What’s so “critical” about Salesforce Critical Updates?

Published by Stephanie Sargent, August 17, 2020
Product, Salesforce, Tips

By Sarah McCarter, Salesforce SME at Provar

Most Salesforce Admins see this pop-up notification when entering Setup and likely dismiss it before continuing on to make whatever updates brought them to Setup in the first place. 

If you’ve ever wondered if it was necessary to review your Critical Updates, the answer is yes. It’s a no-brainer that critical updates are critical to research and test because they are automatically applied by Salesforce. 

Salesforce has also released a new beta update to the Critical Updates interface called “Release Updates” that makes it even easier to review and sort your org’s Critical Updates. By testing these in your sandbox environments before the activation date, you can avoid some potentially hazardous situations if they end up breaking some of your business-critical customizations. (Fielding questions from hundreds of frustrated sales team members when that happens doesn’t sound like fun to us either.)

In addition to avoiding some potentially catastrophic situations, testing Salesforce Critical Updates early and often can also help you take advantage of new functionality that is designed to resolve bugs and optimize the user experience. 

So, what are Salesforce Critical Updates exactly?


Salesforce Critical Updates target a specific piece of Salesforce functionality and are special in that they typically fall outside of the normal Salesforce release windows. 

These updates are classified by Salesforce as changes that may break customer orgs depending on their configuration. Salesforce also provides a suggested window of time to validate if you are impacted and to contact Salesforce support to discuss any issues you may need to first resolve. 

Some important things to note about Critical Updates


  • Salesforce displays a message the first time you access Setup after a critical update becomes available. This message lets you choose whether you want Salesforce to display the updates immediately or remind you about the updates later.
  • Each Critical Update detail page describes how your customizations can be affected and how you can correct any unintended behavior.  
  • As an Admin, you can enable or disable the update up until the automatic activation date. 
  • On the scheduled auto-activation date, Salesforce permanently activates the update. After auto-activation, you can’t normally deactivate the update.  
  • Salesforce analyzes your organization to determine if a critical update potentially affects your customizations. If your customizations aren’t affected, Salesforce can automatically activate the update in your organization.  

An example of why your feedback is important


Many admins were recently contacted by Salesforce support regarding an update in the Summer ’20 release involving a change in the secure guest user record access policies. This particular update can have a serious impact on orgs that have public force.com sites and/or allow some public access to their communities. 

After testing the update, several admins reported that email alerts using Visualforce templates had no merge data. While Salesforce originally introduced this update for Spring ’20, they deferred the activation date to make additional changes based on this feedback. 

Finding critical updates


From Summer ’20, Salesforce has released a new beta feature which presents a much more digestible view of critical update data. The new page also contains information found in the Security Alerts node with the security alerts functionality remaining the same.  You can find all of this information under Release Updates allowing you to focus on the highest priority items. The new interface has been updated to use tabs allowing an admin to filter for the updates that you want to see.

  • Needs Action: Update hasn’t reached the Complete Steps By date and steps are not completed.
  • Due Soon: Complete Steps By date is approaching.
  • Overdue: Update is past the Complete Steps By date and steps are not completed.
  • Steps Completed: Update has been completed.

When you act on an update, a series of detailed steps helps you evaluate the impact on your org. You can adopt the update early, or depending on your org, use the recommended test run option. One of the changes with the rollout of this new functionality is the adjustment of the date the update will be “Automatically enforced in”, meaning that updates will now be enforced with a standard Salesforce release as opposed to various dates between releases. For specific dates, go to https://status.salesforce.com/ and check information about your instance. Salesforce recommends that you complete steps listed for the update by this date. If testing is supported, you can manually enable and disable an update before the date. For a sandbox org, test run periods may end early with a release upgrade.

You can also see which Critical Updates are pending and the estimated auto-activation date by logging into your Salesforce org. Enter the Setup menu and search for Critical Updates.

How should I test critical updates?


Testing critical updates can be very important depending on the functionality being updated. We’ve created a Salesforce critical updates guide to help you prioritize your testing based on the potential impact to your org as well as the date the update will be applied. When you’re ready to start testing, keep in mind that it’s important to first test in a sandbox environment before enabling an update in your production org. We recommend testing one update at a time so you can isolate which change has caused issues, but this may not always be possible if you are testing manually and have limited time.

Next, you’ll need to identify the customizations that will potentially be affected by the Critical Update. Remember that you can review the update detail page to see what could potentially be impacted. For example, if you were looking to test the Evaluate Criteria Based on Original Record Values in Process Builder Critical Update, you would define tests that ensure all of your Process Builders are working correctly before and after enabling the update.

Manual testing


Developing a manual testing plan requires defining each of the scenarios in a step-by-step format along with the expected outcome. Keep in mind that it may also be necessary to account for negative test scenarios. For example, you may want to test if a component is not visible to a user in a specific profile.

If you’re testing manually, you can use your Process Builders as a guide to ensure your manual testers are updating the records to match one diamond in your Process Builder, multiple diamonds in your Process Builder and negative scenarios where the record should not meet the criteria for your Process Builder.  

The disadvantage of manual testing is that it is time-consuming to write the scripts themselves as well as have a user or multiple users perform the steps outlined in the scripts with their findings. Users may not understand the test steps or may not be as diligent in completing the steps as outlined which can also leave your org open to potential issues that may have been missed during testing.

Automated testing


Automated testing tools like Provar help to speed up your testing using repeatable data-driven automation tests which can include both UI and API actions. Provar allows you to perform regression testing by establishing a baseline of passing tests before you enable a critical update. You can then review and compare the results of your tests after the update has been enabled. Your tests can be reused for different user profiles and applications to test each variation in your user journey. Automation allows you to translate your manual test scripts so they are not dependent on end user testers and are always consistent.

Above: View of Provar’s Test Palette. Provar is designed to make it easy to build test cases using a drag and drop interface to add and customize a variety of test step types.

If you’re considering automating your testing plan, keep the following candidates in mind:

  • Repetitive tests that run for multiple builds
  • Tests that tend to cause human error
  • Tests that require multiple data sets
  • Frequently used functionality that introduces high-risk conditions
  • Tests that are impossible or difficult to perform manually
  • Tests that run on several different hardware or software platforms and configurations
  • Tests that take a lot of effort and time when manual testing

Automating these items can make testing your critical updates much easier and faster. This allows you to take advantage of the updates sooner and in a safer way!

Where can I find more information?


For more information about upcoming Critical Updates, you can review our convenient list with links to the related Salesforce documentation or navigate to Setup in Salesforce and select the Release Updates (Beta) option in the Setup menu. Alternatively, you can search for Critical Updates in the Setup search bar for the classic view.  

For more information about getting more out of your Salesforce org or to schedule a demo of Provar, please connect with us here.

We use cookies to better understand how our website is used so we can tailor content for you. For more information about the different cookies we use please take a look at our Privacy Policy.