sfdx-hardis 6.9.1-alpha202510262008.0 → 6.9.1-alpha202510262129.0

package/oclif.manifest.json

@@ -132,13 +132,12 @@
         "clear:cache:hardis"
       ]
     },
-    "hardis:auth:login": {
+    "hardis:config:get": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
       "examples": [
-        "$ sf hardis:auth:login",
-        "CI=true CI_COMMIT_REF_NAME=monitoring_myclient sf hardis:auth:login"
+        "$ sf hardis:project:deploy:sources:metadata"
       ],
       "flags": {
         "json": {
@@ -156,28 +155,20 @@
           "multiple": false,
           "type": "option"
         },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
+        "level": {
+          "char": "l",
+          "description": "project,branch or user",
+          "name": "level",
+          "default": "project",
           "hasDynamicHelp": false,
           "multiple": false,
+          "options": [
+            "project",
+            "branch",
+            "user"
+          ],
           "type": "option"
         },
-        "devhub": {
-          "char": "h",
-          "description": "Also connect associated DevHub",
-          "name": "devhub",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "scratchorg": {
-          "char": "s",
-          "description": "Scratch org",
-          "name": "scratchorg",
-          "allowNo": false,
-          "type": "boolean"
-        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -201,38 +192,39 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:auth:login",
+      "id": "hardis:config:get",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Login",
+      "title": "Deploy metadata sources to org",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "auth",
-        "login.js"
+        "config",
+        "get.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:auth:login",
-        "auth:hardis:login",
-        "auth:login:hardis",
-        "hardis:login:auth",
-        "login:hardis:auth",
-        "login:auth:hardis"
+        "hardis:config:get",
+        "config:hardis:get",
+        "config:get:hardis",
+        "hardis:get:config",
+        "get:hardis:config",
+        "get:config:hardis"
       ]
     },
-    "hardis:config:get": {
+    "hardis:auth:login": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Retrieves and displays the sfdx-hardis configuration for a specified level.**\n\nThis command allows you to inspect the configuration that is currently in effect for your project, which is useful for debugging and understanding how sfdx-hardis will behave.\n\n- **Configuration levels:** It can retrieve configuration from three different levels:\n  - **Project:** The configuration defined in the project's `.sfdx-hardis.yml` file.\n  - **Branch:** The configuration defined in a branch-specific configuration file (e.g., `.sfdx-hardis.production.yml`).\n  - **User:** The global user-level configuration.\n\n## Technical explanations\n\nThe command's logic is straightforward:\n\n- **`getConfig` function:** It calls the `getConfig` utility function, passing the desired configuration level as an argument.\n- **Configuration loading:** The `getConfig` function is responsible for finding the appropriate configuration file, reading its contents, and parsing it as YAML or JSON.\n- **Output:** The retrieved configuration is then displayed to the user as a JSON string.\n",
+      "description": "\n## Command Behavior\n\n**Authenticates to a Salesforce org, primarily designed for CI/CD workflows.**\n\nThis command facilitates secure and automated logins to Salesforce organizations within continuous integration and continuous delivery pipelines. It leverages pre-configured authentication details, ensuring that CI/CD processes can interact with Salesforce without manual intervention.\n\nKey aspects:\n\n- **Configuration-Driven:** It relies on authentication variables and files set up by dedicated configuration commands:\n  - For CI/CD repositories: [Configure Org CI Authentication](https://sfdx-hardis.cloudity.com/hardis/project/configure/auth/)\n  - For Monitoring repositories: [Configure Org Monitoring](https://sfdx-hardis.cloudity.com/hardis/org/configure/monitoring/)\n- **Technical Org Support:** Supports authentication to a 'technical org' (e.g., for calling Agentforce from another org) by utilizing the `SFDX_AUTH_URL_TECHNICAL_ORG` environment variable. If this variable is set, the command authenticates to this org with the alias `TECHNICAL_ORG`.\n\nTo obtain the `SFDX_AUTH_URL_TECHNICAL_ORG` value, you can run `sf org display --verbose --json` and copy the `sfdxAuthUrl` field from the output.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical flow involves:\n\n- **Flag Parsing:** It parses command-line flags such as `instanceurl`, `devhub`, `scratchorg`, and `debug` to determine the authentication context.\n- **Authentication Hook:** It triggers an internal authentication hook (`this.config.runHook('auth', ...`)) which is responsible for executing the actual authentication logic based on the provided flags (e.g., whether it's a Dev Hub or a scratch org).\n- **Environment Variable Check:** It checks for the presence of `SFDX_AUTH_URL_TECHNICAL_ORG` or `TECHNICAL_ORG_ALIAS` environment variables.\n- **`authOrg` Utility:** If a technical org is configured, it calls the `authOrg` utility function to perform the authentication for that specific org, ensuring it's connected and available for subsequent operations.\n- **Salesforce CLI Integration:** It integrates with the Salesforce CLI's authentication mechanisms to establish and manage org connections.\n</details>\n",
       "examples": [
-        "$ sf hardis:project:deploy:sources:metadata"
+        "$ sf hardis:auth:login",
+        "CI=true CI_COMMIT_REF_NAME=monitoring_myclient sf hardis:auth:login"
       ],
       "flags": {
         "json": {
@@ -250,20 +242,28 @@
           "multiple": false,
           "type": "option"
         },
-        "level": {
-          "char": "l",
-          "description": "project,branch or user",
-          "name": "level",
-          "default": "project",
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
           "hasDynamicHelp": false,
           "multiple": false,
-          "options": [
-            "project",
-            "branch",
-            "user"
-          ],
           "type": "option"
         },
+        "devhub": {
+          "char": "h",
+          "description": "Also connect associated DevHub",
+          "name": "devhub",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "scratchorg": {
+          "char": "s",
+          "description": "Scratch org",
+          "name": "scratchorg",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "debug": {
           "char": "d",
           "description": "Activate debug mode (more logs)",
@@ -287,30 +287,30 @@
       },
       "hasDynamicHelp": false,
       "hiddenAliases": [],
-      "id": "hardis:config:get",
+      "id": "hardis:auth:login",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Deploy metadata sources to org",
+      "title": "Login",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "config",
-        "get.js"
+        "auth",
+        "login.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:config:get",
-        "config:hardis:get",
-        "config:get:hardis",
-        "hardis:get:config",
-        "get:hardis:config",
-        "get:config:hardis"
+        "hardis:auth:login",
+        "auth:hardis:login",
+        "auth:login:hardis",
+        "hardis:login:auth",
+        "login:hardis:auth",
+        "login:auth:hardis"
       ]
     },
     "hardis:doc:fieldusage": {
@@ -5808,6 +5808,121 @@
         "import:files:org:hardis"
       ]
     },
+    "hardis:org:fix:listviewmine": {
+      "aliases": [],
+      "args": {},
+      "description": "Fix listviews whose scope Mine has been replaced by Everything\n\n[![Invalid scope:Mine, not allowed ? Deploy your ListViews anyway !](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-scope-mine.jpg)](https://nicolas.vuillamy.fr/invalid-scope-mine-not-allowed-deploy-your-listviews-anyway-443aceca8ac7)\n\nList of ListViews can be:\n\n- read from .sfdx-hardis.yml file in property **listViewsToSetToMine**\n- sent in argument listviews\n\nNote: property **listViewsToSetToMine** can be auto-generated by command hardis:work:save if .sfdx-hardis.yml contains the following configuration\n\n```yaml\nautoCleanTypes:\n  - listViewsMine\n```\n\n- Example of sfdx-hardis.yml property `listViewsToSetToMine`:\n\n```yaml\nlistViewsToSetToMine:\n  - \"force-app/main/default/objects/Operation__c/listViews/MyCurrentOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Operation__c/listViews/MyFinalizedOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/Default_Opportunity_Pipeline.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MyCurrentSubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MySubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Account/listViews/MyActivePartners.listView-meta.xml\"\n```\n\n- If manually written, this could also be:\n\n```yaml\nlistViewsToSetToMine:\n  - \"Operation__c:MyCurrentOperations\"\n  - \"Operation__c:MyFinalizedOperations\"\n  - \"Opportunity:Default_Opportunity_Pipeline\"\n  - \"Opportunity:MyCurrentSubscriptions\"\n  - \"Opportunity:MySubscriptions\"\n  - \"Account:MyActivePartners\"\n```\n\nTroubleshooting: if you need to run this command from an alpine-linux based docker image, use this workaround in your dockerfile:\n\n```dockerfile\n# Do not use puppeteer embedded chromium\nRUN apk add --update --no-cache chromium\nENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=\"true\"\nENV CHROMIUM_PATH=\"/usr/bin/chromium-browser\"\nENV PUPPETEER_EXECUTABLE_PATH=\"$\\{CHROMIUM_PATH}\" // remove \\ before {\n```\n",
+      "examples": [
+        "$ sf hardis:org:fix:listviewmine",
+        "$ sf hardis:org:fix:listviewmine --listviews Opportunity:MySubscriptions,Account:MyActivePartners"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "listviews": {
+          "char": "l",
+          "description": "Comma-separated list of listviews following format Object:ListViewName\nExample: Contact:MyContacts,Contact:MyActiveContacts,Opportunity:MYClosedOpportunities",
+          "name": "listviews",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        }
+      },
+      "hasDynamicHelp": true,
+      "hiddenAliases": [],
+      "id": "hardis:org:fix:listviewmine",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Fix listviews with ",
+      "requiresProject": true,
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "org",
+        "fix",
+        "listviewmine.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:org:fix:listviewmine",
+        "org:hardis:fix:listviewmine",
+        "org:fix:hardis:listviewmine",
+        "org:fix:listviewmine:hardis",
+        "hardis:fix:org:listviewmine",
+        "fix:hardis:org:listviewmine",
+        "fix:org:hardis:listviewmine",
+        "fix:org:listviewmine:hardis",
+        "hardis:fix:listviewmine:org",
+        "fix:hardis:listviewmine:org",
+        "fix:listviewmine:hardis:org",
+        "fix:listviewmine:org:hardis",
+        "hardis:org:listviewmine:fix",
+        "org:hardis:listviewmine:fix",
+        "org:listviewmine:hardis:fix",
+        "org:listviewmine:fix:hardis",
+        "hardis:listviewmine:org:fix",
+        "listviewmine:hardis:org:fix",
+        "listviewmine:org:hardis:fix",
+        "listviewmine:org:fix:hardis",
+        "hardis:listviewmine:fix:org",
+        "listviewmine:hardis:fix:org",
+        "listviewmine:fix:hardis:org",
+        "listviewmine:fix:org:hardis"
+      ]
+    },
     "hardis:org:diagnose:audittrail": {
       "aliases": [],
       "args": {},
@@ -7071,13 +7186,14 @@
         "unusedusers:diagnose:org:hardis"
       ]
     },
-    "hardis:org:fix:listviewmine": {
+    "hardis:org:generate:packagexmlfull": {
       "aliases": [],
       "args": {},
