...
POST RELEASE VALIDATION
- Able to login via SSO
- My Domain is auto-enabledEdge Network is not auto-enabled
...
- Batch jobs are running
List of upcoming new features, enforcements and updates- New Service Portal link is working https://sydneyuni-adv.my.site.com/serviceportal/s/
ENFORCEMENTS
Feature | Short Description | Remarks / Action Items | Recommendation |
|---|---|---|---|
Salesforce is updating the routing options available on the My Domain setup page to include Salesforce Edge Network. By default, all orgs are automatically enrolled in the upcoming Salesforce Edge enablement, which occurs according to this timeline: Salesforce notifies admins via email 60 to 90 days before the Edge enablement for their orgs. After Edge is enabled, Salesforce also notifies admins of that event. We’ve also provided the ability to defer this change by unchecking Enable Salesforce Edge Network during the scheduled feature rollout on the My Domain setup page. For additional flexibility, even if you decide to defer now, you can enable Salesforce Edge manually later, ideally during your org's off-peak hours. NOTE: After Salesforce Edge Network is enabled, you can roll back this change within 7 calendar days. If this window has passed, log a case with Salesforce Support to discuss the options available to your org. In Spring ’23, Salesforce Edge Network can be enabled but requires Salesforce Support to roll back. | What is Salesforce Edge Network? Considerations for Salesforce Edge Network Action Item: Raise support case 15/5: Case #44609558 raised 17/5: Had a meeting with SF Support Engineer. He advised us to enable the Edge Network as it will not impact USyd org but rather provide faster responses when accessing data. NOTE: We just need to monitor if we need to whitelist the new IP once it’s turned ON and provide it to IT team if needed. Link to IP list from SF: https://help.salesforce.com/s/articleView?id=000384438&type=1  Webex meeting recording: Case Number: 37355506-20230517 0032-1 | Part of Summer 23 release | |
Disable Rules for Enforcing Explicit Access to Apex Classes (Release Update) | This update disables the requirement for a user running a flow to have explicit access to Apex classes invoked by that flow. This update was first made available in Summer ’20 and was scheduled to be enforced in Spring ’23, but we postponed the enforcement date to Summer ’23. | This update is available only for Salesforce orgs that enabled the Require User Access to Apex Classes Invoked by Flow update. No impact to Univ of Sydney | Part of Summer 23 release |
Help shield your org and network from malicious attacks with content sniffing protection. This change helps prevent the browser from loading scripts disguised as other file types when your users access external content and websites from Salesforce. This update was first made available in Winter ’23 and was scheduled to be enforced in Spring ’23, but we postponed the enforcement date to Summer ’23. | If a link or content embedded within a custom page fails to load, investigate whether the external content is valid. If a standard Salesforce page or embedded content on a standard page fails to load during testing, file a case with Salesforce Customer Support. Action Item: Raise support case 15/5: Case #44609558 raised 17/5: No impact as per conversation with SF Support as this is just additional security feature. | Part of Summer 23 release | |
Enable Sharing for Flow Orchestration Objects (Release Update) | In Summer ’23, Salesforce enables sharing for Flow Orchestration objects. With this change the Manage Flow user permission no longer grants user access to Flow Orchestration objects. To cancel or debug an orchestration or to reassign an orchestration work item, a user needs the Manage Orchestration Runs and Work Items user permission, along with sharing access to Flow Orchestration objects. Users who run orchestrations and execute work items must still have the Run Flows user permission. | No impact. No existing Flow Orchestration. The flow Basic Approval Request is a Flow Orchestration for CMS, and is from a managed package.  | Part of Summer 23 release |
This update upgrades the JavaScript library for all of your Aura sites from analytics.js to gtag.js in preparation for Google Analytics 4 (GA4). After you upgrade your JavaScript libraries, to complete the migration to GA4, you must manually update the Google Analytics Tracking ID for each of your Aura sites from a UA-ID to a G-ID. To continue collecting analytics data for Aura sites after Google stops processing data through Universal Analytics properties on July 1, 2023, Experience Cloud requires that each Aura site uses the gtag.js library and a G-ID. Previously, Aura sites were permitted to use either the analytics.js library or the gtag.js library, and connected to Google Analytics with a UA-ID. This update was first available in Spring ’23 and is enforced in Summer ’23. | No additional testing required. No impact. No pending updates for Aura Sites:
