1 of 100

AutoRABIT Knowledge Base

Welcome to the Knowledge Base

Welcome to AutoRABIT's documentation hub—the Knowledge Base! This is your go-to resource for release notes, detailed user guides, how-to tutorials, FAQs, and troubleshooting guides.

What is AutoRABIT?

AutoRABIT is a leading cloud-based CI/CD suite tailored for Salesforce, optimizing the development lifecycle from version control and deployment to testing and sandbox management. By facilitating enhanced collaboration between Salesforce developers, admins, analysts, and release managers, AutoRABIT ensures efficient operations across multiple Salesforce orgs. In tandem with AutoRABIT, CodeScan champions Salesforce code quality by conducting thorough scans for vulnerabilities and code inconsistencies, all customizable to fit organizational standards. On the other hand, Vault revolutionizes Salesforce data management, offering robust storage solutions for vital metadata, integrating automated version control, and providing adept conflict resolution mechanisms. Together, AutoRABIT, CodeScan, and Vault form a holistic ecosystem that supercharges Salesforce development, ensuring precision, security, and excellence throughout the process.

What You'll Find

In our Knowledge Base, you will find:

AI Search: Our AI-driven search tool helps you extract precise steps and details from our documentation. (Try it out!)
Detailed User Guides: Step-by-step instructions to help you understand our product suite and navigate it with ease.
How-To Tutorials: Practical guides to resolve common issues, configure settings, and maximize your productivity.
Frequently Asked Questions (FAQs): Quick solutions and information on common queries about our products and services.
Troubleshooting Guides: Handy resources to identify and resolve technical issues.

Looking for Something That Isn’t Here?

Want to see additional content or features on this site? Reach out to our Documentation Team with your suggestion (and a helpful link, if possible), and we’ll do our best to get it added!

Quick Links

Fundamentals

AutoRABIT Solutions

At AutoRABIT, we're at the forefront of Salesforce DevOps solutions. Our advanced platform streamlines your development, testing, and release cycles, promoting continuous integration and delivery.

AutoRABIT delivers comprehensive Salesforce DevSecOps solutions tailored for regulated industries, ensuring security, quality, and productivity in Salesforce development. Since Salesforce was built as a Customer Resource Module (CRM) rather than a development platform, AutoRABIT simplifies complex processes through automation—enabling teams to achieve more with fewer resources.

Who We Are

Founded in 2015, AutoRABIT is a global company dedicated to helping organizations regain control of their Salesforce development and implement continuous delivery of value to customers and employees.

What We Offer

AutoRABIT provides an integrated suite of DevSecOps tools to automate, secure, and optimize Salesforce development:

Automated Release Management (ARM): Reducing the complexity of Salesforce development, deployment, and management enables teams to meet quality, security, and compliance standards with strategic automation.
CodeScan: Performing static code analysis and applying policy management tools gives you total visibility into the health of your Salesforce environment, reduces costs, finds vulnerabilities, and decreases time to market.
Vault: Implementing automated backup and recovery of Salesforce data, sophisticated data comparison tools, easy sandbox seeding, archiving, and comprehensive data management features ensures IT security, risk, and compliance needs are met.
Guard: Automated security and compliance solution for Salesforce, designed to help enterprises protect their critical operations by continuously monitoring, enforcing policies, and remediating security risks. It eliminates the manual oversight typically required to manage Salesforce’s complexity, addressing security gaps, misconfigurations, and compliance risks in real time.

Why It Matters

Version Control: We provide seamless integration with popular version control systems, enabling efficient tracking and management of changes to your codebase.
Automated Metadata Deployment: Our platform automates the deployment process, ensuring quick, reliable, and error-free releases.
Data Deployment and Backup: AutoRABIT ensures the integrity and security of your data through automated data deployment, backup, and recovery solutions.
Test Automation: We enable teams to automate their testing processes, ensuring high-quality output and faster release cycles.
CodeScan Integration: We integrate with CodeScan for enhanced static code analysis. This allows us to conduct thorough code quality checks, detect vulnerabilities early, and ensure your code adheres to the highest standards of performance and security.
Governance and Compliance: Our platform facilitates adherence to regulatory standards and corporate policies, ensuring smooth audits and compliance checks.

Our mission is to simplify Salesforce DevOps and enhance productivity, letting businesses focus on what they do best: deliver value to their customers. By taking the complexities out of the DevOps process, AutoRABIT helps teams accelerate their development cycles, improve quality, and drive business growth.

FAQs

General User Definitions

ARM-Specific User Definitions: The information below is generalized across the entire AutoRABIT suite of products. For information specific to ARM, please refer to the ARM User Definitions page .

Standard User

A Standard User is an individual authorized by the Customer to log in to and fully utilize AutoRABIT’s subscribed products. Standard Users have access to all product functionalities, including the Web UI, IDE plugins, APIs, and other interfaces.

Platform Owners/Admins are included in the Standard User class, ensuring administrative rights without affecting licensing terms.

Platform Integration User

A Platform Integration User is an individual authorized by the Customer to perform actions that trigger the execution of AutoRABIT products (directly or indirectly).

This includes, but is not limited to:

Analyzing reports or data from AutoRABIT to identify and resolve code quality, security, compliance, or system performance issues.
Agents, bots, or systems executing actions via AutoRABIT to automate testing, deployments, or compliance checks.
Using AutoRABIT IDE plugins
Triggering AutoRABIT APIs
Directly changing Salesforce org configurations
Committing changes to a source code repository

Key Points:

Automation (e.g., bots, agents) utilizing AutoRABIT for testing, deployment, or monitoring must be licensed appropriately.
Any person who commits code to a Source Code Management (SCM) system, where the commit directly or indirectly triggers a job in AutoRABIT, requires a Platform Integration License.
If a service account is used to trigger automation or integrate with AutoRABIT, the person or team responsible for the actual code commit must still hold a Platform Integration License. This ensures that each individual whose actions contribute to triggering AutoRABIT processes is appropriately licensed.
Any code commits triggering AutoRABIT jobs, directly or indirectly, manual or automated, count toward Platform Integration Licenses.

Example: In Git, multiple commits pushed simultaneously are counted individually toward user licensing.

Platform Integration Users are included in licensing with view-only permissions.

Additional Notes:

The number of licensed users represents the total unique users of the products throughout the Subscription Term.

ARM User Definitions

Standard User

A Standard User is an individual authorized by the Customer to log in to and directly use AutoRABIT’s subscribed products.

Additional Notes:

Platform Owners/Admins are included in the Standard User class, allowing customers to manage admin rights without affecting licensing terms.
The number of licensed users represents the total unique users of the products, calculated throughout the entire course of the Subscription Term.

Platform Integration User

A Platform Integration User is an individual authorized by the Customer to commit to a Source Code Management (SCM) system, where that external commit is then used in any ARM process. This is primarily intended to represent users who interact with ARM through Git and do not have a Standard User license.

Tracking Platform Integration Users in ARM:

AutoRABIT tracks the usage of ARM as an orchestration engine through version control systems. The unique identifier used is the associated email address. Therefore, it is important that activity be linked to official customer email addresses to avoid double-counting users who may use personal email addresses.

