sfdx-hardis 6.7.5-beta202510190952.0 → 6.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/lib/commands/hardis/auth/login.js +1 -1
  3. package/lib/commands/hardis/auth/login.js.map +1 -1
  4. package/lib/commands/hardis/misc/servicenow-report.d.ts +5 -2
  5. package/lib/commands/hardis/misc/servicenow-report.js +133 -52
  6. package/lib/commands/hardis/misc/servicenow-report.js.map +1 -1
  7. package/lib/common/metadata-utils/metadataList.d.ts +19 -6
  8. package/lib/common/metadata-utils/metadataList.js +2259 -1754
  9. package/lib/common/metadata-utils/metadataList.js.map +1 -1
  10. package/lib/common/notifProvider/index.d.ts +1 -1
  11. package/lib/common/notifProvider/index.js.map +1 -1
  12. package/oclif.manifest.json +1066 -1065
  13. package/package.json +1 -1
package/oclif.manifest.json CHANGED
@@ -224,7 +224,7 @@
224
224
  "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
225
225
  "examples": [
226
226
  "$ sf hardis:auth:login",
227
- "CI=true sf hardis:auth:login"
227
+ "CI=true CI_COMMIT_REF_NAME=monitoring_myclient sf hardis:auth:login"
228
228
  ],
229
229
  "flags": {
230
230
  "json": {
@@ -1791,9 +1791,10 @@
1791
1791
  "hardis:misc:servicenow-report": {
1792
1792
  "aliases": [],
1793
1793
  "args": {},
1794
- "description": "This command retrieves user stories from Salesforce and enriches them with data from ServiceNow.\n\nDefine the following environment variables (in CICD variables or locally in a **.env** file):\n\n- SERVICENOW_URL: The base URL of the ServiceNow API (ex: https://your-instance.service-now.com/)\n- SERVICENOW_USERNAME: The username for ServiceNow API authentication.\n- SERVICENOW_PASSWORD: The password for ServiceNow API authentication.\n\nYou also need to define JSON configuration file(e) in folder **config/user-stories/**\n\nExample:\n\n```json\n{\n \"userStoriesConfig\": {\n \"fields\": [\n \"Id\",\n \"Name\",\n \"Ticket_Number__c\",\n \"copado__User_Story_Title__c\",\n \"CreatedBy.Name\",\n \"copado__Release__r.Name\",\n \"copado__Environment__r.Name\"\n ],\n \"table\": \"copado__User_Story__c\",\n \"where\": \"copado__Environment__r.Name ='UAT'\",\n \"whereChoices\": {\n \"UAT all\": \"copado__Environment__r.Name ='UAT'\",\n \"UAT postponed\": \"copado__Environment__r.Name ='UAT' AND copado__Release__r.Name = 'postponed'\",\n \"UAT in progress\": \"copado__Environment__r.Name ='UAT' AND copado__Release__r.Name != 'postponed' AND copado__Release__r.Name != 'cancelled'\"\n },\n \"orderBy\": \"Ticket_Number__c ASC\",\n \"ticketField\": \"Ticket_Number__c\",\n \"reportFields\": [\n { \"key\": \"US Name\", \"path\": \"Name\" },\n { \"key\": \"US SN Identifier\", \"path\": \"Ticket_Number__c\" },\n { \"key\": \"US Title\", \"path\": \"copado__User_Story_Title__c\" },\n { \"key\": \"US Created By\", \"path\": \"CreatedBy.Name\" },\n { \"key\": \"US Environment\", \"path\": \"copado__Environment__r.Name\" },\n { \"key\": \"US Release\", \"path\": \"copado__Release__r.Name\" },\n { \"key\": \"SN Identifier\", \"path\": \"serviceNowInfo.number\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Title\", \"path\": \"serviceNowInfo.short_description\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Status\", \"path\": \"serviceNowInfo.state\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Created By\", \"path\": \"serviceNowInfo.sys_created_by\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN URL\", \"special\": \"serviceNowTicketUrl\" }\n ]\n },\n \"serviceNowConfig\": {\n \"tables\": [\n { \"tableName\": \"demand\" },\n { \"tableName\": \"incident\" }\n ]\n }\n}\n```\n ",
1794
+ "description": "This command retrieves user stories from Salesforce and enriches them with data from ServiceNow.\n\nDefine the following environment variables (in CICD variables or locally in a **.env** file):\n\n- SERVICENOW_URL: The base URL of the ServiceNow API (ex: https://your-instance.service-now.com/)\n- SERVICENOW_USERNAME: The username for ServiceNow API authentication.\n- SERVICENOW_PASSWORD: The password for ServiceNow API authentication.\n\nYou also need to define JSON configuration file(e) in folder **config/user-stories/**\n\nExample:\n\n```json\n{\n \"userStoriesConfig\": {\n \"fields\": [\n \"Id\",\n \"Name\",\n \"Ticket_Number__c\",\n \"copado__User_Story_Title__c\",\n \"CreatedBy.Name\",\n \"copado__Release__r.Name\",\n \"copado__Environment__r.Name\"\n ],\n \"table\": \"copado__User_Story__c\",\n \"where\": \"copado__Environment__r.Name ='UAT'\",\n \"whereChoices\": {\n \"UAT all\": \"copado__Environment__r.Name ='UAT'\",\n \"UAT postponed\": \"copado__Environment__r.Name ='UAT' AND copado__Release__r.Name = 'postponed'\",\n \"UAT in progress\": \"copado__Environment__r.Name ='UAT' AND copado__Release__r.Name != 'postponed' AND copado__Release__r.Name != 'cancelled'\"\n },\n \"orderBy\": \"Ticket_Number__c ASC\",\n \"ticketField\": \"Ticket_Number__c\",\n \"reportFields\": [\n { \"key\": \"US Name\", \"path\": \"Name\" },\n { \"key\": \"US SN Identifier\", \"path\": \"Ticket_Number__c\" },\n { \"key\": \"US Title\", \"path\": \"copado__User_Story_Title__c\" },\n { \"key\": \"US Created By\", \"path\": \"CreatedBy.Name\" },\n { \"key\": \"US Environment\", \"path\": \"copado__Environment__r.Name\" },\n { \"key\": \"US Release\", \"path\": \"copado__Release__r.Name\" },\n { \"key\": \"SN Identifier\", \"path\": \"serviceNowInfo.number\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Title\", \"path\": \"serviceNowInfo.short_description\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Status\", \"path\": \"serviceNowInfo.state\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN Created By\", \"path\": \"serviceNowInfo.sys_created_by\", \"default\": \"NOT FOUND\" },\n { \"key\": \"SN URL\", \"special\": \"serviceNowTicketUrl\" }\n ]\n },\n \"serviceNowConfig\": {\n \"tables\": [\n { \"tableName\": \"dmn_demand\" },\n { \"tableName\": \"incident\" }\n ]\n }\n}\n```\n ",
1795
1795
  "examples": [
1796
- "$ sf hardis:misc:servicenow-report"
1796
+ "$ sf hardis:misc:servicenow-report",
1797
+ "$ sf hardis:misc:servicenow-report --config config/user-stories/my-config.json --where-choice \"UAT all\""
1797
1798
  ],
1798
1799
  "flags": {
1799
1800
  "json": {
@@ -5922,14 +5923,15 @@
5922
5923
  "listviewmine:fix:org:hardis"
5923
5924
  ]
5924
5925
  },
5925
- "hardis:org:generate:packagexmlfull": {
5926
+ "hardis:org:diagnose:audittrail": {
5926
5927
  "aliases": [],
5927
5928
  "args": {},
5928
- "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
5929
+ "description": "Export Audit trail into a CSV file with selected criteria, and highlight suspect actions\n\nAlso detects updates of Custom Settings values (disable by defining `SKIP_AUDIT_TRAIL_CUSTOM_SETTINGS=true`)\n\nRegular setup actions performed in major orgs are filtered.\n\n- \"\"\n - createScratchOrg\n - changedsenderemail\n - deleteScratchOrg\n - loginasgrantedtopartnerbt\n- Certificate and Key Management\n - insertCertificate\n- Custom App Licenses\n - addeduserpackagelicense\n - granteduserpackagelicense\n - revokeduserpackagelicense\n- Customer Portal\n - createdcustomersuccessuser\n - CSPUserDisabled\n- Currency\n - updateddatedexchrate\n- Data Management\n - queueMembership\n- Email Administration\n - dkimRotationPreparationSuccessful\n - dkimRotationSuccessful\n- External Objects\n - xdsEncryptedFieldChange\n- Groups\n - groupMembership\n- Holidays\n - holiday_insert\n- Inbox mobile and legacy desktop apps\n - enableSIQUserNonEAC\n - siqUserAcceptedTOS\n- Manage Users\n - activateduser\n - createduser\n - changedcommunitynickname\n - changedemail\n - changedfederationid\n - changedpassword\n - changedinteractionuseroffon\n - changedinteractionuseronoff\n - changedmarketinguseroffon\n - changedmarketinguseronoff\n - changedofflineuseroffon\n - changedprofileforuserstdtostd\n - changedprofileforuser\n - changedprofileforusercusttostd\n - changedprofileforuserstdtocust\n - changedroleforusertonone\n - changedroleforuser\n - changedroleforuserfromnone\n - changedUserAdminVerifiedStatusVerified\n - changedUserEmailVerifiedStatusUnverified\n - changedUserEmailVerifiedStatusVerified\n - changedknowledgeuseroffon\n - changedsfcontentuseroffon\n - changedsupportuseroffon\n - changedusername\n - changedUserPhoneNumber\n - changedUserPhoneVerifiedStatusUnverified\n - changedUserPhoneVerifiedStatusVerified\n - deactivateduser\n - deleteAuthenticatorPairing\n - deleteTwoFactorInfo2\n - deleteTwoFactorTempCode\n - frozeuser\n - insertAuthenticatorPairing\n - insertTwoFactorInfo2\n - insertTwoFactorTempCode\n - lightningloginenroll\n - PermSetAssign\n - PermSetGroupAssign\n - PermSetGroupUnassign\n - PermSetLicenseAssign\n - PermSetUnassign\n - PermSetLicenseUnassign\n - registeredUserPhoneNumber\n - resetpassword\n - suNetworkAdminLogin\n - suNetworkAdminLogout\n - suOrgAdminLogin\n - suOrgAdminLogout\n - unfrozeuser\n - useremailchangesent\n- Mobile Administration\n - assigneduserstomobileconfig\n- Reporting Snapshots\n - createdReportJob\n - deletedReportJob\n- Sandboxes\n - DeleteSandbox\n\nBy default, deployment user defined in .sfdx-hardis.yml targetUsername property will be excluded.\n\nYou can define additional users to exclude in .sfdx-hardis.yml **monitoringExcludeUsernames** property.\n\nYou can also add more sections / actions considered as not suspect using property **monitoringAllowedSectionsActions**\n\nExample:\n\n```yaml\nmonitoringExcludeUsernames:\n - deploymentuser@cloudity.com\n - marketingcloud@cloudity.com\n - integration-user@cloudity.com\n\nmonitoringAllowedSectionsActions:\n \"Some section\": [] // Will ignore all actions from such section\n \"Some other section\": [\"actionType1\",\"actionType2\",\"actionType3\"] // Will ignore only those 3 actions from section \"Some other section\". Other actions in the same section will be considered as suspect.\n```\n\n## Excel output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-excel.jpg)\n\n## Local output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-local.jpg)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-suspect-audit-trail/) and can output Grafana, Slack and MsTeams Notifications.\n",
5929
5930
  "examples": [
5930
- "$ sf hardis:org:generate:packagexmlfull",
5931
- "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
5932
- "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
5931
+ "$ sf hardis:org:diagnose:audittrail",
5932
+ "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com",
5933
+ "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com,bertrand@titi.com",
5934
+ "$ sf hardis:org:diagnose:audittrail --lastndays 5"
5933
5935
  ],
5934
5936
  "flags": {
5935
5937
  "json": {
@@ -5947,8 +5949,25 @@
5947
5949
  "multiple": false,
5948
5950
  "type": "option"
5949
5951
  },
5952
+ "excludeusers": {
5953
+ "char": "e",
5954
+ "description": "Comma-separated list of usernames to exclude",
5955
+ "name": "excludeusers",
5956
+ "hasDynamicHelp": false,
5957
+ "multiple": false,
5958
+ "type": "option"
5959
+ },
5960
+ "lastndays": {
5961
+ "char": "t",
5962
+ "description": "Number of days to extract from today (included)",
5963
+ "name": "lastndays",
5964
+ "hasDynamicHelp": false,
5965
+ "multiple": false,
5966
+ "type": "option"
5967
+ },
5950
5968
  "outputfile": {
5951
- "description": "Output package.xml file",
5969
+ "char": "f",
5970
+ "description": "Force the path and name of output report file. Must end with .csv",
5952
5971
  "name": "outputfile",
5953
5972
  "hasDynamicHelp": false,
5954
5973
  "multiple": false,
@@ -5961,13 +5980,6 @@
5961
5980
  "allowNo": false,
5962
5981
  "type": "boolean"
5963
5982
  },
5964
- "no-prompt": {
5965
- "char": "n",
5966
- "description": "Do not prompt for org username, use the default one",
5967
- "name": "no-prompt",
5968
- "allowNo": false,
5969
- "type": "boolean"
5970
- },
5971
5983
  "websocket": {
5972
5984
  "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
5973
5985
  "name": "websocket",
@@ -5999,13 +6011,13 @@
5999
6011
  },
6000
6012
  "hasDynamicHelp": true,
6001
6013
  "hiddenAliases": [],
6002
- "id": "hardis:org:generate:packagexmlfull",
6014
+ "id": "hardis:org:diagnose:audittrail",
6003
6015
  "pluginAlias": "sfdx-hardis",
6004
6016
  "pluginName": "sfdx-hardis",
6005
6017
  "pluginType": "core",
6006
6018
  "strict": true,
6007
6019
  "enableJsonFlag": true,
6008
- "title": "Generate Full Org package.xml",
6020
+ "title": "Diagnose content of Setup Audit Trail",
6009
6021
  "requiresProject": false,
6010
6022
  "isESM": true,
6011
6023
  "relativePath": [
@@ -6013,43 +6025,43 @@
6013
6025
  "commands",
6014
6026
  "hardis",
6015
6027
  "org",
6016
- "generate",
6017
- "packagexmlfull.js"
6028
+ "diagnose",
6029
+ "audittrail.js"
6018
6030
  ],
6019
6031
  "aliasPermutations": [],
6020
6032
  "permutations": [
6021
- "hardis:org:generate:packagexmlfull",
6022
- "org:hardis:generate:packagexmlfull",
6023
- "org:generate:hardis:packagexmlfull",
6024
- "org:generate:packagexmlfull:hardis",
6025
- "hardis:generate:org:packagexmlfull",
6026
- "generate:hardis:org:packagexmlfull",
6027
- "generate:org:hardis:packagexmlfull",
6028
- "generate:org:packagexmlfull:hardis",
6029
- "hardis:generate:packagexmlfull:org",
6030
- "generate:hardis:packagexmlfull:org",
6031
- "generate:packagexmlfull:hardis:org",
6032
- "generate:packagexmlfull:org:hardis",
6033
- "hardis:org:packagexmlfull:generate",
6034
- "org:hardis:packagexmlfull:generate",
6035
- "org:packagexmlfull:hardis:generate",
6036
- "org:packagexmlfull:generate:hardis",
6037
- "hardis:packagexmlfull:org:generate",
6038
- "packagexmlfull:hardis:org:generate",
6039
- "packagexmlfull:org:hardis:generate",
6040
- "packagexmlfull:org:generate:hardis",
6041
- "hardis:packagexmlfull:generate:org",
6042
- "packagexmlfull:hardis:generate:org",
6043
- "packagexmlfull:generate:hardis:org",
6044
- "packagexmlfull:generate:org:hardis"
6033
+ "hardis:org:diagnose:audittrail",
6034
+ "org:hardis:diagnose:audittrail",
6035
+ "org:diagnose:hardis:audittrail",
6036
+ "org:diagnose:audittrail:hardis",
6037
+ "hardis:diagnose:org:audittrail",
6038
+ "diagnose:hardis:org:audittrail",
6039
+ "diagnose:org:hardis:audittrail",
6040
+ "diagnose:org:audittrail:hardis",
6041
+ "hardis:diagnose:audittrail:org",
6042
+ "diagnose:hardis:audittrail:org",
6043
+ "diagnose:audittrail:hardis:org",
6044
+ "diagnose:audittrail:org:hardis",
6045
+ "hardis:org:audittrail:diagnose",
6046
+ "org:hardis:audittrail:diagnose",
6047
+ "org:audittrail:hardis:diagnose",
6048
+ "org:audittrail:diagnose:hardis",
6049
+ "hardis:audittrail:org:diagnose",
6050
+ "audittrail:hardis:org:diagnose",
6051
+ "audittrail:org:hardis:diagnose",
6052
+ "audittrail:org:diagnose:hardis",
6053
+ "hardis:audittrail:diagnose:org",
6054
+ "audittrail:hardis:diagnose:org",
6055
+ "audittrail:diagnose:hardis:org",
6056
+ "audittrail:diagnose:org:hardis"
6045
6057
  ]
6046
6058
  },
6047
- "hardis:org:monitor:all": {
6059
+ "hardis:org:diagnose:instanceupgrade": {
6048
6060
  "aliases": [],
6049
6061
  "args": {},
6050
- "description": "Monitor org, generate reports and sends notifications\n\nYou can disable some commands defining either a **monitoringDisable** property in `.sfdx-hardis.yml`, or a comma separated list in env variable **MONITORING_DISABLE**\n\nExample in .sfdx-hardis.yml:\n \n```yaml\nmonitoringDisable:\n - METADATA_STATUS\n - MISSING_ATTRIBUTES\n - UNUSED_METADATAS\n```\n \nExample in env var:\n\n```sh\nMONITORING_DISABLE=METADATA_STATUS,MISSING_ATTRIBUTES,UNUSED_METADATAS\n```\n\nA [default list of monitoring commands](https://sfdx-hardis.cloudity.com/salesforce-monitoring-home/#monitoring-commands) is used, if you want to override it you can define property **monitoringCommands** in your .sfdx-hardis.yml file\n\nExample:\n\n```yaml\nmonitoringCommands:\n - title: My Custom command\n command: sf my:custom:command\n - title: My Custom command 2\n command: sf my:other:custom:command\n```\n\nYou can force the daily run of all commands by defining env var `MONITORING_IGNORE_FREQUENCY=true`\n\nThe default list of commands is the following:\n\n| Key | Description | Command | Frequency |\n| :---: | :---- | :---- | :-----: |\n| [AUDIT_TRAIL](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | Detect suspect setup actions in major org | [sf hardis:org:diagnose:audittrail](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | daily |\n| [LEGACY_API](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | Detect calls to deprecated API versions | [sf hardis:org:diagnose:legacyapi](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | daily |\n| [ORG_LIMITS](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | Detect if org limits are close to be reached | [sf hardis:org:monitor:limits](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | daily |\n| [UNSECURED_CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | Detect unsecured Connected Apps in an org | [sf hardis:org:diagnose:unsecure-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | daily |\n| [LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | Extract licenses information | [sf hardis:org:diagnose:licenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | weekly |\n| [LINT_ACCESS](https://sfdx-hardis.cloudity.com/hardis/lint/access) | Detect custom elements with no access rights defined in permission sets | [sf hardis:lint:access](https://sfdx-hardis.cloudity.com/hardis/lint/access) | weekly |\n| [UNUSED_LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | Detect permission set licenses that are assigned to users that do not need them | [sf hardis:org:diagnose:unusedlicenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | weekly |\n| [UNUSED_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users without recent logins | [sf hardis:org:diagnose:unusedusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ACTIVE_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users with recent logins | [sf hardis:org:diagnose:unusedusers --returnactiveusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ORG_INFO](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | Get org info + SF instance info + next major upgrade date | [sf hardis:org:diagnose:instanceupgrade](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | weekly |\n| [RELEASE_UPDATES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | Gather warnings about incoming and overdue Release Updates | [sf hardis:org:diagnose:releaseupdates](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | weekly |\n| [UNUSED_METADATAS](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | Detect custom labels and custom permissions that are not in use | [sf hardis:lint:unusedmetadatas](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | weekly |\n| [UNUSED_APEX_CLASSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | Detect unused Apex classes in an org | [sf hardis:org:diagnose:unused-apex-classes](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | weekly |\n| [CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | Detect unused Connected Apps in an org | [sf hardis:org:diagnose:unused-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | weekly |\n| [METADATA_STATUS](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | Detect inactive metadata | [sf hardis:lint:metadatastatus](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | weekly |\n| [MISSING_ATTRIBUTES](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | Detect missing description on custom field | [sf hardis:lint:missingattributes](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | weekly |\n\n",
6062
+ "description": "\n## Command Behavior\n\n**Retrieves and displays the scheduled upgrade date for a Salesforce org's instance.**\n\nThis command provides crucial information about when your Salesforce instance will be upgraded to the next major release (Spring, Summer, or Winter). This is vital for release planning, testing, and ensuring compatibility with upcoming Salesforce features.\n\nKey functionalities:\n\n- **Instance Identification:** Determines the Salesforce instance name of your target org.\n- **Upgrade Date Retrieval:** Fetches the planned start time of the next major core service upgrade for that instance from the Salesforce Status API.\n- **Days Until Upgrade:** Calculates and displays the number of days remaining until the next major upgrade.\n- **Severity-Based Logging:** Adjusts the log severity (info, warning) based on the proximity of the upgrade date, providing a visual cue for urgency.\n- **Notifications:** Sends notifications to configured channels (e.g., Slack, MS Teams, Grafana) with the upgrade information, making it suitable for automated monitoring.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Query:** It first queries the `Organization` object in Salesforce to get the `InstanceName` of the target org.\n- **Salesforce Status API Integration:** It makes an HTTP GET request to the Salesforce Status API (`https://api.status.salesforce.com/v1/instances/{instanceName}/status`) to retrieve detailed information about the instance, including scheduled maintenances.\n- **Data Parsing:** It parses the JSON response from the Status API to extract the relevant major release upgrade information.\n- **Date Calculation:** Uses the `moment` library to calculate the difference in days between the current date and the planned upgrade date.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including the instance name, upgrade date, and days remaining, along with relevant metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the upgrade status and proximity.\n</details>\n",
6051
6063
  "examples": [
6052
- "$ sf hardis:org:monitor:all"
6064
+ "$ sf hardis:org:diagnose:instanceupgrade"
6053
6065
  ],
6054
6066
  "flags": {
6055
6067
  "json": {
@@ -6105,159 +6117,60 @@
6105
6117
  },
6106
6118
  "hasDynamicHelp": true,
6107
6119
  "hiddenAliases": [],
6108
- "id": "hardis:org:monitor:all",
6120
+ "id": "hardis:org:diagnose:instanceupgrade",
6109
6121
  "pluginAlias": "sfdx-hardis",
6110
6122
  "pluginName": "sfdx-hardis",
6111
6123
  "pluginType": "core",
6112
6124
  "strict": true,
6113
6125
  "enableJsonFlag": true,
6114
- "title": "Monitor org",
6115
- "monitoringCommandsDefault": [
6116
- {
6117
- "key": "AUDIT_TRAIL",
6118
- "title": "Detect suspect setup actions in major org",
6119
- "command": "sf hardis:org:diagnose:audittrail",