-      "description": "Fix listviews whose scope Mine has been replaced by Everything\n\n[![Invalid scope:Mine, not allowed ? Deploy your ListViews anyway !](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-scope-mine.jpg)](https://nicolas.vuillamy.fr/invalid-scope-mine-not-allowed-deploy-your-listviews-anyway-443aceca8ac7)\n\nList of ListViews can be:\n\n- read from .sfdx-hardis.yml file in property **listViewsToSetToMine**\n- sent in argument listviews\n\nNote: property **listViewsToSetToMine** can be auto-generated by command hardis:work:save if .sfdx-hardis.yml contains the following configuration\n\n```yaml\nautoCleanTypes:\n  - listViewsMine\n```\n\n- Example of sfdx-hardis.yml property `listViewsToSetToMine`:\n\n```yaml\nlistViewsToSetToMine:\n  - \"force-app/main/default/objects/Operation__c/listViews/MyCurrentOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Operation__c/listViews/MyFinalizedOperations.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/Default_Opportunity_Pipeline.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MyCurrentSubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Opportunity/listViews/MySubscriptions.listView-meta.xml\"\n  - \"force-app/main/default/objects/Account/listViews/MyActivePartners.listView-meta.xml\"\n```\n\n- If manually written, this could also be:\n\n```yaml\nlistViewsToSetToMine:\n  - \"Operation__c:MyCurrentOperations\"\n  - \"Operation__c:MyFinalizedOperations\"\n  - \"Opportunity:Default_Opportunity_Pipeline\"\n  - \"Opportunity:MyCurrentSubscriptions\"\n  - \"Opportunity:MySubscriptions\"\n  - \"Account:MyActivePartners\"\n```\n\nTroubleshooting: if you need to run this command from an alpine-linux based docker image, use this workaround in your dockerfile:\n\n```dockerfile\n# Do not use puppeteer embedded chromium\nRUN apk add --update --no-cache chromium\nENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=\"true\"\nENV CHROMIUM_PATH=\"/usr/bin/chromium-browser\"\nENV PUPPETEER_EXECUTABLE_PATH=\"$\\{CHROMIUM_PATH}\" // remove \\ before {\n```\n",
+      "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:fix:listviewmine",
-        "$ sf hardis:org:fix:listviewmine --listviews Opportunity:MySubscriptions,Account:MyActivePartners"
+        "$ sf hardis:org:generate:packagexmlfull",
+        "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
+        "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
       ],
       "flags": {
         "json": {
@@ -7095,10 +7211,9 @@
           "multiple": false,
           "type": "option"
         },
-        "listviews": {
-          "char": "l",
-          "description": "Comma-separated list of listviews following format Object:ListViewName\nExample: Contact:MyContacts,Contact:MyActiveContacts,Opportunity:MYClosedOpportunities",
-          "name": "listviews",
+        "outputfile": {
+          "description": "Output package.xml file",
+          "name": "outputfile",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7110,6 +7225,13 @@
           "allowNo": false,
           "type": "boolean"
         },
+        "no-prompt": {
+          "char": "n",
+          "description": "Do not prompt for org username, use the default one",
+          "name": "no-prompt",
+          "allowNo": false,
+          "type": "boolean"
+        },
         "websocket": {
           "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
@@ -7141,136 +7263,14 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:fix:listviewmine",
+      "id": "hardis:org:generate:packagexmlfull",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Fix listviews with ",
-      "requiresProject": true,
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "org",
-        "fix",
-        "listviewmine.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:org:fix:listviewmine",
-        "org:hardis:fix:listviewmine",
-        "org:fix:hardis:listviewmine",
-        "org:fix:listviewmine:hardis",
-        "hardis:fix:org:listviewmine",
-        "fix:hardis:org:listviewmine",
-        "fix:org:hardis:listviewmine",
-        "fix:org:listviewmine:hardis",
-        "hardis:fix:listviewmine:org",
-        "fix:hardis:listviewmine:org",
-        "fix:listviewmine:hardis:org",
-        "fix:listviewmine:org:hardis",
-        "hardis:org:listviewmine:fix",
-        "org:hardis:listviewmine:fix",
-        "org:listviewmine:hardis:fix",
-        "org:listviewmine:fix:hardis",
-        "hardis:listviewmine:org:fix",
-        "listviewmine:hardis:org:fix",
-        "listviewmine:org:hardis:fix",
-        "listviewmine:org:fix:hardis",
-        "hardis:listviewmine:fix:org",
-        "listviewmine:hardis:fix:org",
-        "listviewmine:fix:hardis:org",
-        "listviewmine:fix:org:hardis"
-      ]
-    },
-    "hardis:org:generate:packagexmlfull": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Generates a comprehensive `package.xml` file for a Salesforce org, including all metadata components, even managed ones.**\n\nThis command is essential for various Salesforce development and administration tasks, especially when you need a complete snapshot of an org's metadata. It goes beyond typical source tracking by including managed package components, which is crucial for understanding the full metadata footprint of an org.\n\nKey functionalities:\n\n- **Full Org Metadata Retrieval:** Connects to a specified Salesforce org (or prompts for one if not provided) and retrieves a complete list of all metadata types and their members.\n- **Managed Package Inclusion:** Unlike standard source retrieval, this command explicitly includes metadata from managed packages, providing a truly comprehensive `package.xml`.\n- **Customizable Output:** Allows you to specify the output file path for the generated `package.xml`.\n- **Interactive Org Selection:** If no target org is specified, it interactively prompts the user to choose an org. (or use --no-prompt to skip this step)\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Salesforce Metadata API Interaction:** It leverages the Salesforce Metadata API to list all available metadata types and then retrieve all components for each type.\n- **`buildOrgManifest` Utility:** The core logic for querying the org's metadata and constructing the `package.xml` is encapsulated within the `buildOrgManifest` utility function.\n- **XML Generation:** It dynamically builds the XML structure of the `package.xml` file, including the `types` and `members` elements for all retrieved metadata.\n- **File System Operations:** It writes the generated `package.xml` file to the specified output path.\n- **Interactive Prompts:** Uses `promptOrgUsernameDefault` to guide the user in selecting the target Salesforce org.\n</details>\n",
-      "examples": [
-        "$ sf hardis:org:generate:packagexmlfull",
-        "$ sf hardis:org:generate:packagexmlfull --outputfile /tmp/packagexmlfull.xml",
-        "$ sf hardis:org:generate:packagexmlfull --target-org nico@example.com"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "outputfile": {
-          "description": "Output package.xml file",
-          "name": "outputfile",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "no-prompt": {
-          "char": "n",
-          "description": "Do not prompt for org username, use the default one",
-          "name": "no-prompt",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        }
-      },
-      "hasDynamicHelp": true,
-      "hiddenAliases": [],
-      "id": "hardis:org:generate:packagexmlfull",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Generate Full Org package.xml",
-      "requiresProject": false,
+      "title": "Generate Full Org package.xml",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
@@ -7789,16 +7789,13 @@
         "limits:monitor:org:hardis"
       ]
     },
-    "hardis:org:refresh:after-refresh": {
+    "hardis:org:purge:apexlog": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Restores all previously backed-up Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata to a Salesforce org after a sandbox refresh.**\n\nThis command is the second step in the sandbox refresh process. It scans the backup folder created before the refresh, allows interactive or flag-driven selection of items to restore, and automates cleanup and redeployment to the refreshed org while preserving credentials and configuration.\n\nKey functionalities:\n\n- **Choose a backup to restore:** Lets you pick the saved sandbox project that contains the artifacts to restore.\n- **Select which items to restore:** Finds Connected App XMLs, certificates, custom settings and other artifacts and lets you pick what to restore (or restore all).\n- **Safety checks and validation:** Confirms files exist and prompts before making changes to the target org.\n- **Prepare org for restore:** Optionally cleans up existing Connected Apps so saved apps can be re-deployed without conflict.\n- **Redeploy saved artifacts:** Restores Connected Apps (with saved secrets), certificates, SAML SSO configs, custom settings and other metadata.\n- **Handle SAML configs:** Cleans and updates SAML XML files and helps you choose certificates to wire into restored configs.\n- **Restore records:** Optionally runs data import from selected SFDMU workspaces to restore record data.\n- **Reporting & persistence:** Sends restore reports and can update project config to record what was restored.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run after a sandbox refresh to re-apply saved metadata, credentials and data.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Backup Folder Handling:** Reads the immediate subfolders of `scripts/sandbox-refresh/` and validates the chosen project contains the expected `manifest/` and `force-app` layout.\n- **Metadata & Deployment APIs:** Uses `sf project deploy start --manifest` for package-based deploys, `sf project deploy start --metadata-dir` for MDAPI artifacts (certificates), and utility functions for Connected App deployment that preserve consumer secrets.\n- **SAML Handling:** Queries active certificates via tooling API, updates SAML XML files, and deploys using `sf project deploy start -m SamlSsoConfig`.\n- **Records Handling:** Uses interactive selection of SFDMU workspaces and runs data import utilities to restore records.\n- **Error Handling & Summary:** Aggregates results, logs success/warnings/errors, and returns a structured result indicating which items were restored and any failures.\n\n</details>\n",
+      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:refresh:after-refresh",
-        "$ sf hardis:org:refresh:after-refresh --name \"MyConnectedApp\" // Process specific app, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --name \"App1,App2,App3\" // Process multiple apps, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --all // Process all apps, no selection prompt",
-        "$ sf hardis:org:refresh:after-refresh --target-org myDevOrg"
+        "$ sf hardis:org:purge:apexlog",
+        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
       ],
       "flags": {
         "json": {
@@ -7816,37 +7813,23 @@
           "multiple": false,
           "type": "option"
         },
-        "target-org": {
-          "char": "o",
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        },
-        "name": {
-          "char": "n",
-          "description": "Connected App name(s) to process (bypasses selection prompt). For multiple apps, separate with commas (e.g., \"App1,App2\")",
-          "name": "name",
-          "summary": "Filter according to Name criteria",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
         },
-        "all": {
-          "char": "a",
-          "description": "If set, all Connected Apps from the local repository will be processed. Takes precedence over --name if both are specified.",
-          "name": "all",
-          "summary": "Process all Connected Apps without selection prompt",
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
           "allowNo": false,
           "type": "boolean"
         },
         "websocket": {
-          "description": "WebSocket host:port for VS Code SFDX Hardis UI integration",
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "name": "websocket",
-          "summary": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -7854,68 +7837,80 @@
         "skipauth": {
           "description": "Skip authentication check when a default username is required",
           "name": "skipauth",
-          "summary": "Skip authentication check when a default username is required",
           "allowNo": false,
           "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:refresh:after-refresh",
+      "id": "hardis:org:purge:apexlog",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Restore Connected Apps after org refresh",
-      "requiresProject": true,
+      "title": "Purge Apex Logs",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "refresh",
-        "after-refresh.js"
+        "purge",
+        "apexlog.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:refresh:after-refresh",
-        "org:hardis:refresh:after-refresh",
-        "org:refresh:hardis:after-refresh",
-        "org:refresh:after-refresh:hardis",
-        "hardis:refresh:org:after-refresh",
-        "refresh:hardis:org:after-refresh",
-        "refresh:org:hardis:after-refresh",
-        "refresh:org:after-refresh:hardis",
-        "hardis:refresh:after-refresh:org",
-        "refresh:hardis:after-refresh:org",
-        "refresh:after-refresh:hardis:org",
-        "refresh:after-refresh:org:hardis",
-        "hardis:org:after-refresh:refresh",