Key Points:

Code Commits and Licensing: Any person who commits code to an SCM system, where that commit is later used in an AutoRABIT function, requires a Platform Integration License (unless the person committing has a active AutoRABIT ARM License). This would include external commits to the SCM System.
Service Accounts: If a service account triggers automation or integrates with AutoRABIT, the individual or team responsible for the actual code commit must still hold a Platform Integration License. This ensures that all contributors whose actions trigger AutoRABIT processes are appropriately licensed.
Commit Count in SCM Systems: For SCM systems such as Git, multiple commits pushed simultaneously are counted separately toward the user license.
No Web UI Login Required: A Platform Integration User does not need to log in to the AutoRABIT Web UI to be counted as a user.
Remote Access for Standard Users: Active Standard Users can use ARM remotely without additional license requirements.

Determining the Count of Platform Integration Users

Platform Integration Users are sold in blocks of 10. This means any user meeting the criteria above who is not also a licensed Standard User will be counted. These are not “named” users; instead, users are defined by their activity within the quarter. The count is recalculated each quarter.

Calculation:

The average high-water mark of the two highest quarters is used, rounded up to the nearest block of 10, to determine the total Platform Integration User count for the term.
Counts reset each quarter and include both new and recurring users.

Example:

ACME Corp purchases 10 Platform Integration User licenses.

Quarter 1: 15 users
Quarter 2: 8 users
Quarter 3: 17 users
Quarter 4: 5 users

The average of the two highest quarters (15 and 17) is 16. Since licenses are sold in blocks of 10, ACME oversubscribed by 6 users and would need to purchase an additional 10 licenses.

Notes:

The subscription model aligns with the contract start date, not the fiscal year. For example, if the contract starts in May 2025, the quarterly data points would include: Q1 (May, June, July)2025, Q2 (August, September, October) 2025, Q3 (November, December 2025, January 2026) and Q4 (February, March, April) 2026.
Licenses are sold in blocks of 10 and always round up. If oversubscribed by 6 licenses, purchase an additional 10. If oversubscribed by 11, purchase an additional 20.
Unique Email IDs: ARM counts users via unique email IDs retrieved from Git. If an individual uses multiple email addresses for commits, they will be counted as separate users. To prevent this, ensure best practices when using Git.

Connection & Authentication

How do I register GitHub repositories with two-factor authentication?

To use two-factor authentication in GitHub, create a personal access token first.

Create a personal access token and use it in place of a password when performing Git operations over HTTPS with GIT on the command line or the API. For detailed information, refer to https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
Register your GitHub Repository in ARM using the same token.

How do I rectify the GOLDENDOODLE vulnerability?

Short-term solution: Disable support for CBC encryption ciphers. Follow the procedures below to disable weak ciphers:
- Run the following command to list the ciphers: - sshd -T | grep ciphers | perl -pe 's/,/\n/g' | sort -u
- Edit the file - /etc/ssh/sshd_config and add what strong ciphers you want to have or place in this file as shown in the example below- Ciphers aes128-ctr,aes192-ctr,aes256-ctr
- Now, restart your sshd service using the command:  service sshd restart
Long-term solution: Enable the TLS 1.3 protocol.

Why am I not able to authenticate JIRA with my account?

Make sure you are entering the JIRA API token in the Password field while registering your JIRA plugin for the first time in the ARM application.

How do I generate a new API token for JIRA?

Follow the steps below to generate a new API token for JIRA:

Go to the link: https://id.atlassian.com/manage/api-tokens.
Click on Create API Token and provide the label name and click on Create.
Once the token is created, you will be able to see the Your new API token popup. Click on the Copy to Clipboard.
Use the copied token as a password for creating/updating the credential in AutoRABIT.
Once updated please use the same credential to authenticate the JIRA.

How can I add a repository to AutoRABIT if one already exists?

Follow the below steps to register the repository:

Log in to your repository and click on Clone. It will give you an https and an ssh link.
To register the repository, copy the https link and paste it into ARM.
Make sure the repo clone you see before https isn't included in the link you paste in ARM.
Input the URL that begins with https.

How does an SSH Key differ from an SSH Certificate?

While SSH Key-based authentication uses public key cryptography, SSH Certificate-based authentication attaches a signed certificate to each key to verify identity. By using a certificate signed by a trusted Certificate Authority, users can do away with the passwords (which are not secure, given that passwords can either be stolen or cracked via brute force) and leverage a partially automated trust-based certificate authentication process to gain access to systems.

Why am I unable to register a GitHub repository using SSH keys and getting an 'invalid private key' error?

This is because you used invalid SSH keys to register your repository. Please use the correct SSH keys and try again.

How do I validate the 'src' folder under branch settings?

When you try to create a new branch you must validate the master branch's 'src' folder path, then select the parent branch as master, and the 'src' folder path will be automatically set to the newly created branch.

Data Loader

Encryption

Is there any encryption for Data Loader files? We don't want our data or upload files (e.g., CSV files) to be accessible by AutoRABIT or any other party.

AutoRABIT does not encrypt CSV files. However, the EBS volumes are encrypted using AWS KMS keys.

Can a customer's own key be used to encrypt their data? Is this possible?

Currently, AutoRABIT does not support customer encryption keys for data encryption. This feature is not supported at the moment.

Data Storage

Where is the result data (including exported data) physically stored, and can it be moved to a specific location (e.g., another country)? Can we ensure this data is not stored in AutoRABIT?

AutoRABIT does not delete data in the Data Loader functionality until the customer deletes it. For example, the ap5.autorabit.com instance is hosted in an AWS Singapore data center, and the data is stored in EBS volumes with AWS KMS keys in the same region.

Error Messages

Why does my Data Loader Pro job fail with an "Invalid ID" error message when the parent object is not selected?

An Invalid ID error occurs while running the Data Loader Pro job from release 23.1.26.

This is a known issue in the Data Loader Pro module. There is an invalid ID error while not selecting the parent object and keeping as null. A fix is available in the ARM 23.1.28 build version.

The customer has a Data Loader Pro job and has two queries:

They had to select the ancestor object whenever they ran the Data Loader Pro job.
They have tried a few records with null values, and it resulted in multiple object record failure with the error message Invalid ID.

Feature Overview

Why does the record fail when trying to update with "null" values?

For this to happen, you must choose "Insert/Update with null values" while running the Data Loader Pro job.

There are instances when you do not want to include ancestor records that haven't changed. For example: If there are no changes on ancestors, then it is not required to include that Parent object in the job unless it is a Master-Detail relation.

Feature Considerations

Why does the current Data Loader setup require parent objects to be included without the Limit 0 option?

The current Data Loader setup in AutoRABIT requires parent objects to be included without the Limit 0 option for the records, causing some records to fail. A code fix has resolved this issue, available in the ARM 23.1.28 build version.

Is AutoRABIT compatible with the deployment of CPQ data?

Currently, we are supporting CPQ data deployment through Data Loader Pro only. We plan to release a beta version exclusively for CPQ deployments in the coming months.

CI Jobs

What are the benefits of using Quick Deploy?