6120
- "frequency": "daily"
6121
- },
6122
- {
6123
- "key": "LEGACY_API",
6124
- "title": "Detect calls to deprecated API versions",
6125
- "command": "sf hardis:org:diagnose:legacyapi",
6126
- "frequency": "daily"
6127
- },
6128
- {
6129
- "key": "ORG_LIMITS",
6130
- "title": "Detect if org limits are close to be reached",
6131
- "command": "sf hardis:org:monitor:limits",
6132
- "frequency": "daily"
6133
- },
6134
- {
6135
- "key": "UNSECURED_CONNECTED_APPS",
6136
- "title": "Detect unsecured Connected Apps in an org",
6137
- "command": "sf hardis:org:diagnose:unsecure-connected-apps",
6138
- "frequency": "daily"
6139
- },
6140
- {
6141
- "key": "LICENSES",
6142
- "title": "Extract licenses information",
6143
- "command": "sf hardis:org:diagnose:licenses",
6144
- "frequency": "weekly"
6145
- },
6146
- {
6147
- "key": "LINT_ACCESS",
6148
- "title": "Detect custom elements with no access rights defined in permission sets",
6149
- "command": "sf hardis:lint:access",
6150
- "frequency": "weekly"
6151
- },
6152
- {
6153
- "key": "UNUSED_LICENSES",
6154
- "title": "Detect permission set licenses that are assigned to users that do not need them",
6155
- "command": "sf hardis:org:diagnose:unusedlicenses",
6156
- "frequency": "weekly"
6157
- },
6158
- {
6159
- "key": "UNUSED_USERS",
6160
- "title": "Detect active users without recent logins",
6161
- "command": "sf hardis:org:diagnose:unusedusers",
6162
- "frequency": "weekly"
6163
- },
6164
- {
6165
- "key": "ACTIVE_USERS",
6166
- "title": "Detect active users with recent logins",
6167
- "command": "sf hardis:org:diagnose:unusedusers --returnactiveusers",
6168
- "frequency": "weekly"
6169
- },
6170
- {
6171
- "key": "ORG_INFO",
6172
- "title": "Get org info + SF instance info + next major upgrade date",
6173
- "command": "sf hardis:org:diagnose:instanceupgrade",
6174
- "frequency": "weekly"
6175
- },
6176
- {
6177
- "key": "RELEASE_UPDATES",
6178
- "title": "Gather warnings about incoming and overdue Release Updates",
6179
- "command": "sf hardis:org:diagnose:releaseupdates",
6180
- "frequency": "weekly"
6181
- },
6182
- {
6183
- "key": "UNUSED_METADATAS",
6184
- "title": "Detect custom labels and custom permissions that are not in use",
6185
- "command": "sf hardis:lint:unusedmetadatas",
6186
- "frequency": "weekly"
6187
- },
6188
- {
6189
- "key": "UNUSED_APEX_CLASSES",
6190
- "title": "Detect unused Apex classes in an org",
6191
- "command": "sf hardis:org:diagnose:unused-apex-classes",
6192
- "frequency": "weekly"
6193
- },
6194
- {
6195
- "key": "CONNECTED_APPS",
6196
- "title": "Detect unused Connected Apps in an org",
6197
- "command": "sf hardis:org:diagnose:unused-connected-apps",
6198
- "frequency": "weekly"
6199
- },
6200
- {
6201
- "key": "METADATA_STATUS",
6202
- "title": "Detect inactive metadata",
6203
- "command": "sf hardis:lint:metadatastatus",
6204
- "frequency": "weekly"
6205
- },
6206
- {
6207
- "key": "MISSING_ATTRIBUTES",
6208
- "title": "Detect missing description on custom field",
6209
- "command": "sf hardis:lint:missingattributes",
6210
- "frequency": "weekly"
6211
- }
6212
- ],
6213
- "requiresProject": true,
6214
- "triggerNotification": true,
6126
+ "title": "Get Instance Upgrade date",
6127
+ "requiresProject": false,
6215
6128
  "isESM": true,
6216
6129
  "relativePath": [
6217
6130
  "lib",
6218
6131
  "commands",
6219
6132
  "hardis",
6220
6133
  "org",
6221
- "monitor",
6222
- "all.js"
6134
+ "diagnose",
6135
+ "instanceupgrade.js"
6223
6136
  ],
6224
6137
  "aliasPermutations": [],
6225
6138
  "permutations": [
6226
- "hardis:org:monitor:all",
6227
- "org:hardis:monitor:all",
6228
- "org:monitor:hardis:all",
6229
- "org:monitor:all:hardis",
6230
- "hardis:monitor:org:all",
6231
- "monitor:hardis:org:all",
6232
- "monitor:org:hardis:all",
6233
- "monitor:org:all:hardis",
6234
- "hardis:monitor:all:org",
6235
- "monitor:hardis:all:org",
6236
- "monitor:all:hardis:org",
6237
- "monitor:all:org:hardis",
6238
- "hardis:org:all:monitor",
6239
- "org:hardis:all:monitor",
6240
- "org:all:hardis:monitor",
6241
- "org:all:monitor:hardis",
6242
- "hardis:all:org:monitor",
6243
- "all:hardis:org:monitor",
6244
- "all:org:hardis:monitor",
6245
- "all:org:monitor:hardis",
6246
- "hardis:all:monitor:org",
6247
- "all:hardis:monitor:org",
6248
- "all:monitor:hardis:org",
6249
- "all:monitor:org:hardis"
6139
+ "hardis:org:diagnose:instanceupgrade",
6140
+ "org:hardis:diagnose:instanceupgrade",
6141
+ "org:diagnose:hardis:instanceupgrade",
6142
+ "org:diagnose:instanceupgrade:hardis",
6143
+ "hardis:diagnose:org:instanceupgrade",
6144
+ "diagnose:hardis:org:instanceupgrade",
6145
+ "diagnose:org:hardis:instanceupgrade",
6146
+ "diagnose:org:instanceupgrade:hardis",
6147
+ "hardis:diagnose:instanceupgrade:org",
6148
+ "diagnose:hardis:instanceupgrade:org",
6149
+ "diagnose:instanceupgrade:hardis:org",
6150
+ "diagnose:instanceupgrade:org:hardis",
6151
+ "hardis:org:instanceupgrade:diagnose",
6152
+ "org:hardis:instanceupgrade:diagnose",
6153
+ "org:instanceupgrade:hardis:diagnose",
6154
+ "org:instanceupgrade:diagnose:hardis",
6155
+ "hardis:instanceupgrade:org:diagnose",
6156
+ "instanceupgrade:hardis:org:diagnose",
6157
+ "instanceupgrade:org:hardis:diagnose",
6158
+ "instanceupgrade:org:diagnose:hardis",
6159
+ "hardis:instanceupgrade:diagnose:org",
6160
+ "instanceupgrade:hardis:diagnose:org",
6161
+ "instanceupgrade:diagnose:hardis:org",
6162
+ "instanceupgrade:diagnose:org:hardis"
6250
6163
  ]
6251
6164
  },
6252
- "hardis:org:monitor:backup": {
6165
+ "hardis:org:diagnose:legacyapi": {
6253
6166
  "aliases": [],
6254
6167
  "args": {},
6255
- "description": "Retrieve sfdx sources in the context of a monitoring backup\n\nThe command exists in 2 modes: filtered(default & recommended) and full.\n\n## Filtered mode (default, better performances)\n\nAutomatically skips metadatas from installed packages with namespace. \n\nYou can remove more metadata types from backup, especially in case you have too many metadatas and that provokes a crash, using:\n\n- Manual update of `manifest/package-skip-items.xml` config file (then commit & push in the same branch)\n\n - Works with full wildcard (`<members>*</members>`) , named metadata (`<members>Account.Name</members>`) or partial wildcards names (`<members>pi__*</members>` , `<members>*__dlm</members>` , or `<members>prefix*suffix</members>`)\n\n- Environment variable MONITORING_BACKUP_SKIP_METADATA_TYPES (example: `MONITORING_BACKUP_SKIP_METADATA_TYPES=CustomLabel,StaticResource,Translation`): that will be applied to all monitoring branches.\n\n## Full mode\n\nActivate it with **--full** parameter, or variable MONITORING_BACKUP_MODE_FULL=true\n\nIgnores filters (namespaces items & manifest/package-skip-items.xml) to retrieve ALL metadatas, including those you might not care about (reports, translations...)\n\nAs we can retrieve only 10000 files by call, the list of all metadatas will be chunked to make multiple calls (and take more time than filtered mode)\n\n- if you use `--full-apply-filters` , manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES filters will be applied anyway\n- if you use `--exclude-namespaces` , namespaced items will be ignored\n\n_With those both options, it's like if you are not using --full, but with chunked metadata download_\n\n## In CI/CD\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-metadata-backup/) and can output Grafana, Slack and MsTeams Notifications.\n\n## Troubleshooting\n\nIf you have unknown errors (it happens !), you can investigate using the full command with smaller chunks.\n\nExample: `sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters --max-by-chunk 500`\n\nIt will allow you the identify the responsible metadata and ignore it using package-skip-items.xml or MONITORING_BACKUP_SKIP_METADATA_TYPES env variable.\n\n## Documentation\n\n[Doc generation (including visual flows)](https://sfdx-hardis.cloudity.com/hardis/doc/project2markdown/) is triggered at the end of the command.\n\nIf you want to also upload HTML Documentation on your Salesforce Org as static resource, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_ORG=\"true\"**\n\nIf you want to also upload HTML Documentation on Cloudflare, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_CLOUDFLARE=\"true\"**\n\n- If you want to generate the documentation in multiple languages, define variable SFDX_DOC_LANGUAGES (ex: SFDX_DOC_LANGUAGES=en,fr,de)\n- You can define one Cloudflare site by language, for example with the following variables:\n - CLOUDFLARE_PROJECT_NAME_EN=cloudity-demo-english\n - CLOUDFLARE_PROJECT_NAME_FR=cloudity-demo-french\n - CLOUDFLARE_PROJECT_NAME_DE=cloudity-demo-german\n\nIf Flow history doc always display a single state, you probably need to update your workflow configuration:\n\n- on Gitlab: Env variable [`GIT_FETCH_EXTRA_FLAGS: --depth 10000`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.gitlab-ci.yml#L11)\n- on GitHub: [`fetch-depth: 0`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.github/workflows/org-monitoring.yml#L58)\n- on Azure: [`fetchDepth: \"0\"`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/azure-pipelines.yml#L39)\n- on Bitbucket: [`step: clone: depth: full`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/bitbucket-pipelines.yml#L18)\n",
6168
+ "description": "Checks if an org uses retired or someday retired API version\n\n\nSee article below\n\n[![Handle Salesforce API versions Deprecation like a pro](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-deprecated-api.jpg)](https://nicolas.vuillamy.fr/handle-salesforce-api-versions-deprecation-like-a-pro-335065f52238)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-deprecated-api-calls/) and can output Grafana, Slack and MsTeams Notifications.\n",
6256
6169
  "examples": [
6257
- "$ sf hardis:org:monitor:backup",
6258
- "$ sf hardis:org:monitor:backup --full",
6259
- "$ sf hardis:org:monitor:backup --full --exclude-namespaces",
6260
- "$ sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters"
6170
+ "$ sf hardis:org:diagnose:legacyapi",
6171
+ "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com",
6172
+ "$ sf hardis:org:diagnose:legacyapi --outputfile 'c:/path/to/folder/legacyapi.csv'",
6173
+ "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com --outputfile ./tmp/legacyapi.csv"
6261
6174
  ],
6262
6175
  "flags": {
6263
6176
  "json": {
@@ -6275,49 +6188,24 @@
6275
6188
  "multiple": false,
6276
6189
  "type": "option"
6277
6190
  },
6278
- "full": {
6279
- "description": "Dot not take in account filtering using package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES. Efficient but much much slower !",
6280
- "name": "full",
6281
- "allowNo": false,
6282
- "type": "boolean"
6283
- },
6284
- "max-by-chunk": {
6285
- "char": "m",
6286
- "description": "If mode --full is activated, maximum number of metadatas in a package.xml chunk",
6287
- "name": "max-by-chunk",
6288
- "default": 3000,
6191
+ "eventtype": {
6192
+ "char": "e",
6193
+ "description": "Type of EventLogFile event to analyze",
6194
+ "name": "eventtype",
6195
+ "default": "ApiTotalUsage",
6289
6196
  "hasDynamicHelp": false,
6290
6197
  "multiple": false,
6291
6198
  "type": "option"
6292
6199
  },
6293
- "exclude-namespaces": {
6294
- "char": "e",
6295
- "description": "If mode --full is activated, exclude namespaced metadatas",
6296
- "name": "exclude-namespaces",
6297
- "allowNo": false,
6298
- "type": "boolean"
6299
- },
6300
- "full-apply-filters": {
6301
- "char": "z",
6302
- "description": "If mode --full is activated, apply filters of manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES anyway",
6303
- "name": "full-apply-filters",
6304
- "allowNo": false,
6305
- "type": "boolean"
6306
- },
6307
- "start-chunk": {
6308
- "description": "Use this parameter to troubleshoot a specific chunk. It will be used as the first chunk to retrieve",
6309
- "name": "start-chunk",
6310
- "default": 1,
6200
+ "limit": {
6201
+ "char": "l",
6202
+ "description": "Number of latest EventLogFile events to analyze",
6203
+ "name": "limit",
6204
+ "default": 999,
6311
6205
  "hasDynamicHelp": false,
6312
6206
  "multiple": false,
6313
6207
  "type": "option"
6314
6208
  },
6315
- "skip-doc": {
6316
- "description": "Skip the generation of project documentation at the end of the command",
6317
- "name": "skip-doc",
6318
- "allowNo": false,
6319
- "type": "boolean"
6320
- },
6321
6209
  "outputfile": {
6322
6210
  "char": "f",
6323
6211
  "description": "Force the path and name of output report file. Must end with .csv",
@@ -6364,58 +6252,57 @@
6364
6252
  },
6365
6253
  "hasDynamicHelp": true,
6366
6254
  "hiddenAliases": [],
6367
- "id": "hardis:org:monitor:backup",
6255
+ "id": "hardis:org:diagnose:legacyapi",
6368
6256
  "pluginAlias": "sfdx-hardis",
6369
6257
  "pluginName": "sfdx-hardis",
6370
6258
  "pluginType": "core",
6371
6259
  "strict": true,
6372
6260
  "enableJsonFlag": true,
6373
- "title": "Backup DX sources",
6374
- "requiresProject": true,
6375
- "triggerNotification": true,
6261
+ "title": "Check for legacy API use",
6262
+ "requiresProject": false,
6376
6263
  "isESM": true,
6377
6264
  "relativePath": [
6378
6265
  "lib",
6379
6266
  "commands",
6380
6267
  "hardis",
6381
6268
  "org",
6382
- "monitor",
6383
- "backup.js"
6269
+ "diagnose",
6270
+ "legacyapi.js"
6384
6271
  ],
6385
6272
  "aliasPermutations": [],
6386
6273
  "permutations": [
6387
- "hardis:org:monitor:backup",
6388
- "org:hardis:monitor:backup",
6389
- "org:monitor:hardis:backup",
6390
- "org:monitor:backup:hardis",
6391
- "hardis:monitor:org:backup",
6392
- "monitor:hardis:org:backup",
6393
- "monitor:org:hardis:backup",
6394
- "monitor:org:backup:hardis",
6395
- "hardis:monitor:backup:org",
6396
- "monitor:hardis:backup:org",
6397
- "monitor:backup:hardis:org",
6398
- "monitor:backup:org:hardis",
6399
- "hardis:org:backup:monitor",
6400
- "org:hardis:backup:monitor",
6401
- "org:backup:hardis:monitor",
6402
- "org:backup:monitor:hardis",
6403
- "hardis:backup:org:monitor",
6404
- "backup:hardis:org:monitor",
6405
- "backup:org:hardis:monitor",
6406
- "backup:org:monitor:hardis",
6407
- "hardis:backup:monitor:org",
6408
- "backup:hardis:monitor:org",
6409
- "backup:monitor:hardis:org",
6410
- "backup:monitor:org:hardis"
6274
+ "hardis:org:diagnose:legacyapi",
6275
+ "org:hardis:diagnose:legacyapi",
6276
+ "org:diagnose:hardis:legacyapi",
6277
+ "org:diagnose:legacyapi:hardis",
6278
+ "hardis:diagnose:org:legacyapi",
6279
+ "diagnose:hardis:org:legacyapi",
6280
+ "diagnose:org:hardis:legacyapi",
6281
+ "diagnose:org:legacyapi:hardis",
6282
+ "hardis:diagnose:legacyapi:org",
6283
+ "diagnose:hardis:legacyapi:org",
6284
+ "diagnose:legacyapi:hardis:org",
6285
+ "diagnose:legacyapi:org:hardis",
6286
+ "hardis:org:legacyapi:diagnose",
6287
+ "org:hardis:legacyapi:diagnose",
6288
+ "org:legacyapi:hardis:diagnose",
6289
+ "org:legacyapi:diagnose:hardis",
6290
+ "hardis:legacyapi:org:diagnose",
6291
+ "legacyapi:hardis:org:diagnose",
6292
+ "legacyapi:org:hardis:diagnose",
6293
+ "legacyapi:org:diagnose:hardis",
6294
+ "hardis:legacyapi:diagnose:org",
6295
+ "legacyapi:hardis:diagnose:org",
6296
+ "legacyapi:diagnose:hardis:org",
6297
+ "legacyapi:diagnose:org:hardis"
6411
6298
  ]
6412
6299
  },
6413
- "hardis:org:monitor:limits": {
6300
+ "hardis:org:diagnose:licenses": {
6414
6301
  "aliases": [],
6415
6302
  "args": {},
6416
- "description": "\n## Command Behavior\n\n**Checks the current usage of various Salesforce org limits and sends notifications if thresholds are exceeded.**\n\nThis command is a critical component of proactive Salesforce org management, helping administrators and developers monitor resource consumption and prevent hitting critical limits that could impact performance or functionality. It provides early warnings when limits are approaching their capacity.\n\nKey functionalities:\n\n- **Limit Retrieval:** Fetches a comprehensive list of all Salesforce org limits using the Salesforce CLI.\n- **Usage Calculation:** Calculates the percentage of each limit that is currently being used.\n- **Threshold-Based Alerting:** Assigns a severity (success, warning, or error) to each limit based on configurable thresholds:\n - **Warning:** If usage exceeds 50% (configurable via `LIMIT_THRESHOLD_WARNING` environment variable).\n - **Error:** If usage exceeds 75% (configurable via `LIMIT_THRESHOLD_ERROR` environment variable).\n- **CSV Report Generation:** Generates a CSV file containing all org limits, their current usage, maximum allowed, and calculated percentage used, along with the assigned severity.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of limits that have exceeded the warning or error thresholds.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-limits/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce CLI Integration:** It executes the `sf org limits list` command to retrieve the current org limits. It parses the JSON output of this command.\n- **Data Processing:** It iterates through the retrieved limits, calculates the `used` and `percentUsed` values, and assigns a `severity` (success, warning, error) based on the configured thresholds.\n- **Environment Variable Configuration:** Reads `LIMIT_THRESHOLD_WARNING` and `LIMIT_THRESHOLD_ERROR` environment variables to set the warning and error thresholds for limit usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of org limits.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and detailed metrics for each limit, which can be consumed by monitoring dashboards like Grafana.\n- **Exit Code Management:** Sets the process exit code to 1 if any limit is in an 'error' state, indicating a critical issue.\n</details>\n",
6303
+ "description": "\n**Lists and analyzes User Licenses and Permission Set Licenses subscribed and used in a Salesforce org.**\n\nThis command provides a comprehensive overview of your Salesforce license consumption. It's particularly useful for:\n\n- **License Management:** Understanding which licenses are active, how many are available, and how many are being used.\n- **Cost Optimization:** Identifying unused or underutilized licenses that could be reallocated or decommissioned.\n- **Compliance:** Ensuring that your organization is compliant with Salesforce licensing agreements.\n- **Monitoring:** Tracking license usage trends over time.\n\nKey functionalities:\n\n- **User License Details:** Retrieves information about standard and custom User Licenses, including `MasterLabel`, `Name`, `TotalLicenses`, and `UsedLicenses`.\n- **Permission Set License Details:** Retrieves information about Permission Set Licenses, including `MasterLabel`, `PermissionSetLicenseKey`, `TotalLicenses`, and `UsedLicenses`.\n- **Used Licenses Filter:** The `--usedonly` flag allows you to filter the report to show only licenses that have at least one `UsedLicenses` count greater than zero.\n- **CSV Report Generation:** Generates a CSV file containing all the retrieved license information, suitable for detailed analysis.\n- **Notifications:** Sends notifications to configured channels (e.g., Grafana, Slack, MS Teams) with a summary of license usage, including lists of active and used licenses.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It executes SOQL queries against the `UserLicense` and `PermissionSetLicense` objects in Salesforce to retrieve license data.\n- **Data Transformation:** It processes the query results, reformatting the data to be more readable and consistent for reporting purposes (e.g., removing `Id` and `attributes`, renaming `PermissionSetLicenseKey` to `Name`).\n- **Data Aggregation:** It aggregates license information, creating a `licensesByKey` object for quick lookups and a `usedLicenses` array for a concise list of actively used licenses.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of license data.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the license extraction process and the used licenses.\n</details>\n",
6417
6304
  "examples": [
6418
- "$ sf hardis:org:monitor:limits"
6305
+ "$ sf hardis:org:diagnose:licenses"
6419
6306
  ],
6420
6307
  "flags": {
6421
6308
  "json": {
@@ -6441,6 +6328,13 @@
6441
6328
  "multiple": false,
6442
6329
  "type": "option"
6443
6330
  },
6331
+ "usedonly": {
6332
+ "char": "u",
6333
+ "description": "Filter to have only used licenses",
6334
+ "name": "usedonly",
6335
+ "allowNo": false,
6336
+ "type": "boolean"
6337
+ },
6444
6338
  "debug": {
6445
6339
  "char": "d",
6446
6340
  "description": "Activate debug mode (more logs)",
@@ -6479,61 +6373,57 @@
6479
6373
  },
6480
6374
  "hasDynamicHelp": true,
6481
6375
  "hiddenAliases": [],
6482
- "id": "hardis:org:monitor:limits",
6376
+ "id": "hardis:org:diagnose:licenses",
6483
6377
  "pluginAlias": "sfdx-hardis",
6484
6378
  "pluginName": "sfdx-hardis",
6485
6379
  "pluginType": "core",
6486
6380
  "strict": true,
6487
6381
  "enableJsonFlag": true,
6488
- "title": "Check org limits",
6489
- "requiresProject": true,
6490
- "triggerNotification": true,
6382
+ "title": "List licenses subscribed and used in a Salesforce org",
6383
+ "requiresProject": false,
6491
6384
  "isESM": true,
6492
6385
  "relativePath": [
6493
6386
  "lib",
6494
6387
  "commands",
6495
6388
  "hardis",
6496
6389
  "org",
6497
- "monitor",
6498
- "limits.js"
6390
+ "diagnose",
6391
+ "licenses.js"
6499
6392
  ],
6500
6393
  "aliasPermutations": [],
6501
6394
  "permutations": [
6502
- "hardis:org:monitor:limits",
6503
- "org:hardis:monitor:limits",
6504
- "org:monitor:hardis:limits",
6505
- "org:monitor:limits:hardis",
6506
- "hardis:monitor:org:limits",
6507
- "monitor:hardis:org:limits",
6508
- "monitor:org:hardis:limits",
6509
- "monitor:org:limits:hardis",
6510
- "hardis:monitor:limits:org",
6511
- "monitor:hardis:limits:org",
6512
- "monitor:limits:hardis:org",
6513
- "monitor:limits:org:hardis",
6514
- "hardis:org:limits:monitor",
6515
- "org:hardis:limits:monitor",
6516
- "org:limits:hardis:monitor",
6517
- "org:limits:monitor:hardis",
6518
- "hardis:limits:org:monitor",
6519
- "limits:hardis:org:monitor",
6520
- "limits:org:hardis:monitor",
6521
- "limits:org:monitor:hardis",
6522
- "hardis:limits:monitor:org",
6523
- "limits:hardis:monitor:org",
6524
- "limits:monitor:hardis:org",
6525
- "limits:monitor:org:hardis"
6395
+ "hardis:org:diagnose:licenses",
6396
+ "org:hardis:diagnose:licenses",
