-        "diagnose",
-        "unusedusers.js"
+        "purge",
+        "flow.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:diagnose:unusedusers",
-        "org:hardis:diagnose:unusedusers",
-        "org:diagnose:hardis:unusedusers",
-        "org:diagnose:unusedusers:hardis",
-        "hardis:diagnose:org:unusedusers",
-        "diagnose:hardis:org:unusedusers",
-        "diagnose:org:hardis:unusedusers",
-        "diagnose:org:unusedusers:hardis",
-        "hardis:diagnose:unusedusers:org",
-        "diagnose:hardis:unusedusers:org",
-        "diagnose:unusedusers:hardis:org",
-        "diagnose:unusedusers:org:hardis",
-        "hardis:org:unusedusers:diagnose",
-        "org:hardis:unusedusers:diagnose",
-        "org:unusedusers:hardis:diagnose",
-        "org:unusedusers:diagnose:hardis",
-        "hardis:unusedusers:org:diagnose",
-        "unusedusers:hardis:org:diagnose",
-        "unusedusers:org:hardis:diagnose",
-        "unusedusers:org:diagnose:hardis",
-        "hardis:unusedusers:diagnose:org",
-        "unusedusers:hardis:diagnose:org",
-        "unusedusers:diagnose:hardis:org",
-        "unusedusers:diagnose:org:hardis"
+        "hardis:org:purge:flow",
+        "org:hardis:purge:flow",
+        "org:purge:hardis:flow",
+        "org:purge:flow:hardis",
+        "hardis:purge:org:flow",
+        "purge:hardis:org:flow",
+        "purge:org:hardis:flow",
+        "purge:org:flow:hardis",
+        "hardis:purge:flow:org",
+        "purge:hardis:flow:org",
+        "purge:flow:hardis:org",
+        "purge:flow:org:hardis",
+        "hardis:org:flow:purge",
+        "org:hardis:flow:purge",
+        "org:flow:hardis:purge",
+        "org:flow:purge:hardis",
+        "hardis:flow:org:purge",
+        "flow:hardis:org:purge",
+        "flow:org:hardis:purge",
+        "flow:org:purge:hardis",
+        "hardis:flow:purge:org",
+        "flow:hardis:purge:org",
+        "flow:purge:hardis:org",
+        "flow:purge:org:hardis"
       ]
     },
     "hardis:org:refresh:after-refresh": {
@@ -8410,12 +8431,13 @@
         "before-refresh:refresh:org:hardis"
       ]
     },
-    "hardis:org:test:apex": {
+    "hardis:org:retrieve:packageconfig": {
       "aliases": [],
       "args": {},
-      "description": "Run apex tests in Salesforce org\n\nIf following configuration is defined, it will fail if apex coverage target is not reached:\n\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n\nYou can override env var SFDX_TEST_WAIT_MINUTES to wait more than 120 minutes.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-apex-tests/) and can output Grafana, Slack and MsTeams Notifications.\n",
+      "description": "\n**Retrieves the installed package configuration from a Salesforce org and optionally updates the local project configuration.**\n\nThis command is useful for maintaining an accurate record of installed packages within your Salesforce project, which is crucial for managing dependencies and ensuring consistent deployments across environments.\n\nKey functionalities:\n\n- **Package Listing:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a list of all installed packages.\n- **Configuration Update:** Offers the option to update your local project's configuration with the retrieved list of installed packages. This can be beneficial for automating package installations during environment setup or CI/CD processes.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Org Connection:** It establishes a connection to the target Salesforce org using the provided or prompted username.\n- **Metadata Retrieval:** It utilizes `MetadataUtils.listInstalledPackages` to query the Salesforce org and obtain details about the installed packages.\n- **Interactive Prompt:** It uses the `prompts` library to ask the user whether they want to update their local project configuration with the retrieved package list.\n- **Configuration Management:** If the user confirms, it calls `managePackageConfig` to update the project's configuration file (likely `.sfdx-hardis.yml`) with the new package information.\n- **User Feedback:** Provides clear messages to the user about the success of the package retrieval and configuration update.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:test:apex"
+        "$ sf hardis:org:retrieve:packageconfig",
+        "sf hardis:org:retrieve:packageconfig -u myOrg"
       ],
       "flags": {
         "json": {
@@ -8433,21 +8455,6 @@
           "multiple": false,
           "type": "option"
         },