When you run a validation deployment through ARM, it will pre-run all unit tests. The Quick Deploy option then allows you to skip those tests in the final production release, knowing they passed previously. Using the Quick Deploy option reduces the amount of time the Production org is locked.

When Is the Quick Deploy option available in a CI Job?

Quick deployments are available when the following requirements are met:

The components have been successfully validated for the target environment.
As part of the validation, Apex tests in the target org have passed.
Code coverage requirements are met.
If all tests in the org or all local tests are run, overall code coverage is at least 75%, and Apex triggers have some coverage.
If specific tests are run with the Run specified tests test level, each class and trigger that was deployed is covered by at least 75% individually.
The "Prevent Deployment" checkbox is NOT selected in the CI Job setting.

This error will occur when the "Prevent Deployment" checkbox is enabled in the CI Job setting. Deselect the checkbox, then proceed with the Quick Deploy.

Why am I not receiving email notifications for all CI jobs that AutoRABIT has initiated?

You might have exceeded the maximum number of recipients; the maximum number of recipients should not exceed 50. Remove some of the recipients from the mail notification list and run the CI job again; you should now receive email notifications.

Why is it taking longer to build CI jobs triggered on PR submission as compared to CI jobs triggered on Commit?

Build on Commit Job: When a user creates a CI job on one branch, for example, Integration, if any Commits are made on that branch on the remote, we will only perform the Pull (Delta changes) and then prepare the Package. This is why the build time is shorter.

Build on PR Submission: When a CI job is created on the base branch, for example, Integration, if the developer works on the Feature 1 branch and creates the Pull Request (PR) on the Integration branch, then the job gets triggered in ARM. The branch will switch to the Feature 1 branch, take the clone of the entire branch, prepare the changes between the two branches, and then switch back to the master branch when the job is completed. This is why the build time is longer for PR jobs.

Why is my CI job failing with the error ‘HTTP ERROR 405 Problem accessing /services/Soap/m/55.0. Reason: Only POST allowed’?

The authentication for your destination org may have expired. Please Re-authenticate your target Salesforce org. Once this is done successfully, please Edit and resave the CI job, then retrigger it.

Why are the FLS changes in the CI job reflected in the diff file but not in the sandbox?

This usually happens if the Ignore missing visibility checkbox is selected in CI Jobs. Another possibility is that the field in question is unavailable in the destination org where the FLS was deployed. Please contact our support team to determine the root cause and assist you further.

Why am I unable to push components from a branch to an org in a CI Job? What is the ‘Maximum size of request reached’ error?

This error may be due to a file size limitation. We suggest you break deployments down into smaller chunks to be successful. Please refer to the Salesforce article below about the file size limits for deployments: Salesforce Developers

How do User Credentials impact different types of CI Jobs?

Listed below are the different types of CI Jobs and their corresponding credential usage:

Forced/Manually Triggered Build:

The CI job process will consider the triggered User Credential, which is mapped with the respective Repo and Branch in the My Profile section. If the credentials are invalid/expired, authentication fails and an error message is displayed upon build initiation. To resolve this issue, the user initiating the build must update the credentials in My Profile and perform a Test Connection. If it is successful, reinitiate the CI Job

Build on Commit and Scheduled CI Job:

The CI Job process will consider the last modifying user's credentials, which are mapped with the respective Repo and Branch in the My Profile section. If the credentials are invalid/expired, the CI Job build fails and authentication error message is displayed in the CI Job Build log. To resolve this issue, the user who last modified the CI Job must update the credentials in My Profile and perform a Test Connection. If it is successful, the job will be executed in the next cycle.

CI Job Build Initiated From API:

The CI Job process will consider the Token user credential, which is mapped with the respective Repo and Branch in the My Profile section. If the credentials are invalid/expired, the CI Job build fails and an authentication error message is displayed in the CI Job Build log. To resolve this issue, user generating the token must update the credentials in My Profile and perform a Test Connection. If it is successful, the job will be executed in the next cycle.

Why is CI Jobs deploying a metadata type I deselected in the "Exclude Metadata Types" section?

If you have deselected a metadata type but it is still being deployed in CI jobs, then it could be because of a different name. Please verify that the folderName committed in Git is correct for the metadata. This should resolve the issue. If it doesn’t, contact our support team for further analysis.

Why is a CI job for production deployment running random test classes, even though there are no Apex classes in the build, causing the deployments to fail?

You might have selected the option to Include default Apex tests for run test based on changes under Admin-->Salesforce settings, so even though there are no classes present in the package, it's still running default classes for code coverage. This is an expected behavior.

Why am I getting an error while trying to access CI job builds more than 3 months old?

The reason you are unable to get the details of specific builds older than 3 months is due to ARM’s Retention Policy. There are some details which are archived and become unretrievable.

You can change the retention period to 6 months or 12 months from the Admin section of your ARM account.

Why is a CI job failing with an error during validation?

The deployment may fail if it does not detect the metadata root folder path ‘src.’ Please update the Branch settings and then re-save the CI Job.

You can then perform a Merge Request to trigger the CI job and validate the deployment.

How do I include destructive changes in a CI job?

Review this Knowledge Base article, which covers performing destructive changes through CI jobs.

The "File Changes" tab shows that the Quick Actions metadata type is deleted. Why isn’t this reflected in the Destructive Changes tab or the package xml?

This may be a GIT behavior where the QuickAction metadata members are added and deleted again. As per GIT behavior, when it has to generate the delta between From and To revisions, in the case of a conflict, it skips such files from package preparation.

There is no Git logic under File Diff because it simply displays what was added/modified/deleted for better UI visibility to understand the changes and be reviewed.

You can work around this by updating the baseline revision CI job and using Single Revision in the Deployment module.

Why am I getting the "License is not valid" error when trying to use CodeScan as the analysis tool while running a CI job in ARM?

This could be due to using an older version of CodeScan. Refer to the CodeScan License Errors article for further information.

Why am I not getting a package for the CI Job?

Packages will only be displayed in CI jobs if created or imported through our application's SFDX -> Packages module. This ensures that we accurately track packages and their versions.

To create or import the package, refer to the following articles:

Create a Package: Create an Unlocked/Managed Package | AutoRABIT Knowledge Base
Import a Package: Import an Unlocked/Managed Package | AutoRABIT Knowledge Base

Why am I receiving the error message: Cannot invoke "String.startsWith(String)"?

This occurs when the return value of "com.autorabit.entity.admin.UserProject.getProjectType()" is null. A fix has been incorporated in the ARM 23.1.24 release. Reference support ticket # 109042.

Can I update or remove picklist values with my CI Job?

Since Salesforce does not retrieve deleted/deactivated picklist values in a metadata API call, replacing the picklist values via BackUp to VersionControl CI Job is impossible. However, a best practice in replacing the Picklist values is using the EZ-Commit module.

This configuration for RecordType PicklistValues option only works in the EZ-Commit module. If picklist values need to be replaced, use this approach.

Refer to How to Configure Record Types Picklist Values for more information.

Retention Policy

What is a data retention policy?