6397
+ "org:diagnose:hardis:licenses",
6398
+ "org:diagnose:licenses:hardis",
6399
+ "hardis:diagnose:org:licenses",
6400
+ "diagnose:hardis:org:licenses",
6401
+ "diagnose:org:hardis:licenses",
6402
+ "diagnose:org:licenses:hardis",
6403
+ "hardis:diagnose:licenses:org",
6404
+ "diagnose:hardis:licenses:org",
6405
+ "diagnose:licenses:hardis:org",
6406
+ "diagnose:licenses:org:hardis",
6407
+ "hardis:org:licenses:diagnose",
6408
+ "org:hardis:licenses:diagnose",
6409
+ "org:licenses:hardis:diagnose",
6410
+ "org:licenses:diagnose:hardis",
6411
+ "hardis:licenses:org:diagnose",
6412
+ "licenses:hardis:org:diagnose",
6413
+ "licenses:org:hardis:diagnose",
6414
+ "licenses:org:diagnose:hardis",
6415
+ "hardis:licenses:diagnose:org",
6416
+ "licenses:hardis:diagnose:org",
6417
+ "licenses:diagnose:hardis:org",
6418
+ "licenses:diagnose:org:hardis"
6526
6419
  ]
6527
6420
  },
6528
- "hardis:org:diagnose:audittrail": {
6421
+ "hardis:org:diagnose:releaseupdates": {
6529
6422
  "aliases": [],
6530
6423
  "args": {},
6531
- "description": "Export Audit trail into a CSV file with selected criteria, and highlight suspect actions\n\nAlso detects updates of Custom Settings values (disable by defining `SKIP_AUDIT_TRAIL_CUSTOM_SETTINGS=true`)\n\nRegular setup actions performed in major orgs are filtered.\n\n- \"\"\n - createScratchOrg\n - changedsenderemail\n - deleteScratchOrg\n - loginasgrantedtopartnerbt\n- Certificate and Key Management\n - insertCertificate\n- Custom App Licenses\n - addeduserpackagelicense\n - granteduserpackagelicense\n - revokeduserpackagelicense\n- Customer Portal\n - createdcustomersuccessuser\n - CSPUserDisabled\n- Currency\n - updateddatedexchrate\n- Data Management\n - queueMembership\n- Email Administration\n - dkimRotationPreparationSuccessful\n - dkimRotationSuccessful\n- External Objects\n - xdsEncryptedFieldChange\n- Groups\n - groupMembership\n- Holidays\n - holiday_insert\n- Inbox mobile and legacy desktop apps\n - enableSIQUserNonEAC\n - siqUserAcceptedTOS\n- Manage Users\n - activateduser\n - createduser\n - changedcommunitynickname\n - changedemail\n - changedfederationid\n - changedpassword\n - changedinteractionuseroffon\n - changedinteractionuseronoff\n - changedmarketinguseroffon\n - changedmarketinguseronoff\n - changedofflineuseroffon\n - changedprofileforuserstdtostd\n - changedprofileforuser\n - changedprofileforusercusttostd\n - changedprofileforuserstdtocust\n - changedroleforusertonone\n - changedroleforuser\n - changedroleforuserfromnone\n - changedUserAdminVerifiedStatusVerified\n - changedUserEmailVerifiedStatusUnverified\n - changedUserEmailVerifiedStatusVerified\n - changedknowledgeuseroffon\n - changedsfcontentuseroffon\n - changedsupportuseroffon\n - changedusername\n - changedUserPhoneNumber\n - changedUserPhoneVerifiedStatusUnverified\n - changedUserPhoneVerifiedStatusVerified\n - deactivateduser\n - deleteAuthenticatorPairing\n - deleteTwoFactorInfo2\n - deleteTwoFactorTempCode\n - frozeuser\n - insertAuthenticatorPairing\n - insertTwoFactorInfo2\n - insertTwoFactorTempCode\n - lightningloginenroll\n - PermSetAssign\n - PermSetGroupAssign\n - PermSetGroupUnassign\n - PermSetLicenseAssign\n - PermSetUnassign\n - PermSetLicenseUnassign\n - registeredUserPhoneNumber\n - resetpassword\n - suNetworkAdminLogin\n - suNetworkAdminLogout\n - suOrgAdminLogin\n - suOrgAdminLogout\n - unfrozeuser\n - useremailchangesent\n- Mobile Administration\n - assigneduserstomobileconfig\n- Reporting Snapshots\n - createdReportJob\n - deletedReportJob\n- Sandboxes\n - DeleteSandbox\n\nBy default, deployment user defined in .sfdx-hardis.yml targetUsername property will be excluded.\n\nYou can define additional users to exclude in .sfdx-hardis.yml **monitoringExcludeUsernames** property.\n\nYou can also add more sections / actions considered as not suspect using property **monitoringAllowedSectionsActions**\n\nExample:\n\n```yaml\nmonitoringExcludeUsernames:\n - deploymentuser@cloudity.com\n - marketingcloud@cloudity.com\n - integration-user@cloudity.com\n\nmonitoringAllowedSectionsActions:\n \"Some section\": [] // Will ignore all actions from such section\n \"Some other section\": [\"actionType1\",\"actionType2\",\"actionType3\"] // Will ignore only those 3 actions from section \"Some other section\". Other actions in the same section will be considered as suspect.\n```\n\n## Excel output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-excel.jpg)\n\n## Local output example\n\n![](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/screenshot-monitoring-audittrail-local.jpg)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-suspect-audit-trail/) and can output Grafana, Slack and MsTeams Notifications.\n",
6424
+ "description": "Export Release Updates into a CSV file with selected criteria, and highlight Release Updates that should be checked.\n\nBefore publishing **Breaking Changes** ❌, Salesforce announce them in the setup menu [**Release Updates**](https://help.salesforce.com/s/articleView?id=sf.release_updates.htm&type=5)\n\n⚠️ Some of them are very important, because if you don't make the related upgrades in time (ex: before Winter 25) , your production org can crash !\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-release-updates/) and can output Grafana, Slack and MsTeams Notifications.\n",
6532
6425
  "examples": [
6533
- "$ sf hardis:org:diagnose:audittrail",
6534
- "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com",
6535
- "$ sf hardis:org:diagnose:audittrail --excludeusers baptiste@titi.com,bertrand@titi.com",
6536
- "$ sf hardis:org:diagnose:audittrail --lastndays 5"
6426
+ "$ sf hardis:org:diagnose:releaseupdates"
6537
6427
  ],
6538
6428
  "flags": {
6539
6429
  "json": {
@@ -6551,22 +6441,6 @@
6551
6441
  "multiple": false,
6552
6442
  "type": "option"
6553
6443
  },
6554
- "excludeusers": {
6555
- "char": "e",
6556
- "description": "Comma-separated list of usernames to exclude",
6557
- "name": "excludeusers",
6558
- "hasDynamicHelp": false,
6559
- "multiple": false,
6560
- "type": "option"
6561
- },
6562
- "lastndays": {
6563
- "char": "t",
6564
- "description": "Number of days to extract from today (included)",
6565
- "name": "lastndays",
6566
- "hasDynamicHelp": false,
6567
- "multiple": false,
6568
- "type": "option"
6569
- },
6570
6444
  "outputfile": {
6571
6445
  "char": "f",
6572
6446
  "description": "Force the path and name of output report file. Must end with .csv",
@@ -6613,13 +6487,13 @@
6613
6487
  },
6614
6488
  "hasDynamicHelp": true,
6615
6489
  "hiddenAliases": [],
6616
- "id": "hardis:org:diagnose:audittrail",
6490
+ "id": "hardis:org:diagnose:releaseupdates",
6617
6491
  "pluginAlias": "sfdx-hardis",
6618
6492
  "pluginName": "sfdx-hardis",
6619
6493
  "pluginType": "core",
6620
6494
  "strict": true,
6621
6495
  "enableJsonFlag": true,
6622
- "title": "Diagnose content of Setup Audit Trail",
6496
+ "title": "Check Release Updates of an org",
6623
6497
  "requiresProject": false,
6624
6498
  "isESM": true,
6625
6499
  "relativePath": [
@@ -6628,47 +6502,47 @@
6628
6502
  "hardis",
6629
6503
  "org",
6630
6504
  "diagnose",
6631
- "audittrail.js"
6505
+ "releaseupdates.js"
6632
6506
  ],
6633
6507
  "aliasPermutations": [],
6634
6508
  "permutations": [
6635
- "hardis:org:diagnose:audittrail",
6636
- "org:hardis:diagnose:audittrail",
6637
- "org:diagnose:hardis:audittrail",
6638
- "org:diagnose:audittrail:hardis",
6639
- "hardis:diagnose:org:audittrail",
6640
- "diagnose:hardis:org:audittrail",
6641
- "diagnose:org:hardis:audittrail",
6642
- "diagnose:org:audittrail:hardis",
6643
- "hardis:diagnose:audittrail:org",
6644
- "diagnose:hardis:audittrail:org",
6645
- "diagnose:audittrail:hardis:org",
6646
- "diagnose:audittrail:org:hardis",
6647
- "hardis:org:audittrail:diagnose",
6648
- "org:hardis:audittrail:diagnose",
6649
- "org:audittrail:hardis:diagnose",
6650
- "org:audittrail:diagnose:hardis",
6651
- "hardis:audittrail:org:diagnose",
6652
- "audittrail:hardis:org:diagnose",
6653
- "audittrail:org:hardis:diagnose",
6654
- "audittrail:org:diagnose:hardis",
6655
- "hardis:audittrail:diagnose:org",
6656
- "audittrail:hardis:diagnose:org",
6657
- "audittrail:diagnose:hardis:org",
6658
- "audittrail:diagnose:org:hardis"
6659
- ]
6660
- },
6661
- "hardis:org:diagnose:instanceupgrade": {
6662
- "aliases": [],
6663
- "args": {},
6664
- "description": "\n## Command Behavior\n\n**Retrieves and displays the scheduled upgrade date for a Salesforce org's instance.**\n\nThis command provides crucial information about when your Salesforce instance will be upgraded to the next major release (Spring, Summer, or Winter). This is vital for release planning, testing, and ensuring compatibility with upcoming Salesforce features.\n\nKey functionalities:\n\n- **Instance Identification:** Determines the Salesforce instance name of your target org.\n- **Upgrade Date Retrieval:** Fetches the planned start time of the next major core service upgrade for that instance from the Salesforce Status API.\n- **Days Until Upgrade:** Calculates and displays the number of days remaining until the next major upgrade.\n- **Severity-Based Logging:** Adjusts the log severity (info, warning) based on the proximity of the upgrade date, providing a visual cue for urgency.\n- **Notifications:** Sends notifications to configured channels (e.g., Slack, MS Teams, Grafana) with the upgrade information, making it suitable for automated monitoring.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Query:** It first queries the `Organization` object in Salesforce to get the `InstanceName` of the target org.\n- **Salesforce Status API Integration:** It makes an HTTP GET request to the Salesforce Status API (`https://api.status.salesforce.com/v1/instances/{instanceName}/status`) to retrieve detailed information about the instance, including scheduled maintenances.\n- **Data Parsing:** It parses the JSON response from the Status API to extract the relevant major release upgrade information.\n- **Date Calculation:** Uses the `moment` library to calculate the difference in days between the current date and the planned upgrade date.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including the instance name, upgrade date, and days remaining, along with relevant metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the upgrade status and proximity.\n</details>\n",
6665
- "examples": [
6666
- "$ sf hardis:org:diagnose:instanceupgrade"
6667
- ],
6668
- "flags": {
6669
- "json": {
6670
- "description": "Format output as json.",
6671
- "helpGroup": "GLOBAL",
6509
+ "hardis:org:diagnose:releaseupdates",
6510
+ "org:hardis:diagnose:releaseupdates",
6511
+ "org:diagnose:hardis:releaseupdates",
6512
+ "org:diagnose:releaseupdates:hardis",
6513
+ "hardis:diagnose:org:releaseupdates",
6514
+ "diagnose:hardis:org:releaseupdates",
6515
+ "diagnose:org:hardis:releaseupdates",
6516
+ "diagnose:org:releaseupdates:hardis",
6517
+ "hardis:diagnose:releaseupdates:org",
6518
+ "diagnose:hardis:releaseupdates:org",
6519
+ "diagnose:releaseupdates:hardis:org",
6520
+ "diagnose:releaseupdates:org:hardis",
6521
+ "hardis:org:releaseupdates:diagnose",
6522
+ "org:hardis:releaseupdates:diagnose",
6523
+ "org:releaseupdates:hardis:diagnose",
6524
+ "org:releaseupdates:diagnose:hardis",
6525
+ "hardis:releaseupdates:org:diagnose",
6526
+ "releaseupdates:hardis:org:diagnose",
6527
+ "releaseupdates:org:hardis:diagnose",
6528
+ "releaseupdates:org:diagnose:hardis",
6529
+ "hardis:releaseupdates:diagnose:org",
6530
+ "releaseupdates:hardis:diagnose:org",
6531
+ "releaseupdates:diagnose:hardis:org",
6532
+ "releaseupdates:diagnose:org:hardis"
6533
+ ]
6534
+ },
6535
+ "hardis:org:diagnose:unsecure-connected-apps": {
6536
+ "aliases": [],
6537
+ "args": {},
6538
+ "description": "\n## Command Behavior\n\n**Detects unsecured Connected Apps in a Salesforce org and generates detailed reports for security analysis.**\n\nThis command is a critical security diagnostic tool that helps administrators identify Connected Apps that may pose security risks due to improper configuration. It provides comprehensive analysis of OAuth tokens and Connected App security settings to ensure proper access control.\n\nKey functionalities:\n\n- **OAuth Token Analysis:** Queries all OAuth tokens in the org using SOQL to retrieve comprehensive token information including app names, users, authorization status, and usage statistics.\n- **Security Status Assessment:** Evaluates each Connected App's security configuration by checking the `IsUsingAdminAuthorization` flag to determine if admin pre-approval is required.\n- **Unsecured App Detection:** Identifies Connected Apps that allow users to authorize themselves without admin approval, which can pose security risks.\n- **Detailed Reporting:** Generates two comprehensive CSV reports:\n - **OAuth Tokens Report:** Lists all OAuth tokens with security status, user information, and usage data\n - **Connected Apps Summary:** Aggregates unsecured Connected Apps with counts of associated OAuth tokens\n- **Visual Indicators:** Uses status icons (❌ for unsecured, ✅ for secured) to provide immediate visual feedback on security status.\n- **Security Recommendations:** Provides actionable guidance on how to secure Connected Apps through proper configuration.\n- **Notifications:** Sends alerts to configured channels (Grafana, Slack, MS Teams) with security findings and attached reports.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-security/) and can output Grafana, Slack and MsTeams Notifications.\n\n<iframe width=\"560\" height=\"315\" src=\"https://www.youtube.com/embed/jHv8yrSK8Dg\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen></iframe>\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query Execution:** Executes a comprehensive SOQL query on the `OauthToken` object, joining with `AppMenuItem` and `User` objects to gather complete security context.\n- **Security Analysis Logic:** Analyzes the `AppMenuItem.IsUsingAdminAuthorization` field to determine if a Connected App requires admin pre-approval for user authorization.\n- **Data Transformation:** Processes raw SOQL results to add security status indicators and reorganize data for optimal reporting and analysis.\n- **Aggregation Processing:** Groups OAuth tokens by Connected App name to provide summary statistics and identify the most problematic applications.\n- **Report Generation:** Uses `generateCsvFile` to create structured CSV reports with proper formatting and metadata for easy analysis and sharing.\n- **Notification Integration:** Integrates with the `NotifProvider` to send security alerts with detailed metrics, including the number of unsecured Connected Apps and associated OAuth tokens.\n- **File Management:** Generates multiple output formats (CSV, XLSX) and manages file paths using `generateReportPath` for consistent report organization.\n- **Connection Management:** Uses `setConnectionVariables` to ensure proper authentication context for notification providers that require org connection details.\n</details>\n",
6539
+ "examples": [
6540
+ "$ sf hardis:org:diagnose:unsecure-connected-apps"
6541
+ ],
6542
+ "flags": {
6543
+ "json": {
6544
+ "description": "Format output as json.",
6545
+ "helpGroup": "GLOBAL",
6672
6546
  "name": "json",
6673
6547
  "allowNo": false,
6674
6548
  "type": "boolean"
@@ -6681,6 +6555,14 @@
6681
6555
  "multiple": false,
6682
6556
  "type": "option"
6683
6557
  },
6558
+ "outputfile": {
6559
+ "char": "f",
6560
+ "description": "Force the path and name of output report file. Must end with .csv",
6561
+ "name": "outputfile",
6562
+ "hasDynamicHelp": false,
6563
+ "multiple": false,
6564
+ "type": "option"
6565
+ },
6684
6566
  "debug": {
6685
6567
  "char": "d",
6686
6568
  "description": "Activate debug mode (more logs)",
@@ -6719,13 +6601,13 @@
6719
6601
  },
6720
6602
  "hasDynamicHelp": true,
6721
6603
  "hiddenAliases": [],
6722
- "id": "hardis:org:diagnose:instanceupgrade",
6604
+ "id": "hardis:org:diagnose:unsecure-connected-apps",
6723
6605
  "pluginAlias": "sfdx-hardis",
6724
6606
  "pluginName": "sfdx-hardis",
6725
6607
  "pluginType": "core",
6726
6608
  "strict": true,
6727
6609
  "enableJsonFlag": true,
6728
- "title": "Get Instance Upgrade date",
6610
+ "title": "Detect Unsecured Connected Apps",
6729
6611
  "requiresProject": false,
6730
6612
  "isESM": true,
6731
6613
  "relativePath": [
@@ -6734,45 +6616,43 @@
6734
6616
  "hardis",
6735
6617
  "org",
6736
6618
  "diagnose",
6737
- "instanceupgrade.js"
6619
+ "unsecure-connected-apps.js"
6738
6620
  ],
6739
6621
  "aliasPermutations": [],
6740
6622
  "permutations": [
6741
- "hardis:org:diagnose:instanceupgrade",
6742
- "org:hardis:diagnose:instanceupgrade",
6743
- "org:diagnose:hardis:instanceupgrade",
6744
- "org:diagnose:instanceupgrade:hardis",
6745
- "hardis:diagnose:org:instanceupgrade",
6746
- "diagnose:hardis:org:instanceupgrade",
6747
- "diagnose:org:hardis:instanceupgrade",
6748
- "diagnose:org:instanceupgrade:hardis",
6749
- "hardis:diagnose:instanceupgrade:org",
6750
- "diagnose:hardis:instanceupgrade:org",
6751
- "diagnose:instanceupgrade:hardis:org",
6752
- "diagnose:instanceupgrade:org:hardis",
6753
- "hardis:org:instanceupgrade:diagnose",
6754
- "org:hardis:instanceupgrade:diagnose",
6755
- "org:instanceupgrade:hardis:diagnose",
6756
- "org:instanceupgrade:diagnose:hardis",
6757
- "hardis:instanceupgrade:org:diagnose",
6758
- "instanceupgrade:hardis:org:diagnose",
6759
- "instanceupgrade:org:hardis:diagnose",
6760
- "instanceupgrade:org:diagnose:hardis",
6761
- "hardis:instanceupgrade:diagnose:org",
6762
- "instanceupgrade:hardis:diagnose:org",
6763
- "instanceupgrade:diagnose:hardis:org",
6764
- "instanceupgrade:diagnose:org:hardis"
6623
+ "hardis:org:diagnose:unsecure-connected-apps",
6624
+ "org:hardis:diagnose:unsecure-connected-apps",
6625
+ "org:diagnose:hardis:unsecure-connected-apps",
6626
+ "org:diagnose:unsecure-connected-apps:hardis",
6627
+ "hardis:diagnose:org:unsecure-connected-apps",
6628
+ "diagnose:hardis:org:unsecure-connected-apps",
6629
+ "diagnose:org:hardis:unsecure-connected-apps",
6630
+ "diagnose:org:unsecure-connected-apps:hardis",
6631
+ "hardis:diagnose:unsecure-connected-apps:org",
6632
+ "diagnose:hardis:unsecure-connected-apps:org",
6633
+ "diagnose:unsecure-connected-apps:hardis:org",
6634
+ "diagnose:unsecure-connected-apps:org:hardis",
6635
+ "hardis:org:unsecure-connected-apps:diagnose",
6636
+ "org:hardis:unsecure-connected-apps:diagnose",
6637
+ "org:unsecure-connected-apps:hardis:diagnose",
6638
+ "org:unsecure-connected-apps:diagnose:hardis",
6639
+ "hardis:unsecure-connected-apps:org:diagnose",
6640
+ "unsecure-connected-apps:hardis:org:diagnose",
6641
+ "unsecure-connected-apps:org:hardis:diagnose",
6642
+ "unsecure-connected-apps:org:diagnose:hardis",
6643
+ "hardis:unsecure-connected-apps:diagnose:org",
6644
+ "unsecure-connected-apps:hardis:diagnose:org",
6645
+ "unsecure-connected-apps:diagnose:hardis:org",
6646
+ "unsecure-connected-apps:diagnose:org:hardis"
6765
6647
  ]
6766
6648
  },
6767
- "hardis:org:diagnose:legacyapi": {
6649
+ "hardis:org:diagnose:unused-apex-classes": {
6768
6650
  "aliases": [],
6769
6651
  "args": {},
6770
- "description": "Checks if an org uses retired or someday retired API version\n\n\nSee article below\n\n[![Handle Salesforce API versions Deprecation like a pro](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-deprecated-api.jpg)](https://nicolas.vuillamy.fr/handle-salesforce-api-versions-deprecation-like-a-pro-335065f52238)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-deprecated-api-calls/) and can output Grafana, Slack and MsTeams Notifications.\n",
6652
+ "description": "List all async Apex classes (Batch,Queueable,Schedulable) that has not been called for more than 365 days.\n \nThe result class list probably can be removed from the project, and that will improve your test classes performances 😊\n\nThe number of unused day is overridable using --days option. \n\nThe command uses queries on AsyncApexJob and CronTrigger technical tables to build the result.\n\nApex Classes CreatedBy and CreatedOn fields are calculated from MIN(date from git, date from org)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-apex-classes/) and can output Grafana, Slack and MsTeams Notifications.\n\n![](https://sfdx-hardis.cloudity.com/assets/images/screenshot-monitoring-unused-apex-grafana.jpg)\n",
6771
6653
  "examples": [
6772
- "$ sf hardis:org:diagnose:legacyapi",
6773
- "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com",
6774
- "$ sf hardis:org:diagnose:legacyapi --outputfile 'c:/path/to/folder/legacyapi.csv'",
6775
- "$ sf hardis:org:diagnose:legacyapi -u hardis@myclient.com --outputfile ./tmp/legacyapi.csv"
6654
+ "$ sf hardis:org:diagnose:unused-apex-classes",
6655
+ "$ sf hardis:org:diagnose:unused-apex-classes --days 700"
6776
6656
  ],
6777
6657
  "flags": {
6778
6658
  "json": {
@@ -6790,24 +6670,6 @@
6790
6670
  "multiple": false,
6791
6671
  "type": "option"
6792
6672
  },
6793
- "eventtype": {
6794
- "char": "e",
6795
- "description": "Type of EventLogFile event to analyze",
6796
- "name": "eventtype",
6797
- "default": "ApiTotalUsage",
6798
- "hasDynamicHelp": false,
6799
- "multiple": false,
6800
- "type": "option"
6801
- },
6802
- "limit": {
6803
- "char": "l",
6804
- "description": "Number of latest EventLogFile events to analyze",
6805
- "name": "limit",
6806
- "default": 999,
6807
- "hasDynamicHelp": false,
6808
- "multiple": false,
6809
- "type": "option"
6810
- },
6811
6673
  "outputfile": {
6812
6674
  "char": "f",
6813
6675
  "description": "Force the path and name of output report file. Must end with .csv",
@@ -6816,6 +6678,14 @@
6816
6678
  "multiple": false,
6817
6679
  "type": "option"
6818
6680
  },
6681
+ "days": {
6682
+ "char": "t",
6683
+ "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
6684
+ "name": "days",
6685
+ "hasDynamicHelp": false,
6686
+ "multiple": false,
6687
+ "type": "option"
6688
+ },
6819
6689
  "debug": {
6820
6690
  "char": "d",
6821
6691
  "description": "Activate debug mode (more logs)",
@@ -6854,13 +6724,13 @@
6854
6724
  },
6855
6725
  "hasDynamicHelp": true,
6856
6726
  "hiddenAliases": [],
6857
- "id": "hardis:org:diagnose:legacyapi",
6727
+ "id": "hardis:org:diagnose:unused-apex-classes",
6858
6728
  "pluginAlias": "sfdx-hardis",
6859
6729