-        "testlevel": {
-          "char": "l",
-          "description": "Level of tests to apply to validate deployment",
-          "name": "testlevel",
-          "default": "RunLocalTests",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "options": [
-            "NoTestRun",
-            "RunSpecifiedTests",
-            "RunLocalTests",
-            "RunAllTestsInOrg"
-          ],
-          "type": "option"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -8486,57 +8493,57 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:test:apex",
+      "id": "hardis:org:retrieve:packageconfig",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Run apex tests",
+      "title": "Retrieve package configuration from an org",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "test",
-        "apex.js"
+        "retrieve",
+        "packageconfig.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:test:apex",
-        "org:hardis:test:apex",
-        "org:test:hardis:apex",
-        "org:test:apex:hardis",
-        "hardis:test:org:apex",
-        "test:hardis:org:apex",
-        "test:org:hardis:apex",
-        "test:org:apex:hardis",
-        "hardis:test:apex:org",
-        "test:hardis:apex:org",
-        "test:apex:hardis:org",
-        "test:apex:org:hardis",
-        "hardis:org:apex:test",
-        "org:hardis:apex:test",
-        "org:apex:hardis:test",
-        "org:apex:test:hardis",
-        "hardis:apex:org:test",
-        "apex:hardis:org:test",
-        "apex:org:hardis:test",
-        "apex:org:test:hardis",
-        "hardis:apex:test:org",
-        "apex:hardis:test:org",
-        "apex:test:hardis:org",
-        "apex:test:org:hardis"
+        "hardis:org:retrieve:packageconfig",
+        "org:hardis:retrieve:packageconfig",
+        "org:retrieve:hardis:packageconfig",
+        "org:retrieve:packageconfig:hardis",
+        "hardis:retrieve:org:packageconfig",
+        "retrieve:hardis:org:packageconfig",
+        "retrieve:org:hardis:packageconfig",
+        "retrieve:org:packageconfig:hardis",
+        "hardis:retrieve:packageconfig:org",
+        "retrieve:hardis:packageconfig:org",
+        "retrieve:packageconfig:hardis:org",
+        "retrieve:packageconfig:org:hardis",
+        "hardis:org:packageconfig:retrieve",
+        "org:hardis:packageconfig:retrieve",
+        "org:packageconfig:hardis:retrieve",
+        "org:packageconfig:retrieve:hardis",
+        "hardis:packageconfig:org:retrieve",
+        "packageconfig:hardis:org:retrieve",
+        "packageconfig:org:hardis:retrieve",
+        "packageconfig:org:retrieve:hardis",
+        "hardis:packageconfig:retrieve:org",
+        "packageconfig:hardis:retrieve:org",
+        "packageconfig:retrieve:hardis:org",
+        "packageconfig:retrieve:org:hardis"
       ]
     },
-    "hardis:org:retrieve:packageconfig": {
+    "hardis:org:test:apex": {
       "aliases": [],
       "args": {},
-      "description": "\n**Retrieves the installed package configuration from a Salesforce org and optionally updates the local project configuration.**\n\nThis command is useful for maintaining an accurate record of installed packages within your Salesforce project, which is crucial for managing dependencies and ensuring consistent deployments across environments.\n\nKey functionalities:\n\n- **Package Listing:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a list of all installed packages.\n- **Configuration Update:** Offers the option to update your local project's configuration with the retrieved list of installed packages. This can be beneficial for automating package installations during environment setup or CI/CD processes.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Org Connection:** It establishes a connection to the target Salesforce org using the provided or prompted username.\n- **Metadata Retrieval:** It utilizes `MetadataUtils.listInstalledPackages` to query the Salesforce org and obtain details about the installed packages.\n- **Interactive Prompt:** It uses the `prompts` library to ask the user whether they want to update their local project configuration with the retrieved package list.\n- **Configuration Management:** If the user confirms, it calls `managePackageConfig` to update the project's configuration file (likely `.sfdx-hardis.yml`) with the new package information.\n- **User Feedback:** Provides clear messages to the user about the success of the package retrieval and configuration update.\n</details>\n",