Data retention policies dictate what data should be stored or archived, where that should happen, and for how long. Historical data that becomes irrelevant after a certain period will be cleared from the ARM database weekly. This way, the ARM application performs faster, primary storage remains uncluttered, and at the same time, the organization remains compliant.

How can I change the data retention policy?

Administrators can determine the age of still-relevant data for the company and then change the retention policy under the Admin > My Account > Retention Policy page.

Can the data retention policy be disabled?

No, Administrators cannot disable the data retention policy. Data retention policies greatly enhance data scan performance by removing outdated and duplicated data.

How can I access the data that has been cleared?

To access any historical data that has already been cleaned up, contact us at [email protected], and we will provide the data in a CSV file format.

For on-premises customers, the historic data is moved to the alt path in the .rabit folder (.rabit/dataretention/{org-name}).

Can the cleared data be restored to the application?

No. Deleted data cannot be restored to ARM under any circumstances.

Data from which pages are affected by this policy?

The following pages have historic data that is affected by the retention policy:

Deployment history
CI Job history
Org Sync history
EZ-Commits
- EZ-Commits history
- Prevalidation commits history
- Reverted commits history
- Merges history
- Prevalidation merge history
Merge Requests history
External Pull Requests page
Branching baseline page
Change Labels page
- Commit Labels
- Release Labels
- ALM Labels

I did not select the period for data retention. Will I lose everything?

You will not lose data if you do not manually set the retention period. The retention period is set to 12 months by default. When ARM version 22.3 is released, data older than 12 months is cleaned up. If you did not alter the settings, you will still have access to up to 12 months of old data.

What if I decrease the retention period from 12 months to 3 or 6 months?

If you decrease the retention period from 12 months to 3 or 6 months, then at the time of the next cleanup, data older than 3 or 6 months (whichever you have selected) will be cleaned up from the application, and the rest will be retained.

What if I increase the retention period from 3 to 6 months or 6 to 12 months?

If you increase the retention period from 3 months to 6 or 12 months, then data from the last 3 months will remain as it is, but data older than that will not be restored. Instead, for the next 3 or 9 months, no data will be deleted when the cleanup happens. For example: If your retention period is set as three months, and you change it to 6 months on 1 April, then data from 1 January to 31 March is already retained. From 1 April to 30 June, the cleanup will still happen weekly as scheduled, but no data will be deleted because nothing is older than six months. After the 30 June, some data will be more than six months old. This six-month-old data will be deleted at the next cleanup.

Similarly, if you change it from 6 months to 12 months, the above logic applies, i.e., no data will be deleted during cleanup for the next six months until the oldest data is 12 months or more.

nCino

Record-Based Migration error use case

Description: The user was deploying nCino records using the nCino standard template from the source environment to the destination environment.

Problem Statements:

ARM not picking up the Parent route look up value on the Route group object, thereby resulting in empty parent routes in the destination org.
Blank lookup fields that were recently updated from not null to null are not being updated by ARM.

Resolution:

The parent object must also be included in the deployment for the child object's lookup fields' values to be updated.
Deploying both Route and Route Group objects while choosing the "Insert/update with null values" option will update the Parent Route lookup field with a null value.

Other Queries:

a. How exactly does ARM go about retrieving datasets?

Preparing object sets (from child to parent) that reflect relationships between the chosen objects is the first step in the dataset retrieval process. Next, pull the data of the object on which the filter is applied (entry object). After then, ARM begins processing sets object by object, starting with the object sets that contain the entry object.

b. Why is the nForce_Route_c object auto-selected on the Record Configuration screen?

For the standard templates, ARM has a default entry object defined by the nCino team. So when trying to create a template from a standard tile, ARM auto-select that default object and indicate "E" to denote it as an entry object. If you are trying to create a new one via the New + icon, the first object will be auto-selected. This is the reason why the nForce_Route_c object is auto-selected in the below screen.

c. To pull all required data from parent and child objects, why apply a filter on the child object?

In this current scenario, when Route and Route Group are selected, as per our process, we don prepare object sets first, and below are the object sets prepared. Group object is automatically picked since Route Group has a Master-detail relationship with Group.

Object Set 1: nFORCE__Route_Group__c, nFORCE__Route__c

Object Set 2: nFORCE__Route_Group__c, nFORCE__Group__c

What if the filter is applied on Route Group?
First, we pull data from Route Group based on the filter, and then as per the set-1, we will pull relations of Route with the help of the below query.
Select nFORCE__Route__c,nFORCE__Parent_Route__c from nFORCE__Route_Group__c where Id is (route group id's based on filter applied) Next, if self-references exist on Route, we do retrieve those relations. In the same way, we do process set-2.
What if the filter is applied on Route?
First, we pull data from Route based on the filter, and then as per the set-1, we will pull relations of Route Group with the help of the below queries.
Select Id from nFORCE__Route_Group__c where nFORCE__Parent_Route__c in (route id's based on filter applied) Select Id from nFORCE__Route_Group__c where nFORCE__Route__c in (route id's based on filter applied) Next, if self-references exist on Route Group, we do retrieve those relations. In the same way, we do process set-2.

In the second case, if Route Group has any other Route via the nFORCE__Parent_Route__c field other than the route that is picked as a part of the query applied, that will not be considered. But in case one, we do consider data from both nFORCE__Route__c and nFORCE__Parent_Route__c fields.

So, in the case of custom configuration, the best practice is to apply a filter on the child object. Exceptional Scenario: Now, I would like to highlight here one more exceptional case where you need to have a look at considering the entry object when the below objects are part of your customized scenario. No matter whether it is parent relation or child relation, as per the nCino design, data for the objects on the right side have to be pulled only based on objects on the left side. So when your scenario includes any of the below object pairs, the filter has to be applied on left-side objects.

How to send custom label translations from one nCino environment to another

To select the language translations and for you to view them in the list, they need to be enabled under your source salesforce org first. Follow the below steps to perform the translation deployments:

Under source Salesforce org, go to Setup > Translation Workbench > Translation Language Settings and enable the appropriate language.
Once enabled, go to ARM and try to retrieve the components under Translations. You will observe the languages populated.
Create a new deployment by selecting the custom object translations, its relevant languages under translations, and the custom object. Your target environment should have custom label translations now.

Please refer to the article: Working with Translation in ARM for more detailed information.

Conditional rendering references in the 'Screen' sections are not included when using the nCino standard UI template

The views and the self-references screens sections were not picked up during the feature deployment using the nCino standard UI migration template. This is our top priority, and our development team is working hard to remedy the problem as quickly as possible. After running the nCino UI migration template, please run the Screen UI template to pick up all the missing components as a workaround.

CodeScan-FAQs

General

CodeScan Static IP Ranges

Overview

CodeScan has static IPs available for its shared EU, AUS and US servers.

If you are in the EU region:

EU Instance

Elastic IP addresses

If you are in the US region:

US Instance

Elastic IP addresses

If you are in the AUS region:

AUS Instance

Elastic IP addresses

NOTE: The 'Forbidden Error' message appears on the Project Analysis page when there is a change in the Static IPs for CodeScan.

Difference b/w CodeScan Self-Hosted and CodeScan Cloud

Most of the differences between CodeScan Cloud and Self Hosted lie in the integration types and scanning options available.