  "pluginName": "sfdx-hardis",
6860
6730
  "pluginType": "core",
6861
6731
  "strict": true,
6862
6732
  "enableJsonFlag": true,
6863
- "title": "Check for legacy API use",
6733
+ "title": "Detect unused Apex classes in an org",
6864
6734
  "requiresProject": false,
6865
6735
  "isESM": true,
6866
6736
  "relativePath": [
@@ -6869,42 +6739,42 @@
6869
6739
  "hardis",
6870
6740
  "org",
6871
6741
  "diagnose",
6872
- "legacyapi.js"
6742
+ "unused-apex-classes.js"
6873
6743
  ],
6874
6744
  "aliasPermutations": [],
6875
6745
  "permutations": [
6876
- "hardis:org:diagnose:legacyapi",
6877
- "org:hardis:diagnose:legacyapi",
6878
- "org:diagnose:hardis:legacyapi",
6879
- "org:diagnose:legacyapi:hardis",
6880
- "hardis:diagnose:org:legacyapi",
6881
- "diagnose:hardis:org:legacyapi",
6882
- "diagnose:org:hardis:legacyapi",
6883
- "diagnose:org:legacyapi:hardis",
6884
- "hardis:diagnose:legacyapi:org",
6885
- "diagnose:hardis:legacyapi:org",
6886
- "diagnose:legacyapi:hardis:org",
6887
- "diagnose:legacyapi:org:hardis",
6888
- "hardis:org:legacyapi:diagnose",
6889
- "org:hardis:legacyapi:diagnose",
6890
- "org:legacyapi:hardis:diagnose",
6891
- "org:legacyapi:diagnose:hardis",
6892
- "hardis:legacyapi:org:diagnose",
6893
- "legacyapi:hardis:org:diagnose",
6894
- "legacyapi:org:hardis:diagnose",
6895
- "legacyapi:org:diagnose:hardis",
6896
- "hardis:legacyapi:diagnose:org",
6897
- "legacyapi:hardis:diagnose:org",
6898
- "legacyapi:diagnose:hardis:org",
6899
- "legacyapi:diagnose:org:hardis"
6746
+ "hardis:org:diagnose:unused-apex-classes",
6747
+ "org:hardis:diagnose:unused-apex-classes",
6748
+ "org:diagnose:hardis:unused-apex-classes",
6749
+ "org:diagnose:unused-apex-classes:hardis",
6750
+ "hardis:diagnose:org:unused-apex-classes",
6751
+ "diagnose:hardis:org:unused-apex-classes",
6752
+ "diagnose:org:hardis:unused-apex-classes",
6753
+ "diagnose:org:unused-apex-classes:hardis",
6754
+ "hardis:diagnose:unused-apex-classes:org",
6755
+ "diagnose:hardis:unused-apex-classes:org",
6756
+ "diagnose:unused-apex-classes:hardis:org",
6757
+ "diagnose:unused-apex-classes:org:hardis",
6758
+ "hardis:org:unused-apex-classes:diagnose",
6759
+ "org:hardis:unused-apex-classes:diagnose",
6760
+ "org:unused-apex-classes:hardis:diagnose",
6761
+ "org:unused-apex-classes:diagnose:hardis",
6762
+ "hardis:unused-apex-classes:org:diagnose",
6763
+ "unused-apex-classes:hardis:org:diagnose",
6764
+ "unused-apex-classes:org:hardis:diagnose",
6765
+ "unused-apex-classes:org:diagnose:hardis",
6766
+ "hardis:unused-apex-classes:diagnose:org",
6767
+ "unused-apex-classes:hardis:diagnose:org",
6768
+ "unused-apex-classes:diagnose:hardis:org",
6769
+ "unused-apex-classes:diagnose:org:hardis"
6900
6770
  ]
6901
6771
  },
6902
- "hardis:org:diagnose:licenses": {
6772
+ "hardis:org:diagnose:unused-connected-apps": {
6903
6773
  "aliases": [],
6904
6774
  "args": {},
6905
- "description": "\n**Lists and analyzes User Licenses and Permission Set Licenses subscribed and used in a Salesforce org.**\n\nThis command provides a comprehensive overview of your Salesforce license consumption. It's particularly useful for:\n\n- **License Management:** Understanding which licenses are active, how many are available, and how many are being used.\n- **Cost Optimization:** Identifying unused or underutilized licenses that could be reallocated or decommissioned.\n- **Compliance:** Ensuring that your organization is compliant with Salesforce licensing agreements.\n- **Monitoring:** Tracking license usage trends over time.\n\nKey functionalities:\n\n- **User License Details:** Retrieves information about standard and custom User Licenses, including `MasterLabel`, `Name`, `TotalLicenses`, and `UsedLicenses`.\n- **Permission Set License Details:** Retrieves information about Permission Set Licenses, including `MasterLabel`, `PermissionSetLicenseKey`, `TotalLicenses`, and `UsedLicenses`.\n- **Used Licenses Filter:** The `--usedonly` flag allows you to filter the report to show only licenses that have at least one `UsedLicenses` count greater than zero.\n- **CSV Report Generation:** Generates a CSV file containing all the retrieved license information, suitable for detailed analysis.\n- **Notifications:** Sends notifications to configured channels (e.g., Grafana, Slack, MS Teams) with a summary of license usage, including lists of active and used licenses.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It executes SOQL queries against the `UserLicense` and `PermissionSetLicense` objects in Salesforce to retrieve license data.\n- **Data Transformation:** It processes the query results, reformatting the data to be more readable and consistent for reporting purposes (e.g., removing `Id` and `attributes`, renaming `PermissionSetLicenseKey` to `Name`).\n- **Data Aggregation:** It aggregates license information, creating a `licensesByKey` object for quick lookups and a `usedLicenses` array for a concise list of actively used licenses.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of license data.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides clear messages to the user about the license extraction process and the used licenses.\n</details>\n",
6775
+ "description": "\n## Command Behavior\n\n**Identifies and reports on potentially unused Connected Apps in a Salesforce org, suggesting candidates for deletion or deactivation.**\n\nThis command helps improve org security and reduce technical debt by pinpointing Connected Apps that are no longer actively used. Connected Apps can pose security risks if left unmonitored, and cleaning them up contributes to a healthier Salesforce environment.\n\nKey functionalities:\n\n- **Connected App Data Collection:** Gathers information about all Connected Apps in the org, including creation and last modified dates, and associated users.\n- **Usage Analysis:** Analyzes `LoginHistory` and `OAuthToken` records to determine the last usage date of each Connected App.\n- **Inactivity Detection:** Flags Connected Apps as potentially unused if they have no recent login history or OAuth token usage.\n- **Accessibility Check:** Examines Connected App metadata to identify if they are accessible (e.g., if they require admin approval and have no profiles or permission sets assigned).\n- **Ignored Apps:** Automatically ignores a predefined list of common Salesforce Connected Apps (e.g., `Salesforce CLI`, `Salesforce Mobile Dashboards`). You can extend this list by defining the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n- **CSV Report Generation:** Generates a CSV file containing details of all analyzed Connected Apps, including their usage status, last usage date, and reasons for being flagged as potentially unused.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of potentially unused Connected Apps.\n\n**Default Ignored Connected Apps:**\n\n- Ant Migration Tool\n- Chatter Desktop\n- Chatter Mobile for BlackBerry\n- Force.com IDE\n- OIQ_Integration\n- Salesforce CLI\n- Salesforce Files\n- Salesforce Mobile Dashboards\n- Salesforce Touch\n- Salesforce for Outlook\n- SalesforceA\n- SalesforceA for Android\n- SalesforceA for iOS\n- SalesforceDX Namespace Registry\n- SalesforceIQ\n\nYou can add more ignored apps by defining a comma-separated list of names in the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n\n_Example: \nALLOWED_INACTIVE_CONNECTED_APPS=My App 1,My App 2, My App 3_\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-connected-apps/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It performs SOQL queries against `ConnectedApplication`, `LoginHistory`, and `OAuthToken` objects to gather comprehensive data about Connected Apps and their usage.\n- **Temporary SFDX Project:** It creates a temporary SFDX project to retrieve Connected App metadata, allowing for local parsing and analysis of their XML files.\n- **Metadata Parsing:** It parses the `connectedApp-meta.xml` files to check for `isAdminApproved` and the presence of `profileName` or `permissionsetName` to determine accessibility.\n- **Data Correlation:** It correlates data from various Salesforce objects to build a complete picture of each Connected App's usage and status.\n- **Date Calculation:** Uses `moment` to calculate the time since the last OAuth token usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused Connected Apps.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **File System Operations:** Uses `fs-extra` for creating and removing temporary directories and files.\n- **Environment Variable Reading:** Reads the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable to customize the list of ignored Connected Apps.\n</details>\n",
6906
6776
  "examples": [
6907
- "$ sf hardis:org:diagnose:licenses"
6777
+ "$ sf hardis:org:diagnose:unused-connected-apps"
6908
6778
  ],
6909
6779
  "flags": {
6910
6780
  "json": {
@@ -6930,13 +6800,6 @@
6930
6800
  "multiple": false,
6931
6801
  "type": "option"
6932
6802
  },
6933
- "usedonly": {
6934
- "char": "u",
6935
- "description": "Filter to have only used licenses",
6936
- "name": "usedonly",
6937
- "allowNo": false,
6938
- "type": "boolean"
6939
- },
6940
6803
  "debug": {
6941
6804
  "char": "d",
6942
6805
  "description": "Activate debug mode (more logs)",
@@ -6975,13 +6838,30 @@
6975
6838
  },
6976
6839
  "hasDynamicHelp": true,
6977
6840
  "hiddenAliases": [],
6978
- "id": "hardis:org:diagnose:licenses",
6841
+ "id": "hardis:org:diagnose:unused-connected-apps",
6979
6842
  "pluginAlias": "sfdx-hardis",
6980
6843
  "pluginName": "sfdx-hardis",
6981
6844
  "pluginType": "core",
6982
6845
  "strict": true,
6983
6846
  "enableJsonFlag": true,
6984
- "title": "List licenses subscribed and used in a Salesforce org",
6847
+ "title": "Unused Connected Apps in an org",
6848
+ "allowedInactiveConnectedApps": [
6849
+ "Ant Migration Tool",
6850
+ "Chatter Desktop",
6851
+ "Chatter Mobile for BlackBerry",
6852
+ "Force.com IDE",
6853
+ "OIQ_Integration",
6854
+ "Salesforce CLI",
6855
+ "Salesforce Files",
6856
+ "Salesforce Mobile Dashboards",
6857
+ "Salesforce Touch",
6858
+ "Salesforce for Outlook",
6859
+ "SalesforceA",
6860
+ "SalesforceA for Android",
6861
+ "SalesforceA for iOS",
6862
+ "SalesforceDX Namespace Registry",
6863
+ "SalesforceIQ"
6864
+ ],
6985
6865
  "requiresProject": false,
6986
6866
  "isESM": true,
6987
6867
  "relativePath": [
@@ -6990,42 +6870,43 @@
6990
6870
  "hardis",
6991
6871
  "org",
6992
6872
  "diagnose",
6993
- "licenses.js"
6873
+ "unused-connected-apps.js"
6994
6874
  ],
6995
6875
  "aliasPermutations": [],
6996
6876
  "permutations": [
6997
- "hardis:org:diagnose:licenses",
6998
- "org:hardis:diagnose:licenses",
6999
- "org:diagnose:hardis:licenses",
7000
- "org:diagnose:licenses:hardis",
7001
- "hardis:diagnose:org:licenses",
7002
- "diagnose:hardis:org:licenses",
7003
- "diagnose:org:hardis:licenses",
7004
- "diagnose:org:licenses:hardis",
7005
- "hardis:diagnose:licenses:org",
7006
- "diagnose:hardis:licenses:org",
7007
- "diagnose:licenses:hardis:org",
7008
- "diagnose:licenses:org:hardis",
7009
- "hardis:org:licenses:diagnose",
7010
- "org:hardis:licenses:diagnose",
7011
- "org:licenses:hardis:diagnose",
7012
- "org:licenses:diagnose:hardis",
7013
- "hardis:licenses:org:diagnose",
7014
- "licenses:hardis:org:diagnose",
7015
- "licenses:org:hardis:diagnose",
7016
- "licenses:org:diagnose:hardis",
7017
- "hardis:licenses:diagnose:org",
7018
- "licenses:hardis:diagnose:org",
7019
- "licenses:diagnose:hardis:org",
7020
- "licenses:diagnose:org:hardis"
7021
- ]
7022
- },
7023
- "hardis:org:diagnose:releaseupdates": {
7024
- "aliases": [],
7025
- "args": {},
7026
- "description": "Export Release Updates into a CSV file with selected criteria, and highlight Release Updates that should be checked.\n\nBefore publishing **Breaking Changes** ❌, Salesforce announce them in the setup menu [**Release Updates**](https://help.salesforce.com/s/articleView?id=sf.release_updates.htm&type=5)\n\n⚠️ Some of them are very important, because if you don't make the related upgrades in time (ex: before Winter 25) , your production org can crash !\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-release-updates/) and can output Grafana, Slack and MsTeams Notifications.\n",
7027
- "examples": [
7028
- "$ sf hardis:org:diagnose:releaseupdates"
6877
+ "hardis:org:diagnose:unused-connected-apps",
6878
+ "org:hardis:diagnose:unused-connected-apps",
6879
+ "org:diagnose:hardis:unused-connected-apps",
6880
+ "org:diagnose:unused-connected-apps:hardis",
6881
+ "hardis:diagnose:org:unused-connected-apps",
6882
+ "diagnose:hardis:org:unused-connected-apps",
6883
+ "diagnose:org:hardis:unused-connected-apps",
6884
+ "diagnose:org:unused-connected-apps:hardis",
6885
+ "hardis:diagnose:unused-connected-apps:org",
6886
+ "diagnose:hardis:unused-connected-apps:org",
6887
+ "diagnose:unused-connected-apps:hardis:org",
6888
+ "diagnose:unused-connected-apps:org:hardis",
6889
+ "hardis:org:unused-connected-apps:diagnose",
6890
+ "org:hardis:unused-connected-apps:diagnose",
6891
+ "org:unused-connected-apps:hardis:diagnose",
6892
+ "org:unused-connected-apps:diagnose:hardis",
6893
+ "hardis:unused-connected-apps:org:diagnose",
6894
+ "unused-connected-apps:hardis:org:diagnose",
6895
+ "unused-connected-apps:org:hardis:diagnose",
6896
+ "unused-connected-apps:org:diagnose:hardis",
6897
+ "hardis:unused-connected-apps:diagnose:org",
6898
+ "unused-connected-apps:hardis:diagnose:org",
6899
+ "unused-connected-apps:diagnose:hardis:org",
6900
+ "unused-connected-apps:diagnose:org:hardis"
6901
+ ]
6902
+ },
6903
+ "hardis:org:diagnose:unusedlicenses": {
6904
+ "aliases": [],
6905
+ "args": {},
6906
+ "description": "\n## Command Behavior\n\n**Detects and suggests the deletion of unused Permission Set License Assignments in a Salesforce org.**\n\nWhen a Permission Set (PS) linked to a Permission Set License (PSL) is assigned to a user, a Permission Set License Assignment (PSLA) is automatically created. However, when that PS is unassigned from the user, the PSLA is *not* automatically deleted. This can lead to organizations being charged for unused PSLAs, representing a hidden cost and technical debt.\n\nThis command identifies such useless PSLAs and provides options to delete them, helping to optimize license usage and reduce unnecessary expenses.\n\nKey functionalities:\n\n- **PSLA Detection:** Queries the Salesforce org to find all active PSLAs.\n- **Usage Verification:** Correlates PSLAs with actual Permission Set Assignments and Permission Set Group Assignments to determine if the underlying Permission Sets are still assigned to the user.\n- **Special Case Handling:** Accounts for specific scenarios where profiles might implicitly assign PSLAs (e.g., `Salesforce API Only` profile assigning `SalesforceAPIIntegrationPsl`) and allows for always excluding certain PSLAs from the unused check.\n- **Reporting:** Generates a CSV report of all identified unused PSLAs, including the user and the associated Permission Set License.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of unused PSLAs.\n- **Interactive Deletion:** In non-CI environments, it offers an interactive prompt to bulk delete the identified unused PSLAs.\n\nMany thanks to [Vincent Finet](https://www.linkedin.com/in/vincentfinet/) for the inspiration during his great speaker session at [French Touch Dreamin '23](https://frenchtouchdreamin.com/), and his kind agreement for reusing such inspiration in this command 😊\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-licenses/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves extensive querying of Salesforce objects and data correlation:\n\n- **SOQL Queries (Bulk API):** It uses `bulkQuery` and `bulkQueryChunksIn` to efficiently retrieve large volumes of data from `PermissionSetLicenseAssign`, `PermissionSetLicense`, `PermissionSet`, `PermissionSetGroupComponent`, and `PermissionSetAssignment` objects.\n- **Data Correlation:** It meticulously correlates data across these objects to determine if a `PermissionSetLicenseAssign` record has a corresponding active assignment to a Permission Set or Permission Set Group for the same user.\n- **Filtering Logic:** It applies complex filtering logic to exclude PSLAs that are genuinely in use or are part of predefined exceptions (e.g., `alwaysExcludeForActiveUsersPermissionSetLicenses`).\n- **Bulk Deletion:** If the user opts to delete unused PSLAs, it uses `bulkUpdate` with the `delete` operation to efficiently remove multiple records.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused PSLAs.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Interaction:** Uses `prompts` for interactive confirmation before performing deletion operations.\n</details>\n",
6907
+ "examples": [
6908
+ "$ sf hardis:org:diagnose:unusedlicenses",
6909
+ "$ sf hardis:org:diagnose:unusedlicenses --fix"
7029
6910
  ],
7030
6911
  "flags": {
7031
6912
  "json": {
@@ -7089,14 +6970,32 @@
7089
6970
  },
7090
6971
  "hasDynamicHelp": true,
7091
6972
  "hiddenAliases": [],
7092
- "id": "hardis:org:diagnose:releaseupdates",
6973
+ "id": "hardis:org:diagnose:unusedlicenses",
7093
6974
  "pluginAlias": "sfdx-hardis",
7094
6975
  "pluginName": "sfdx-hardis",
7095
6976
  "pluginType": "core",
7096
6977
  "strict": true,
7097
6978
  "enableJsonFlag": true,
7098
- "title": "Check Release Updates of an org",
6979
+ "title": "Detect unused Permission Set Licenses (beta)",
7099
6980
  "requiresProject": false,
6981
+ "additionalPermissionSetsToAlwaysGet": [
6982
+ "Sales_User"
6983
+ ],
6984
+ "permSetsPermSetLicenses": [
6985
+ {
6986
+ "permSet": "Sales_User",
6987
+ "permSetLicense": "SalesUserPsl"
6988
+ }
6989
+ ],
6990
+ "profilesPermissionSetLicenses": [
6991
+ {
6992
+ "profile": "Salesforce API Only",
6993
+ "permSetLicense": "SalesforceAPIIntegrationPsl"
6994
+ }
6995
+ ],
6996
+ "alwaysExcludeForActiveUsersPermissionSetLicenses": [
6997
+ "IdentityConnect"
6998
+ ],
7100
6999
  "isESM": true,
7101
7000
  "relativePath": [
7102
7001
  "lib",
@@ -7104,42 +7003,46 @@
7104
7003
  "hardis",
7105
7004
  "org",
7106
7005
  "diagnose",
7107
- "releaseupdates.js"
7006
+ "unusedlicenses.js"
7108
7007
  ],
7109
7008
  "aliasPermutations": [],
7110
7009
  "permutations": [
7111
- "hardis:org:diagnose:releaseupdates",
7112
- "org:hardis:diagnose:releaseupdates",
7113
- "org:diagnose:hardis:releaseupdates",
7114
- "org:diagnose:releaseupdates:hardis",
7115
- "hardis:diagnose:org:releaseupdates",
7116
- "diagnose:hardis:org:releaseupdates",
7117
- "diagnose:org:hardis:releaseupdates",
7118
- "diagnose:org:releaseupdates:hardis",
7119
- "hardis:diagnose:releaseupdates:org",
7120
- "diagnose:hardis:releaseupdates:org",
7121
- "diagnose:releaseupdates:hardis:org",
7122
- "diagnose:releaseupdates:org:hardis",
7123
- "hardis:org:releaseupdates:diagnose",
7124
- "org:hardis:releaseupdates:diagnose",
7125
- "org:releaseupdates:hardis:diagnose",
7126
- "org:releaseupdates:diagnose:hardis",
7127
- "hardis:releaseupdates:org:diagnose",
7128
- "releaseupdates:hardis:org:diagnose",
7129
- "releaseupdates:org:hardis:diagnose",
7130
- "releaseupdates:org:diagnose:hardis",
7131
- "hardis:releaseupdates:diagnose:org",
7132
- "releaseupdates:hardis:diagnose:org",
7133
- "releaseupdates:diagnose:hardis:org",
7134
- "releaseupdates:diagnose:org:hardis"
7010
+ "hardis:org:diagnose:unusedlicenses",
7011
+ "org:hardis:diagnose:unusedlicenses",
7012
+ "org:diagnose:hardis:unusedlicenses",
7013
+ "org:diagnose:unusedlicenses:hardis",
7014
+ "hardis:diagnose:org:unusedlicenses",
7015
+ "diagnose:hardis:org:unusedlicenses",
7016
+ "diagnose:org:hardis:unusedlicenses",
7017
+ "diagnose:org:unusedlicenses:hardis",
7018
+ "hardis:diagnose:unusedlicenses:org",
7019
+ "diagnose:hardis:unusedlicenses:org",
7020
+ "diagnose:unusedlicenses:hardis:org",
7021
+ "diagnose:unusedlicenses:org:hardis",
7022
+ "hardis:org:unusedlicenses:diagnose",
7023
+ "org:hardis:unusedlicenses:diagnose",
7024
+ "org:unusedlicenses:hardis:diagnose",
7025
+ "org:unusedlicenses:diagnose:hardis",
7026
+ "hardis:unusedlicenses:org:diagnose",
7027
+ "unusedlicenses:hardis:org:diagnose",
7028
+ "unusedlicenses:org:hardis:diagnose",
7029
+ "unusedlicenses:org:diagnose:hardis",
7030
+ "hardis:unusedlicenses:diagnose:org",
7031
+ "unusedlicenses:hardis:diagnose:org",
7032
+ "unusedlicenses:diagnose:hardis:org",
7033
+ "unusedlicenses:diagnose:org:hardis"
7135
7034
  ]
7136
7035
  },
7137
- "hardis:org:diagnose:unsecure-connected-apps": {
7036
+ "hardis:org:diagnose:unusedusers": {
7138
7037
  "aliases": [],
7139
7038
  "args": {},
7140
- "description": "\n## Command Behavior\n\n**Detects unsecured Connected Apps in a Salesforce org and generates detailed reports for security analysis.**\n\nThis command is a critical security diagnostic tool that helps administrators identify Connected Apps that may pose security risks due to improper configuration. It provides comprehensive analysis of OAuth tokens and Connected App security settings to ensure proper access control.\n\nKey functionalities:\n\n- **OAuth Token Analysis:** Queries all OAuth tokens in the org using SOQL to retrieve comprehensive token information including app names, users, authorization status, and usage statistics.\n- **Security Status Assessment:** Evaluates each Connected App's security configuration by checking the `IsUsingAdminAuthorization` flag to determine if admin pre-approval is required.\n- **Unsecured App Detection:** Identifies Connected Apps that allow users to authorize themselves without admin approval, which can pose security risks.\n- **Detailed Reporting:** Generates two comprehensive CSV reports:\n - **OAuth Tokens Report:** Lists all OAuth tokens with security status, user information, and usage data\n - **Connected Apps Summary:** Aggregates unsecured Connected Apps with counts of associated OAuth tokens\n- **Visual Indicators:** Uses status icons (❌ for unsecured, for secured) to provide immediate visual feedback on security status.\n- **Security Recommendations:** Provides actionable guidance on how to secure Connected Apps through proper configuration.\n- **Notifications:** Sends alerts to configured channels (Grafana, Slack, MS Teams) with security findings and attached reports.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-security/) and can output Grafana, Slack and MsTeams Notifications.\n\n<iframe width=\"560\" height=\"315\" src=\"https://www.youtube.com/embed/jHv8yrSK8Dg\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen></iframe>\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query Execution:** Executes a comprehensive SOQL query on the `OauthToken` object, joining with `AppMenuItem` and `User` objects to gather complete security context.\n- **Security Analysis Logic:** Analyzes the `AppMenuItem.IsUsingAdminAuthorization` field to determine if a Connected App requires admin pre-approval for user authorization.\n- **Data Transformation:** Processes raw SOQL results to add security status indicators and reorganize data for optimal reporting and analysis.\n- **Aggregation Processing:** Groups OAuth tokens by Connected App name to provide summary statistics and identify the most problematic applications.\n- **Report Generation:** Uses `generateCsvFile` to create structured CSV reports with proper formatting and metadata for easy analysis and sharing.\n- **Notification Integration:** Integrates with the `NotifProvider` to send security alerts with detailed metrics, including the number of unsecured Connected Apps and associated OAuth tokens.\n- **File Management:** Generates multiple output formats (CSV, XLSX) and manages file paths using `generateReportPath` for consistent report organization.\n- **Connection Management:** Uses `setConnectionVariables` to ensure proper authentication context for notification providers that require org connection details.\n</details>\n",