-        "org:hardis:after-refresh:refresh",
-        "org:after-refresh:hardis:refresh",
-        "org:after-refresh:refresh:hardis",
-        "hardis:after-refresh:org:refresh",
-        "after-refresh:hardis:org:refresh",
-        "after-refresh:org:hardis:refresh",
-        "after-refresh:org:refresh:hardis",
-        "hardis:after-refresh:refresh:org",
-        "after-refresh:hardis:refresh:org",
-        "after-refresh:refresh:hardis:org",
-        "after-refresh:refresh:org:hardis"
+        "hardis:org:purge:apexlog",
+        "org:hardis:purge:apexlog",
+        "org:purge:hardis:apexlog",
+        "org:purge:apexlog:hardis",
+        "hardis:purge:org:apexlog",
+        "purge:hardis:org:apexlog",
+        "purge:org:hardis:apexlog",
+        "purge:org:apexlog:hardis",
+        "hardis:purge:apexlog:org",
+        "purge:hardis:apexlog:org",
+        "purge:apexlog:hardis:org",
+        "purge:apexlog:org:hardis",
+        "hardis:org:apexlog:purge",
+        "org:hardis:apexlog:purge",
+        "org:apexlog:hardis:purge",
+        "org:apexlog:purge:hardis",
+        "hardis:apexlog:org:purge",
+        "apexlog:hardis:org:purge",
+        "apexlog:org:hardis:purge",
+        "apexlog:org:purge:hardis",
+        "hardis:apexlog:purge:org",
+        "apexlog:hardis:purge:org",
+        "apexlog:purge:hardis:org",
+        "apexlog:purge:org:hardis"
       ]
     },
-    "hardis:org:refresh:before-refresh": {
+    "hardis:org:purge:flow": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Backs up all Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata from a Salesforce org before a sandbox refresh, enabling full restoration after the refresh.**\n\nThis command prepares a complete backup prior to a sandbox refresh. It creates a dedicated project under `scripts/sandbox-refresh/<sandbox-folder>`, retrieves metadata and data, attempts to capture Connected App consumer secrets, and can optionally delete the apps so they can be reuploaded after the refresh.\n\nKey functionalities:\n\n- **Create a save project:** Generates a dedicated project folder to store all artifacts for the sandbox backup.\n- **Find and select Connected Apps:** Lists Connected Apps in the org and lets you pick specific apps, use a name filter, or process all apps.\n- **Save metadata for restore:** Builds a manifest and retrieves the metadata types you choose so they can be restored after the refresh.\n- **Capture Consumer Secrets:** Attempts to capture Connected App consumer secrets automatically (opens a browser session when possible) and falls back to a short manual prompt when needed.\n- **Collect certificates:** Saves certificate files and their definitions so they can be redeployed later.\n- **Export custom settings & records:** Lets you pick custom settings to export as JSON and optionally export records using configured data workspaces.\n- **Persist choices & report:** Stores your backup choices in project config and sends report files for traceability.\n- **Optional cleanup:** Can delete backed-up Connected Apps from the org so they can be re-uploaded cleanly after the refresh.\n- **Interactive safety checks:** Prompts you to confirm package contents and other potentially destructive actions; sensible defaults are chosen where appropriate.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run before a sandbox refresh so that all credentials, certificates, metadata and data can be restored afterwards.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Salesforce CLI Integration:** Uses `sf org list metadata`, `sf project retrieve start`, `sf project generate`, `sf project deploy start`, and `sf data tree export`/`import` where applicable.\n- **Metadata Handling:** Writes and reads package XML files under the generated project (`manifest/`), copies MDAPI certificate artifacts into `force-app/main/default/certs`, and produces `package-metadata-to-restore.xml` for post-refresh deployment.\n- **Consumer Secret Handling:** Uses `puppeteer-core` with an executable path from `getChromeExecutablePath()` (env var `PUPPETEER_EXECUTABLE_PATH` may be required). Falls back to manual prompt when browser automation cannot be used.\n- **Data & Records:** Exports custom settings to JSON and supports exporting records through SFDMU workspaces chosen interactively.\n- **Config & Reporting:** Updates project/user config under `config/.sfdx-hardis.yml#refreshSandboxConfig` and reports artifacts to the WebSocket client.\n- **Error Handling:** Provides clear error messages and a summary response object indicating success/failure and which secrets were captured.\n\n</details>\n",
+      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:refresh:before-refresh",
-        "$ sf hardis:org:refresh:before-refresh --name \"MyConnectedApp\"",
-        "$ sf hardis:org:refresh:before-refresh --name \"App1,App2,App3\"",
-        "$ sf hardis:org:refresh:before-refresh --all",
-        "$ sf hardis:org:refresh:before-refresh --delete"
+        "$ sf hardis:org:purge:flow",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
+        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
       ],
       "flags": {
         "json": {
@@ -7933,38 +7928,56 @@
           "multiple": false,
           "type": "option"
         },
-        "target-org": {
-          "char": "o",
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
+        "prompt": {
+          "char": "z",
+          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
+          "name": "prompt",
+          "allowNo": true,
+          "type": "boolean"
+        },
+        "name": {
+          "char": "n",
+          "description": "Filter according to Name criteria",
+          "name": "name",
+          "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "delete": {
-          "char": "d",
-          "description": "By default, Connected Apps are not deleted from the org after saving. Set this flag to force their deletion so they will be able to be reuploaded again after refreshing the org.",
-          "name": "delete",
-          "summary": "Delete Connected Apps from org after saving",
+        "status": {
+          "char": "s",
+          "description": "Filter according to Status criteria",
+          "name": "status",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "delete-flow-interviews": {
+          "char": "w",
+          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
+          "name": "delete-flow-interviews",
           "allowNo": false,
           "type": "boolean"
         },
-        "name": {
-          "char": "n",
-          "description": "Connected App name(s) to process. For multiple apps, separate with commas (e.g., \"App1,App2\")",
-          "name": "name",
-          "summary": "Filter according to Name criteria",
+        "allowpurgefailure": {
+          "char": "f",
+          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
+          "name": "allowpurgefailure",
+          "allowNo": true,
+          "type": "boolean"
+        },
+        "instanceurl": {
+          "char": "r",
+          "description": "URL of org instance",
+          "name": "instanceurl",
+          "default": "https://login.salesforce.com",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "all": {
-          "char": "a",
-          "description": "If set, all Connected Apps from the org will be processed. Takes precedence over --name if both are specified.",
-          "name": "all",
-          "summary": "Process all Connected Apps without selection prompt",
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
           "allowNo": false,
           "type": "boolean"
         },
@@ -7980,61 +7993,80 @@
           "name": "skipauth",
           "allowNo": false,
           "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:refresh:before-refresh",
+      "id": "hardis:org:purge:flow",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "requiresProject": true,
+      "title": "Purge Flow versions",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "refresh",
-        "before-refresh.js"
+        "purge",
+        "flow.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:refresh:before-refresh",
-        "org:hardis:refresh:before-refresh",
-        "org:refresh:hardis:before-refresh",
-        "org:refresh:before-refresh:hardis",
-        "hardis:refresh:org:before-refresh",
-        "refresh:hardis:org:before-refresh",
-        "refresh:org:hardis:before-refresh",
-        "refresh:org:before-refresh:hardis",
-        "hardis:refresh:before-refresh:org",
-        "refresh:hardis:before-refresh:org",
-        "refresh:before-refresh:hardis:org",
-        "refresh:before-refresh:org:hardis",
-        "hardis:org:before-refresh:refresh",
-        "org:hardis:before-refresh:refresh",
-        "org:before-refresh:hardis:refresh",
-        "org:before-refresh:refresh:hardis",
-        "hardis:before-refresh:org:refresh",
-        "before-refresh:hardis:org:refresh",
-        "before-refresh:org:hardis:refresh",
-        "before-refresh:org:refresh:hardis",
-        "hardis:before-refresh:refresh:org",
-        "before-refresh:hardis:refresh:org",
-        "before-refresh:refresh:hardis:org",
-        "before-refresh:refresh:org:hardis"
+        "hardis:org:purge:flow",
+        "org:hardis:purge:flow",
+        "org:purge:hardis:flow",
+        "org:purge:flow:hardis",
+        "hardis:purge:org:flow",
+        "purge:hardis:org:flow",
+        "purge:org:hardis:flow",
+        "purge:org:flow:hardis",
+        "hardis:purge:flow:org",
+        "purge:hardis:flow:org",
+        "purge:flow:hardis:org",
+        "purge:flow:org:hardis",
+        "hardis:org:flow:purge",
+        "org:hardis:flow:purge",
+        "org:flow:hardis:purge",
+        "org:flow:purge:hardis",
+        "hardis:flow:org:purge",
+        "flow:hardis:org:purge",
+        "flow:org:hardis:purge",
+        "flow:org:purge:hardis",
+        "hardis:flow:purge:org",
+        "flow:hardis:purge:org",
+        "flow:purge:hardis:org",
+        "flow:purge:org:hardis"
       ]
     },
-    "hardis:org:purge:apexlog": {
+    "hardis:org:refresh:after-refresh": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges Apex debug logs from a Salesforce org.**\n\nThis command provides a quick and efficient way to clear out accumulated Apex debug logs from your Salesforce environment. This is particularly useful for:\n\n- **Storage Management:** Freeing up valuable data storage space in your Salesforce org.\n- **Performance Optimization:** Reducing the overhead associated with large volumes of debug logs.\n- **Troubleshooting:** Ensuring that new debug logs are generated cleanly without interference from old, irrelevant logs.\n\nKey functionalities:\n\n- **Log Identification:** Queries the `ApexLog` object to identify all existing debug logs.\n- **Confirmation Prompt:** Before deletion, it prompts for user confirmation, displaying the number of Apex logs that will be deleted.\n- **Bulk Deletion:** Uses the Salesforce Bulk API to efficiently delete a large number of Apex logs.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Query:** It executes a SOQL query (`SELECT Id FROM ApexLog LIMIT 50000`) to retrieve the IDs of Apex logs to be deleted. The limit is set to 50,000 to handle large volumes of logs.\n- **CSV Export:** The retrieved log IDs are temporarily exported to a CSV file (`ApexLogsToDelete_*.csv`) in the `./tmp` directory.\n- **User Confirmation:** It uses the `prompts` library to ask for user confirmation before proceeding with the deletion, displaying the count of logs to be purged.\n- **Bulk API Deletion:** It then uses the Salesforce CLI's `sf data delete bulk` command, pointing to the generated CSV file, to perform the mass deletion of Apex logs.\n- **File System Operations:** It uses `fs-extra` to create the temporary directory and manage the CSV file.\n- **Error Handling:** Includes error handling for the query and deletion operations.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Restores all previously backed-up Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata to a Salesforce org after a sandbox refresh.**\n\nThis command is the second step in the sandbox refresh process. It scans the backup folder created before the refresh, allows interactive or flag-driven selection of items to restore, and automates cleanup and redeployment to the refreshed org while preserving credentials and configuration.\n\nKey functionalities:\n\n- **Choose a backup to restore:** Lets you pick the saved sandbox project that contains the artifacts to restore.\n- **Select which items to restore:** Finds Connected App XMLs, certificates, custom settings and other artifacts and lets you pick what to restore (or restore all).\n- **Safety checks and validation:** Confirms files exist and prompts before making changes to the target org.\n- **Prepare org for restore:** Optionally cleans up existing Connected Apps so saved apps can be re-deployed without conflict.\n- **Redeploy saved artifacts:** Restores Connected Apps (with saved secrets), certificates, SAML SSO configs, custom settings and other metadata.\n- **Handle SAML configs:** Cleans and updates SAML XML files and helps you choose certificates to wire into restored configs.\n- **Restore records:** Optionally runs data import from selected SFDMU workspaces to restore record data.\n- **Reporting & persistence:** Sends restore reports and can update project config to record what was restored.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run after a sandbox refresh to re-apply saved metadata, credentials and data.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Backup Folder Handling:** Reads the immediate subfolders of `scripts/sandbox-refresh/` and validates the chosen project contains the expected `manifest/` and `force-app` layout.\n- **Metadata & Deployment APIs:** Uses `sf project deploy start --manifest` for package-based deploys, `sf project deploy start --metadata-dir` for MDAPI artifacts (certificates), and utility functions for Connected App deployment that preserve consumer secrets.\n- **SAML Handling:** Queries active certificates via tooling API, updates SAML XML files, and deploys using `sf project deploy start -m SamlSsoConfig`.\n- **Records Handling:** Uses interactive selection of SFDMU workspaces and runs data import utilities to restore records.\n- **Error Handling & Summary:** Aggregates results, logs success/warnings/errors, and returns a structured result indicating which items were restored and any failures.\n\n</details>\n",