Feature

CodeScan Self-Hosted

CodeScan Cloud

Requirements

Hosted SonarQube™ server

None

Branch Analysis

Requires SonarQube™ Developer edition

Yes

Reporting

Requires SonarQube™ Enterprise edition

Yes

GitHub Integration

Requires ARM/ Salesforce CLI and other CI tools

Yes

Bitbucket Integration

Requires ARM/ Salesforce CLI and other CI tools

Yes

Salesforce Integration

Requires ARM/ Salesforce CLI and other CI tools

Yes

Generic Git Integration

Requires ARM/ Salesforce CLI and other CI tools

Yes

480+ Included Rules for Salesforce

Yes

Custom Rules

Yes

VS Code/IntelliJ Plugin

Yes

On CodeScan Cloud, all scanning are done from the GUI. The tool integrates with your version control/Salesforce orgs to pull the metadata and scan it on our server.

On Self-hosted, the metadata collection and scanning are completed by an external scanner and pushed to the SonarQube™ dashboard. This can be accomplished with AutoRABIT's ARM, CodeScan’s Salesforce CLI plugin or SonarQube™’s own SonarScanner.

Your edition of SonarQube™ also limits the features. SonarQube™ provides a free and open-source version and multiple tiers of paid versions. Please ensure that the version you choose to use has the features you need.

Platform API endpoints are very similar but are also subject to the version and the edition of SonarQube™ you are using.

Note: SonarQube™ documentation can be found at https://docs.sonarqube.org and has information on current integrations and analysis options with a self-hosted installation.

Single Sign-On (SSO)

A selection of frequently asked questions about Single Sign On.

What is SSO?

SSO (Single Sign-On) is a sign-in method that allows a user to log into one application and access all of their accounts from one place.

What Identity Providers does CodeScan integrate with?

CodeScan can integrate with any Identity Provider that supports SAML 2.0. In the past, we have worked with:

ADFS
Microsoft Entra ID (formerly Azure AD)
Okta
PingOne

When SSO is enabled, attempting to log in via Auth0 results in the user account being locked out. When a user begins using an SSO login, they should refrain from using Auth0. Any attempt to log in using Auth0 would create a new account. Since CodeScan has a constraint requiring a unique email, the user would be unable to log in because there would be two users in the application with the same email address.

Resolution steps: Remove the user from the CodeScan platform and add them back. It necessitates engineering support from CodeScan.

Is it possible to merge SSO with Auth0?

CodeScan can combine an existing Auth0 with SSO if the user's email address matches. This ensures all user-related information, such as user permissions, groups, user tokens, and assigned issues, stays intact after switching to SSO login.

Why are a few users duplicated when SSO is enabled?

When SSO is enabled, non-Admin users who were previously using Auth0 authentication experience an issue when two users' accounts appear for a single user.

This may occur if:

The user's Identity Provider was incorrectly configured, preventing CodeScan from receiving emails. Merging will only take place if the Email field for the SSO user is filled in.
The SAML attribute, which the non-Admin user uses to pass the email details to CodeScan, contains a different value than the email associated with the Auth0 user account.

Resolution steps: The users need to review the SSO configuration in their Identity Provider and identify and fix the issue. They must then ask the CodeScan team to delete the users incorrectly created using SSO.

What happens to users who are logged in to CodeScan before SSO is enabled?

Users who are logged in to CodeScan before SSO is enabled will not be automatically logged out but will have to log in through the Identity Provider upon their next login.

If a user's session times out, CodeScan will direct the user back to the Identity Provider for authentication. If the user logs out of CodeScan, the user will have to log into CodeScan via the Identity Provider.

How do I add users to CodeScan after SSO is enabled?

All non-Admin users must log in using the Identity Provider after SSO is enabled. To access your CodeScan organization, new users must first be added to the Identity Provider.

Note: If your team has single sign-on (SSO) and Enforce SSO enabled, Admins should not invite new users via the CodeScan app. You must invite new users via your Identity Provider.

What is a Subscription Code?

A subscription code is an identifier for your CodeScan self-hosted license. It is a way to share download access with the necessary resources without providing your full .

When downloading , you are required to fill in the below details:

Enter your name
Enter your email address
Enter the subscription code or, your
Accept the CodeScan

After completing these steps, click on Request License to begin with the plugin download.

If you do not have your license key or subscription code, please contact .

What is a CodeScan License Key?

A CodeScan license key is provided for customers upon the purchase or renewal of a CodeScan license.

The key is provided in the form of a string of characters to use when or downloading CodeScan plugins (in the absence of a ).

If you do not know your License Key or have misplaced it, please contact your Customer Success Manager or

Can I use CodeScan with a proxy?

Yes, it just takes a small amount of configuration. You can find a short guide to setting it up by clicking .

Not receiving email notifications

Problem Statement: My team member assigned me issues for a project, yet I have not received any email notifications from CodeScan.

Probable Cause:

Verify the notifications feature is turned on for any new issues in your profile.

If you log in to CodeScan through SSO, ensure the following:
- Email attributes are configured in SAML configuration.
- If SAML username attribute contains email as a value, email security tools may block the notifications.

Key point to note related to CodeScan Notification issue

A notification is never sent to the author of the event.
The developer will not be notified about their own issues. It's only the assignee who gets notified and not the author.
If the author of a pull request manually assigns the issue to themselves, no email notification is received.
The author/developer can look at their respective issues from the CodeScan UI.
You can export issues in the CSV format for all the projects and monitor the issues () **

CodeScan Blocks, Lines, and Field Inquiries

How various elements are counted within CodeScan

What is a 'Block' of Code in CodeScan?

A 'block' in CodeScan refers to a defined segment of code that can be scanned in one operation. Specifically, a block consists of up to 40,000 lines of code. This metric is used to quantify and manage the code analysis process effectively.

How is a 'Line' of Code Defined in CodeScan?

In CodeScan, a 'line' of code is defined as any physical line in the codebase that contains at least one non-whitespace character and is not part of a comment. This definition ensures a consistent and accurate measurement of the actual code being analyzed, excluding whitespaces and comments.

How are Lines Counted in Queries with Multiple Fields?

When analyzing code containing queries with multiple fields, each field placed on a separate line is counted individually. For instance, if a query is structured with five fields, each on its own line, this will be counted as five lines in total. This granularity helps in providing a precise assessment of the code structure and volume.

What Is the Difference Between a Line and a Line of Code?

CodeScan has two ways of counting the "Lines" in a project.

Lines
Lines of Code

The Lines of Code may not increase in a project, but the number of Lines may increase due to the addition of the Profiles and Permission Sets to the Salesforce project.

XML settings count as lines but not as Code. To see this, you can use a custom view in the activity graph: https://app.codescan.io/project/activity?custom_metrics=duplicated_lines_density%2Clines%2Cncloc&graph=custom&id=NDR-Main

Are Empty Lines or Lines with Only Whitespace Included in the Line Count?

No, lines that consist solely of whitespace or are part of comments are not included in the line count in CodeScan.

What Blocks of Code are Billable?