+      "description": "Run apex tests in Salesforce org\n\nIf following configuration is defined, it will fail if apex coverage target is not reached:\n\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n\nYou can override env var SFDX_TEST_WAIT_MINUTES to wait more than 120 minutes.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-apex-tests/) and can output Grafana, Slack and MsTeams Notifications.\n",
       "examples": [
-        "$ sf hardis:org:retrieve:packageconfig",
-        "sf hardis:org:retrieve:packageconfig -u myOrg"
+        "$ sf hardis:org:test:apex"
       ],
       "flags": {
         "json": {
@@ -8554,6 +8561,21 @@
           "multiple": false,
           "type": "option"
         },
+        "testlevel": {
+          "char": "l",
+          "description": "Level of tests to apply to validate deployment",
+          "name": "testlevel",
+          "default": "RunLocalTests",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "options": [
+            "NoTestRun",
+            "RunSpecifiedTests",
+            "RunLocalTests",
+            "RunAllTestsInOrg"
+          ],
+          "type": "option"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -8592,49 +8614,48 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:retrieve:packageconfig",
+      "id": "hardis:org:test:apex",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Retrieve package configuration from an org",
-      "requiresProject": false,
+      "title": "Run apex tests",
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "retrieve",
-        "packageconfig.js"
+        "test",
+        "apex.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:retrieve:packageconfig",
-        "org:hardis:retrieve:packageconfig",
-        "org:retrieve:hardis:packageconfig",
-        "org:retrieve:packageconfig:hardis",
-        "hardis:retrieve:org:packageconfig",
-        "retrieve:hardis:org:packageconfig",
-        "retrieve:org:hardis:packageconfig",
-        "retrieve:org:packageconfig:hardis",
-        "hardis:retrieve:packageconfig:org",
-        "retrieve:hardis:packageconfig:org",
-        "retrieve:packageconfig:hardis:org",
-        "retrieve:packageconfig:org:hardis",
-        "hardis:org:packageconfig:retrieve",
-        "org:hardis:packageconfig:retrieve",
-        "org:packageconfig:hardis:retrieve",
-        "org:packageconfig:retrieve:hardis",
-        "hardis:packageconfig:org:retrieve",
-        "packageconfig:hardis:org:retrieve",
-        "packageconfig:org:hardis:retrieve",
-        "packageconfig:org:retrieve:hardis",
-        "hardis:packageconfig:retrieve:org",
-        "packageconfig:hardis:retrieve:org",
-        "packageconfig:retrieve:hardis:org",
-        "packageconfig:retrieve:org:hardis"
+        "hardis:org:test:apex",
+        "org:hardis:test:apex",
+        "org:test:hardis:apex",
+        "org:test:apex:hardis",
+        "hardis:test:org:apex",
+        "test:hardis:org:apex",
+        "test:org:hardis:apex",
+        "test:org:apex:hardis",
+        "hardis:test:apex:org",
+        "test:hardis:apex:org",
+        "test:apex:hardis:org",
+        "test:apex:org:hardis",
+        "hardis:org:apex:test",
+        "org:hardis:apex:test",
+        "org:apex:hardis:test",
+        "org:apex:test:hardis",
+        "hardis:apex:org:test",
+        "apex:hardis:org:test",
+        "apex:org:hardis:test",
+        "apex:org:test:hardis",
+        "hardis:apex:test:org",
+        "apex:hardis:test:org",
+        "apex:test:hardis:org",
+        "apex:test:org:hardis"
       ]
     },
     "hardis:org:user:activateinvalid": {
@@ -11478,262 +11499,47 @@
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
-      "enableJsonFlag": true,
-      "title": "Convert Profiles into Permission Sets",
-      "requiresProject": true,
-      "requiresSfdxPlugins": [
-        "shane-sfdx-plugins"
-      ],
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "project",
-        "convert",
-        "profilestopermsets.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:project:convert:profilestopermsets",
-        "project:hardis:convert:profilestopermsets",
-        "project:convert:hardis:profilestopermsets",
-        "project:convert:profilestopermsets:hardis",
-        "hardis:convert:project:profilestopermsets",
-        "convert:hardis:project:profilestopermsets",
-        "convert:project:hardis:profilestopermsets",
-        "convert:project:profilestopermsets:hardis",
-        "hardis:convert:profilestopermsets:project",
-        "convert:hardis:profilestopermsets:project",