       "examples": [
-        "$ sf hardis:org:purge:apexlog",
-        "$ sf hardis:org:purge:apexlog --target-org nicolas.vuillamy@gmail.com"
+        "$ sf hardis:org:refresh:after-refresh",
+        "$ sf hardis:org:refresh:after-refresh --name \"MyConnectedApp\" // Process specific app, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --name \"App1,App2,App3\" // Process multiple apps, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --all // Process all apps, no selection prompt",
+        "$ sf hardis:org:refresh:after-refresh --target-org myDevOrg"
       ],
       "flags": {
         "json": {
@@ -8052,23 +8084,37 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
+        "target-org": {
+          "char": "o",
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
         },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
+        "name": {
+          "char": "n",
+          "description": "Connected App name(s) to process (bypasses selection prompt). For multiple apps, separate with commas (e.g., \"App1,App2\")",
+          "name": "name",
+          "summary": "Filter according to Name criteria",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "all": {
+          "char": "a",
+          "description": "If set, all Connected Apps from the local repository will be processed. Takes precedence over --name if both are specified.",
+          "name": "all",
+          "summary": "Process all Connected Apps without selection prompt",
           "allowNo": false,
           "type": "boolean"
         },
         "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "description": "WebSocket host:port for VS Code SFDX Hardis UI integration",
           "name": "websocket",
+          "summary": "Websocket host:port for VsCode SFDX Hardis UI integration",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -8076,80 +8122,68 @@
         "skipauth": {
           "description": "Skip authentication check when a default username is required",
           "name": "skipauth",
+          "summary": "Skip authentication check when a default username is required",
           "allowNo": false,
           "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:apexlog",
+      "id": "hardis:org:refresh:after-refresh",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Apex Logs",
-      "requiresProject": false,
+      "title": "Restore Connected Apps after org refresh",
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "purge",
-        "apexlog.js"
+        "refresh",
+        "after-refresh.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:apexlog",
-        "org:hardis:purge:apexlog",
-        "org:purge:hardis:apexlog",
-        "org:purge:apexlog:hardis",
-        "hardis:purge:org:apexlog",
-        "purge:hardis:org:apexlog",
-        "purge:org:hardis:apexlog",
-        "purge:org:apexlog:hardis",
-        "hardis:purge:apexlog:org",
-        "purge:hardis:apexlog:org",
-        "purge:apexlog:hardis:org",
-        "purge:apexlog:org:hardis",
-        "hardis:org:apexlog:purge",
-        "org:hardis:apexlog:purge",
-        "org:apexlog:hardis:purge",
-        "org:apexlog:purge:hardis",
-        "hardis:apexlog:org:purge",
-        "apexlog:hardis:org:purge",
-        "apexlog:org:hardis:purge",
-        "apexlog:org:purge:hardis",
-        "hardis:apexlog:purge:org",
-        "apexlog:hardis:purge:org",
-        "apexlog:purge:hardis:org",
-        "apexlog:purge:org:hardis"
+        "hardis:org:refresh:after-refresh",
+        "org:hardis:refresh:after-refresh",
+        "org:refresh:hardis:after-refresh",
+        "org:refresh:after-refresh:hardis",
+        "hardis:refresh:org:after-refresh",
+        "refresh:hardis:org:after-refresh",
+        "refresh:org:hardis:after-refresh",
+        "refresh:org:after-refresh:hardis",
+        "hardis:refresh:after-refresh:org",
+        "refresh:hardis:after-refresh:org",
+        "refresh:after-refresh:hardis:org",
+        "refresh:after-refresh:org:hardis",
+        "hardis:org:after-refresh:refresh",
+        "org:hardis:after-refresh:refresh",
+        "org:after-refresh:hardis:refresh",
+        "org:after-refresh:refresh:hardis",
+        "hardis:after-refresh:org:refresh",
+        "after-refresh:hardis:org:refresh",
+        "after-refresh:org:hardis:refresh",
+        "after-refresh:org:refresh:hardis",
+        "hardis:after-refresh:refresh:org",
+        "after-refresh:hardis:refresh:org",
+        "after-refresh:refresh:hardis:org",
+        "after-refresh:refresh:org:hardis"
       ]
     },
-    "hardis:org:purge:flow": {
+    "hardis:org:refresh:before-refresh": {
       "aliases": [],
       "args": {},
-      "description": "\n**Purges old or unwanted Flow versions from a Salesforce org, with an option to delete related Flow Interviews.**\n\nThis command helps maintain a clean and performant Salesforce org by removing obsolete Flow versions. Over time, multiple versions of Flows can accumulate, consuming storage and potentially impacting performance. This tool provides a controlled way to clean up these versions.\n\nKey functionalities:\n\n- **Targeted Flow Selection:** Allows you to filter Flow versions to delete by name (`--name`) and status (`--status`, e.g., `Obsolete`, `Draft`, `Inactive`).\n- **Flow Interview Deletion:** If a Flow version cannot be deleted due to active Flow Interviews, the `--delete-flow-interviews` flag (or interactive prompt) allows you to delete these interviews first, then retry the Flow version deletion.\n- **Confirmation Prompt:** In interactive mode, it prompts for confirmation before proceeding with the deletion of Flow versions and Flow Interviews.\n- **Partial Success Handling:** The `--allowpurgefailure` flag (default `true`) allows the command to continue even if some deletions fail, reporting the errors.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Tooling API):** It queries the `Flow` object (using the Tooling API) to list Flow versions based on the provided filters (name, status, manageable state).\n- **Bulk Deletion (Tooling API):** It uses `bulkDeleteTooling` to perform mass deletions of Flow versions. If deletion fails due to active interviews, it extracts the interview IDs.\n- **Flow Interview Management:** If `delete-flow-interviews` is enabled, it queries `FlowInterview` objects, performs bulk deletion of the identified interviews using `bulkDelete`, and then retries the Flow version deletion.\n- **Interactive Prompts:** Uses the `prompts` library to interact with the user for selecting Flows, statuses, and confirming deletion actions.\n- **Error Reporting:** Logs detailed error messages for failed deletions, including the specific reasons.\n- **Command-Line Execution:** Uses `execSfdxJson` to execute Salesforce CLI commands for querying Flow data.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Backs up all Connected Apps (including Consumer Secrets), certificates, custom settings, records and other metadata from a Salesforce org before a sandbox refresh, enabling full restoration after the refresh.**\n\nThis command prepares a complete backup prior to a sandbox refresh. It creates a dedicated project under `scripts/sandbox-refresh/<sandbox-folder>`, retrieves metadata and data, attempts to capture Connected App consumer secrets, and can optionally delete the apps so they can be reuploaded after the refresh.\n\nKey functionalities:\n\n- **Create a save project:** Generates a dedicated project folder to store all artifacts for the sandbox backup.\n- **Find and select Connected Apps:** Lists Connected Apps in the org and lets you pick specific apps, use a name filter, or process all apps.\n- **Save metadata for restore:** Builds a manifest and retrieves the metadata types you choose so they can be restored after the refresh.\n- **Capture Consumer Secrets:** Attempts to capture Connected App consumer secrets automatically (opens a browser session when possible) and falls back to a short manual prompt when needed.\n- **Collect certificates:** Saves certificate files and their definitions so they can be redeployed later.\n- **Export custom settings & records:** Lets you pick custom settings to export as JSON and optionally export records using configured data workspaces.\n- **Persist choices & report:** Stores your backup choices in project config and sends report files for traceability.\n- **Optional cleanup:** Can delete backed-up Connected Apps from the org so they can be re-uploaded cleanly after the refresh.\n- **Interactive safety checks:** Prompts you to confirm package contents and other potentially destructive actions; sensible defaults are chosen where appropriate.\n\nThis command is part of [sfdx-hardis Sandbox Refresh](https://sfdx-hardis.cloudity.com/salesforce-sandbox-refresh/) and is intended to be run before a sandbox refresh so that all credentials, certificates, metadata and data can be restored afterwards.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\n- **Salesforce CLI Integration:** Uses `sf org list metadata`, `sf project retrieve start`, `sf project generate`, `sf project deploy start`, and `sf data tree export`/`import` where applicable.\n- **Metadata Handling:** Writes and reads package XML files under the generated project (`manifest/`), copies MDAPI certificate artifacts into `force-app/main/default/certs`, and produces `package-metadata-to-restore.xml` for post-refresh deployment.\n- **Consumer Secret Handling:** Uses `puppeteer-core` with an executable path from `getChromeExecutablePath()` (env var `PUPPETEER_EXECUTABLE_PATH` may be required). Falls back to manual prompt when browser automation cannot be used.\n- **Data & Records:** Exports custom settings to JSON and supports exporting records through SFDMU workspaces chosen interactively.\n- **Config & Reporting:** Updates project/user config under `config/.sfdx-hardis.yml#refreshSandboxConfig` and reports artifacts to the WebSocket client.\n- **Error Handling:** Provides clear error messages and a summary response object indicating success/failure and which secrets were captured.\n\n</details>\n",
       "examples": [
-        "$ sf hardis:org:purge:flow",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --no-prompt --delete-flow-interviews",
-        "$ sf hardis:org:purge:flow --target-org nicolas.vuillamy@gmail.com --status \"Obsolete,Draft,InvalidDraft\" --name TestFlow"
+        "$ sf hardis:org:refresh:before-refresh",
+        "$ sf hardis:org:refresh:before-refresh --name \"MyConnectedApp\"",
+        "$ sf hardis:org:refresh:before-refresh --name \"App1,App2,App3\"",
+        "$ sf hardis:org:refresh:before-refresh --all",
+        "$ sf hardis:org:refresh:before-refresh --delete"
       ],
       "flags": {
         "json": {
@@ -8167,56 +8201,38 @@
           "multiple": false,
           "type": "option"
         },
-        "prompt": {
-          "char": "z",
-          "description": "Prompt for confirmation (true by default, use --no-prompt to skip)",