7039
+ "description": "\n## Command Behavior\n\n**Detects and reports on inactive or unused Salesforce user accounts, helping to optimize license usage and enhance security.**\n\nEfficient user management is vital in Salesforce to ensure resources are optimized and costs are controlled. However, inactive or unused user accounts can often go unnoticed, leading to wasted licenses and potential security risks. This tool addresses this challenge by enabling administrators to identify users who haven't logged in within a specified period.\n\nBy analyzing user login activity and last login timestamps, this feature highlights inactive user accounts, allowing administrators to take appropriate action. Whether it's deactivating dormant accounts, freeing up licenses, or ensuring compliance with security policies, this functionality empowers administrators to maintain a lean and secure Salesforce environment.\n\nKey functionalities:\n\n- **Inactivity Detection:** Identifies users who have not logged in for a specified number of days (`--days` flag, default 180 days in CI, 365 days otherwise).\n- **License Type Filtering:** Allows filtering users by license type using `--licensetypes` (e.g., `all-crm`, `all-paying`) or specific license identifiers using `--licenseidentifiers`.\n - `all-crm`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT` licenses.\n - `all-paying`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT`, `PID_Customer_Community`, `PID_Customer_Community_Login`, `PID_Partner_Community`, `PID_Partner_Community_Login` licenses.\n - Note: You can see the full list of available license identifiers in [Salesforce Documentation](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/sfdx_cli_reference/sforce_api_objects_userlicense.htm).\n- **Active User Retrieval:** The `--returnactiveusers` flag inverts the command, allowing you to retrieve active users who *have* logged in during the specified period.\n- **CSV Report Generation:** Generates a CSV file containing details of all identified users (inactive or active), including their last login date, profile, and license information.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of inactive or active users.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-inactive-users/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query (Bulk API):** It uses `bulkQuery` to efficiently retrieve user records from the Salesforce `User` object. The SOQL query dynamically constructs its WHERE clause based on the `--days`, `--licensetypes`, `--licenseidentifiers`, and `--returnactiveusers` flags.\n- **Interactive Prompts:** Uses `prompts` to interactively ask the user for the number of inactive days and license types if not provided via flags.\n- **License Mapping:** Internally maps common license type aliases (e.g., `all-crm`) to their corresponding Salesforce `LicenseDefinitionKey` values.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of users.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides a summary of the findings in the console, indicating the number of inactive or active users found.\n</details>",
7141
7040
  "examples": [
7142
- "$ sf hardis:org:diagnose:unsecure-connected-apps"
7041
+ "$ sf hardis:org:diagnose:unusedusers",
7042
+ "$ sf hardis:org:diagnose:unusedusers --days 365",
7043
+ "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm",
7044
+ "$ sf hardis:org:diagnose:unusedusers --days 60 --licenseidentifiers SFDC,AUL,AUL1",
7045
+ "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm --returnactiveusers"
7143
7046
  ],
7144
7047
  "flags": {
7145
7048
  "json": {
@@ -7165,6 +7068,41 @@
7165
7068
  "multiple": false,
7166
7069
  "type": "option"
7167
7070
  },
7071
+ "days": {
7072
+ "char": "t",
7073
+ "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
7074
+ "name": "days",
7075
+ "hasDynamicHelp": false,
7076
+ "multiple": false,
7077
+ "type": "option"
7078
+ },
7079
+ "licensetypes": {
7080
+ "char": "l",
7081
+ "description": "Type of licenses to check. If set, do not use licenseidentifiers option. In CI, default is all-crm",
7082
+ "name": "licensetypes",
7083
+ "hasDynamicHelp": false,
7084
+ "multiple": false,
7085
+ "options": [
7086
+ "all",
7087
+ "all-crm",
7088
+ "all-paying"
7089
+ ],
7090
+ "type": "option"
7091
+ },
7092
+ "licenseidentifiers": {
7093
+ "char": "i",
7094
+ "description": "Comma-separated list of license identifiers, in case licensetypes is not used.. Identifiers available at https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_userlicense.htm",
7095
+ "name": "licenseidentifiers",
7096
+ "hasDynamicHelp": false,
7097
+ "multiple": false,
7098
+ "type": "option"
7099
+ },
7100
+ "returnactiveusers": {
7101
+ "description": "Inverts the command by returning the active users",
7102
+ "name": "returnactiveusers",
7103
+ "allowNo": false,
7104
+ "type": "boolean"
7105
+ },
7168
7106
  "debug": {
7169
7107
  "char": "d",
7170
7108
  "description": "Activate debug mode (more logs)",
@@ -7203,13 +7141,13 @@
7203
7141
  },
7204
7142
  "hasDynamicHelp": true,
7205
7143
  "hiddenAliases": [],
7206
- "id": "hardis:org:diagnose:unsecure-connected-apps",
7144
+ "id": "hardis:org:diagnose:unusedusers",
7207
7145
  "pluginAlias": "sfdx-hardis",
7208
7146
  "pluginName": "sfdx-hardis",
7209
7147
  "pluginType": "core",
7210
7148
  "strict": true,
7211
7149
  "enableJsonFlag": true,
7212
- "title": "Detect Unsecured Connected Apps",
7150
+ "title": "Detect unused Users in Salesforce",
7213
7151
  "requiresProject": false,
7214
7152
  "isESM": true,
7215
7153
  "relativePath": [
@@ -7218,43 +7156,44 @@
7218
7156
  "hardis",
7219
7157
  "org",
7220
7158
  "diagnose",
7221
- "unsecure-connected-apps.js"
7159
+ "unusedusers.js"
7222
7160
  ],
7223
7161
  "aliasPermutations": [],
7224
7162
  "permutations": [
7225
- "hardis:org:diagnose:unsecure-connected-apps",
7226
- "org:hardis:diagnose:unsecure-connected-apps",
7227
- "org:diagnose:hardis:unsecure-connected-apps",
7228
- "org:diagnose:unsecure-connected-apps:hardis",
7229
- "hardis:diagnose:org:unsecure-connected-apps",
7230
- "diagnose:hardis:org:unsecure-connected-apps",
7231
- "diagnose:org:hardis:unsecure-connected-apps",
7232
- "diagnose:org:unsecure-connected-apps:hardis",
7233
- "hardis:diagnose:unsecure-connected-apps:org",
7234
- "diagnose:hardis:unsecure-connected-apps:org",
7235
- "diagnose:unsecure-connected-apps:hardis:org",
7236
- "diagnose:unsecure-connected-apps:org:hardis",
7237
- "hardis:org:unsecure-connected-apps:diagnose",
7238
- "org:hardis:unsecure-connected-apps:diagnose",
7239
- "org:unsecure-connected-apps:hardis:diagnose",
7240
- "org:unsecure-connected-apps:diagnose:hardis",
7241
- "hardis:unsecure-connected-apps:org:diagnose",
7242
- "unsecure-connected-apps:hardis:org:diagnose",
7243
- "unsecure-connected-apps:org:hardis:diagnose",
7244
- "unsecure-connected-apps:org:diagnose:hardis",
7245
- "hardis:unsecure-connected-apps:diagnose:org",
7246
- "unsecure-connected-apps:hardis:diagnose:org",
7247
- "unsecure-connected-apps:diagnose:hardis:org",
7248
- "unsecure-connected-apps:diagnose:org:hardis"
7163
+ "hardis:org:diagnose:unusedusers",
7164
+ "org:hardis:diagnose:unusedusers",
7165
+ "org:diagnose:hardis:unusedusers",
7166
+ "org:diagnose:unusedusers:hardis",
7167
+ "hardis:diagnose:org:unusedusers",
7168
+ "diagnose:hardis:org:unusedusers",
7169
+ "diagnose:org:hardis:unusedusers",
7170
+ "diagnose:org:unusedusers:hardis",
7171
+ "hardis:diagnose:unusedusers:org",
7172
+ "diagnose:hardis:unusedusers:org",
7173
+ "diagnose:unusedusers:hardis:org",
7174
+ "diagnose:unusedusers:org:hardis",
7175
+ "hardis:org:unusedusers:diagnose",
7176
+ "org:hardis:unusedusers:diagnose",
7177
+ "org:unusedusers:hardis:diagnose",
7178
+ "org:unusedusers:diagnose:hardis",
7179
+ "hardis:unusedusers:org:diagnose",
7180
+ "unusedusers:hardis:org:diagnose",
7181
+ "unusedusers:org:hardis:diagnose",
7182
+ "unusedusers:org:diagnose:hardis",
7183
+ "hardis:unusedusers:diagnose:org",
7184
+ "unusedusers:hardis:diagnose:org",
7185
+ "unusedusers:diagnose:hardis:org",
7186
+ "unusedusers:diagnose:org:hardis"
7249
7187
  ]
7250
7188
  },
7251
- "hardis:org:diagnose:unused-apex-classes": {
7189
+ "hardis:org:generate:packagexmlfull": {
7252
7190
  "aliases": [],
7253
7191
  "args": {},
7254
- "description": "List all async Apex classes (Batch,Queueable,Schedulable) that has not been called for more than 365 days.\n \nThe result class list probably can be removed from the project, and that will improve your test classes performances 😊\n\nThe number of unused day is overridable using --days option. \n\nThe command uses queries on AsyncApexJob and CronTrigger technical tables to build the result.\n\nApex Classes CreatedBy and CreatedOn fields are calculated from MIN(date from git, date from org)\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-apex-classes/) and can output Grafana, Slack and MsTeams Notifications.\n\n![](https://sfdx-hardis.cloudity.com/assets/images/screenshot-monitoring-unused-apex-grafana.jpg)\n",
7192
+ "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
7255
7193
  "examples": [
7256
- "$ sf hardis:org:diagnose:unused-apex-classes",
7257
- "$ sf hardis:org:diagnose:unused-apex-classes --days 700"
7194
+ "$ sf hardis:org:generate:packagexmlfull",
7195
+ "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
7196
+ "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
7258
7197
  ],
7259
7198
  "flags": {
7260
7199
  "json": {
@@ -7273,21 +7212,12 @@
7273
7212
  "type": "option"
7274
7213
  },
7275
7214
  "outputfile": {
7276
- "char": "f",
7277
- "description": "Force the path and name of output report file. Must end with .csv",
7215
+ "description": "Output package.xml file",
7278
7216
  "name": "outputfile",
7279
7217
  "hasDynamicHelp": false,
7280
7218
  "multiple": false,
7281
7219
  "type": "option"
7282
7220
  },
7283
- "days": {
7284
- "char": "t",
7285
- "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
7286
- "name": "days",
7287
- "hasDynamicHelp": false,
7288
- "multiple": false,
7289
- "type": "option"
7290
- },
7291
7221
  "debug": {
7292
7222
  "char": "d",
7293
7223
  "description": "Activate debug mode (more logs)",
@@ -7295,6 +7225,13 @@
7295
7225
  "allowNo": false,
7296
7226
  "type": "boolean"
7297
7227
  },
7228
+ "no-prompt": {
7229
+ "char": "n",
7230
+ "description": "Do not prompt for org username, use the default one",
7231
+ "name": "no-prompt",
7232
+ "allowNo": false,
7233
+ "type": "boolean"
7234
+ },
7298
7235
  "websocket": {
7299
7236
  "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
7300
7237
  "name": "websocket",
@@ -7326,13 +7263,13 @@
7326
7263
  },
7327
7264
  "hasDynamicHelp": true,
7328
7265
  "hiddenAliases": [],
7329
- "id": "hardis:org:diagnose:unused-apex-classes",
7266
+ "id": "hardis:org:generate:packagexmlfull",
7330
7267
  "pluginAlias": "sfdx-hardis",
7331
7268
  "pluginName": "sfdx-hardis",
7332
7269
  "pluginType": "core",
7333
7270
  "strict": true,
7334
7271
  "enableJsonFlag": true,
7335
- "title": "Detect unused Apex classes in an org",
7272
+ "title": "Generate Full Org package.xml",
7336
7273
  "requiresProject": false,
7337
7274
  "isESM": true,
7338
7275
  "relativePath": [
@@ -7340,43 +7277,43 @@
7340
7277
  "commands",
7341
7278
  "hardis",
7342
7279
  "org",
7343
- "diagnose",
7344
- "unused-apex-classes.js"
7280
+ "generate",
7281
+ "packagexmlfull.js"
7345
7282
  ],
7346
7283
  "aliasPermutations": [],
7347
7284
  "permutations": [
7348
- "hardis:org:diagnose:unused-apex-classes",
7349
- "org:hardis:diagnose:unused-apex-classes",
7350
- "org:diagnose:hardis:unused-apex-classes",
7351
- "org:diagnose:unused-apex-classes:hardis",
7352
- "hardis:diagnose:org:unused-apex-classes",
7353
- "diagnose:hardis:org:unused-apex-classes",
7354
- "diagnose:org:hardis:unused-apex-classes",
7355
- "diagnose:org:unused-apex-classes:hardis",
7356
- "hardis:diagnose:unused-apex-classes:org",
7357
- "diagnose:hardis:unused-apex-classes:org",
7358
- "diagnose:unused-apex-classes:hardis:org",
7359
- "diagnose:unused-apex-classes:org:hardis",
7360
- "hardis:org:unused-apex-classes:diagnose",
7361
- "org:hardis:unused-apex-classes:diagnose",
7362
- "org:unused-apex-classes:hardis:diagnose",
7363
- "org:unused-apex-classes:diagnose:hardis",
7364
- "hardis:unused-apex-classes:org:diagnose",
7365
- "unused-apex-classes:hardis:org:diagnose",
7366
- "unused-apex-classes:org:hardis:diagnose",
7367
- "unused-apex-classes:org:diagnose:hardis",
7368
- "hardis:unused-apex-classes:diagnose:org",
7369
- "unused-apex-classes:hardis:diagnose:org",
7370
- "unused-apex-classes:diagnose:hardis:org",
7371
- "unused-apex-classes:diagnose:org:hardis"
7285
+ "hardis:org:generate:packagexmlfull",
7286
+ "org:hardis:generate:packagexmlfull",
7287
+ "org:generate:hardis:packagexmlfull",
7288
+ "org:generate:packagexmlfull:hardis",
7289
+ "hardis:generate:org:packagexmlfull",
7290
+ "generate:hardis:org:packagexmlfull",
7291
+ "generate:org:hardis:packagexmlfull",
7292
+ "generate:org:packagexmlfull:hardis",
7293
+ "hardis:generate:packagexmlfull:org",
7294
+ "generate:hardis:packagexmlfull:org",
7295
+ "generate:packagexmlfull:hardis:org",
7296
+ "generate:packagexmlfull:org:hardis",
7297
+ "hardis:org:packagexmlfull:generate",
7298
+ "org:hardis:packagexmlfull:generate",
7299
+ "org:packagexmlfull:hardis:generate",
7300
+ "org:packagexmlfull:generate:hardis",
7301
+ "hardis:packagexmlfull:org:generate",
7302
+ "packagexmlfull:hardis:org:generate",
7303
+ "packagexmlfull:org:hardis:generate",
7304
+ "packagexmlfull:org:generate:hardis",
7305
+ "hardis:packagexmlfull:generate:org",
7306
+ "packagexmlfull:hardis:generate:org",
7307
+ "packagexmlfull:generate:hardis:org",
7308
+ "packagexmlfull:generate:org:hardis"
7372
7309
  ]
7373
7310
  },
7374
- "hardis:org:diagnose:unused-connected-apps": {
7311
+ "hardis:org:monitor:all": {
7375
7312
  "aliases": [],
7376
7313
  "args": {},
7377
- "description": "\n## Command Behavior\n\n**Identifies and reports on potentially unused Connected Apps in a Salesforce org, suggesting candidates for deletion or deactivation.**\n\nThis command helps improve org security and reduce technical debt by pinpointing Connected Apps that are no longer actively used. Connected Apps can pose security risks if left unmonitored, and cleaning them up contributes to a healthier Salesforce environment.\n\nKey functionalities:\n\n- **Connected App Data Collection:** Gathers information about all Connected Apps in the org, including creation and last modified dates, and associated users.\n- **Usage Analysis:** Analyzes `LoginHistory` and `OAuthToken` records to determine the last usage date of each Connected App.\n- **Inactivity Detection:** Flags Connected Apps as potentially unused if they have no recent login history or OAuth token usage.\n- **Accessibility Check:** Examines Connected App metadata to identify if they are accessible (e.g., if they require admin approval and have no profiles or permission sets assigned).\n- **Ignored Apps:** Automatically ignores a predefined list of common Salesforce Connected Apps (e.g., `Salesforce CLI`, `Salesforce Mobile Dashboards`). You can extend this list by defining the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n- **CSV Report Generation:** Generates a CSV file containing details of all analyzed Connected Apps, including their usage status, last usage date, and reasons for being flagged as potentially unused.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of potentially unused Connected Apps.\n\n**Default Ignored Connected Apps:**\n\n- Ant Migration Tool\n- Chatter Desktop\n- Chatter Mobile for BlackBerry\n- Force.com IDE\n- OIQ_Integration\n- Salesforce CLI\n- Salesforce Files\n- Salesforce Mobile Dashboards\n- Salesforce Touch\n- Salesforce for Outlook\n- SalesforceA\n- SalesforceA for Android\n- SalesforceA for iOS\n- SalesforceDX Namespace Registry\n- SalesforceIQ\n\nYou can add more ignored apps by defining a comma-separated list of names in the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable.\n\n_Example: \nALLOWED_INACTIVE_CONNECTED_APPS=My App 1,My App 2, My App 3_\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-connected-apps/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce SOQL Queries:** It performs SOQL queries against `ConnectedApplication`, `LoginHistory`, and `OAuthToken` objects to gather comprehensive data about Connected Apps and their usage.\n- **Temporary SFDX Project:** It creates a temporary SFDX project to retrieve Connected App metadata, allowing for local parsing and analysis of their XML files.\n- **Metadata Parsing:** It parses the `connectedApp-meta.xml` files to check for `isAdminApproved` and the presence of `profileName` or `permissionsetName` to determine accessibility.\n- **Data Correlation:** It correlates data from various Salesforce objects to build a complete picture of each Connected App's usage and status.\n- **Date Calculation:** Uses `moment` to calculate the time since the last OAuth token usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused Connected Apps.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **File System Operations:** Uses `fs-extra` for creating and removing temporary directories and files.\n- **Environment Variable Reading:** Reads the `ALLOWED_INACTIVE_CONNECTED_APPS` environment variable to customize the list of ignored Connected Apps.\n</details>\n",
7314
+ "description": "Monitor org, generate reports and sends notifications\n\nYou can disable some commands defining either a **monitoringDisable** property in `.sfdx-hardis.yml`, or a comma separated list in env variable **MONITORING_DISABLE**\n\nExample in .sfdx-hardis.yml:\n \n```yaml\nmonitoringDisable:\n - METADATA_STATUS\n - MISSING_ATTRIBUTES\n - UNUSED_METADATAS\n```\n \nExample in env var:\n\n```sh\nMONITORING_DISABLE=METADATA_STATUS,MISSING_ATTRIBUTES,UNUSED_METADATAS\n```\n\nA [default list of monitoring commands](https://sfdx-hardis.cloudity.com/salesforce-monitoring-home/#monitoring-commands) is used, if you want to override it you can define property **monitoringCommands** in your .sfdx-hardis.yml file\n\nExample:\n\n```yaml\nmonitoringCommands:\n - title: My Custom command\n command: sf my:custom:command\n - title: My Custom command 2\n command: sf my:other:custom:command\n```\n\nYou can force the daily run of all commands by defining env var `MONITORING_IGNORE_FREQUENCY=true`\n\nThe default list of commands is the following:\n\n| Key | Description | Command | Frequency |\n| :---: | :---- | :---- | :-----: |\n| [AUDIT_TRAIL](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | Detect suspect setup actions in major org | [sf hardis:org:diagnose:audittrail](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/audittrail) | daily |\n| [LEGACY_API](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | Detect calls to deprecated API versions | [sf hardis:org:diagnose:legacyapi](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/legacyapi) | daily |\n| [ORG_LIMITS](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | Detect if org limits are close to be reached | [sf hardis:org:monitor:limits](https://sfdx-hardis.cloudity.com/hardis/org/monitor/limits) | daily |\n| [UNSECURED_CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | Detect unsecured Connected Apps in an org | [sf hardis:org:diagnose:unsecure-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unsecure-connected-apps) | daily |\n| [LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | Extract licenses information | [sf hardis:org:diagnose:licenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/licenses) | weekly |\n| [LINT_ACCESS](https://sfdx-hardis.cloudity.com/hardis/lint/access) | Detect custom elements with no access rights defined in permission sets | [sf hardis:lint:access](https://sfdx-hardis.cloudity.com/hardis/lint/access) | weekly |\n| [UNUSED_LICENSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | Detect permission set licenses that are assigned to users that do not need them | [sf hardis:org:diagnose:unusedlicenses](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedlicenses) | weekly |\n| [UNUSED_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users without recent logins | [sf hardis:org:diagnose:unusedusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ACTIVE_USERS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | Detect active users with recent logins | [sf hardis:org:diagnose:unusedusers --returnactiveusers](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unusedusers) | weekly |\n| [ORG_INFO](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | Get org info + SF instance info + next major upgrade date | [sf hardis:org:diagnose:instanceupgrade](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/instanceupgrade) | weekly |\n| [RELEASE_UPDATES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | Gather warnings about incoming and overdue Release Updates | [sf hardis:org:diagnose:releaseupdates](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/releaseupdates) | weekly |\n| [UNUSED_METADATAS](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | Detect custom labels and custom permissions that are not in use | [sf hardis:lint:unusedmetadatas](https://sfdx-hardis.cloudity.com/hardis/lint/unusedmetadatas) | weekly |\n| [UNUSED_APEX_CLASSES](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | Detect unused Apex classes in an org | [sf hardis:org:diagnose:unused-apex-classes](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-apex-classes) | weekly |\n| [CONNECTED_APPS](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | Detect unused Connected Apps in an org | [sf hardis:org:diagnose:unused-connected-apps](https://sfdx-hardis.cloudity.com/hardis/org/diagnose/unused-connected-apps) | weekly |\n| [METADATA_STATUS](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | Detect inactive metadata | [sf hardis:lint:metadatastatus](https://sfdx-hardis.cloudity.com/hardis/lint/metadatastatus) | weekly |\n| [MISSING_ATTRIBUTES](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | Detect missing description on custom field | [sf hardis:lint:missingattributes](https://sfdx-hardis.cloudity.com/hardis/lint/missingattributes) | weekly |\n\n",
