By Sarah McCarter, Salesforce SME at Provar

Most Salesforce Admins see this pop-up notification when entering Setup and likely dismiss Salesforce critical updates before continuing to make whatever updates brought them to Setup in the first place. 

Salesforce Critical Updates

If you’ve ever wondered if it was necessary to review your Critical Updates, the answer is yes. It’s a no-brainer that critical updates are critical to research and testing because Salesforce automatically applies them. 

Salesforce has also released a new beta update to the Critical Updates interface called “Release Updates,” which makes it even easier to review and sort your organization’s Critical Updates. By testing these in your sandbox environments before the activation date, you can avoid potentially hazardous situations if they break some business-critical customizations. (Fielding questions from hundreds of frustrated sales team members when that happens doesn’t sound like fun to us either.)

In addition to avoiding potentially catastrophic situations, testing Salesforce Critical Updates early and often can help you take advantage of new functionality designed to resolve bugs and optimize the user experience. 

So, what are Salesforce Critical Updates exactly?

Salesforce Critical Updates target a specific piece of Salesforce functionality and are unique because they typically fall outside the standard Salesforce release windows. 

Salesforce classifies these updates as changes that may break customer orgs depending on their configuration. Salesforce also provides a suggested time window to validate if you are impacted and contact Salesforce support to discuss any issues you may need to resolve. 

Some important things to note about Critical Updates

  • Salesforce displays a message the first time you access Setup after a critical update becomes available. This message lets you choose whether you want Salesforce to show the updates immediately or remind you about the updates later.
  • Each Critical Update detail page describes how your customizations can be affected and how you can correct any unintended behavior.  
  • As an Admin, you can turn the update on or off until the automatic activation date. 
  • On the scheduled auto-activation date, Salesforce permanently activates the update. After auto-activation, you can’t typically deactivate the update.  
  • Salesforce analyzes your organization to determine if a critical update potentially affects your customizations. If your customizations aren’t affected, Salesforce can automatically activate the update in your organization.  

An Example of Why Your Feedback Is Important

Salesforce support recently contacted many admins regarding an update in the Summer ’20 release involving a change in the secure guest user record access policies. This update can severely impact organizations with public force.com sites and allow some public access to their communities. 

After testing the update, several admins reported that email alerts using Visualforce templates had no merge data. While Salesforce originally introduced this update for Spring ’20, they deferred the activation date to make additional changes based on this feedback. 

Finding Critical Updates

From Summer ’20, Salesforce has released a new beta feature that presents a much more digestible view of critical update data. The new page also contains information in the Security Alerts node, with the security alerts functionality remaining the same. You can find all this information under Release Updates allowing you to focus on the highest priority items. The new interface has been updated to use tabs, enabling an admin to filter for the updates you want to see.

  • Needs Action: The update hasn’t reached the Complete Steps By date, and steps are not completed.
  • Due Soon: Complete Steps By date is approaching.
  • Overdue: The update is past the Complete Steps By date, and steps are not completed.
  • Steps Completed: The update has been completed.

When you act on an update, a series of detailed steps helps you evaluate the impact on your org. Depending on your org, you can adapt the update early or use the recommended test run option. One of the changes with the rollout of this new functionality is the adjustment of the date the update will be “Automatically enforced in,” meaning that updates will now be enforced with a standard Salesforce release instead of various dates between releases. For specific dates, go to https://status.salesforce.com/ and check information about your instance. Salesforce recommends completing the steps listed for the update by this date. If testing is supported, you can manually turn an update on and off before the date. Test run periods may end early with a release upgrade for a sandbox org.

So, what are Salesforce Critical Updates exactly?

Logging into your Salesforce org, you can see which Critical Updates are pending and the estimated auto-activation date. Enter the Setup menu and search for Critical Updates.

How Should I Test Critical Updates?

Testing critical updates can be significant depending on the functionality being updated. We’ve created a Salesforce critical updates guide to help you prioritize your testing based on the potential impact on your org and the date the update will be applied. When you’re ready to start testing, remember that testing in a sandbox environment is essential before enabling an update in your production org. We recommend trying one update at a time to isolate which change has caused issues, but this may not always be possible if you are testing manually and have limited time.

Next, you’ll need to identify the customizations that will potentially be affected by the Critical Update. Remember to review the update detail page to see what could be impacted. For example, if you were looking to test the Evaluate Criteria Based on Original Record Values in Process Builder Critical Update, you would define tests that ensure all of your Process Builders are working correctly before and after enabling the update.

Manual Testing

Developing a manual testing plan requires defining each scenario step-by-step and the expected outcome. Remember that it may also be necessary to account for negative test scenarios. For example, you may want to test if a component is not visible to a user in a specific profile.

If you’re testing manually, you can use your Process Builders as a guide to ensure your manual testers are updating the records to match one diamond in your Process Builder, multiple diamonds in your Process Builder, and negative scenarios where the document should not meet the criteria for your Process Builder.  

The disadvantage of manual testing is that writing the scripts and having a user or multiple users perform the steps outlined in the writings with their findings is time-consuming. Users may not understand the test steps or may not be as diligent in completing the steps as outlined, which can leave your org open to potential issues that may have been missed during testing.

Automated Testing

You have automated testing tools like Provar to help speed up your testing using repeatable data-driven automation tests, which can include both UI and API actions. Provar allows you to perform regression testing by establishing a baseline of passing tests before you enable a critical update. You can then review and compare the results of your tests after allowing the update. Your tests can be reused for different user profiles and applications to test each variation in your user journey. Automation will enable you to translate your manual test scripts so they are not dependent on end-user testers and are always consistent.

Above: View of Provar’s Test Palette. Designing Provar to make it easy to build test cases using a drag-and-drop interface to add and customize various test step types.

If you’re considering automating your testing plan, keep the following candidates in mind:

  • Repetitive tests that run for multiple builds
  • Tests that tend to cause human error
  • Tests that require multiple data sets
  • Frequently used functionality that introduces high-risk conditions
  • Tests that are impossible or difficult to perform manually
  • Tests that run on several different hardware or software platforms and configurations
  • Tests that take a lot of effort and time when manual testing

Automating these items can make testing your critical updates much easier and faster. It allows you to take advantage of the updates sooner and more safely!

Where Can I Find More Information?

For more information about upcoming Critical Updates, you can review our convenient list with links to the related Salesforce documentation or navigate to Setup in Salesforce and select the Release Updates (Beta) option in the Setup menu. Alternatively, you can search for Critical Updates in the Setup search bar for the classic view.  

For more information about more out of your Salesforce org or to schedule a demo of Provar, please connect with us here.