-          "name": "prompt",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "name": {
-          "char": "n",
-          "description": "Filter according to Name criteria",
-          "name": "name",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "status": {
-          "char": "s",
-          "description": "Filter according to Status criteria",
-          "name": "status",
-          "hasDynamicHelp": false,
+        "target-org": {
+          "char": "o",
+          "name": "target-org",
+          "noCacheDefault": true,
+          "required": true,
+          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
+          "hasDynamicHelp": true,
           "multiple": false,
           "type": "option"
         },
-        "delete-flow-interviews": {
-          "char": "w",
-          "description": "If the presence of Flow interviews prevent to delete flows versions, delete them before retrying to delete flow versions",
-          "name": "delete-flow-interviews",
+        "delete": {
+          "char": "d",
+          "description": "By default, Connected Apps are not deleted from the org after saving. Set this flag to force their deletion so they will be able to be reuploaded again after refreshing the org.",
+          "name": "delete",
+          "summary": "Delete Connected Apps from org after saving",
           "allowNo": false,
           "type": "boolean"
         },
-        "allowpurgefailure": {
-          "char": "f",
-          "description": "Allows purges to fail without exiting with 1. Use --no-allowpurgefailure to disable",
-          "name": "allowpurgefailure",
-          "allowNo": true,
-          "type": "boolean"
-        },
-        "instanceurl": {
-          "char": "r",
-          "description": "URL of org instance",
-          "name": "instanceurl",
-          "default": "https://login.salesforce.com",
+        "name": {
+          "char": "n",
+          "description": "Connected App name(s) to process. For multiple apps, separate with commas (e.g., \"App1,App2\")",
+          "name": "name",
+          "summary": "Filter according to Name criteria",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
         },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
+        "all": {
+          "char": "a",
+          "description": "If set, all Connected Apps from the org will be processed. Takes precedence over --name if both are specified.",
+          "name": "all",
+          "summary": "Process all Connected Apps without selection prompt",
           "allowNo": false,
           "type": "boolean"
         },
@@ -8232,68 +8248,52 @@
           "name": "skipauth",
           "allowNo": false,
           "type": "boolean"
-        },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the target org. Not required if the `target-org` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
         }
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:purge:flow",
+      "id": "hardis:org:refresh:before-refresh",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Purge Flow versions",
-      "requiresProject": false,
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "purge",
-        "flow.js"
+        "refresh",
+        "before-refresh.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:purge:flow",
-        "org:hardis:purge:flow",
-        "org:purge:hardis:flow",
-        "org:purge:flow:hardis",
-        "hardis:purge:org:flow",
-        "purge:hardis:org:flow",
-        "purge:org:hardis:flow",
-        "purge:org:flow:hardis",
-        "hardis:purge:flow:org",
-        "purge:hardis:flow:org",
-        "purge:flow:hardis:org",
-        "purge:flow:org:hardis",
-        "hardis:org:flow:purge",
-        "org:hardis:flow:purge",
-        "org:flow:hardis:purge",
-        "org:flow:purge:hardis",
-        "hardis:flow:org:purge",
-        "flow:hardis:org:purge",
-        "flow:org:hardis:purge",
-        "flow:org:purge:hardis",
-        "hardis:flow:purge:org",
-        "flow:hardis:purge:org",
-        "flow:purge:hardis:org",
-        "flow:purge:org:hardis"
+        "hardis:org:refresh:before-refresh",
+        "org:hardis:refresh:before-refresh",
+        "org:refresh:hardis:before-refresh",
+        "org:refresh:before-refresh:hardis",
+        "hardis:refresh:org:before-refresh",
+        "refresh:hardis:org:before-refresh",
+        "refresh:org:hardis:before-refresh",
+        "refresh:org:before-refresh:hardis",
+        "hardis:refresh:before-refresh:org",
+        "refresh:hardis:before-refresh:org",
+        "refresh:before-refresh:hardis:org",
+        "refresh:before-refresh:org:hardis",
+        "hardis:org:before-refresh:refresh",
+        "org:hardis:before-refresh:refresh",
+        "org:before-refresh:hardis:refresh",
+        "org:before-refresh:refresh:hardis",
+        "hardis:before-refresh:org:refresh",
+        "before-refresh:hardis:org:refresh",
+        "before-refresh:org:hardis:refresh",
+        "before-refresh:org:refresh:hardis",
+        "hardis:before-refresh:refresh:org",
+        "before-refresh:hardis:refresh:org",
+        "before-refresh:refresh:hardis:org",
+        "before-refresh:refresh:org:hardis"
       ]
     },
     "hardis:org:retrieve:packageconfig": {
@@ -8403,14 +8403,12 @@
         "packageconfig:retrieve:org:hardis"
       ]
     },
-    "hardis:org:user:activateinvalid": {
+    "hardis:org:test:apex": {
       "aliases": [],
       "args": {},
-      "description": "Update sandbox users so their email is valid\n\n  Example: replaces `toto@company.com.dev.invalid` with `toto@company.com.dev.invalid`\n\nSee article below\n\n[![Reactivate all the sandbox users with .invalid emails in 3 clicks](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-email.jpg)](https://nicolas.vuillamy.fr/reactivate-all-the-sandbox-users-with-invalid-emails-in-3-clicks-2265af4e3a3d)\n",
+      "description": "Run apex tests in Salesforce org\n\nIf following configuration is defined, it will fail if apex coverage target is not reached:\n\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n\nYou can override env var SFDX_TEST_WAIT_MINUTES to wait more than 120 minutes.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-apex-tests/) and can output Grafana, Slack and MsTeams Notifications.\n",
       "examples": [
-        "$ sf hardis:org:user:activateinvalid",
-        "$ sf hardis:org:user:activateinvalid --target-org my-user@myorg.com",
-        "$ sf hardis:org:user:activateinvalid --profiles 'System Administrator,MyCustomProfile' --target-org my-user@myorg.com"
+        "$ sf hardis:org:test:apex"
       ],
       "flags": {
         "json": {
@@ -8428,12 +8426,19 @@
           "multiple": false,
           "type": "option"
         },
-        "profiles": {
-          "char": "p",
-          "description": "Comma-separated list of profiles names that you want to reactive users assigned to and with a .invalid email",
-          "name": "profiles",
+        "testlevel": {
+          "char": "l",
+          "description": "Level of tests to apply to validate deployment",
+          "name": "testlevel",
+          "default": "RunLocalTests",
           "hasDynamicHelp": false,
           "multiple": false,
+          "options": [
+            "NoTestRun",
+            "RunSpecifiedTests",
+            "RunLocalTests",
+            "RunAllTestsInOrg"
+          ],
           "type": "option"
         },
         "debug": {
@@ -8474,60 +8479,58 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:user:activateinvalid",
+      "id": "hardis:org:test:apex",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Reactivate sandbox invalid users",
-      "requiresProject": false,
+      "title": "Run apex tests",
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "user",
-        "activateinvalid.js"
+        "test",
+        "apex.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:user:activateinvalid",
-        "org:hardis:user:activateinvalid",
-        "org:user:hardis:activateinvalid",
-        "org:user:activateinvalid:hardis",
-        "hardis:user:org:activateinvalid",
-        "user:hardis:org:activateinvalid",
-        "user:org:hardis:activateinvalid",
-        "user:org:activateinvalid:hardis",
-        "hardis:user:activateinvalid:org",
-        "user:hardis:activateinvalid:org",
-        "user:activateinvalid:hardis:org",
-        "user:activateinvalid:org:hardis",
-        "hardis:org:activateinvalid:user",
-        "org:hardis:activateinvalid:user",
-        "org:activateinvalid:hardis:user",
-        "org:activateinvalid:user:hardis",
-        "hardis:activateinvalid:org:user",
-        "activateinvalid:hardis:org:user",
-        "activateinvalid:org:hardis:user",
-        "activateinvalid:org:user:hardis",
-        "hardis:activateinvalid:user:org",
-        "activateinvalid:hardis:user:org",
-        "activateinvalid:user:hardis:org",
-        "activateinvalid:user:org:hardis"
+        "hardis:org:test:apex",
+        "org:hardis:test:apex",
+        "org:test:hardis:apex",
+        "org:test:apex:hardis",
+        "hardis:test:org:apex",
+        "test:hardis:org:apex",
+        "test:org:hardis:apex",
+        "test:org:apex:hardis",
+        "hardis:test:apex:org",
+        "test:hardis:apex:org",
+        "test:apex:hardis:org",
+        "test:apex:org:hardis",
+        "hardis:org:apex:test",
+        "org:hardis:apex:test",
+        "org:apex:hardis:test",
+        "org:apex:test:hardis",
+        "hardis:apex:org:test",
+        "apex:hardis:org:test",
+        "apex:org:hardis:test",
+        "apex:org:test:hardis",
+        "hardis:apex:test:org",
+        "apex:hardis:test:org",
+        "apex:test:hardis:org",
+        "apex:test:org:hardis"
       ]
     },
-    "hardis:org:user:freeze": {
+    "hardis:org:user:activateinvalid": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Freezes Salesforce user logins, temporarily revoking access for selected users.**\n\nThis command allows administrators to freeze Salesforce user logins. It provides a controlled way to temporarily revoke user access without deactivating the user record itself. This is useful for managing user access during leaves, security incidents, or when a user's access needs to be temporarily suspended.\n\nKey functionalities:\n\n- **User Selection:** You can select users to freeze based on their assigned profiles.\n  - `--includeprofiles`: Freeze users belonging to a comma-separated list of specified profiles.\n  - `--excludeprofiles`: Freeze users belonging to all profiles *except* those specified in a comma-separated list.\n  - If no profile flags are provided, an interactive menu will allow you to select profiles.\n- **Interactive Confirmation:** In non-CI environments, it prompts for confirmation before freezing the selected users.\n- **Bulk Freezing:** Efficiently freezes multiple user logins using Salesforce's Bulk API.\n- **Reporting:** Generates CSV and XLSX reports of the users that are about to be frozen.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Bulk API):** It executes SOQL queries against the `User` and `Profile` objects to identify active users based on the provided profile filters. It then queries the `UserLogin` object to find active login sessions for these users.\n- **Interactive Prompts:** Uses the `prompts` library to guide the user through profile selection and to confirm the freezing operation.\n- **Bulk Update:** It constructs an array of `UserLogin` records with their `Id` and `IsFrozen` set to `true`, then uses `bulkUpdate` to perform the mass update operation on the Salesforce org.\n- **Reporting:** It uses `generateReports` to create CSV and XLSX files containing details of the users to be frozen.\n- **Logging:** Provides clear messages about the number of users found and the success of the freezing process.\n</details>\n",
+      "description": "Update sandbox users so their email is valid\n\n  Example: replaces `toto@company.com.dev.invalid` with `toto@company.com.dev.invalid`\n\nSee article below\n\n[![Reactivate all the sandbox users with .invalid emails in 3 clicks](https://github.com/hardisgroupcom/sfdx-hardis/raw/main/docs/assets/images/article-invalid-email.jpg)](https://nicolas.vuillamy.fr/reactivate-all-the-sandbox-users-with-invalid-emails-in-3-clicks-2265af4e3a3d)\n",
       "examples": [
-        "$ sf hardis:org:user:freeze",
-        "$ sf hardis:org:user:freeze --target-org my-user@myorg.com",
-        "$ sf hardis:org:user:freeze --includeprofiles 'Standard'",
-        "$ sf hardis:org:user:freeze --excludeprofiles 'System Administrator,Some Other Profile'"
+        "$ sf hardis:org:user:activateinvalid",
+        "$ sf hardis:org:user:activateinvalid --target-org my-user@myorg.com",
+        "$ sf hardis:org:user:activateinvalid --profiles 'System Administrator,MyCustomProfile' --target-org my-user@myorg.com"