7378
7315
  "examples": [
7379
- "$ sf hardis:org:diagnose:unused-connected-apps"
7316
+ "$ sf hardis:org:monitor:all"
7380
7317
  ],
7381
7318
  "flags": {
7382
7319
  "json": {
@@ -7394,14 +7331,6 @@
7394
7331
  "multiple": false,
7395
7332
  "type": "option"
7396
7333
  },
7397
- "outputfile": {
7398
- "char": "f",
7399
- "description": "Force the path and name of output report file. Must end with .csv",
7400
- "name": "outputfile",
7401
- "hasDynamicHelp": false,
7402
- "multiple": false,
7403
- "type": "option"
7404
- },
7405
7334
  "debug": {
7406
7335
  "char": "d",
7407
7336
  "description": "Activate debug mode (more logs)",
@@ -7440,75 +7369,159 @@
7440
7369
  },
7441
7370
  "hasDynamicHelp": true,
7442
7371
  "hiddenAliases": [],
7443
- "id": "hardis:org:diagnose:unused-connected-apps",
7372
+ "id": "hardis:org:monitor:all",
7444
7373
  "pluginAlias": "sfdx-hardis",
7445
7374
  "pluginName": "sfdx-hardis",
7446
7375
  "pluginType": "core",
7447
7376
  "strict": true,
7448
7377
  "enableJsonFlag": true,
7449
- "title": "Unused Connected Apps in an org",
7450
- "allowedInactiveConnectedApps": [
7451
- "Ant Migration Tool",
7452
- "Chatter Desktop",
7453
- "Chatter Mobile for BlackBerry",
7454
- "Force.com IDE",
7455
- "OIQ_Integration",
7456
- "Salesforce CLI",
7457
- "Salesforce Files",
7458
- "Salesforce Mobile Dashboards",
7459
- "Salesforce Touch",
7460
- "Salesforce for Outlook",
7461
- "SalesforceA",
7462
- "SalesforceA for Android",
7463
- "SalesforceA for iOS",
7464
- "SalesforceDX Namespace Registry",
7465
- "SalesforceIQ"
7378
+ "title": "Monitor org",
7379
+ "monitoringCommandsDefault": [
7380
+ {
7381
+ "key": "AUDIT_TRAIL",
7382
+ "title": "Detect suspect setup actions in major org",
7383
+ "command": "sf hardis:org:diagnose:audittrail",
7384
+ "frequency": "daily"
7385
+ },
7386
+ {
7387
+ "key": "LEGACY_API",
7388
+ "title": "Detect calls to deprecated API versions",
7389
+ "command": "sf hardis:org:diagnose:legacyapi",
7390
+ "frequency": "daily"
7391
+ },
7392
+ {
7393
+ "key": "ORG_LIMITS",
7394
+ "title": "Detect if org limits are close to be reached",
7395
+ "command": "sf hardis:org:monitor:limits",
7396
+ "frequency": "daily"
7397
+ },
7398
+ {
7399
+ "key": "UNSECURED_CONNECTED_APPS",
7400
+ "title": "Detect unsecured Connected Apps in an org",
7401
+ "command": "sf hardis:org:diagnose:unsecure-connected-apps",
7402
+ "frequency": "daily"
7403
+ },
7404
+ {
7405
+ "key": "LICENSES",
7406
+ "title": "Extract licenses information",
7407
+ "command": "sf hardis:org:diagnose:licenses",
7408
+ "frequency": "weekly"
7409
+ },
7410
+ {
7411
+ "key": "LINT_ACCESS",
7412
+ "title": "Detect custom elements with no access rights defined in permission sets",
7413
+ "command": "sf hardis:lint:access",
7414
+ "frequency": "weekly"
7415
+ },
7416
+ {
7417
+ "key": "UNUSED_LICENSES",
7418
+ "title": "Detect permission set licenses that are assigned to users that do not need them",
7419
+ "command": "sf hardis:org:diagnose:unusedlicenses",
7420
+ "frequency": "weekly"
7421
+ },
7422
+ {
7423
+ "key": "UNUSED_USERS",
7424
+ "title": "Detect active users without recent logins",
7425
+ "command": "sf hardis:org:diagnose:unusedusers",
7426
+ "frequency": "weekly"
7427
+ },
7428
+ {
7429
+ "key": "ACTIVE_USERS",
7430
+ "title": "Detect active users with recent logins",
7431
+ "command": "sf hardis:org:diagnose:unusedusers --returnactiveusers",
7432
+ "frequency": "weekly"
7433
+ },
7434
+ {
7435
+ "key": "ORG_INFO",
7436
+ "title": "Get org info + SF instance info + next major upgrade date",
7437
+ "command": "sf hardis:org:diagnose:instanceupgrade",
7438
+ "frequency": "weekly"
7439
+ },
7440
+ {
7441
+ "key": "RELEASE_UPDATES",
7442
+ "title": "Gather warnings about incoming and overdue Release Updates",
7443
+ "command": "sf hardis:org:diagnose:releaseupdates",
7444
+ "frequency": "weekly"
7445
+ },
7446
+ {
7447
+ "key": "UNUSED_METADATAS",
7448
+ "title": "Detect custom labels and custom permissions that are not in use",
7449
+ "command": "sf hardis:lint:unusedmetadatas",
7450
+ "frequency": "weekly"
7451
+ },
7452
+ {
7453
+ "key": "UNUSED_APEX_CLASSES",
7454
+ "title": "Detect unused Apex classes in an org",
7455
+ "command": "sf hardis:org:diagnose:unused-apex-classes",
7456
+ "frequency": "weekly"
7457
+ },
7458
+ {
7459
+ "key": "CONNECTED_APPS",
7460
+ "title": "Detect unused Connected Apps in an org",
7461
+ "command": "sf hardis:org:diagnose:unused-connected-apps",
7462
+ "frequency": "weekly"
7463
+ },
7464
+ {
7465
+ "key": "METADATA_STATUS",
7466
+ "title": "Detect inactive metadata",
7467
+ "command": "sf hardis:lint:metadatastatus",
7468
+ "frequency": "weekly"
7469
+ },
7470
+ {
7471
+ "key": "MISSING_ATTRIBUTES",
7472
+ "title": "Detect missing description on custom field",
7473
+ "command": "sf hardis:lint:missingattributes",
7474
+ "frequency": "weekly"
7475
+ }
7466
7476
  ],
7467
- "requiresProject": false,
7477
+ "requiresProject": true,
7478
+ "triggerNotification": true,
7468
7479
  "isESM": true,
7469
7480
  "relativePath": [
7470
7481
  "lib",
7471
7482
  "commands",
7472
7483
  "hardis",
7473
7484
  "org",
7474
- "diagnose",
7475
- "unused-connected-apps.js"
7485
+ "monitor",
7486
+ "all.js"
7476
7487
  ],
7477
7488
  "aliasPermutations": [],
7478
7489
  "permutations": [
7479
- "hardis:org:diagnose:unused-connected-apps",
7480
- "org:hardis:diagnose:unused-connected-apps",
7481
- "org:diagnose:hardis:unused-connected-apps",
7482
- "org:diagnose:unused-connected-apps:hardis",
7483
- "hardis:diagnose:org:unused-connected-apps",
7484
- "diagnose:hardis:org:unused-connected-apps",
7485
- "diagnose:org:hardis:unused-connected-apps",
7486
- "diagnose:org:unused-connected-apps:hardis",
7487
- "hardis:diagnose:unused-connected-apps:org",
7488
- "diagnose:hardis:unused-connected-apps:org",
7489
- "diagnose:unused-connected-apps:hardis:org",
7490
- "diagnose:unused-connected-apps:org:hardis",
7491
- "hardis:org:unused-connected-apps:diagnose",
7492
- "org:hardis:unused-connected-apps:diagnose",
7493
- "org:unused-connected-apps:hardis:diagnose",
7494
- "org:unused-connected-apps:diagnose:hardis",
7495
- "hardis:unused-connected-apps:org:diagnose",
7496
- "unused-connected-apps:hardis:org:diagnose",
7497
- "unused-connected-apps:org:hardis:diagnose",
7498
- "unused-connected-apps:org:diagnose:hardis",
7499
- "hardis:unused-connected-apps:diagnose:org",
7500
- "unused-connected-apps:hardis:diagnose:org",
7501
- "unused-connected-apps:diagnose:hardis:org",
7502
- "unused-connected-apps:diagnose:org:hardis"
7490
+ "hardis:org:monitor:all",
7491
+ "org:hardis:monitor:all",
7492
+ "org:monitor:hardis:all",
7493
+ "org:monitor:all:hardis",
7494
+ "hardis:monitor:org:all",
7495
+ "monitor:hardis:org:all",
7496
+ "monitor:org:hardis:all",
7497
+ "monitor:org:all:hardis",
7498
+ "hardis:monitor:all:org",
7499
+ "monitor:hardis:all:org",
7500
+ "monitor:all:hardis:org",
7501
+ "monitor:all:org:hardis",
7502
+ "hardis:org:all:monitor",
7503
+ "org:hardis:all:monitor",
7504
+ "org:all:hardis:monitor",
7505
+ "org:all:monitor:hardis",
7506
+ "hardis:all:org:monitor",
7507
+ "all:hardis:org:monitor",
7508
+ "all:org:hardis:monitor",
7509
+ "all:org:monitor:hardis",
7510
+ "hardis:all:monitor:org",
7511
+ "all:hardis:monitor:org",
7512
+ "all:monitor:hardis:org",
7513
+ "all:monitor:org:hardis"
7503
7514
  ]
7504
7515
  },
7505
- "hardis:org:diagnose:unusedlicenses": {
7516
+ "hardis:org:monitor:backup": {
7506
7517
  "aliases": [],
7507
7518
  "args": {},
7508
- "description": "\n## Command Behavior\n\n**Detects and suggests the deletion of unused Permission Set License Assignments in a Salesforce org.**\n\nWhen a Permission Set (PS) linked to a Permission Set License (PSL) is assigned to a user, a Permission Set License Assignment (PSLA) is automatically created. However, when that PS is unassigned from the user, the PSLA is *not* automatically deleted. This can lead to organizations being charged for unused PSLAs, representing a hidden cost and technical debt.\n\nThis command identifies such useless PSLAs and provides options to delete them, helping to optimize license usage and reduce unnecessary expenses.\n\nKey functionalities:\n\n- **PSLA Detection:** Queries the Salesforce org to find all active PSLAs.\n- **Usage Verification:** Correlates PSLAs with actual Permission Set Assignments and Permission Set Group Assignments to determine if the underlying Permission Sets are still assigned to the user.\n- **Special Case Handling:** Accounts for specific scenarios where profiles might implicitly assign PSLAs (e.g., `Salesforce API Only` profile assigning `SalesforceAPIIntegrationPsl`) and allows for always excluding certain PSLAs from the unused check.\n- **Reporting:** Generates a CSV report of all identified unused PSLAs, including the user and the associated Permission Set License.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of unused PSLAs.\n- **Interactive Deletion:** In non-CI environments, it offers an interactive prompt to bulk delete the identified unused PSLAs.\n\nMany thanks to [Vincent Finet](https://www.linkedin.com/in/vincentfinet/) for the inspiration during his great speaker session at [French Touch Dreamin '23](https://frenchtouchdreamin.com/), and his kind agreement for reusing such inspiration in this command 😊\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-unused-licenses/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves extensive querying of Salesforce objects and data correlation:\n\n- **SOQL Queries (Bulk API):** It uses `bulkQuery` and `bulkQueryChunksIn` to efficiently retrieve large volumes of data from `PermissionSetLicenseAssign`, `PermissionSetLicense`, `PermissionSet`, `PermissionSetGroupComponent`, and `PermissionSetAssignment` objects.\n- **Data Correlation:** It meticulously correlates data across these objects to determine if a `PermissionSetLicenseAssign` record has a corresponding active assignment to a Permission Set or Permission Set Group for the same user.\n- **Filtering Logic:** It applies complex filtering logic to exclude PSLAs that are genuinely in use or are part of predefined exceptions (e.g., `alwaysExcludeForActiveUsersPermissionSetLicenses`).\n- **Bulk Deletion:** If the user opts to delete unused PSLAs, it uses `bulkUpdate` with the `delete` operation to efficiently remove multiple records.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of unused PSLAs.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Interaction:** Uses `prompts` for interactive confirmation before performing deletion operations.\n</details>\n",
7519
+ "description": "Retrieve sfdx sources in the context of a monitoring backup\n\nThe command exists in 2 modes: filtered(default & recommended) and full.\n\n## Filtered mode (default, better performances)\n\nAutomatically skips metadatas from installed packages with namespace. \n\nYou can remove more metadata types from backup, especially in case you have too many metadatas and that provokes a crash, using:\n\n- Manual update of `manifest/package-skip-items.xml` config file (then commit & push in the same branch)\n\n - Works with full wildcard (`<members>*</members>`) , named metadata (`<members>Account.Name</members>`) or partial wildcards names (`<members>pi__*</members>` , `<members>*__dlm</members>` , or `<members>prefix*suffix</members>`)\n\n- Environment variable MONITORING_BACKUP_SKIP_METADATA_TYPES (example: `MONITORING_BACKUP_SKIP_METADATA_TYPES=CustomLabel,StaticResource,Translation`): that will be applied to all monitoring branches.\n\n## Full mode\n\nActivate it with **--full** parameter, or variable MONITORING_BACKUP_MODE_FULL=true\n\nIgnores filters (namespaces items & manifest/package-skip-items.xml) to retrieve ALL metadatas, including those you might not care about (reports, translations...)\n\nAs we can retrieve only 10000 files by call, the list of all metadatas will be chunked to make multiple calls (and take more time than filtered mode)\n\n- if you use `--full-apply-filters` , manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES filters will be applied anyway\n- if you use `--exclude-namespaces` , namespaced items will be ignored\n\n_With those both options, it's like if you are not using --full, but with chunked metadata download_\n\n## In CI/CD\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-metadata-backup/) and can output Grafana, Slack and MsTeams Notifications.\n\n## Troubleshooting\n\nIf you have unknown errors (it happens !), you can investigate using the full command with smaller chunks.\n\nExample: `sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters --max-by-chunk 500`\n\nIt will allow you the identify the responsible metadata and ignore it using package-skip-items.xml or MONITORING_BACKUP_SKIP_METADATA_TYPES env variable.\n\n## Documentation\n\n[Doc generation (including visual flows)](https://sfdx-hardis.cloudity.com/hardis/doc/project2markdown/) is triggered at the end of the command.\n\nIf you want to also upload HTML Documentation on your Salesforce Org as static resource, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_ORG=\"true\"**\n\nIf you want to also upload HTML Documentation on Cloudflare, use variable **SFDX_HARDIS_DOC_DEPLOY_TO_CLOUDFLARE=\"true\"**\n\n- If you want to generate the documentation in multiple languages, define variable SFDX_DOC_LANGUAGES (ex: SFDX_DOC_LANGUAGES=en,fr,de)\n- You can define one Cloudflare site by language, for example with the following variables:\n - CLOUDFLARE_PROJECT_NAME_EN=cloudity-demo-english\n - CLOUDFLARE_PROJECT_NAME_FR=cloudity-demo-french\n - CLOUDFLARE_PROJECT_NAME_DE=cloudity-demo-german\n\nIf Flow history doc always display a single state, you probably need to update your workflow configuration:\n\n- on Gitlab: Env variable [`GIT_FETCH_EXTRA_FLAGS: --depth 10000`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.gitlab-ci.yml#L11)\n- on GitHub: [`fetch-depth: 0`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/.github/workflows/org-monitoring.yml#L58)\n- on Azure: [`fetchDepth: \"0\"`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/azure-pipelines.yml#L39)\n- on Bitbucket: [`step: clone: depth: full`](https://github.com/hardisgroupcom/sfdx-hardis/blob/main/defaults/monitoring/bitbucket-pipelines.yml#L18)\n",
7509
7520
  "examples": [
7510
- "$ sf hardis:org:diagnose:unusedlicenses",
7511
- "$ sf hardis:org:diagnose:unusedlicenses --fix"
7521
+ "$ sf hardis:org:monitor:backup",
7522
+ "$ sf hardis:org:monitor:backup --full",
7523
+ "$ sf hardis:org:monitor:backup --full --exclude-namespaces",
7524
+ "$ sf hardis:org:monitor:backup --full --exclude-namespaces --full-apply-filters"
7512
7525
  ],
7513
7526
  "flags": {
7514
7527
  "json": {
@@ -7526,6 +7539,49 @@
7526
7539
  "multiple": false,
7527
7540
  "type": "option"
7528
7541
  },
7542
+ "full": {
7543
+ "description": "Dot not take in account filtering using package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES. Efficient but much much slower !",
7544
+ "name": "full",
7545
+ "allowNo": false,
7546
+ "type": "boolean"
7547
+ },
7548
+ "max-by-chunk": {
7549
+ "char": "m",
7550
+ "description": "If mode --full is activated, maximum number of metadatas in a package.xml chunk",
7551
+ "name": "max-by-chunk",
7552
+ "default": 3000,
7553
+ "hasDynamicHelp": false,
7554
+ "multiple": false,
7555
+ "type": "option"
7556
+ },
7557
+ "exclude-namespaces": {
7558
+ "char": "e",
7559
+ "description": "If mode --full is activated, exclude namespaced metadatas",
7560
+ "name": "exclude-namespaces",
7561
+ "allowNo": false,
7562
+ "type": "boolean"
7563
+ },
7564
+ "full-apply-filters": {
7565
+ "char": "z",
7566
+ "description": "If mode --full is activated, apply filters of manifest/package-skip-items.xml and MONITORING_BACKUP_SKIP_METADATA_TYPES anyway",
7567
+ "name": "full-apply-filters",
7568
+ "allowNo": false,
7569
+ "type": "boolean"
7570
+ },
7571
+ "start-chunk": {
7572
+ "description": "Use this parameter to troubleshoot a specific chunk. It will be used as the first chunk to retrieve",
7573
+ "name": "start-chunk",
7574
+ "default": 1,
7575
+ "hasDynamicHelp": false,
7576
+ "multiple": false,
7577
+ "type": "option"
7578
+ },
7579
+ "skip-doc": {
7580
+ "description": "Skip the generation of project documentation at the end of the command",
7581
+ "name": "skip-doc",
7582
+ "allowNo": false,
7583
+ "type": "boolean"
7584
+ },
7529
7585
  "outputfile": {
7530
7586
  "char": "f",
7531
7587
  "description": "Force the path and name of output report file. Must end with .csv",
@@ -7572,79 +7628,58 @@
7572
7628
  },
7573
7629
  "hasDynamicHelp": true,
7574
7630
  "hiddenAliases": [],
7575
- "id": "hardis:org:diagnose:unusedlicenses",
7631
+ "id": "hardis:org:monitor:backup",
7576
7632
  "pluginAlias": "sfdx-hardis",
7577
7633
  "pluginName": "sfdx-hardis",
7578
7634
  "pluginType": "core",
7579
- "strict": true,
7580
- "enableJsonFlag": true,
7581
- "title": "Detect unused Permission Set Licenses (beta)",
7582
- "requiresProject": false,
7583
- "additionalPermissionSetsToAlwaysGet": [
7584
- "Sales_User"
7585
- ],
7586
- "permSetsPermSetLicenses": [
7587
- {
7588
- "permSet": "Sales_User",
7589
- "permSetLicense": "SalesUserPsl"
7590
- }
7591
- ],
7592
- "profilesPermissionSetLicenses": [
7593
- {
7594
- "profile": "Salesforce API Only",
7595
- "permSetLicense": "SalesforceAPIIntegrationPsl"
7596
- }
7597
- ],
7598
- "alwaysExcludeForActiveUsersPermissionSetLicenses": [
7599
- "IdentityConnect"
7600
- ],
7601
- "isESM": true,
7602
- "relativePath": [
7603
- "lib",
7604
- "commands",
7605
- "hardis",
7606
- "org",
7607
- "diagnose",
7608
- "unusedlicenses.js"
7609
- ],
7610
- "aliasPermutations": [],
7611
- "permutations": [
7612
- "hardis:org:diagnose:unusedlicenses",
7613
- "org:hardis:diagnose:unusedlicenses",
7614
- "org:diagnose:hardis:unusedlicenses",
7615
- "org:diagnose:unusedlicenses:hardis",
7616
- "hardis:diagnose:org:unusedlicenses",
7617
- "diagnose:hardis:org:unusedlicenses",
7618
- "diagnose:org:hardis:unusedlicenses",
7619
- "diagnose:org:unusedlicenses:hardis",
7620
- "hardis:diagnose:unusedlicenses:org",
7621
- "diagnose:hardis:unusedlicenses:org",
7622
- "diagnose:unusedlicenses:hardis:org",
7623
- "diagnose:unusedlicenses:org:hardis",
7624
- "hardis:org:unusedlicenses:diagnose",
7625
- "org:hardis:unusedlicenses:diagnose",
7626
- "org:unusedlicenses:hardis:diagnose",
7627
- "org:unusedlicenses:diagnose:hardis",
7628
- "hardis:unusedlicenses:org:diagnose",
7629
- "unusedlicenses:hardis:org:diagnose",
7630
- "unusedlicenses:org:hardis:diagnose",
7631
- "unusedlicenses:org:diagnose:hardis",
7632
- "hardis:unusedlicenses:diagnose:org",
7633
- "unusedlicenses:hardis:diagnose:org",
7634
- "unusedlicenses:diagnose:hardis:org",
7635
- "unusedlicenses:diagnose:org:hardis"
7635
+ "strict": true,
7636
+ "enableJsonFlag": true,
7637
+ "title": "Backup DX sources",
7638
+ "requiresProject": true,
7639
+ "triggerNotification": true,
7640
+ "isESM": true,
7641
+ "relativePath": [
7642
+ "lib",
7643
+ "commands",
7644
+ "hardis",
7645
+ "org",
7646
+ "monitor",
7647
+ "backup.js"
7648
+ ],
7649
+ "aliasPermutations": [],
7650
+ "permutations": [
7651
+ "hardis:org:monitor:backup",
7652
+ "org:hardis:monitor:backup",
7653
+ "org:monitor:hardis:backup",
7654
+ "org:monitor:backup:hardis",
7655
+ "hardis:monitor:org:backup",
7656
+ "monitor:hardis:org:backup",
7657
+ "monitor:org:hardis:backup",
7658
+ "monitor:org:backup:hardis",
7659
+ "hardis:monitor:backup:org",
7660
+ "monitor:hardis:backup:org",
7661
+ "monitor:backup:hardis:org",
7662
+ "monitor:backup:org:hardis",
7663
+ "hardis:org:backup:monitor",
7664
+ "org:hardis:backup:monitor",
7665
+ "org:backup:hardis:monitor",
7666
+ "org:backup:monitor:hardis",
7667
+ "hardis:backup:org:monitor",
7668
+ "backup:hardis:org:monitor",
7669
+ "backup:org:hardis:monitor",
7670
+ "backup:org:monitor:hardis",
7671
+ "hardis:backup:monitor:org",
7672
+ "backup:hardis:monitor:org",
7673
+ "backup:monitor:hardis:org",
7674
+ "backup:monitor:org:hardis"
7636
7675
  ]
7637
7676
  },
7638
- "hardis:org:diagnose:unusedusers": {
7677
+ "hardis:org:monitor:limits": {
7639
7678
  "aliases": [],
7640
7679
  "args": {},
7641