-        "convert:profilestopermsets:hardis:project",
-        "convert:profilestopermsets:project:hardis",
-        "hardis:project:profilestopermsets:convert",
-        "project:hardis:profilestopermsets:convert",
-        "project:profilestopermsets:hardis:convert",
-        "project:profilestopermsets:convert:hardis",
-        "hardis:profilestopermsets:project:convert",
-        "profilestopermsets:hardis:project:convert",
-        "profilestopermsets:project:hardis:convert",
-        "profilestopermsets:project:convert:hardis",
-        "hardis:profilestopermsets:convert:project",
-        "profilestopermsets:hardis:convert:project",
-        "profilestopermsets:convert:hardis:project",
-        "profilestopermsets:convert:project:hardis"
-      ]
-    },
-    "hardis:project:fix:profiletabs": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Interactively updates tab visibility settings in Salesforce profiles, addressing a common issue where tab visibilities are not correctly retrieved by `sf project retrieve start`.**\n\nThis command provides a user-friendly interface to manage tab settings within your profile XML files, ensuring that your local project accurately reflects the intended tab configurations in your Salesforce org.\n\nKey functionalities:\n\n- **Interactive Tab Selection:** Displays a multi-select menu of all available tabs in your org, allowing you to choose which tabs to update.\n- **Visibility Control:** Lets you set the visibility for the selected tabs to either `DefaultOn` (Visible) or `Hidden`.\n- **Profile Selection:** Presents a multi-select menu of all .profile-meta.xml files in your project, allowing you to apply the tab visibility changes to specific profiles.\n- **XML Updates:** Modifies the <tabVisibilities> section of the selected profile XML files to reflect the chosen tab settings. If a tab visibility setting already exists for a selected tab, it will be updated; otherwise, a new one will be added.\n- **Sorted Output:** The <tabVisibilities> in the updated profile XML files are sorted alphabetically for consistency and readability.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `TabDefinition` object using `soqlQueryTooling` to retrieve a list of all available tabs in the target org.\n- **File Discovery:** Uses `glob` to find all .profile-meta.xml files within the specified project path.\n- **Interactive Prompts:** Leverages the `prompts` library to create interactive menus for selecting tabs, visibility settings, and profiles.\n- **XML Parsing and Manipulation:** Uses `parseXmlFile` to read the content of profile XML files and `writeXmlFile` to write the modified content back. It manipulates the `tabVisibilities` array within the parsed XML to add or update tab settings.\n- **Array Sorting:** Employs the `sort-array` library to sort the `tabVisibilities` alphabetically by tab name.\n- **Logging:** Provides feedback to the user about which profiles have been updated and a summary of the changes.\n</details>\n",
-      "examples": [
-        "$ sf hardis:project:fix:profiletabs"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "path": {
-          "char": "p",
-          "description": "Root folder",
-          "name": "path",
-          "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        }
-      },
-      "hasDynamicHelp": true,
-      "hiddenAliases": [],
-      "id": "hardis:project:fix:profiletabs",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Fix profiles to add tabs that are not retrieved by SF CLI",
-      "requiresProject": true,
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "project",
-        "fix",
-        "profiletabs.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:project:fix:profiletabs",
-        "project:hardis:fix:profiletabs",
-        "project:fix:hardis:profiletabs",
-        "project:fix:profiletabs:hardis",
-        "hardis:fix:project:profiletabs",
-        "fix:hardis:project:profiletabs",
-        "fix:project:hardis:profiletabs",
-        "fix:project:profiletabs:hardis",
-        "hardis:fix:profiletabs:project",
-        "fix:hardis:profiletabs:project",
-        "fix:profiletabs:hardis:project",
-        "fix:profiletabs:project:hardis",
-        "hardis:project:profiletabs:fix",
-        "project:hardis:profiletabs:fix",
-        "project:profiletabs:hardis:fix",
-        "project:profiletabs:fix:hardis",
-        "hardis:profiletabs:project:fix",
-        "profiletabs:hardis:project:fix",
-        "profiletabs:project:hardis:fix",
-        "profiletabs:project:fix:hardis",