       ],
       "flags": {
         "json": {
@@ -8545,35 +8548,10 @@
           "multiple": false,
           "type": "option"
         },
-        "name": {
-          "char": "n",
-          "description": "Filter according to Name criteria",
-          "name": "name",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "includeprofiles": {
+        "profiles": {
           "char": "p",
-          "description": "List of profiles that you want to freeze, separated by commas",
-          "name": "includeprofiles",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "excludeprofiles": {
-          "char": "e",
-          "description": "List of profiles that you want to NOT freeze, separated by commas",
-          "name": "excludeprofiles",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "maxuserdisplay": {
-          "char": "m",
-          "description": "Maximum users to display in logs",
-          "name": "maxuserdisplay",
-          "default": 100,
+          "description": "Comma-separated list of profiles names that you want to reactive users assigned to and with a .invalid email",
+          "name": "profiles",
           "hasDynamicHelp": false,
           "multiple": false,
           "type": "option"
@@ -8616,13 +8594,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:user:freeze",
+      "id": "hardis:org:user:activateinvalid",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Freeze user logins",
+      "title": "Reactivate sandbox invalid users",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -8631,45 +8609,45 @@
         "hardis",
         "org",
         "user",
-        "freeze.js"
+        "activateinvalid.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:user:freeze",
-        "org:hardis:user:freeze",
-        "org:user:hardis:freeze",
-        "org:user:freeze:hardis",
-        "hardis:user:org:freeze",
-        "user:hardis:org:freeze",
-        "user:org:hardis:freeze",
-        "user:org:freeze:hardis",
-        "hardis:user:freeze:org",
-        "user:hardis:freeze:org",
-        "user:freeze:hardis:org",
-        "user:freeze:org:hardis",
-        "hardis:org:freeze:user",
-        "org:hardis:freeze:user",
-        "org:freeze:hardis:user",
-        "org:freeze:user:hardis",
-        "hardis:freeze:org:user",
-        "freeze:hardis:org:user",
-        "freeze:org:hardis:user",
-        "freeze:org:user:hardis",
-        "hardis:freeze:user:org",
-        "freeze:hardis:user:org",
-        "freeze:user:hardis:org",
-        "freeze:user:org:hardis"
+        "hardis:org:user:activateinvalid",
+        "org:hardis:user:activateinvalid",
+        "org:user:hardis:activateinvalid",
+        "org:user:activateinvalid:hardis",
+        "hardis:user:org:activateinvalid",
+        "user:hardis:org:activateinvalid",
+        "user:org:hardis:activateinvalid",
+        "user:org:activateinvalid:hardis",
+        "hardis:user:activateinvalid:org",
+        "user:hardis:activateinvalid:org",
+        "user:activateinvalid:hardis:org",
+        "user:activateinvalid:org:hardis",
+        "hardis:org:activateinvalid:user",
+        "org:hardis:activateinvalid:user",
+        "org:activateinvalid:hardis:user",
+        "org:activateinvalid:user:hardis",
+        "hardis:activateinvalid:org:user",
+        "activateinvalid:hardis:org:user",
+        "activateinvalid:org:hardis:user",
+        "activateinvalid:org:user:hardis",
+        "hardis:activateinvalid:user:org",
+        "activateinvalid:hardis:user:org",
+        "activateinvalid:user:hardis:org",
+        "activateinvalid:user:org:hardis"
       ]
     },
-    "hardis:org:user:unfreeze": {
+    "hardis:org:user:freeze": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Unfreezes Salesforce user logins, restoring access for selected users.**\n\nThis command allows administrators to unfreeze Salesforce user logins, reactivating their access to the Salesforce org. This is the counterpart to the `freeze` command and is used to restore access after a temporary suspension.\n\nKey functionalities:\n\n- **User Selection:** You can select users to unfreeze based on their assigned profiles.\n  - `--includeprofiles`: Unfreeze users belonging to a comma-separated list of specified profiles.\n  - `--excludeprofiles`: Unfreeze users belonging to all profiles *except* those specified in a comma-separated list.\n  - If no profile flags are provided, an interactive menu will allow you to select profiles.\n- **Interactive Confirmation:** In non-CI environments, it prompts for confirmation before unfreezing the selected users.\n- **Bulk Unfreezing:** Efficiently unfreezes multiple user logins using Salesforce's Bulk API.\n- **Reporting:** Generates CSV and XLSX reports of the users that are about to be unfrozen.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Bulk API):** It executes SOQL queries against the `User` and `Profile` objects to identify active users based on the provided profile filters. It then queries the `UserLogin` object to find frozen login sessions for these users.\n- **Interactive Prompts:** Uses the `prompts` library to guide the user through profile selection and to confirm the unfreezing operation.\n- **Bulk Update:** It constructs an array of `UserLogin` records with their `Id` and `IsFrozen` set to `false`, then uses `bulkUpdate` to perform the mass update operation on the Salesforce org.\n- **Reporting:** It uses `generateReports` to create CSV and XLSX files containing details of the users to be unfrozen.\n- **Logging:** Provides clear messages about the number of users found and the success of the unfreezing process.\n</details>\n",
+      "description": "\n## Command Behavior\n\n**Freezes Salesforce user logins, temporarily revoking access for selected users.**\n\nThis command allows administrators to freeze Salesforce user logins. It provides a controlled way to temporarily revoke user access without deactivating the user record itself. This is useful for managing user access during leaves, security incidents, or when a user's access needs to be temporarily suspended.\n\nKey functionalities:\n\n- **User Selection:** You can select users to freeze based on their assigned profiles.\n  - `--includeprofiles`: Freeze users belonging to a comma-separated list of specified profiles.\n  - `--excludeprofiles`: Freeze users belonging to all profiles *except* those specified in a comma-separated list.\n  - If no profile flags are provided, an interactive menu will allow you to select profiles.\n- **Interactive Confirmation:** In non-CI environments, it prompts for confirmation before freezing the selected users.\n- **Bulk Freezing:** Efficiently freezes multiple user logins using Salesforce's Bulk API.\n- **Reporting:** Generates CSV and XLSX reports of the users that are about to be frozen.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Bulk API):** It executes SOQL queries against the `User` and `Profile` objects to identify active users based on the provided profile filters. It then queries the `UserLogin` object to find active login sessions for these users.\n- **Interactive Prompts:** Uses the `prompts` library to guide the user through profile selection and to confirm the freezing operation.\n- **Bulk Update:** It constructs an array of `UserLogin` records with their `Id` and `IsFrozen` set to `true`, then uses `bulkUpdate` to perform the mass update operation on the Salesforce org.\n- **Reporting:** It uses `generateReports` to create CSV and XLSX files containing details of the users to be frozen.\n- **Logging:** Provides clear messages about the number of users found and the success of the freezing process.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:user:unfreeze",
-        "$ sf hardis:org:user:unfreeze --target-org my-user@myorg.com",
-        "$ sf hardis:org:user:unfreeze --includeprofiles 'Standard'",
-        "$ sf hardis:org:user:unfreeze --excludeprofiles 'System Administrator,Some Other Profile'"
+        "$ sf hardis:org:user:freeze",
+        "$ sf hardis:org:user:freeze --target-org my-user@myorg.com",
+        "$ sf hardis:org:user:freeze --includeprofiles 'Standard'",
+        "$ sf hardis:org:user:freeze --excludeprofiles 'System Administrator,Some Other Profile'"
       ],
       "flags": {
         "json": {
@@ -8697,7 +8675,7 @@
         },
         "includeprofiles": {
           "char": "p",
-          "description": "List of profiles that you want to unfreeze, separated by commas",
+          "description": "List of profiles that you want to freeze, separated by commas",
           "name": "includeprofiles",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -8705,7 +8683,7 @@
         },
         "excludeprofiles": {
           "char": "e",
-          "description": "List of profiles that you want to NOT unfreeze, separated by commas",
+          "description": "List of profiles that you want to NOT freeze, separated by commas",
           "name": "excludeprofiles",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -8758,13 +8736,13 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:user:unfreeze",
+      "id": "hardis:org:user:freeze",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Unfreeze user logins",
+      "title": "Freeze user logins",
       "requiresProject": false,
       "isESM": true,
       "relativePath": [
@@ -8773,42 +8751,45 @@
         "hardis",
         "org",
         "user",
-        "unfreeze.js"
+        "freeze.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:user:unfreeze",
-        "org:hardis:user:unfreeze",
-        "org:user:hardis:unfreeze",
-        "org:user:unfreeze:hardis",
-        "hardis:user:org:unfreeze",
-        "user:hardis:org:unfreeze",
-        "user:org:hardis:unfreeze",
-        "user:org:unfreeze:hardis",
-        "hardis:user:unfreeze:org",
-        "user:hardis:unfreeze:org",
-        "user:unfreeze:hardis:org",
-        "user:unfreeze:org:hardis",
-        "hardis:org:unfreeze:user",
-        "org:hardis:unfreeze:user",
-        "org:unfreeze:hardis:user",
-        "org:unfreeze:user:hardis",
-        "hardis:unfreeze:org:user",
-        "unfreeze:hardis:org:user",
-        "unfreeze:org:hardis:user",
-        "unfreeze:org:user:hardis",
-        "hardis:unfreeze:user:org",
-        "unfreeze:hardis:user:org",
-        "unfreeze:user:hardis:org",
-        "unfreeze:user:org:hardis"
+        "hardis:org:user:freeze",
+        "org:hardis:user:freeze",
+        "org:user:hardis:freeze",
+        "org:user:freeze:hardis",
+        "hardis:user:org:freeze",
+        "user:hardis:org:freeze",
+        "user:org:hardis:freeze",
+        "user:org:freeze:hardis",
+        "hardis:user:freeze:org",
+        "user:hardis:freeze:org",
+        "user:freeze:hardis:org",
+        "user:freeze:org:hardis",
+        "hardis:org:freeze:user",
+        "org:hardis:freeze:user",
+        "org:freeze:hardis:user",
+        "org:freeze:user:hardis",
+        "hardis:freeze:org:user",
+        "freeze:hardis:org:user",
+        "freeze:org:hardis:user",
+        "freeze:org:user:hardis",
+        "hardis:freeze:user:org",
+        "freeze:hardis:user:org",
+        "freeze:user:hardis:org",
+        "freeze:user:org:hardis"
       ]
     },
-    "hardis:org:test:apex": {
+    "hardis:org:user:unfreeze": {
       "aliases": [],
       "args": {},
-      "description": "Run apex tests in Salesforce org\n\nIf following configuration is defined, it will fail if apex coverage target is not reached:\n\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n- Env `APEX_TESTS_MIN_COVERAGE_ORG_WIDE` or `.sfdx-hardis` property `apexTestsMinCoverageOrgWide`\n\nYou can override env var SFDX_TEST_WAIT_MINUTES to wait more than 120 minutes.\n\nThis command is part of [sfdx-hardis Monitoring](https://sfdx-hardis.cloudity.com/salesforce-monitoring-apex-tests/) and can output Grafana, Slack and MsTeams Notifications.\n",
