Introduction

SFPM is a CLI and toolchain that brings a modern package-manager workflow to Salesforce metadata. It builds Salesforce packages into versioned artifacts, installs or deploys them across orgs in dependency order, and runs lifecycle hooks for the metadata types Salesforce doesn't handle cleanly out of the box (profiles, permission sets, picklists, flows, managed-package settings, and more).

Think npm, but the artifacts are unlocked / second-generation Salesforce packages instead of JavaScript modules.

Why use it?

• Dependency-aware orchestration — build and deploy graphs of packages with one command instead of hand-rolling order.
• Async validation watchers — kick off long unlocked-package builds and check back later with sfpm build status.
• Lifecycle hooks — pre/post-deploy logic for the metadata Salesforce makes painful: profiles, perm sets, picklists, flows, LWC, managed packages, Browserforce settings.
• Scratch org pools — provision and reuse warm scratch orgs to cut feedback time.
• Data seeding — first-class SFDMU integration for reference data.
• CI-ready — every flow that runs locally also ships as a GitHub Action.
• Turborepo-friendly — --turbo flag on build / deploy / install for single-package mode under external orchestrators.

Where to next?