| Part of Summer 23 release | |
Migrate Security Policies to the Mobile Security Setup UI (Release Update) | This update improves the admin experience by moving all Enhanced Mobile App Security policies that were configured as Connected App custom attributes to the Mobile Security Setup UI. Now you can easily enable or edit security policies with clicks and avoid configuration errors. | No impact. Only applies to Connected App custom attributes beginning with mobile.security for the Salesforce mobile app. | Part of Summer 23 release |
With this update, event log files are generated and delivered only to instances that opt in to receive event log files. Previously, all instances received event log files automatically. This update automatically disables event log file generation for Developer and Trial editions and for instances that don’t have the Event Monitoring add-on subscription by default. If you have Salesforce Shield or Salesforce Event Monitoring add-on subscriptions, you’re opted in to receiving event log files by default. This update was first available it Spring ’23 and is enforced in Summer ’23. | Recommendation: Turn ON in PROD, Fullcopy (UAT) and SIT. OFF in lower dev sandboxes This can be helpful to filter out which instances receive event log files. We can turn this feature on to PROD and other important sandboxes such as SIT and UAT. No impact to Univ of Sydney | Part of Summer 23 release | |
This update restricts organizations from sending emails from an unverified email address in the guest user record. Orgs with a verified organization-wide email address aren’t affected by this release update, because the “sent from” email address defaults to the org’s verified email address. This update is enforced with the Summer ’23 release. When this update is enforced, emails sent from the org using a guest user’s unverified email address are blocked. | There is already a verified Organization-Wide Email Address: Advancement Services Support. NOTE: This is the Sumo Guest User Record, need to check if this is a valid/verified email: sumo_cep@sydneyuni-adv.force.com Sunil (Unlicensed) - kindly verify Thanks cc Syed Shah Aldrin Rasdas (UofSyd) This has been confirmed with Sunil (Unlicensed) 15/05 No impact to Univ of Sydney | Part of Summer 23 release | |
Security Enhancements for CSRF Tokens for Lightning Apps (Release Update) | This update enforces the generation of a different cross-site request forgery (CSRF) token for each Lightning app, which ensures that a token is used only in its intended context. The update also improves the handling for invalid and expired tokens. This update was first available in Spring ’23 and is enforced in Summer ’23. | No impact to Univ of Sydney Enhanced security for each Lightning App. Tested most used Lightning Apps (Affinaquest, Sumo) and still works fine | Part of Summer 23 release |
Use a Default No-Reply Address as System Address for Case Email Notifications (Release Update) | Configure a default No-Reply address from the Organization-Wide Addresses page in Setup. Add an email address in Special Purpose Organization-Wide Email Addresses, then follow the steps outlined in the verification email sent to the new default No-Reply address. After you verify your default No-Reply address, set up and start the Test Run in the Release Update. This update was first made available in Spring ’21 and was scheduled to be enforced in Spring ’23, but we postponed the enforcement date to Summer ’23. | A Default No-Reply Address is already set: Advancement Services Support Support Settings > "Send Case Notifications from System Address" is enabled Previously: email notifications were sent from the Automated Case User | Part of Summer 23 release (already existing in PROD, no actions required) |
To take the next step toward retiring Process Builder processes, you can no longer create new processes. You can still activate, deactivate, and edit your existing Process Builder processes and continue to create automations in Flow Builder. To test and create processes for use in managed packages, developer orgs still allow you to create processes. Most Process Builder use cases are now supported in and work better in Flow. | To facilitate migrating your processes, use the Migrate to Flow tool. | Need to plan ahead for the migration of existing Process Builders and Workflow Rules |
...