Only non-commented lines of code for Apex, Aura Lightning, and Visual Force languages are billable. JavaScript, HTML, CSS, and Salesforce Metadata languages are not considered.

Where can I find the current Lines of Code Consumed?

When adding or removing lines of code, the count of Lines of Code Consumed immediately updates in the billing section of the CodeScan UI.

How are Metric Definitions Defined?

is based on SonarQube™, an open-source reporting platform for coding languages. The metric definitions used for some of our rules including those based on complexity and duplication have been pre-defined by SonarQube™.

To learn more about the different metric definitions, please see the .

What Is Cyclomatic Complexity?

Cyclomatic complexity in CodeScan is calculated by the number of decision points in a method (like if, while, for, and case statements), plus one for the method entry. A higher cyclomatic complexity indicates more decision points, making the code harder to read, maintain, and test.

Complexity Levels:

1-4 (Low Complexity): Simple methods, easy to understand and maintain.
5-7 (Moderate Complexity): Acceptable but should be monitored.
8-10 (High Complexity): Consider refactoring to simplify.
11+ (Very High Complexity): Strongly recommended to refactor.

Significance of Report Level (default 10):

The report-level parameter in tools that analyze cyclomatic complexity flags methods with a complexity of 10 or higher for further inspection. This helps identify methods that might need refactoring due to their complexity.

How Is Cyclomatic Complexity Calculated?

For example, the method below would have a cyclomatic complexity of 5.

public void newMethod() {
     for(Integer i = 0; i < 100; i++){
      if (a == b && b == c){
        doStuff();
      } else if(a != b) {
        doOtherStuff();
      }
     }
   }

This counts:

The entry to the method
The entry to the for loop
The if statement and the first conditional
The second conditional in the if statement
The elseif statement

This does not include:

else statements
when else in switch statements

The cyclomatic complexity for a class will be the average complexity between all methods in that class.

How Do I Reduce Cyclomatic Complexity?

Break Down Methods: Split complex methods into smaller, more focused functions.
Use Helper Methods: Extract repetitive logic into separate methods.
Simplify Conditionals: Refactor nested if statements into simpler, sequential checks.
Use Switch Statements: For multiple conditions, switch statements can streamline the logic.

Following these guidelines will help you write cleaner, more maintainable, and less error-prone Apex code.

Can I export my test results?

Yes, you can. You can use our .CSV export tools to export to a .CSV file.

To export results for CodeScan Cloud or , you can use our npm tool. Click to find out more.

You can use our CSV plugin if you want a self-hosted GUI tool. See below for details.

Installation

Note: The .CSV plugin requires a SonarQube™ (6.5+) installation.

First, download the .CSV export plugin from . It’s available as a ready-to-go .JAR file or an archive of source code (.ZIP and .TAR.GZ) .
Copy the .JAR file into your SonarQube™ plugins folder at "(your SonarQube™ directory)/extensions/plugins/".
- Start your SonarQube™ server and run a scan on one or more projects. When the scan is finished, click on the More drop-down menu at the top of the screen. Click on CSV Issue Export and you’ll be given a list of filters and all projects currently in SonarQube™.
- Choose the filters you require and click the project name to download the .CSV report for that project with the selected filters. Open the file with a spreadsheet editor to view your project's issues.

CodeScan requests read and update permissions while connecting to Bitbucket

CodeScan requests read and update permissions while establishing a connection with Bitbucket.

To stop the pull request from being merged if the Quality Gate fails, CodeScan requires the edit repository permission. CodeScan will not modify any of the customer code, but it can prohibit customers from making changes.

Webhook is required to start analysis immediately, every time a pull request is sent or a commit is posted directly to a branch.

SSL Certificates

How is the SSL Certificate validity enforced?

The SSL certificate validity is set by CodeScan; however, if there is a firewall (e.g., Zscaler), then it’s determined by the firewall. You can bypass the SSL security for app.codescan.io or whichever instance URL you are using to avoid the issue of the SSL certificate expiring and the need to keep adding them to the environment variables every time.

Does SonarQube support test execution reports for pull requests?

SonarQube only supports test execution reports for the branches of a project (including the main branch), not for pull requests. This differs from test coverage reports, for which pull requests are supported.

CodeScan Self-Hosted Issues

Self-Hosted Errors and Solutions

CodeScan Self-Hosted (On-Premises)

Errors and Solutions

Why is my CodeScan update binding getting failed?

If the CodeScan update binding is getting failed, try disabling the VPN and antivirus, then try updating the binding again.

If the binding successfully updates, the error occurred due to antivirus blocking CodeScan. Add CodeScan to the list of allowed sites for the antivirus in use.

If the binding still fails, raise a Support Ticket, including the analyzer logs and verbose logs in the attachment.

Why did I get the following error during initialization of VM: Could not reserve enough space for xxxKB object heap?

If you are experiencing this error when running a scan, the issue may be with your Java version. 32-bit Java versions have a lower limit to their heap size. This limit can be as low as 1.6GB on Windows operating systems.

If you are running a 64-bit operating system, you will need to upgrade to a 64-bit version of Java.

You can check whether your Java version is 32 or 64-bit by using the command: java -d64 -version in your command prompt or terminal. If you have a 32-bit version of Java installed, you will get the message:

Error: This Java instance does not support a 64-bit JVM.

To correct this error, please install the proper Java version.

Why am I getting the error: java.lang.OutOfMemoryError: GC overhead limit exceeded?

This error can be solved by manually adding a parameter to your Ant environment path variable.

In Windows:

set ANT_OPTS=%ANT_OPTS% -Xmx2048M

In Linux/OS X:

export ANT_OPTS=$ANT_OPTS -Xmx2048M

If the problem persists, please contact [email protected].

Why am I getting the error: Jenkins: java.lang.OutOfMemoryError: Java heap space?

This error can be solved by manually adding a parameter to dedicate memory to the build process.

In your Jenkins project, click Configure.
Scroll down to the Build section of the page to the Build Step titled Invoke Ant with the fields:
- Ant Version: CodeScan Bundled Ant
- Targets: sonar
Click on Advanced.
In the Java Options field, add the parameter -Xmx2000m. This will assign 2000mb of memory to you build.

If after increasing the heap space, you get the error:

Error occurred during initialization of VM Could not reserve enough space for xxxxxxKB object heap

This usually happens because the JVM you’re running is 32-bit, which can’t allocate very large contiguous memory blocks; install and run a 64-bit Java version (or lower the -Xmx value) to resolve the issue.

Why am I getting a PKIX Path Building failed error?

Error Code:

javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: 
PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target.

This error occurs when the Java environment does not trust the certificate of the server running your SonarQube™ instance.

To correct this issue, you need to install the server certificate to the Java key.

In your browser, to the left of the URL, there is a lock icon (). Click on this icon and a window will pop up.
From the window, select Connection is secure.

Next, select the second option: Certificate is valid.

Go to the Details tab and click on Export.

Rename the certificate (e.g., codescan-certificate), then choose a location and save the certificate.

The next process is to install the certificate in the cacerts file of the jdk installed in the system using the command line.