+      "description": "\n## Command Behavior\n\n**Unfreezes Salesforce user logins, restoring access for selected users.**\n\nThis command allows administrators to unfreeze Salesforce user logins, reactivating their access to the Salesforce org. This is the counterpart to the `freeze` command and is used to restore access after a temporary suspension.\n\nKey functionalities:\n\n- **User Selection:** You can select users to unfreeze based on their assigned profiles.\n  - `--includeprofiles`: Unfreeze users belonging to a comma-separated list of specified profiles.\n  - `--excludeprofiles`: Unfreeze users belonging to all profiles *except* those specified in a comma-separated list.\n  - If no profile flags are provided, an interactive menu will allow you to select profiles.\n- **Interactive Confirmation:** In non-CI environments, it prompts for confirmation before unfreezing the selected users.\n- **Bulk Unfreezing:** Efficiently unfreezes multiple user logins using Salesforce's Bulk API.\n- **Reporting:** Generates CSV and XLSX reports of the users that are about to be unfrozen.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **SOQL Queries (Bulk API):** It executes SOQL queries against the `User` and `Profile` objects to identify active users based on the provided profile filters. It then queries the `UserLogin` object to find frozen login sessions for these users.\n- **Interactive Prompts:** Uses the `prompts` library to guide the user through profile selection and to confirm the unfreezing operation.\n- **Bulk Update:** It constructs an array of `UserLogin` records with their `Id` and `IsFrozen` set to `false`, then uses `bulkUpdate` to perform the mass update operation on the Salesforce org.\n- **Reporting:** It uses `generateReports` to create CSV and XLSX files containing details of the users to be unfrozen.\n- **Logging:** Provides clear messages about the number of users found and the success of the unfreezing process.\n</details>\n",
       "examples": [
-        "$ sf hardis:org:test:apex"
+        "$ sf hardis:org:user:unfreeze",
+        "$ sf hardis:org:user:unfreeze --target-org my-user@myorg.com",
+        "$ sf hardis:org:user:unfreeze --includeprofiles 'Standard'",
+        "$ sf hardis:org:user:unfreeze --excludeprofiles 'System Administrator,Some Other Profile'"
       ],
       "flags": {
         "json": {
@@ -8826,19 +8807,37 @@
           "multiple": false,
           "type": "option"
         },
-        "testlevel": {
-          "char": "l",
-          "description": "Level of tests to apply to validate deployment",
-          "name": "testlevel",
-          "default": "RunLocalTests",
+        "name": {
+          "char": "n",
+          "description": "Filter according to Name criteria",
+          "name": "name",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "includeprofiles": {
+          "char": "p",
+          "description": "List of profiles that you want to unfreeze, separated by commas",
+          "name": "includeprofiles",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "excludeprofiles": {
+          "char": "e",
+          "description": "List of profiles that you want to NOT unfreeze, separated by commas",
+          "name": "excludeprofiles",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "maxuserdisplay": {
+          "char": "m",
+          "description": "Maximum users to display in logs",
+          "name": "maxuserdisplay",
+          "default": 100,
           "hasDynamicHelp": false,
           "multiple": false,
-          "options": [
-            "NoTestRun",
-            "RunSpecifiedTests",
-            "RunLocalTests",
-            "RunAllTestsInOrg"
-          ],
           "type": "option"
         },
         "debug": {
@@ -8879,48 +8878,49 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:org:test:apex",
+      "id": "hardis:org:user:unfreeze",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Run apex tests",
+      "title": "Unfreeze user logins",
+      "requiresProject": false,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
         "org",
-        "test",
-        "apex.js"
+        "user",
+        "unfreeze.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:org:test:apex",
-        "org:hardis:test:apex",
-        "org:test:hardis:apex",
-        "org:test:apex:hardis",
-        "hardis:test:org:apex",
-        "test:hardis:org:apex",
-        "test:org:hardis:apex",
-        "test:org:apex:hardis",
-        "hardis:test:apex:org",
-        "test:hardis:apex:org",
-        "test:apex:hardis:org",
-        "test:apex:org:hardis",
-        "hardis:org:apex:test",
-        "org:hardis:apex:test",
-        "org:apex:hardis:test",
-        "org:apex:test:hardis",
-        "hardis:apex:org:test",
-        "apex:hardis:org:test",
-        "apex:org:hardis:test",
-        "apex:org:test:hardis",
-        "hardis:apex:test:org",
-        "apex:hardis:test:org",
-        "apex:test:hardis:org",
-        "apex:test:org:hardis"
+        "hardis:org:user:unfreeze",
+        "org:hardis:user:unfreeze",
+        "org:user:hardis:unfreeze",
+        "org:user:unfreeze:hardis",
+        "hardis:user:org:unfreeze",
+        "user:hardis:org:unfreeze",
+        "user:org:hardis:unfreeze",
+        "user:org:unfreeze:hardis",
+        "hardis:user:unfreeze:org",
+        "user:hardis:unfreeze:org",
+        "user:unfreeze:hardis:org",
+        "user:unfreeze:org:hardis",
+        "hardis:org:unfreeze:user",
+        "org:hardis:unfreeze:user",
+        "org:unfreeze:hardis:user",
+        "org:unfreeze:user:hardis",
+        "hardis:unfreeze:org:user",
+        "unfreeze:hardis:org:user",
+        "unfreeze:org:hardis:user",
+        "unfreeze:org:user:hardis",
+        "hardis:unfreeze:user:org",
+        "unfreeze:hardis:user:org",
+        "unfreeze:user:hardis:org",
+        "unfreeze:user:org:hardis"
       ]
     },
     "hardis:package:version:create": {
@@ -9131,158 +9131,46 @@
       "relativePath": [
         "lib",
         "commands",
-        "hardis",
-        "package",
-        "version",
-        "list.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:package:version:list",
-        "package:hardis:version:list",
-        "package:version:hardis:list",
-        "package:version:list:hardis",
-        "hardis:version:package:list",
-        "version:hardis:package:list",
-        "version:package:hardis:list",
-        "version:package:list:hardis",
-        "hardis:version:list:package",
-        "version:hardis:list:package",
-        "version:list:hardis:package",
-        "version:list:package:hardis",
-        "hardis:package:list:version",
-        "package:hardis:list:version",
-        "package:list:hardis:version",
-        "package:list:version:hardis",
-        "hardis:list:package:version",
-        "list:hardis:package:version",
-        "list:package:hardis:version",
-        "list:package:version:hardis",
-        "hardis:list:version:package",
-        "list:hardis:version:package",
-        "list:version:hardis:package",
-        "list:version:package:hardis"
-      ]
-    },
-    "hardis:package:version:promote": {
-      "aliases": [],
-      "args": {},
-      "description": "\n## Command Behavior\n\n**Promotes a Salesforce package version from beta to released status in your Dev Hub.**\n\nThis command is a critical step in the package development lifecycle, marking a package version as stable and ready for production use. Once promoted, a package version can be installed in production organizations.\n\nKey functionalities:\n\n- **Package Version Selection:** Allows you to select a specific package version to promote. If the `--auto` flag is used, it automatically identifies package versions that are not yet released and promotes them.\n- **Automated Promotion:** When `--auto` is enabled, it queries for all unreleased package versions and promotes them without further user interaction.\n- **Dev Hub Integration:** Interacts with your connected Dev Hub to change the status of the package version.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Package Alias Retrieval:** It retrieves package aliases from your `sfdx-project.json` to identify available packages.\n- **Automated Promotion Logic:** If `--auto` is used, it executes `sf package version list --released` to get a list of already released packages and then filters the available package aliases to find those that are not yet released.\n- **Interactive Prompts:** If not in auto mode, it uses the `prompts` library to allow the user to select a package version to promote.\n- **Salesforce CLI Integration:** It constructs and executes the `sf package version promote` command, passing the package version ID.\n- **`execSfdxJson`:** This utility is used to execute the Salesforce CLI command and capture its JSON output.\n- **Error Handling:** It handles cases where a package version might already be promoted or if other errors occur during the promotion process.\n</details>\n",
-      "examples": [
-        "$ sf hardis:package:version:promote",
-        "$ sf hardis:package:version:promote --auto"
-      ],
-      "flags": {
-        "json": {
-          "description": "Format output as json.",
-          "helpGroup": "GLOBAL",
-          "name": "json",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "flags-dir": {
-          "helpGroup": "GLOBAL",
-          "name": "flags-dir",
-          "summary": "Import flag values from a directory.",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "auto": {
-          "char": "f",
-          "description": "Auto-detect which versions of which packages need to be promoted",
-          "name": "auto",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "debug": {
-          "char": "d",
-          "description": "Activate debug mode (more logs)",
-          "name": "debug",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "websocket": {
-          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
-          "name": "websocket",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        },
-        "skipauth": {
-          "description": "Skip authentication check when a default username is required",
-          "name": "skipauth",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "target-dev-hub": {
-          "aliases": [
-            "targetdevhubusername"
-          ],
-          "char": "v",
-          "deprecateAliases": true,
-          "name": "target-dev-hub",
-          "noCacheDefault": true,
-          "required": true,
-          "summary": "Username or alias of the Dev Hub org. Not required if the `target-dev-hub` configuration variable is already set.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        }
-      },
-      "hasDynamicHelp": true,
-      "hiddenAliases": [],
-      "id": "hardis:package:version:promote",
-      "pluginAlias": "sfdx-hardis",
-      "pluginName": "sfdx-hardis",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": true,
-      "title": "Promote new versions of package(s)",
-      "requiresProject": true,
-      "isESM": true,
-      "relativePath": [
-        "lib",
-        "commands",
-        "hardis",
-        "package",
-        "version",
-        "promote.js"
-      ],
-      "aliasPermutations": [],
-      "permutations": [
-        "hardis:package:version:promote",
-        "package:hardis:version:promote",
-        "package:version:hardis:promote",
-        "package:version:promote:hardis",
-        "hardis:version:package:promote",
-        "version:hardis:package:promote",
-        "version:package:hardis:promote",
-        "version:package:promote:hardis",
-        "hardis:version:promote:package",
-        "version:hardis:promote:package",
-        "version:promote:hardis:package",
-        "version:promote:package:hardis",
-        "hardis:package:promote:version",
-        "package:hardis:promote:version",
-        "package:promote:hardis:version",
-        "package:promote:version:hardis",
-        "hardis:promote:package:version",
-        "promote:hardis:package:version",
-        "promote:package:hardis:version",
-        "promote:package:version:hardis",
-        "hardis:promote:version:package",
-        "promote:hardis:version:package",
-        "promote:version:hardis:package",
-        "promote:version:package:hardis"
+        "hardis",
+        "package",
+        "version",
+        "list.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:package:version:list",
+        "package:hardis:version:list",
+        "package:version:hardis:list",
+        "package:version:list:hardis",
+        "hardis:version:package:list",
+        "version:hardis:package:list",
+        "version:package:hardis:list",
+        "version:package:list:hardis",
+        "hardis:version:list:package",
+        "version:hardis:list:package",
+        "version:list:hardis:package",
+        "version:list:package:hardis",
+        "hardis:package:list:version",
+        "package:hardis:list:version",
+        "package:list:hardis:version",
+        "package:list:version:hardis",
+        "hardis:list:package:version",
+        "list:hardis:package:version",
+        "list:package:hardis:version",
+        "list:package:version:hardis",
+        "hardis:list:version:package",
+        "list:hardis:version:package",
+        "list:version:hardis:package",
+        "list:version:package:hardis"
       ]
     },
-    "hardis:project:configure:auth": {
+    "hardis:package:version:promote": {
       "aliases": [],
       "args": {},
-      "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