-        "hardis:profiletabs:fix:project",
-        "profiletabs:hardis:fix:project",
-        "profiletabs:fix:hardis:project",
-        "profiletabs:fix:project:hardis"
-      ]
-    },
-    "hardis:project:fix:v53flexipages": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Fixes Salesforce FlexiPages for compatibility with API Version 53.0 (Winter '22 release) by adding missing identifiers to component instances.**\n\nSalesforce introduced a change in API Version 53.0 that requires `identifier` tags within `componentInstance` and `fieldInstance` elements in FlexiPage metadata. If these identifiers are missing, deployments to orgs with API version 53.0 or higher will fail. This command automates the process of adding these missing identifiers, ensuring your FlexiPages remain deployable.\n\nKey functionalities:\n\n- **Targeted FlexiPage Processing:** Scans all .flexipage-meta.xml files within the specified root folder (defaults to current working directory).\n- **Identifier Injection:** Inserts a unique `identifier` tag (e.g., `SFDX_HARDIS_REPLACEMENT_ID`) into `componentInstance` and `fieldInstance` elements that lack one.\n\n**Important Note:** After running this command, ensure you update your `apiVersion` to `53.0` (or higher) in your `package.xml` and `sfdx-project.json` files.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **File Discovery:** Uses `glob` to find all .flexipage-meta.xml files.\n- **Content Reading:** Reads the XML content of each FlexiPage file.\n- **Regular Expression Replacement:** Employs a set of regular expressions to identify specific XML patterns (componentName.../componentName.../componentInstance, componentName.../componentName.../visibilityRule, fieldItem.../fieldItem.../fieldInstance) that are missing the `identifier` tag.\n- **Dynamic ID Generation:** For each match, it generates a unique identifier (e.g., `sfdxHardisIdX`) and injects it into the XML structure.\n- **File Writing:** If changes are made, the modified XML content is written back to the FlexiPage file using `fs.writeFile`.\n- **Logging:** Provides messages about which FlexiPages are being processed and a summary of the total number of identifiers added.\n</details>\n",
-      "examples": [
-        "$ sf hardis:project:fix:v53flexipages"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "path": {
-          "char": "p",
-          "description": "Root folder",
-          "name": "path",
-          "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        }
-      },
-      "hasDynamicHelp": false,
-      "hiddenAliases": [],
-      "id": "hardis:project:fix:v53flexipages",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Fix flexipages for v53",
-      "requiresProject": true,
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "project",
-        "fix",
-        "v53flexipages.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:project:fix:v53flexipages",
-        "project:hardis:fix:v53flexipages",
-        "project:fix:hardis:v53flexipages",
-        "project:fix:v53flexipages:hardis",
-        "hardis:fix:project:v53flexipages",
-        "fix:hardis:project:v53flexipages",
-        "fix:project:hardis:v53flexipages",
-        "fix:project:v53flexipages:hardis",
-        "hardis:fix:v53flexipages:project",
-        "fix:hardis:v53flexipages:project",
-        "fix:v53flexipages:hardis:project",
-        "fix:v53flexipages:project:hardis",
-        "hardis:project:v53flexipages:fix",
-        "project:hardis:v53flexipages:fix",
-        "project:v53flexipages:hardis:fix",
-        "project:v53flexipages:fix:hardis",
-        "hardis:v53flexipages:project:fix",
-        "v53flexipages:hardis:project:fix",
-        "v53flexipages:project:hardis:fix",
-        "v53flexipages:project:fix:hardis",
-        "hardis:v53flexipages:fix:project",
-        "v53flexipages:hardis:fix:project",
-        "v53flexipages:fix:hardis:project",
-        "v53flexipages:fix:project:hardis"
+      "enableJsonFlag": true,
+      "title": "Convert Profiles into Permission Sets",
+      "requiresProject": true,
+      "requiresSfdxPlugins": [
+        "shane-sfdx-plugins"
+      ],
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "convert",
+        "profilestopermsets.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:convert:profilestopermsets",
+        "project:hardis:convert:profilestopermsets",
+        "project:convert:hardis:profilestopermsets",
+        "project:convert:profilestopermsets:hardis",
+        "hardis:convert:project:profilestopermsets",