Command:

keytool -import -alias {alias-name for the certificate} -keystore “{path for the cacerts file}” -file {path where we have save the certificate}

Example:

keytool -import -alias codescan-certificate -keystore "C:\Program Files\Java\jdk-11.0.9\lib\security\cacerts" -file c:/tmp/codescan-certificate.crt

When adding the certificate, password is required. The password is changeit.

Note:

If adding the certificate as a trusted certificate to the Java Keystore still results in the PKIX path building failed error, delete the currently installed certificate from the Java Keystore, export a new certificate, and then attempt a new installation of the certificate.

Command to list all of the certificates from the Java Keystore: keytool -list -v -keystore “{path for the cacerts file}” > /tmp/certs_list.txt

Example: keytool -list -v -keystore “c:\Program Files\Java\jdk-11.0.13\lib\security\cacerts” > /tmp/certs_list.txt Command to delete the certificate: keytool -delete -noprompt -alias {alias-name for the certificate} -keystore “{path for the cacerts file}”

Example: keytool -delete -noprompt -alias codescan-certificate -keystore “c:\Program Files\Java\jdk-11.0.13\lib\security\cacerts”

Self-Hosted FAQs

FAQs specific to self-hosted or on-premises CodeScan use cases

CodeScan Self-Hosted FAQs

How do I upgrade an instance?

If you are utilizing an On-Premises Instance and wish to upgrade, follow the steps below to ensure a smooth upgrade process.

Initiate Your Request: Contact your Customer Success Manager (CSM) or the Support team to request an instance upgrade.
Coordinate with the Release Team: CSM/Support teams will coordinate with the Release Team to prepare and share the necessary binaries with you.

Assistance with Installation: If you encounter any challenges while installing the binaries, you can request a call for assistance. One of our Release Team members will guide you through the installation process over the call.

Contact your CSM or the Support team for any further inquiries.

Is it possible to directly integrate and scan a Salesforce org as part of a single code analysis for SonarQube self-hosted users?

In self-hosted environments, Salesforce direct integration is not possible; therefore, CodeScan SCA through direct integration is not possible.

Can I create a new SonarQube™ instance and use the existing CodeScan license if one of my SonarQube™ instances was mistakenly deleted?

Yes, you can reinstall CodeScan Self-Hosted and continue to utilize your existing license.

After you've set up the prerequisites, you can use your existing account and password to log into SonarQube™. If it doesn't work, try logging in with the admin username and password.

Login into SonarQube™ using the below credentials:
- username: admin
- password: admin
Go to the top right and select Administrator.
On the right side, select General Settings.
On the category list, select CodeScan.
In the CodeScan license text box, type your license key. (key is sf.license.secured)
Save the file.

License Errors

License Expired Errors

You must renew your subscription by entering a new license key if your subscription has expired and you can no longer access your CodeScan account. For your subscription extension and the proper license key, reach out to our support team.

However, if the system throws the following error message after you enter a new license key, you need to identify where the expired license key is being passed on and update it with the new license key.

XXXXXXXXXXXXXXXXXXXXXX

License is not valid
License expired on <date_of_expiry>
Code: 6

XXXXXXXXXXXXXXXXXXXXX

A CodeScan license key can be entered via the following ways:

SonarQube UI
Command Line parameter [-Dsf.license.secured]
In the sonar.properties, codescan.properties or sfdx-project.json inside the project folder considered for analysis
In the SonarQube-{version} installation folder Example: sonarqube-1.0.12345/conf/sonar.properties
System environment variable: Add an environment variable called codescanLicense containing the license on the user's machine.
- Variable name: codescanLicense
- Value: <License_Key>

Proxy Errors

The most common problem with licensing problems are when your network has a proxy. This can cause licensing problems including:


101: Couldn’t fetch license for unlicensed project

104: Couldn’t fetch license: No response given

Couldn't fetch license for unlicensed product is sometimes coupled with something similar to:

JsonSyntaxException: com.google.gson.stream.MalformedJsonException: Expected EOF near <!DOCTYPE html PUBLIC "-//W3C//DTD

This is the proxy replying with an HTML error page when a JSON object is expected.

See here for instructions on how to set up CodeScan on a network with a proxy.

Version Errors

Licensing version problems can occur with older versions of CodeScan. When this occurs, you will see the following error:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

License is not valid:

License is not for this product

Code: 7

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

This can be avoided by updating to the latest version of CodeScan.

If this is not an option, contact Support for assistance and we will provide you with the appropriate license version.

Line Count Problems

Licensing problems can occur when you are operating outside the Terms of Service.


XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

License is not valid:

Lines exceed your license (6878 > 1000)

Code: 103

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

This can be avoided by increasing your license limit or reducing the lines of code you are scanning. More information: CodeScan License Issues (IDE)

Please reach out to CodeScan Support for any queries about your license.

License Issues (IDE)

Depending on permissions in your SonarQube™ instance, the following issue can occur when running the analysis:

[Warn - 12:10:58] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

[Warn - 12:10:58] CodeScan License has not been set

[Warn - 12:10:58] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

[Error - 12:10:58] CodeScan is NOT licensed. Please contact our support team to purchase or renew your license

The issue is that the license is a variable that needs to be checked by CodeScan when it runs and the user that created the token needs certain permissions for the plugin to access the license variable. So this can be solved by allowing access to the variable or providing the license early.

Here are the options:

Enable the Execute Analysis permission on the Global level to read the CodeScan license key configured on the organization level for each member/group that is using VS Code.

OR

Add an environment variable called codescanLicense containing the license on the user's machine. The plugin checks for this before calling out.

OR for VS Code

In VSCode settings.json, add the following setting: "codescan.analyzerProperties": { "sf.license.secured": "<license-goes-here> " },

OR for IntelliJ

Under Settings > Tools > CodeScan > Project Settings, click the Analysis Properties tab. Add sf.license.secured with your license as the value.

If you do not have your license available, please contact [email protected].

Setting the System Environment Variable

Overview

You must renew your subscription by entering a new license key if your subscription has expired and you can no longer access your CodeScan account.

A CodeScan license key can be passed on by setting the path and environment variables in a user's machine.

Note: Administrator privileges are required to set the system environment variables.

Setting the system environment variables for a Windows operating system

For Windows 11

Press the Windows key+X to access the Power User Task menu.
In the Power User Task menu, select the System option.
In the System window, scroll to the bottom and click the About option.
In the System > About window, click the Advanced system settings link at the bottom of the Device specifications section.
In the System Properties window, click the Advanced tab, then click the Environment Variables button near the bottom of that tab.
In the Environment Variables window, click on New button in the System variables section.
Enter the following details:
- Variable name: codescanLicense
- Value: <License_Key>
Click OK.
Click OK again to close the Environment Variables screen.

For Windows 10

Press the Windows key+X to access the Power User Task menu.
In the Power User Task menu, select the System option.
In the About window, click the Advanced system settings link under Related settings on the far-right side.
In the System Properties window, click the Advanced tab, then click the Environment Variables button near the bottom of that tab.
In the Environment Variables window, click on New button in the System variables section.
Enter the following details:
- Variable name: codescanLicense
- Value: <License_Key>
Click OK.
Click OK again to close the Environment Variables screen.