+      "description": "\n## Command Behavior\n\n**Promotes a Salesforce package version from beta to released status in your Dev Hub.**\n\nThis command is a critical step in the package development lifecycle, marking a package version as stable and ready for production use. Once promoted, a package version can be installed in production organizations.\n\nKey functionalities:\n\n- **Package Version Selection:** Allows you to select a specific package version to promote. If the `--auto` flag is used, it automatically identifies package versions that are not yet released and promotes them.\n- **Automated Promotion:** When `--auto` is enabled, it queries for all unreleased package versions and promotes them without further user interaction.\n- **Dev Hub Integration:** Interacts with your connected Dev Hub to change the status of the package version.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's technical implementation involves:\n\n- **Package Alias Retrieval:** It retrieves package aliases from your `sfdx-project.json` to identify available packages.\n- **Automated Promotion Logic:** If `--auto` is used, it executes `sf package version list --released` to get a list of already released packages and then filters the available package aliases to find those that are not yet released.\n- **Interactive Prompts:** If not in auto mode, it uses the `prompts` library to allow the user to select a package version to promote.\n- **Salesforce CLI Integration:** It constructs and executes the `sf package version promote` command, passing the package version ID.\n- **`execSfdxJson`:** This utility is used to execute the Salesforce CLI command and capture its JSON output.\n- **Error Handling:** It handles cases where a package version might already be promoted or if other errors occur during the promotion process.\n</details>\n",
       "examples": [
-        "$ sf hardis:project:configure:auth"
+        "$ sf hardis:package:version:promote",
+        "$ sf hardis:package:version:promote --auto"
       ],
       "flags": {
         "json": {
@@ -9300,10 +9188,10 @@
           "multiple": false,
           "type": "option"
         },
-        "devhub": {
-          "char": "b",
-          "description": "Configure project DevHub",
-          "name": "devhub",
+        "auto": {
+          "char": "f",
+          "description": "Auto-detect which versions of which packages need to be promoted",
+          "name": "auto",
           "allowNo": false,
           "type": "boolean"
         },
@@ -9327,20 +9215,6 @@
           "allowNo": false,
           "type": "boolean"
         },
-        "target-org": {
-          "aliases": [
-            "targetusername",
-            "u"
-          ],
-          "char": "o",
-          "deprecateAliases": true,
-          "name": "target-org",
-          "noCacheDefault": true,
-          "summary": "Username or alias of the target org.",
-          "hasDynamicHelp": true,
-          "multiple": false,
-          "type": "option"
-        },
         "target-dev-hub": {
           "aliases": [
             "targetdevhubusername"
@@ -9349,8 +9223,8 @@
           "deprecateAliases": true,
           "name": "target-dev-hub",
           "noCacheDefault": true,
-          "required": false,
-          "summary": "Username or alias of the Dev Hub org.",
+          "required": true,
+          "summary": "Username or alias of the Dev Hub org. Not required if the `target-dev-hub` configuration variable is already set.",
           "hasDynamicHelp": true,
           "multiple": false,
           "type": "option"
@@ -9358,52 +9232,49 @@
       },
       "hasDynamicHelp": true,
       "hiddenAliases": [],
-      "id": "hardis:project:configure:auth",
+      "id": "hardis:package:version:promote",
       "pluginAlias": "sfdx-hardis",
       "pluginName": "sfdx-hardis",
       "pluginType": "core",
       "strict": true,
       "enableJsonFlag": true,
-      "title": "Configure authentication",
-      "requiresProject": false,
-      "requiresDependencies": [
-        "openssl"
-      ],
+      "title": "Promote new versions of package(s)",
+      "requiresProject": true,
       "isESM": true,
       "relativePath": [
         "lib",
         "commands",
         "hardis",
-        "project",
-        "configure",
-        "auth.js"
+        "package",
+        "version",
+        "promote.js"
       ],
       "aliasPermutations": [],
       "permutations": [
-        "hardis:project:configure:auth",
-        "project:hardis:configure:auth",
-        "project:configure:hardis:auth",
-        "project:configure:auth:hardis",
-        "hardis:configure:project:auth",
-        "configure:hardis:project:auth",
-        "configure:project:hardis:auth",
-        "configure:project:auth:hardis",
-        "hardis:configure:auth:project",
-        "configure:hardis:auth:project",
-        "configure:auth:hardis:project",
-        "configure:auth:project:hardis",
-        "hardis:project:auth:configure",
-        "project:hardis:auth:configure",
-        "project:auth:hardis:configure",
-        "project:auth:configure:hardis",
-        "hardis:auth:project:configure",
-        "auth:hardis:project:configure",
-        "auth:project:hardis:configure",
-        "auth:project:configure:hardis",
-        "hardis:auth:configure:project",
-        "auth:hardis:configure:project",
-        "auth:configure:hardis:project",
-        "auth:configure:project:hardis"
+        "hardis:package:version:promote",
+        "package:hardis:version:promote",
+        "package:version:hardis:promote",
+        "package:version:promote:hardis",
+        "hardis:version:package:promote",
+        "version:hardis:package:promote",
+        "version:package:hardis:promote",
+        "version:package:promote:hardis",
+        "hardis:version:promote:package",
+        "version:hardis:promote:package",
+        "version:promote:hardis:package",
+        "version:promote:package:hardis",
+        "hardis:package:promote:version",
+        "package:hardis:promote:version",
+        "package:promote:hardis:version",
+        "package:promote:version:hardis",
+        "hardis:promote:package:version",
+        "promote:hardis:package:version",
+        "promote:package:hardis:version",
+        "promote:package:version:hardis",
+        "hardis:promote:version:package",
+        "promote:hardis:version:package",
+        "promote:version:hardis:package",
+        "promote:version:package:hardis"
       ]
     },
     "hardis:project:audit:apiversion": {
@@ -9819,6 +9690,135 @@
         "remotesites:audit:project:hardis"
       ]
     },
+    "hardis:project:configure:auth": {
+      "aliases": [],
+      "args": {},
+      "description": "\n## Command Behavior\n\n**Configures authentication between a Git branch and a target Salesforce org for CI/CD deployments.**\n\nThis command facilitates the setup of automated CI/CD pipelines, enabling seamless deployments from specific Git branches to designated Salesforce orgs. It supports both standard Salesforce orgs and Dev Hub configurations, catering to various enterprise deployment workflows.\n\nKey functionalities include:\n\n- **Org Selection/Login:** Guides the user to select an existing Salesforce org or log in to a new one.\n- **Git Branch Association:** Allows associating a specific Git branch with the chosen Salesforce org.\n- **Merge Target Definition:** Enables defining target Git branches into which the configured branch can merge, ensuring controlled deployment flows.\n- **Salesforce Username Configuration:** Prompts for the Salesforce username to be used by the CI server for deployments.\n- **SSL Certificate Generation:** Automatically generates an SSL certificate for secure authentication.\n\n<details markdown=\"1\">\n<summary>Technical explanations</summary>\n\nThe command's implementation involves several key technical aspects:\n\n- **SF CLI Integration:** Utilizes \n@salesforce/sf-plugins-core\n for command structure and flag parsing.\n- **Interactive Prompts:** Employs the \nprompts\n library for interactive user input, guiding the configuration process.\n- **Git Integration:** Interacts with Git to retrieve branch information using \n`git().branch([\"--list\", \"-r\"])`\n.\n- **Configuration Management:** Leverages internal utilities (`checkConfig`, `getConfig`, `setConfig`, `setInConfigFile`) to read from and write to project-specific configuration files (e.g., `.sfdx-hardis.<branchName>.yml`).\n- **Salesforce CLI Execution:** Executes Salesforce CLI commands programmatically via `execSfdxJson` for org interactions.\n- **SSL Certificate Generation:** Calls `generateSSLCertificate` to create necessary SSL certificates for JWT-based authentication.\n- **WebSocket Communication:** Uses `WebSocketClient` for potential communication with external tools or processes, such as restarting the command in VS Code.\n- **Dependency Check:** Ensures the presence of `openssl` on the system, which is required for SSL certificate generation.\n",
+      "examples": [
+        "$ sf hardis:project:configure:auth"
+      ],
+      "flags": {
+        "json": {
+          "description": "Format output as json.",
+          "helpGroup": "GLOBAL",
+          "name": "json",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "flags-dir": {
+          "helpGroup": "GLOBAL",
+          "name": "flags-dir",
+          "summary": "Import flag values from a directory.",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "devhub": {
+          "char": "b",
+          "description": "Configure project DevHub",
+          "name": "devhub",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "debug": {
+          "char": "d",
+          "description": "Activate debug mode (more logs)",
+          "name": "debug",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "websocket": {
+          "description": "Websocket host:port for VsCode SFDX Hardis UI integration",
+          "name": "websocket",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "skipauth": {
+          "description": "Skip authentication check when a default username is required",
+          "name": "skipauth",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "target-org": {
+          "aliases": [
+            "targetusername",
+            "u"
+          ],
+          "char": "o",
+          "deprecateAliases": true,
+          "name": "target-org",
+          "noCacheDefault": true,
+          "summary": "Username or alias of the target org.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        },
+        "target-dev-hub": {
+          "aliases": [
+            "targetdevhubusername"
+          ],
+          "char": "v",
+          "deprecateAliases": true,
+          "name": "target-dev-hub",
+          "noCacheDefault": true,
+          "required": false,
+          "summary": "Username or alias of the Dev Hub org.",
+          "hasDynamicHelp": true,
+          "multiple": false,
+          "type": "option"
+        }
+      },
+      "hasDynamicHelp": true,
+      "hiddenAliases": [],
+      "id": "hardis:project:configure:auth",
+      "pluginAlias": "sfdx-hardis",
+      "pluginName": "sfdx-hardis",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": true,
+      "title": "Configure authentication",
+      "requiresProject": false,
+      "requiresDependencies": [
+        "openssl"
+      ],
+      "isESM": true,
+      "relativePath": [
+        "lib",
+        "commands",
+        "hardis",
+        "project",
+        "configure",
+        "auth.js"
+      ],
+      "aliasPermutations": [],
+      "permutations": [
+        "hardis:project:configure:auth",
+        "project:hardis:configure:auth",
+        "project:configure:hardis:auth",
+        "project:configure:auth:hardis",
+        "hardis:configure:project:auth",
+        "configure:hardis:project:auth",
+        "configure:project:hardis:auth",
+        "configure:project:auth:hardis",
+        "hardis:configure:auth:project",
+        "configure:hardis:auth:project",
+        "configure:auth:hardis:project",
+        "configure:auth:project:hardis",
+        "hardis:project:auth:configure",
+        "project:hardis:auth:configure",
+        "project:auth:hardis:configure",
+        "project:auth:configure:hardis",
+        "hardis:auth:project:configure",
+        "auth:hardis:project:configure",
+        "auth:project:hardis:configure",
+        "auth:project:configure:hardis",
+        "hardis:auth:configure:project",
+        "auth:hardis:configure:project",
+        "auth:configure:hardis:project",
+        "auth:configure:project:hardis"
+      ]
+    },
     "hardis:project:convert:profilestopermsets": {
       "aliases": [],
       "args": {},
@@ -15370,5 +15370,5 @@
       ]
     }
   },
-  "version": "6.9.1-alpha202510262008.0"
+  "version": "6.9.1-alpha202510262129.0"
 }