- "description": "\n## Command Behavior\n\n**Detects and reports on inactive or unused Salesforce user accounts, helping to optimize license usage and enhance security.**\n\nEfficient user management is vital in Salesforce to ensure resources are optimized and costs are controlled. However, inactive or unused user accounts can often go unnoticed, leading to wasted licenses and potential security risks. This tool addresses this challenge by enabling administrators to identify users who haven't logged in within a specified period.\n\nBy analyzing user login activity and last login timestamps, this feature highlights inactive user accounts, allowing administrators to take appropriate action. Whether it's deactivating dormant accounts, freeing up licenses, or ensuring compliance with security policies, this functionality empowers administrators to maintain a lean and secure Salesforce environment.\n\nKey functionalities:\n\n- **Inactivity Detection:** Identifies users who have not logged in for a specified number of days (`--days` flag, default 180 days in CI, 365 days otherwise).\n- **License Type Filtering:** Allows filtering users by license type using `--licensetypes` (e.g., `all-crm`, `all-paying`) or specific license identifiers using `--licenseidentifiers`.\n - `all-crm`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT` licenses.\n - `all-paying`: Includes `SFDC`, `AUL`, `AUL1`, `AULL_IGHT`, `PID_Customer_Community`, `PID_Customer_Community_Login`, `PID_Partner_Community`, `PID_Partner_Community_Login` licenses.\n - Note: You can see the full list of available license identifiers in [Salesforce Documentation](https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/sfdx_cli_reference/sforce_api_objects_userlicense.htm).\n- **Active User Retrieval:** The `--returnactiveusers` flag inverts the command, allowing you to retrieve active users who *have* logged in during the specified period.\n- **CSV Report Generation:** Generates a CSV file containing details of all identified users (inactive or active), including their last login date, profile, and license information.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of inactive or active users.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-inactive-users/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query (Bulk API):** It uses `bulkQuery` to efficiently retrieve user records from the Salesforce `User` object. The SOQL query dynamically constructs its WHERE clause based on the `--days`, `--licensetypes`, `--licenseidentifiers`, and `--returnactiveusers` flags.\n- **Interactive Prompts:** Uses `prompts` to interactively ask the user for the number of inactive days and license types if not provided via flags.\n- **License Mapping:** Internally maps common license type aliases (e.g., `all-crm`) to their corresponding Salesforce `LicenseDefinitionKey` values.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of users.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and metrics for monitoring dashboards.\n- **User Feedback:** Provides a summary of the findings in the console, indicating the number of inactive or active users found.\n</details>",
7680
+ "description": "\n## Command Behavior\n\n**Checks the current usage of various Salesforce org limits and sends notifications if thresholds are exceeded.**\n\nThis command is a critical component of proactive Salesforce org management, helping administrators and developers monitor resource consumption and prevent hitting critical limits that could impact performance or functionality. It provides early warnings when limits are approaching their capacity.\n\nKey functionalities:\n\n- **Limit Retrieval:** Fetches a comprehensive list of all Salesforce org limits using the Salesforce CLI.\n- **Usage Calculation:** Calculates the percentage of each limit that is currently being used.\n- **Threshold-Based Alerting:** Assigns a severity (success, warning, or error) to each limit based on configurable thresholds:\n - **Warning:** If usage exceeds 50% (configurable via `LIMIT_THRESHOLD_WARNING` environment variable).\n - **Error:** If usage exceeds 75% (configurable via `LIMIT_THRESHOLD_ERROR` environment variable).\n- **CSV Report Generation:** Generates a CSV file containing all org limits, their current usage, maximum allowed, and calculated percentage used, along with the assigned severity.\n- **Notifications:** Sends notifications to configured channels (Grafana, Slack, MS Teams) with a summary of limits that have exceeded the warning or error thresholds.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-org-limits/) and can output Grafana, Slack and MsTeams Notifications.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce CLI Integration:** It executes the `sf org limits list` command to retrieve the current org limits. It parses the JSON output of this command.\n- **Data Processing:** It iterates through the retrieved limits, calculates the `used` and `percentUsed` values, and assigns a `severity` (success, warning, error) based on the configured thresholds.\n- **Environment Variable Configuration:** Reads `LIMIT_THRESHOLD_WARNING` and `LIMIT_THRESHOLD_ERROR` environment variables to set the warning and error thresholds for limit usage.\n- **Report Generation:** It uses `generateCsvFile` to create the CSV report of org limits.\n- **Notification Integration:** It integrates with the `NotifProvider` to send notifications, including attachments of the generated CSV report and detailed metrics for each limit, which can be consumed by monitoring dashboards like Grafana.\n- **Exit Code Management:** Sets the process exit code to 1 if any limit is in an 'error' state, indicating a critical issue.\n</details>\n",
7642
7681
  "examples": [
7643
- "$ sf hardis:org:diagnose:unusedusers",
7644
- "$ sf hardis:org:diagnose:unusedusers --days 365",
7645
- "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm",
7646
- "$ sf hardis:org:diagnose:unusedusers --days 60 --licenseidentifiers SFDC,AUL,AUL1",
7647
- "$ sf hardis:org:diagnose:unusedusers --days 60 --licensetypes all-crm --returnactiveusers"
7682
+ "$ sf hardis:org:monitor:limits"
7648
7683
  ],
7649
7684
  "flags": {
7650
7685
  "json": {
@@ -7670,41 +7705,6 @@
7670
7705
  "multiple": false,
7671
7706
  "type": "option"
7672
7707
  },
7673
- "days": {
7674
- "char": "t",
7675
- "description": "Extracts the users that have been inactive for the amount of days specified. In CI, default is 180 days",
7676
- "name": "days",
7677
- "hasDynamicHelp": false,
7678
- "multiple": false,
7679
- "type": "option"
7680
- },
7681
- "licensetypes": {
7682
- "char": "l",
7683
- "description": "Type of licenses to check. If set, do not use licenseidentifiers option. In CI, default is all-crm",
7684
- "name": "licensetypes",
7685
- "hasDynamicHelp": false,
7686
- "multiple": false,
7687
- "options": [
7688
- "all",
7689
- "all-crm",
7690
- "all-paying"
7691
- ],
7692
- "type": "option"
7693
- },
7694
- "licenseidentifiers": {
7695
- "char": "i",
7696
- "description": "Comma-separated list of license identifiers, in case licensetypes is not used.. Identifiers available at https://developer.salesforce.com/docs/atlas.en-us.object_reference.meta/object_reference/sforce_api_objects_userlicense.htm",
7697
- "name": "licenseidentifiers",
7698
- "hasDynamicHelp": false,
7699
- "multiple": false,
7700
- "type": "option"
7701
- },
7702
- "returnactiveusers": {
7703
- "description": "Inverts the command by returning the active users",
7704
- "name": "returnactiveusers",
7705
- "allowNo": false,
7706
- "type": "boolean"
7707
- },
7708
7708
  "debug": {
7709
7709
  "char": "d",
7710
7710
  "description": "Activate debug mode (more logs)",
@@ -7743,49 +7743,50 @@
7743
7743
  },
7744
7744
  "hasDynamicHelp": true,
7745
7745
  "hiddenAliases": [],
7746
- "id": "hardis:org:diagnose:unusedusers",
7746
+ "id": "hardis:org:monitor:limits",
7747
7747
  "pluginAlias": "sfdx-hardis",
7748
7748
  "pluginName": "sfdx-hardis",
7749
7749
  "pluginType": "core",
7750
7750
  "strict": true,
7751
7751
  "enableJsonFlag": true,
7752
- "title": "Detect unused Users in Salesforce",
7753
- "requiresProject": false,
7752
+ "title": "Check org limits",
7753
+ "requiresProject": true,
7754
+ "triggerNotification": true,
7754
7755
  "isESM": true,
7755
7756
  "relativePath": [
7756
7757
  "lib",
7757
7758
  "commands",
7758
7759
  "hardis",
7759
7760
  "org",
7760
- "diagnose",
7761
- "unusedusers.js"
7761
+ "monitor",
7762
+ "limits.js"
7762
7763
  ],
7763
7764
  "aliasPermutations": [],
7764
7765
  "permutations": [
7765
- "hardis:org:diagnose:unusedusers",
7766
- "org:hardis:diagnose:unusedusers",
7767
- "org:diagnose:hardis:unusedusers",
7768
- "org:diagnose:unusedusers:hardis",
7769
- "hardis:diagnose:org:unusedusers",
7770
- "diagnose:hardis:org:unusedusers",
7771
- "diagnose:org:hardis:unusedusers",
7772
- "diagnose:org:unusedusers:hardis",
7773
- "hardis:diagnose:unusedusers:org",
7774
- "diagnose:hardis:unusedusers:org",
7775
- "diagnose:unusedusers:hardis:org",
7776
- "diagnose:unusedusers:org:hardis",
7777
- "hardis:org:unusedusers:diagnose",
7778
- "org:hardis:unusedusers:diagnose",
7779
- "org:unusedusers:hardis:diagnose",
7780
- "org:unusedusers:diagnose:hardis",
7781
- "hardis:unusedusers:org:diagnose",
7782
- "unusedusers:hardis:org:diagnose",
7783
- "unusedusers:org:hardis:diagnose",
7784
- "unusedusers:org:diagnose:hardis",
7785
- "hardis:unusedusers:diagnose:org",
7786
- "unusedusers:hardis:diagnose:org",
7787
- "unusedusers:diagnose:hardis:org",
7788
- "unusedusers:diagnose:org:hardis"
7766
+ "hardis:org:monitor:limits",
7767
+ "org:hardis:monitor:limits",
7768
+ "org:monitor:hardis:limits",
7769
+ "org:monitor:limits:hardis",
7770
+ "hardis:monitor:org:limits",
7771
+ "monitor:hardis:org:limits",
7772
+ "monitor:org:hardis:limits",
7773
+ "monitor:org:limits:hardis",
7774
+ "hardis:monitor:limits:org",
7775
+ "monitor:hardis:limits:org",
7776
+ "monitor:limits:hardis:org",
7777
+ "monitor:limits:org:hardis",
7778
+ "hardis:org:limits:monitor",
7779
+ "org:hardis:limits:monitor",
7780
+ "org:limits:hardis:monitor",
7781
+ "org:limits:monitor:hardis",
7782
+ "hardis:limits:org:monitor",
7783
+ "limits:hardis:org:monitor",
7784
+ "limits:org:hardis:monitor",
7785
+ "limits:org:monitor:hardis",
7786
+ "hardis:limits:monitor:org",
7787
+ "limits:hardis:monitor:org",
7788
+ "limits:monitor:hardis:org",
7789
+ "limits:monitor:org:hardis"
7789
7790
  ]
7790
7791
  },
7791
7792
  "hardis:org:purge:apexlog": {
@@ -9689,12 +9690,12 @@
9689
9690
  "remotesites:audit:project:hardis"
9690
9691
  ]
9691
9692
  },
9692
- "hardis:project:convert:profilestopermsets": {
9693
+ "hardis:project:configure:auth": {
9693
9694
  "aliases": [],
9694
9695
  "args": {},
9695
- "description": "\n## Command Behavior\n\n**Converts existing Salesforce Profiles into Permission Sets, facilitating a more granular and recommended security model.**\n\nThis command helps in migrating permissions from Profiles to Permission Sets, which is a best practice for managing user access in Salesforce. It creates a new Permission Set for each specified Profile, adopting a naming convention of `PS_PROFILENAME`.\n\nKey functionalities:\n\n- **Profile to Permission Set Conversion:** Automatically extracts permissions from a Profile and creates a corresponding Permission Set.\n- **Naming Convention:** New Permission Sets are named with a `PS_` prefix followed by the Profile name (e.g., `PS_Standard_User`).\n- **Exclusion Filter:** Allows you to exclude specific Profiles from the conversion process using the `--except` flag.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **External Plugin Integration:** It relies on the `shane-sfdx-plugins` (specifically the `sf shane:profile:convert` command) to perform the actual conversion.\n- **File System Scan:** It reads the contents of the `force-app/main/default/profiles` directory to identify all available Profile metadata files.\n- **Command Execution:** For each identified Profile (that is not excluded), it constructs and executes the `sf shane:profile:convert` command with the appropriate Profile name and desired Permission Set name.\n- **Error Handling:** Includes basic error handling for the external command execution.\n</details>\n",
9696
+ "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
9696
9697
  "examples": [
9697
- "$ sf hardis:project:convert:profilestopermsets"
9698
+ "$ sf hardis:project:configure:auth"
9698
9699
  ],
9699
9700
  "flags": {
9700
9701
  "json": {
@@ -9712,14 +9713,12 @@
9712
9713
  "multiple": false,
9713
9714
  "type": "option"
9714
9715
  },
9715
- "except": {
9716
- "char": "e",
9717
- "description": "List of filters",
9718
- "name": "except",
9719
- "default": [],
9720
- "hasDynamicHelp": false,
9721
- "multiple": true,
9722
- "type": "option"
9716
+ "devhub": {
9717
+ "char": "b",
9718
+ "description": "Configure project DevHub",
9719
+ "name": "devhub",
9720
+ "allowNo": false,
9721
+ "type": "boolean"
9723
9722
  },
9724
9723
  "debug": {
9725
9724
  "char": "d",
@@ -9740,20 +9739,48 @@
9740
9739
  "name": "skipauth",
9741
9740
  "allowNo": false,
9742
9741
  "type": "boolean"
9742
+ },
9743
+ "target-org": {
9744
+ "aliases": [
9745
+ "targetusername",
9746
+ "u"
9747
+ ],
9748
+ "char": "o",
9749
+ "deprecateAliases": true,
9750
+ "name": "target-org",
9751
+ "noCacheDefault": true,
9752
+ "summary": "Username or alias of the target org.",
9753
+ "hasDynamicHelp": true,
9754
+ "multiple": false,
9755
+ "type": "option"
9756
+ },
9757
+ "target-dev-hub": {
9758
+ "aliases": [
9759
+ "targetdevhubusername"
9760
+ ],
9761
+ "char": "v",
9762
+ "deprecateAliases": true,
9763
+ "name": "target-dev-hub",
9764
+ "noCacheDefault": true,
9765
+ "required": false,
9766
+ "summary": "Username or alias of the Dev Hub org.",
9767
+ "hasDynamicHelp": true,
9768
+ "multiple": false,
9769
+ "type": "option"
9743
9770
  }
9744
9771
  },
9745
- "hasDynamicHelp": false,
9772
+ "hasDynamicHelp": true,
9746
9773
  "hiddenAliases": [],
9747
- "id": "hardis:project:convert:profilestopermsets",
9774
+ "id": "hardis:project:configure:auth",
9748
9775
  "pluginAlias": "sfdx-hardis",
9749
9776
  "pluginName": "sfdx-hardis",
9750
9777
  "pluginType": "core",
9751
9778
  "strict": true,
9752
9779
  "enableJsonFlag": true,
9753
- "title": "Convert Profiles into Permission Sets",
9754
- "requiresProject": true,
9755
- "requiresSfdxPlugins": [
9756
- "shane-sfdx-plugins"
9780
+ "title": "Configure authentication",
9781
+ "requiresProject": false,
9782
+ "requiresDependencies": [
9783
+ "openssl"
9757
9784
  ],
9758
9785
  "isESM": true,
9759
9786
  "relativePath": [
@@ -9761,35 +9788,35 @@
9761
9788
  "commands",
9762
9789
  "hardis",
9763
9790
  "project",
9764
- "convert",
9765
- "profilestopermsets.js"
9791
+ "configure",
9792
+ "auth.js"
9766
9793
  ],
9767
9794
  "aliasPermutations": [],
9768
9795
  "permutations": [
9769
- "hardis:project:convert:profilestopermsets",
9770
- "project:hardis:convert:profilestopermsets",
9771
- "project:convert:hardis:profilestopermsets",
9772
- "project:convert:profilestopermsets:hardis",
9773
- "hardis:convert:project:profilestopermsets",
9774
- "convert:hardis:project:profilestopermsets",
9775
- "convert:project:hardis:profilestopermsets",
9776
- "convert:project:profilestopermsets:hardis",
9777
- "hardis:convert:profilestopermsets:project",
9778
- "convert:hardis:profilestopermsets:project",
9779
- "convert:profilestopermsets:hardis:project",
9780
- "convert:profilestopermsets:project:hardis",
9781
- "hardis:project:profilestopermsets:convert",
9782
- "project:hardis:profilestopermsets:convert",
9783
- "project:profilestopermsets:hardis:convert",
9784
- "project:profilestopermsets:convert:hardis",
9785
- "hardis:profilestopermsets:project:convert",
9786
- "profilestopermsets:hardis:project:convert",
9787
- "profilestopermsets:project:hardis:convert",
9788
- "profilestopermsets:project:convert:hardis",
9789
- "hardis:profilestopermsets:convert:project",
9790
- "profilestopermsets:hardis:convert:project",
9791
- "profilestopermsets:convert:hardis:project",
9792
- "profilestopermsets:convert:project:hardis"
9796
+ "hardis:project:configure:auth",
9797
+ "project:hardis:configure:auth",
9798
+ "project:configure:hardis:auth",
9799
+ "project:configure:auth:hardis",
9800
+ "hardis:configure:project:auth",
9801
+ "configure:hardis:project:auth",
9802
+ "configure:project:hardis:auth",
9803
+ "configure:project:auth:hardis",
9804
+ "hardis:configure:auth:project",
9805
+ "configure:hardis:auth:project",
9806
+ "configure:auth:hardis:project",
9807
+ "configure:auth:project:hardis",
9808
+ "hardis:project:auth:configure",
9809
+ "project:hardis:auth:configure",
9810
+ "project:auth:hardis:configure",
9811
+ "project:auth:configure:hardis",
9812
+ "hardis:auth:project:configure",
9813
+ "auth:hardis:project:configure",
9814
+ "auth:project:hardis:configure",
9815
+ "auth:project:configure:hardis",
9816
+ "hardis:auth:configure:project",
9817
+ "auth:hardis:configure:project",
9818
+ "auth:configure:hardis:project",
9819
+ "auth:configure:project:hardis"
9793
9820
  ]
9794
9821
  },
9795
9822
  "hardis:project:clean:emptyitems": {
@@ -11277,12 +11304,12 @@
11277
11304
  "xml:clean:project:hardis"
11278
11305
  ]
11279
11306
  },
11280
- "hardis:project:configure:auth": {
11307
+ "hardis:project:convert:profilestopermsets": {
11281
11308
  "aliases": [],
11282
11309
  "args": {},
11283
- "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
11310
+ "description": "\n## Command Behavior\n\n**Converts existing Salesforce Profiles into Permission Sets, facilitating a more granular and recommended security model.**\n\nThis command helps in migrating permissions from Profiles to Permission Sets, which is a best practice for managing user access in Salesforce. It creates a new Permission Set for each specified Profile, adopting a naming convention of `PS_PROFILENAME`.\n\nKey functionalities:\n\n- **Profile to Permission Set Conversion:** Automatically extracts permissions from a Profile and creates a corresponding Permission Set.\n- **Naming Convention:** New Permission Sets are named with a `PS_` prefix followed by the Profile name (e.g., `PS_Standard_User`).\n- **Exclusion Filter:** Allows you to exclude specific Profiles from the conversion process using the `--except` flag.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **External Plugin Integration:** It relies on the `shane-sfdx-plugins` (specifically the `sf shane:profile:convert` command) to perform the actual conversion.\n- **File System Scan:** It reads the contents of the `force-app/main/default/profiles` directory to identify all available Profile metadata files.\n- **Command Execution:** For each identified Profile (that is not excluded), it constructs and executes the `sf shane:profile:convert` command with the appropriate Profile name and desired Permission Set name.\n- **Error Handling:** Includes basic error handling for the external command execution.\n</details>\n",
11284
11311
  "examples": [
11285
- "$ sf hardis:project:configure:auth"
11312
+ "$ sf hardis:project:convert:profilestopermsets"
11286
11313
  ],
11287
11314
  "flags": {
11288
11315
  "json": {
@@ -11300,13 +11327,118 @@
11300
11327
  "multiple": false,
11301
11328
  "type": "option"
11302
11329
  },
11303
- "devhub": {
11304
- "char": "b",
11305
- "description": "Configure project DevHub",
11306
- "name": "devhub",
11330
+ "except": {
11331
+ "char": "e",
11332
+ "description": "List of filters",
11333
+ "name": "except",
11334
+ "default": [],
11335
+ "hasDynamicHelp": false,
11336
+ "multiple": true,
11337
+ "type": "option"
11338
+ },
11339
+ "debug": {
11340
+ "char": "d",
11341
+ "description": "Activate debug mode (more logs)",
11342
+ "name": "debug",
11343
+ "allowNo": false,
11344
+ "type": "boolean"
11345
+ },
11346
+ "websocket": {
11347
+ "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
11348
+ "name": "websocket",
11349
+ "hasDynamicHelp": false,
11350
+ "multiple": false,
11351
+ "type": "option"
11352
+ },
11353
+ "skipauth": {
11354
+ "description": "Skip authentication check when a default username is required",
11355
+ "name": "skipauth",
11356
+ "allowNo": false,
11357
+ "type": "boolean"
11358
+ }
11359
+ },
11360
+ "hasDynamicHelp": false,
11361
+ "hiddenAliases": [],
11362
+ "id": "hardis:project:convert:profilestopermsets",
11363
+ "pluginAlias": "sfdx-hardis",
11364
+ "pluginName": "sfdx-hardis",
11365
+ "pluginType": "core",
11366
+ "strict": true,
11367
+ "enableJsonFlag": true,
11368
+ "title": "Convert Profiles into Permission Sets",
11369
+ "requiresProject": true,
11370
+ "requiresSfdxPlugins": [
11371
+ "shane-sfdx-plugins"
11372
+ ],
11373
+ "isESM": true,
11374
+ "relativePath": [
11375
+ "lib",
11376
+ "commands",
11377
+ "hardis",
11378
+ "project",
11379
+ "convert",
11380
+ "profilestopermsets.js"
11381
+ ],
11382
+ "aliasPermutations": [],
11383
+ "permutations": [
11384
+ "hardis:project:convert:profilestopermsets",
11385
+ "project:hardis:convert:profilestopermsets",
11386
+ "project:convert:hardis:profilestopermsets",
11387
+ "project:convert:profilestopermsets:hardis",
11388
+ "hardis:convert:project:profilestopermsets",
11389
+ "convert:hardis:project:profilestopermsets",
11390
+ "convert:project:hardis:profilestopermsets",
11391
+ "convert:project:profilestopermsets:hardis",
11392
+ "hardis:convert:profilestopermsets:project",
11393
+ "convert:hardis:profilestopermsets:project",
11394
+ "convert:profilestopermsets:hardis:project",
11395
+ "convert:profilestopermsets:project:hardis",
11396
+ "hardis:project:profilestopermsets:convert",
11397
+ "project:hardis:profilestopermsets:convert",
11398
+ "project:profilestopermsets:hardis:convert",
11399
+ "project:profilestopermsets:convert:hardis",
11400
+ "hardis:profilestopermsets:project:convert",
11401
+ "profilestopermsets:hardis:project:convert",
11402
+ "profilestopermsets:project:hardis:convert",
11403
+ "profilestopermsets:project:convert:hardis",
11404
+ "hardis:profilestopermsets:convert:project",
11405
+ "profilestopermsets:hardis:convert:project",
11406
+ "profilestopermsets:convert:hardis:project",
11407
+ "profilestopermsets:convert:project:hardis"
11408
+ ]
11409
+ },
11410
+ "hardis:project:fix:profiletabs": {
11411
+ "aliases": [],
11412
+ "args": {},
11413