+        "convert:hardis:project:profilestopermsets",
+        "convert:project:hardis:profilestopermsets",
+        "convert:project:profilestopermsets:hardis",
+        "hardis:convert:profilestopermsets:project",
+        "convert:hardis:profilestopermsets:project",
+        "convert:profilestopermsets:hardis:project",
+        "convert:profilestopermsets:project:hardis",
+        "hardis:project:profilestopermsets:convert",
+        "project:hardis:profilestopermsets:convert",
+        "project:profilestopermsets:hardis:convert",
+        "project:profilestopermsets:convert:hardis",
+        "hardis:profilestopermsets:project:convert",
+        "profilestopermsets:hardis:project:convert",
+        "profilestopermsets:project:hardis:convert",
+        "profilestopermsets:project:convert:hardis",
+        "hardis:profilestopermsets:convert:project",
+        "profilestopermsets:hardis:convert:project",
+        "profilestopermsets:convert:hardis:project",
+        "profilestopermsets:convert:project:hardis"
       ]
     },
     "hardis:project:deploy:notify": {
@@ -12911,6 +12717,221 @@
         "validate:deploy:project:hardis"
       ]
     },
+    "hardis:project:fix:profiletabs": {
+      "aliases": [],
+      "args": {},
+      "description": "\n## Command Behavior\n\n**Interactively updates tab visibility settings in Salesforce profiles, addressing a common issue where tab visibilities are not correctly retrieved by `sf project retrieve start`.**\n\nThis command provides a user-friendly interface to manage tab settings within your profile XML files, ensuring that your local project accurately reflects the intended tab configurations in your Salesforce org.\n\nKey functionalities:\n\n- **Interactive Tab Selection:** Displays a multi-select menu of all available tabs in your org, allowing you to choose which tabs to update.\n- **Visibility Control:** Lets you set the visibility for the selected tabs to either `DefaultOn` (Visible) or `Hidden`.\n- **Profile Selection:** Presents a multi-select menu of all .profile-meta.xml files in your project, allowing you to apply the tab visibility changes to specific profiles.\n- **XML Updates:** Modifies the <tabVisibilities> section of the selected profile XML files to reflect the chosen tab settings. If a tab visibility setting already exists for a selected tab, it will be updated; otherwise, a new one will be added.\n- **Sorted Output:** The <tabVisibilities> in the updated profile XML files are sorted alphabetically for consistency and readability.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `TabDefinition` object using `soqlQueryTooling` to retrieve a list of all available tabs in the target org.\n- **File Discovery:** Uses `glob` to find all .profile-meta.xml files within the specified project path.\n- **Interactive Prompts:** Leverages the `prompts` library to create interactive menus for selecting tabs, visibility settings, and profiles.\n- **XML Parsing and Manipulation:** Uses `parseXmlFile` to read the content of profile XML files and `writeXmlFile` to write the modified content back. It manipulates the `tabVisibilities` array within the parsed XML to add or update tab settings.\n- **Array Sorting:** Employs the `sort-array` library to sort the `tabVisibilities` alphabetically by tab name.\n- **Logging:** Provides feedback to the user about which profiles have been updated and a summary of the changes.\n</details>\n",
+      "examples": [
+        "$ sf hardis:project:fix:profiletabs"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "path": {
+          "char": "p",
+          "description": "Root folder",
+          "name": "path",
+          "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        }
+      },
+      "hasDynamicHelp": true,
+      "hiddenAliases": [],
+      "id": "hardis:project:fix:profiletabs",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Fix profiles to add tabs that are not retrieved by SF CLI",
+      "requiresProject": true,
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "fix",
+        "profiletabs.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:fix:profiletabs",
+        "project:hardis:fix:profiletabs",
+        "project:fix:hardis:profiletabs",
+        "project:fix:profiletabs:hardis",
+        "hardis:fix:project:profiletabs",
+        "fix:hardis:project:profiletabs",
+        "fix:project:hardis:profiletabs",
+        "fix:project:profiletabs:hardis",
+        "hardis:fix:profiletabs:project",
+        "fix:hardis:profiletabs:project",
+        "fix:profiletabs:hardis:project",
+        "fix:profiletabs:project:hardis",
+        "hardis:project:profiletabs:fix",
+        "project:hardis:profiletabs:fix",
+        "project:profiletabs:hardis:fix",
+        "project:profiletabs:fix:hardis",
+        "hardis:profiletabs:project:fix",
+        "profiletabs:hardis:project:fix",
+        "profiletabs:project:hardis:fix",
+        "profiletabs:project:fix:hardis",
+        "hardis:profiletabs:fix:project",
+        "profiletabs:hardis:fix:project",
+        "profiletabs:fix:hardis:project",
+        "profiletabs:fix:project:hardis"
+      ]
+    },
+    "hardis:project:fix:v53flexipages": {
+      "aliases": [],
+      "args": {},
+      "description": "\n## Command Behavior\n\n**Fixes Salesforce FlexiPages for compatibility with API Version 53.0 (Winter '22 release) by adding missing identifiers to component instances.**\n\nSalesforce introduced a change in API Version 53.0 that requires `identifier` tags within `componentInstance` and `fieldInstance` elements in FlexiPage metadata. If these identifiers are missing, deployments to orgs with API version 53.0 or higher will fail. This command automates the process of adding these missing identifiers, ensuring your FlexiPages remain deployable.\n\nKey functionalities:\n\n- **Targeted FlexiPage Processing:** Scans all .flexipage-meta.xml files within the specified root folder (defaults to current working directory).\n- **Identifier Injection:** Inserts a unique `identifier` tag (e.g., `SFDX_HARDIS_REPLACEMENT_ID`) into `componentInstance` and `fieldInstance` elements that lack one.\n\n**Important Note:** After running this command, ensure you update your `apiVersion` to `53.0` (or higher) in your `package.xml` and `sfdx-project.json` files.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **File Discovery:** Uses `glob` to find all .flexipage-meta.xml files.\n- **Content Reading:** Reads the XML content of each FlexiPage file.\n- **Regular Expression Replacement:** Employs a set of regular expressions to identify specific XML patterns (componentName.../componentName.../componentInstance, componentName.../componentName.../visibilityRule, fieldItem.../fieldItem.../fieldInstance) that are missing the `identifier` tag.\n- **Dynamic ID Generation:** For each match, it generates a unique identifier (e.g., `sfdxHardisIdX`) and injects it into the XML structure.\n- **File Writing:** If changes are made, the modified XML content is written back to the FlexiPage file using `fs.writeFile`.\n- **Logging:** Provides messages about which FlexiPages are being processed and a summary of the total number of identifiers added.\n</details>\n",
+      "examples": [
+        "$ sf hardis:project:fix:v53flexipages"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "path": {
+          "char": "p",
+          "description": "Root folder",
+          "name": "path",
+          "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "hardis:project:fix:v53flexipages",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Fix flexipages for v53",
+      "requiresProject": true,
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "fix",
+        "v53flexipages.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:fix:v53flexipages",
+        "project:hardis:fix:v53flexipages",
+        "project:fix:hardis:v53flexipages",
+        "project:fix:v53flexipages:hardis",
+        "hardis:fix:project:v53flexipages",
+        "fix:hardis:project:v53flexipages",
+        "fix:project:hardis:v53flexipages",
+        "fix:project:v53flexipages:hardis",
+        "hardis:fix:v53flexipages:project",
+        "fix:hardis:v53flexipages:project",
+        "fix:v53flexipages:hardis:project",
+        "fix:v53flexipages:project:hardis",
+        "hardis:project:v53flexipages:fix",
+        "project:hardis:v53flexipages:fix",
+        "project:v53flexipages:hardis:fix",
+        "project:v53flexipages:fix:hardis",
+        "hardis:v53flexipages:project:fix",
+        "v53flexipages:hardis:project:fix",
+        "v53flexipages:project:hardis:fix",
+        "v53flexipages:project:fix:hardis",
+        "hardis:v53flexipages:fix:project",
+        "v53flexipages:hardis:fix:project",
+        "v53flexipages:fix:hardis:project",
+        "v53flexipages:fix:project:hardis"
+      ]
+    },
     "hardis:project:generate:bypass": {
       "aliases": [],
       "args": {},
@@ -15484,5 +15505,5 @@
       ]
     }
   },
-  "version": "6.11.1"
+  "version": "6.11.3"
 }