+ "description": "\n## Command Behavior\n\n**Interactively updates tab visibility settings in Salesforce profiles, addressing a common issue where tab visibilities are not correctly retrieved by `sf project retrieve start`.**\n\nThis command provides a user-friendly interface to manage tab settings within your profile XML files, ensuring that your local project accurately reflects the intended tab configurations in your Salesforce org.\n\nKey functionalities:\n\n- **Interactive Tab Selection:** Displays a multi-select menu of all available tabs in your org, allowing you to choose which tabs to update.\n- **Visibility Control:** Lets you set the visibility for the selected tabs to either `DefaultOn` (Visible) or `Hidden`.\n- **Profile Selection:** Presents a multi-select menu of all .profile-meta.xml files in your project, allowing you to apply the tab visibility changes to specific profiles.\n- **XML Updates:** Modifies the <tabVisibilities> section of the selected profile XML files to reflect the chosen tab settings. If a tab visibility setting already exists for a selected tab, it will be updated; otherwise, a new one will be added.\n- **Sorted Output:** The <tabVisibilities> in the updated profile XML files are sorted alphabetically for consistency and readability.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `TabDefinition` object using `soqlQueryTooling` to retrieve a list of all available tabs in the target org.\n- **File Discovery:** Uses `glob` to find all .profile-meta.xml files within the specified project path.\n- **Interactive Prompts:** Leverages the `prompts` library to create interactive menus for selecting tabs, visibility settings, and profiles.\n- **XML Parsing and Manipulation:** Uses `parseXmlFile` to read the content of profile XML files and `writeXmlFile` to write the modified content back. It manipulates the `tabVisibilities` array within the parsed XML to add or update tab settings.\n- **Array Sorting:** Employs the `sort-array` library to sort the `tabVisibilities` alphabetically by tab name.\n- **Logging:** Provides feedback to the user about which profiles have been updated and a summary of the changes.\n</details>\n",
11414
+ "examples": [
11415
+ "$ sf hardis:project:fix:profiletabs"
11416
+ ],
11417
+ "flags": {
11418
+ "json": {
11419
+ "description": "Format output as json.",
11420
+ "helpGroup": "GLOBAL",
11421
+ "name": "json",
11307
11422
  "allowNo": false,
11308
11423
  "type": "boolean"
11309
11424
  },
11425
+ "flags-dir": {
11426
+ "helpGroup": "GLOBAL",
11427
+ "name": "flags-dir",
11428
+ "summary": "Import flag values from a directory.",
11429
+ "hasDynamicHelp": false,
11430
+ "multiple": false,
11431
+ "type": "option"
11432
+ },
11433
+ "path": {
11434
+ "char": "p",
11435
+ "description": "Root folder",
11436
+ "name": "path",
11437
+ "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
11438
+ "hasDynamicHelp": false,
11439
+ "multiple": false,
11440
+ "type": "option"
11441
+ },
11310
11442
  "debug": {
11311
11443
  "char": "d",
11312
11444
  "description": "Activate debug mode (more logs)",
@@ -11336,21 +11468,8 @@
11336
11468
  "deprecateAliases": true,
11337
11469
  "name": "target-org",
11338
11470
  "noCacheDefault": true,
11339
- "summary": "Username or alias of the target org.",
11340
- "hasDynamicHelp": true,
11341
- "multiple": false,
11342
- "type": "option"
11343
- },
11344
- "target-dev-hub": {
11345
- "aliases": [
11346
- "targetdevhubusername"
11347
- ],
11348
- "char": "v",
11349
- "deprecateAliases": true,
11350
- "name": "target-dev-hub",
11351
- "noCacheDefault": true,
11352
- "required": false,
11353
- "summary": "Username or alias of the Dev Hub org.",
11471
+ "required": true,
11472
+ "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
11354
11473
  "hasDynamicHelp": true,
11355
11474
  "multiple": false,
11356
11475
  "type": "option"
@@ -11358,52 +11477,149 @@
11358
11477
  },
11359
11478
  "hasDynamicHelp": true,
11360
11479
  "hiddenAliases": [],
11361
- "id": "hardis:project:configure:auth",
11480
+ "id": "hardis:project:fix:profiletabs",
11362
11481
  "pluginAlias": "sfdx-hardis",
11363
11482
  "pluginName": "sfdx-hardis",
11364
11483
  "pluginType": "core",
11365
11484
  "strict": true,
11366
11485
  "enableJsonFlag": true,
11367
- "title": "Configure authentication",
11368
- "requiresProject": false,
11369
- "requiresDependencies": [
11370
- "openssl"
11371
- ],
11486
+ "title": "Fix profiles to add tabs that are not retrieved by SF CLI",
11487
+ "requiresProject": true,
11372
11488
  "isESM": true,
11373
11489
  "relativePath": [
11374
11490
  "lib",
11375
11491
  "commands",
11376
11492
  "hardis",
11377
11493
  "project",
11378
- "configure",
11379
- "auth.js"
11494
+ "fix",
11495
+ "profiletabs.js"
11380
11496
  ],
11381
11497
  "aliasPermutations": [],
11382
11498
  "permutations": [
11383
- "hardis:project:configure:auth",
11384
- "project:hardis:configure:auth",
11385
- "project:configure:hardis:auth",
11386
- "project:configure:auth:hardis",
11387
- "hardis:configure:project:auth",
11388
- "configure:hardis:project:auth",
11389
- "configure:project:hardis:auth",
11390
- "configure:project:auth:hardis",
11391
- "hardis:configure:auth:project",
11392
- "configure:hardis:auth:project",
11393
- "configure:auth:hardis:project",
11394
- "configure:auth:project:hardis",
11395
- "hardis:project:auth:configure",
11396
- "project:hardis:auth:configure",
11397
- "project:auth:hardis:configure",
11398
- "project:auth:configure:hardis",
11399
- "hardis:auth:project:configure",
11400
- "auth:hardis:project:configure",
11401
- "auth:project:hardis:configure",
11402
- "auth:project:configure:hardis",
11403
- "hardis:auth:configure:project",
11404
- "auth:hardis:configure:project",
11405
- "auth:configure:hardis:project",
11406
- "auth:configure:project:hardis"
11499
+ "hardis:project:fix:profiletabs",
11500
+ "project:hardis:fix:profiletabs",
11501
+ "project:fix:hardis:profiletabs",
11502
+ "project:fix:profiletabs:hardis",
11503
+ "hardis:fix:project:profiletabs",
11504
+ "fix:hardis:project:profiletabs",
11505
+ "fix:project:hardis:profiletabs",
11506
+ "fix:project:profiletabs:hardis",
11507
+ "hardis:fix:profiletabs:project",
11508
+ "fix:hardis:profiletabs:project",
11509
+ "fix:profiletabs:hardis:project",
11510
+ "fix:profiletabs:project:hardis",
11511
+ "hardis:project:profiletabs:fix",
11512
+ "project:hardis:profiletabs:fix",
11513
+ "project:profiletabs:hardis:fix",
11514
+ "project:profiletabs:fix:hardis",
11515
+ "hardis:profiletabs:project:fix",
11516
+ "profiletabs:hardis:project:fix",
11517
+ "profiletabs:project:hardis:fix",
11518
+ "profiletabs:project:fix:hardis",
11519
+ "hardis:profiletabs:fix:project",
11520
+ "profiletabs:hardis:fix:project",
11521
+ "profiletabs:fix:hardis:project",
11522
+ "profiletabs:fix:project:hardis"
11523
+ ]
11524
+ },
11525
+ "hardis:project:fix:v53flexipages": {
11526
+ "aliases": [],
11527
+ "args": {},
11528
+ "description": "\n## Command Behavior\n\n**Fixes Salesforce FlexiPages for compatibility with API Version 53.0 (Winter '22 release) by adding missing identifiers to component instances.**\n\nSalesforce introduced a change in API Version 53.0 that requires `identifier` tags within `componentInstance` and `fieldInstance` elements in FlexiPage metadata. If these identifiers are missing, deployments to orgs with API version 53.0 or higher will fail. This command automates the process of adding these missing identifiers, ensuring your FlexiPages remain deployable.\n\nKey functionalities:\n\n- **Targeted FlexiPage Processing:** Scans all .flexipage-meta.xml files within the specified root folder (defaults to current working directory).\n- **Identifier Injection:** Inserts a unique `identifier` tag (e.g., `SFDX_HARDIS_REPLACEMENT_ID`) into `componentInstance` and `fieldInstance` elements that lack one.\n\n**Important Note:** After running this command, ensure you update your `apiVersion` to `53.0` (or higher) in your `package.xml` and `sfdx-project.json` files.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **File Discovery:** Uses `glob` to find all .flexipage-meta.xml files.\n- **Content Reading:** Reads the XML content of each FlexiPage file.\n- **Regular Expression Replacement:** Employs a set of regular expressions to identify specific XML patterns (componentName.../componentName.../componentInstance, componentName.../componentName.../visibilityRule, fieldItem.../fieldItem.../fieldInstance) that are missing the `identifier` tag.\n- **Dynamic ID Generation:** For each match, it generates a unique identifier (e.g., `sfdxHardisIdX`) and injects it into the XML structure.\n- **File Writing:** If changes are made, the modified XML content is written back to the FlexiPage file using `fs.writeFile`.\n- **Logging:** Provides messages about which FlexiPages are being processed and a summary of the total number of identifiers added.\n</details>\n",
11529
+ "examples": [
11530
+ "$ sf hardis:project:fix:v53flexipages"
11531
+ ],
11532
+ "flags": {
11533
+ "json": {
11534
+ "description": "Format output as json.",
11535
+ "helpGroup": "GLOBAL",
11536
+ "name": "json",
11537
+ "allowNo": false,
11538
+ "type": "boolean"
11539
+ },
11540
+ "flags-dir": {
11541
+ "helpGroup": "GLOBAL",
11542
+ "name": "flags-dir",
11543
+ "summary": "Import flag values from a directory.",
11544
+ "hasDynamicHelp": false,
11545
+ "multiple": false,
11546
+ "type": "option"
11547
+ },
11548
+ "path": {
11549
+ "char": "p",
11550
+ "description": "Root folder",
11551
+ "name": "path",
11552
+ "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
11553
+ "hasDynamicHelp": false,
11554
+ "multiple": false,
11555
+ "type": "option"
11556
+ },
11557
+ "debug": {
11558
+ "char": "d",
11559
+ "description": "Activate debug mode (more logs)",
11560
+ "name": "debug",
11561
+ "allowNo": false,
11562
+ "type": "boolean"
11563
+ },
11564
+ "websocket": {
11565
+ "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
11566
+ "name": "websocket",
11567
+ "hasDynamicHelp": false,
11568
+ "multiple": false,
11569
+ "type": "option"
11570
+ },
11571
+ "skipauth": {
11572
+ "description": "Skip authentication check when a default username is required",
11573
+ "name": "skipauth",
11574
+ "allowNo": false,
11575
+ "type": "boolean"
11576
+ }
11577
+ },
11578
+ "hasDynamicHelp": false,
11579
+ "hiddenAliases": [],
11580
+ "id": "hardis:project:fix:v53flexipages",
11581
+ "pluginAlias": "sfdx-hardis",
11582
+ "pluginName": "sfdx-hardis",
11583
+ "pluginType": "core",
11584
+ "strict": true,
11585
+ "enableJsonFlag": true,
11586
+ "title": "Fix flexipages for v53",
11587
+ "requiresProject": true,
11588
+ "isESM": true,
11589
+ "relativePath": [
11590
+ "lib",
11591
+ "commands",
11592
+ "hardis",
11593
+ "project",
11594
+ "fix",
11595
+ "v53flexipages.js"
11596
+ ],
11597
+ "aliasPermutations": [],
11598
+ "permutations": [
11599
+ "hardis:project:fix:v53flexipages",
11600
+ "project:hardis:fix:v53flexipages",
11601
+ "project:fix:hardis:v53flexipages",
11602
+ "project:fix:v53flexipages:hardis",
11603
+ "hardis:fix:project:v53flexipages",
11604
+ "fix:hardis:project:v53flexipages",
11605
+ "fix:project:hardis:v53flexipages",
11606
+ "fix:project:v53flexipages:hardis",
11607
+ "hardis:fix:v53flexipages:project",
11608
+ "fix:hardis:v53flexipages:project",
11609
+ "fix:v53flexipages:hardis:project",
11610
+ "fix:v53flexipages:project:hardis",
11611
+ "hardis:project:v53flexipages:fix",
11612
+ "project:hardis:v53flexipages:fix",
11613
+ "project:v53flexipages:hardis:fix",
11614
+ "project:v53flexipages:fix:hardis",
11615
+ "hardis:v53flexipages:project:fix",
11616
+ "v53flexipages:hardis:project:fix",
11617
+ "v53flexipages:project:hardis:fix",
11618
+ "v53flexipages:project:fix:hardis",
11619
+ "hardis:v53flexipages:fix:project",
11620
+ "v53flexipages:hardis:fix:project",
11621
+ "v53flexipages:fix:hardis:project",
11622
+ "v53flexipages:fix:project:hardis"
11407
11623
  ]
11408
11624
  },
11409
11625
  "hardis:project:deploy:notify": {
@@ -12581,221 +12797,6 @@
12581
12797
  "validate:deploy:project:hardis"
12582
12798
  ]
12583
12799
  },
12584
- "hardis:project:fix:profiletabs": {
12585
- "aliases": [],
12586
- "args": {},
12587
- "description": "\n## Command Behavior\n\n**Interactively updates tab visibility settings in Salesforce profiles, addressing a common issue where tab visibilities are not correctly retrieved by `sf project retrieve start`.**\n\nThis command provides a user-friendly interface to manage tab settings within your profile XML files, ensuring that your local project accurately reflects the intended tab configurations in your Salesforce org.\n\nKey functionalities:\n\n- **Interactive Tab Selection:** Displays a multi-select menu of all available tabs in your org, allowing you to choose which tabs to update.\n- **Visibility Control:** Lets you set the visibility for the selected tabs to either `DefaultOn` (Visible) or `Hidden`.\n- **Profile Selection:** Presents a multi-select menu of all .profile-meta.xml files in your project, allowing you to apply the tab visibility changes to specific profiles.\n- **XML Updates:** Modifies the <tabVisibilities> section of the selected profile XML files to reflect the chosen tab settings. If a tab visibility setting already exists for a selected tab, it will be updated; otherwise, a new one will be added.\n- **Sorted Output:** The <tabVisibilities> in the updated profile XML files are sorted alphabetically for consistency and readability.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `TabDefinition` object using `soqlQueryTooling` to retrieve a list of all available tabs in the target org.\n- **File Discovery:** Uses `glob` to find all .profile-meta.xml files within the specified project path.\n- **Interactive Prompts:** Leverages the `prompts` library to create interactive menus for selecting tabs, visibility settings, and profiles.\n- **XML Parsing and Manipulation:** Uses `parseXmlFile` to read the content of profile XML files and `writeXmlFile` to write the modified content back. It manipulates the `tabVisibilities` array within the parsed XML to add or update tab settings.\n- **Array Sorting:** Employs the `sort-array` library to sort the `tabVisibilities` alphabetically by tab name.\n- **Logging:** Provides feedback to the user about which profiles have been updated and a summary of the changes.\n</details>\n",
12588
- "examples": [
12589
- "$ sf hardis:project:fix:profiletabs"
12590
- ],
12591
- "flags": {
12592
- "json": {
12593
- "description": "Format output as json.",
12594
- "helpGroup": "GLOBAL",
12595
- "name": "json",
12596
- "allowNo": false,
12597
- "type": "boolean"
12598
- },
12599
- "flags-dir": {
12600
- "helpGroup": "GLOBAL",
12601
- "name": "flags-dir",
12602
- "summary": "Import flag values from a directory.",
12603
- "hasDynamicHelp": false,
12604
- "multiple": false,
12605
- "type": "option"
12606
- },
12607
- "path": {
12608
- "char": "p",
12609
- "description": "Root folder",
12610
- "name": "path",
12611
- "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
12612
- "hasDynamicHelp": false,
12613
- "multiple": false,
12614
- "type": "option"
12615
- },
12616
- "debug": {
12617
- "char": "d",
12618
- "description": "Activate debug mode (more logs)",
12619
- "name": "debug",
12620
- "allowNo": false,
12621
- "type": "boolean"
12622
- },
12623
- "websocket": {
12624
- "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
12625
- "name": "websocket",
12626
- "hasDynamicHelp": false,
12627
- "multiple": false,
12628
- "type": "option"
12629
- },
12630
- "skipauth": {
12631
- "description": "Skip authentication check when a default username is required",
12632
- "name": "skipauth",
12633
- "allowNo": false,
12634
- "type": "boolean"
12635
- },
12636
- "target-org": {
12637
- "aliases": [
12638
- "targetusername",
12639
- "u"
12640
- ],
12641
- "char": "o",
12642
- "deprecateAliases": true,
12643
- "name": "target-org",
12644
- "noCacheDefault": true,
12645
- "required": true,
12646
- "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
12647
- "hasDynamicHelp": true,
12648
- "multiple": false,
12649
- "type": "option"
12650
- }
12651
- },
12652
- "hasDynamicHelp": true,
12653
- "hiddenAliases": [],
12654
- "id": "hardis:project:fix:profiletabs",
12655
- "pluginAlias": "sfdx-hardis",
12656
- "pluginName": "sfdx-hardis",
12657
- "pluginType": "core",
12658
- "strict": true,
12659
- "enableJsonFlag": true,
12660
- "title": "Fix profiles to add tabs that are not retrieved by SF CLI",
12661
- "requiresProject": true,
12662
- "isESM": true,
12663
- "relativePath": [
12664
- "lib",
12665
- "commands",
12666
- "hardis",
12667
- "project",
12668
- "fix",
12669
- "profiletabs.js"
12670
- ],
12671
- "aliasPermutations": [],
12672
- "permutations": [
12673
- "hardis:project:fix:profiletabs",
12674
- "project:hardis:fix:profiletabs",
12675
- "project:fix:hardis:profiletabs",
12676
- "project:fix:profiletabs:hardis",
12677
- "hardis:fix:project:profiletabs",
12678
- "fix:hardis:project:profiletabs",
12679
- "fix:project:hardis:profiletabs",
12680
- "fix:project:profiletabs:hardis",
12681
- "hardis:fix:profiletabs:project",
12682
- "fix:hardis:profiletabs:project",
12683
- "fix:profiletabs:hardis:project",
12684
- "fix:profiletabs:project:hardis",
12685
- "hardis:project:profiletabs:fix",
12686
- "project:hardis:profiletabs:fix",
12687
- "project:profiletabs:hardis:fix",
12688
- "project:profiletabs:fix:hardis",
12689
- "hardis:profiletabs:project:fix",
12690
- "profiletabs:hardis:project:fix",
12691
- "profiletabs:project:hardis:fix",
12692
- "profiletabs:project:fix:hardis",
12693
- "hardis:profiletabs:fix:project",
12694
- "profiletabs:hardis:fix:project",
12695
- "profiletabs:fix:hardis:project",
12696
- "profiletabs:fix:project:hardis"
12697
- ]
12698
- },
12699
- "hardis:project:fix:v53flexipages": {
12700
- "aliases": [],
12701
- "args": {},
12702
- "description": "\n## Command Behavior\n\n**Fixes Salesforce FlexiPages for compatibility with API Version 53.0 (Winter '22 release) by adding missing identifiers to component instances.**\n\nSalesforce introduced a change in API Version 53.0 that requires `identifier` tags within `componentInstance` and `fieldInstance` elements in FlexiPage metadata. If these identifiers are missing, deployments to orgs with API version 53.0 or higher will fail. This command automates the process of adding these missing identifiers, ensuring your FlexiPages remain deployable.\n\nKey functionalities:\n\n- **Targeted FlexiPage Processing:** Scans all .flexipage-meta.xml files within the specified root folder (defaults to current working directory).\n- **Identifier Injection:** Inserts a unique `identifier` tag (e.g., `SFDX_HARDIS_REPLACEMENT_ID`) into `componentInstance` and `fieldInstance` elements that lack one.\n\n**Important Note:** After running this command, ensure you update your `apiVersion` to `53.0` (or higher) in your `package.xml` and `sfdx-project.json` files.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **File Discovery:** Uses `glob` to find all .flexipage-meta.xml files.\n- **Content Reading:** Reads the XML content of each FlexiPage file.\n- **Regular Expression Replacement:** Employs a set of regular expressions to identify specific XML patterns (componentName.../componentName.../componentInstance, componentName.../componentName.../visibilityRule, fieldItem.../fieldItem.../fieldInstance) that are missing the `identifier` tag.\n- **Dynamic ID Generation:** For each match, it generates a unique identifier (e.g., `sfdxHardisIdX`) and injects it into the XML structure.\n- **File Writing:** If changes are made, the modified XML content is written back to the FlexiPage file using `fs.writeFile`.\n- **Logging:** Provides messages about which FlexiPages are being processed and a summary of the total number of identifiers added.\n</details>\n",
12703
- "examples": [
12704
- "$ sf hardis:project:fix:v53flexipages"
12705
- ],
12706
- "flags": {
12707
- "json": {
12708
- "description": "Format output as json.",
12709
- "helpGroup": "GLOBAL",
12710
- "name": "json",
12711
- "allowNo": false,
12712
- "type": "boolean"
12713
- },
12714
- "flags-dir": {
12715
- "helpGroup": "GLOBAL",
12716
- "name": "flags-dir",
12717
- "summary": "Import flag values from a directory.",
12718
- "hasDynamicHelp": false,
12719
- "multiple": false,
12720
- "type": "option"
12721
- },
12722
- "path": {
12723
- "char": "p",
12724
- "description": "Root folder",
12725
- "name": "path",
12726
- "default": "/home/runner/work/sfdx-hardis/sfdx-hardis",
12727
- "hasDynamicHelp": false,
12728
- "multiple": false,
12729
- "type": "option"
12730
- },
12731
- "debug": {
12732
- "char": "d",
12733
- "description": "Activate debug mode (more logs)",
12734
- "name": "debug",
12735
- "allowNo": false,
12736
- "type": "boolean"
12737
- },
12738
- "websocket": {
12739
- "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
12740
- "name": "websocket",
12741
- "hasDynamicHelp": false,
12742
- "multiple": false,
12743
- "type": "option"
12744
- },
12745
- "skipauth": {
12746
- "description": "Skip authentication check when a default username is required",
12747
- "name": "skipauth",
12748
- "allowNo": false,
12749
- "type": "boolean"
12750
- }
12751
- },
12752
- "hasDynamicHelp": false,
12753
- "hiddenAliases": [],
12754
- "id": "hardis:project:fix:v53flexipages",
12755
- "pluginAlias": "sfdx-hardis",
12756
- "pluginName": "sfdx-hardis",
12757
- "pluginType": "core",
12758
- "strict": true,
12759
- "enableJsonFlag": true,
12760
- "title": "Fix flexipages for v53",
12761
- "requiresProject": true,
12762
- "isESM": true,
12763
- "relativePath": [
12764
- "lib",
12765
- "commands",
12766
- "hardis",
12767
- "project",
12768
- "fix",
12769
- "v53flexipages.js"
12770
- ],
12771
- "aliasPermutations": [],
12772
- "permutations": [
12773
- "hardis:project:fix:v53flexipages",
12774
- "project:hardis:fix:v53flexipages",
12775
- "project:fix:hardis:v53flexipages",
12776
- "project:fix:v53flexipages:hardis",
12777
- "hardis:fix:project:v53flexipages",
12778
- "fix:hardis:project:v53flexipages",
12779
- "fix:project:hardis:v53flexipages",
12780
- "fix:project:v53flexipages:hardis",
12781
- "hardis:fix:v53flexipages:project",
12782
- "fix:hardis:v53flexipages:project",
12783
- "fix:v53flexipages:hardis:project",
12784
- "fix:v53flexipages:project:hardis",
12785
- "hardis:project:v53flexipages:fix",
12786
- "project:hardis:v53flexipages:fix",
12787
- "project:v53flexipages:hardis:fix",
12788
- "project:v53flexipages:fix:hardis",
12789
- "hardis:v53flexipages:project:fix",
12790
- "v53flexipages:hardis:project:fix",
12791
- "v53flexipages:project:hardis:fix",
12792
- "v53flexipages:project:fix:hardis",
12793
- "hardis:v53flexipages:fix:project",
12794
- "v53flexipages:hardis:fix:project",
12795
- "v53flexipages:fix:hardis:project",
12796
- "v53flexipages:fix:project:hardis"
12797
- ]
12798
- },
12799
12800
  "hardis:project:generate:bypass": {
12800
12801
  "aliases": [],
12801
12802
  "args": {},
@@ -15369,5 +15370,5 @@
15369
15370
  ]
15370
15371
  }
15371
15372
  },
15372
- "version": "6.7.5-beta202510190952.0"
15373
+ "version": "6.8.1"
15373
15374
  }