Setting the system environment variables for a Mac operating system

System environment variables are added to the .bash_profile file:

Find the path to .bash_profile by using: ~/.bash-profile
Open the .bash_profile file with a text editor of your choice.
Scroll down to the end of the .bash_profile file.
Use the export command to add new environment variables: export codescanLicense=[License_Key]
Save any changes you made to the .bash_profile file.
Execute the new .bash_profile by either restarting the terminal window or using: source ~/.bash-profile

Setting Up CodeScan for Use with a Proxy

To configure CodeScan for use in a network with a proxy, you will need to set the following settings in your antbuild.properties file (version 3.6-RC3+) or as parameters of your Jenkins job.

http.proxyHost, http.proxyPort and optionally http.proxyUser and http.proxyPassword

Older versions require you to set the above parameters and the following parameters in -DANT_OPTS:

https.proxyHost, https.proxyPort and optionally https.proxyUser and https.proxyPassword

Also, if your SonarQube™ server is not localhost and your proxy doesn’t resolve internally, you’ll need to add the SonarQube™ server host to http.nonProxyHosts to ensure that contacting the SonarQube™ server doesn’t go through the proxy. The value in http.nonProxyHosts MUST match the sonar.host.url value in the antbuild.xml file (minus the port number) or it will not connect.

For example, antbuild.xml

and antbuild.properties

CodeScan Cloud Issues

Cloud Errors and Solutions

CodeScan Cloud

Common Errors and Solutions

Can the status of issues marked as False Positives in the lower environment be transferred when the scan is triggered in the higher environment?

Issues in standalone branches are treated separately. The status can only be transferred if the Develop branch is a comparison or pull request branch using ProductionReady as the target.

Why am I getting the error 'Background tasks failing'?

This error either occurs if it’s out of memory or when multiple analyses have been triggered at the same time. The analysis triggered last gets completed first.

CodeScan is based on SonarQube™, an open-source reporting platform for coding languages. The Background Tasks that occur when an analysis report is run have been added by SonarQube™ to allow administrators to view technical details about why the processes fail.

To learn more about background tasks, please see the SonarQube Documentation - Background Tasks.

Why am I getting the following error: 'Error during SonarScanner execution'?

Why is my Commit and Merge failing with the following SonarScanner error but still allowing submission: 'Language of file force-app/main/default/permissionsets/abc_filename.permissionset-metaxml' cannot be decided as the file matches patterns of both sonar.lang.patterns.mule: **/*abcd,**/*xml and sonar.lanq.patterns.sfmeta: **/*profile-meta.xml.**/*permissionset-meta.xml.**/*settings-meta.xml.**/*object-metaxml.z*/*field-meta.xmll*s/*flow-meta.xml.**/*sharingrules-meta.xml.**/*workflow-meta.xml**/*profilesessionsetting-meta.xml **/*profilepasswordpolicy-meta.xml.**/*.profile，**/*.permissionset，**/*.settings.**/*.object.**/*.flow，**/*.sharingrules，**/*workflow**/*.profilesessionsetting，**/*.profilepasswordpolicy'?

Environment configuration checklist

Configure the Mule setting (Key: sonar.mule.file.suffixes) with values ".abcd" and ".xml," which are causing errors. Navigate to the project where this error occurs in CodeScan. Go to Project Settings > General Settings, and search for "mule" in the search box. Remove ".xml".

By adjusting these settings in CodeScan, the SCA will not fail.

Why am I getting an 'Expired Token' error on my project analysis?

Errors such as Expired Token on your Project Analysis page can sometimes be fixed by resetting the link to your code repository. CodeScan Cloud allows you to do this without erasing the historical data present in your project.

To fix the above errors, follow the steps below to delete the Analysis Project:

Go to your Project and navigate to the Project Settings > Project Analysis page.

Click on Delete Analysis.

Make sure you do not have the "Delete this project also?" box checked. This will delete your history and is not reversible. Click Delete Analysis.

Now, use the Attach Analysis Project button at the top right of the screen to add the link.

You will now see a new popup window. Select the required option from the options given.

Rerun the request.

Why am I getting an 'inactive user' error message?

Sometimes, an "Inactive user" error may appear at the start of an analysis:

This could be caused because the user who created the project and provided credentials for it:

Is no longer a member of the team and was removed.
Had their permissions changed in CodeScan.
Had their permissions changed in the repo/environment that is scanned.

To resolve the “Inactive user“ issue, you need to reattach the project—without deleting its history.

Follow these steps:

Delete the project analysis:

Important! Do not select the checkbox to 'Delete Project also?' if you want to keep the current project and its history:

Reattach analysis:

Provide repo/environment credentials:

Rerun the SCA; it should succeed.

If the steps above were completed but the issue persists, contact [email protected].

Why am I getting an 'ip restricted' message?

The IP restricted issue can be solved by relaxing the IP restrictions for the CodeScan connected app in the org you are trying to scan.

To do this follow the below steps:

Log in to the org you are trying to scan.
Go to Setup and search for Connected Apps OAuth Usage.
Install the app that is making the scan (CodeScan Cloud or CodeScan Quick Reports).
Click Manage App Policies and then Edit Policies.
Under IP Relaxation select Relax IP Restrictions.
Rerun the scan.

Why am I getting a 'Packfile is truncated' error?

While analyzing the project, you may encounter a “Packfile is truncated” error. Initially, access to CodeScan was denied on GitHub.

Check Access: Verify if you have the necessary access to CodeScan in GitHub.
Grant Access: If access is denied, request and obtain the required permissions for CodeScan.

Retry Analysis: After granting access to CodeScan in GitHub and integrating it with CodeScan, start the connection, then reattempt the project analysis. The error should no longer appear. The repositories should be synced. CodeScan should indicate the analysis was triggered, and the user should see the issues.

Why am I getting the error: 'Project reports are not available for branches created outside the CodeScan Cloud'?

For branches created outside the CodeScan Cloud, such as ARM, Flosum, or Copado, project reports are not yet accessible. Only the branch chosen during the initial integration setup with CodeScan Cloud can have reports fetched in CodeScan.

In the Edit Project section, select “Attach Analysis Project,” and choose the project type as “Webhook.”

After this step, project reports will be accessible.

Why am I getting the error: 'Salesforce returned an unexpected result'?

The Salesforce Enhanced Domains feature was rolled out to Sandboxes on August 26, 2022, and available on September 9 for all environments.

If your CodeScan Cloud Salesforce project was linked to a Sandbox or Org that this feature is enabled in, you will need to reattach your project analysis.

CodeScan Cloud allows you to do this without erasing the historical data present in your project.

To fix the above errors, first you need to delete the Analysis Project, to delete follow the steps below:

Go to your Project and navigate to the Project Settings > Project Analysis page.

Click on Delete Analysis.

Make sure you do not have the "Delete this project also?" box checked. This will delete your history and is not reversible. Click Delete Analysis.

Now use the Attach Analysis Project button at the top right of the screen to re-add the link.

Configure the project and run the analysis.

Why am I getting a unit test timeout?

In CodeScan Cloud, the default setting for unit test timeouts is 1 hour (3,600 seconds). For Orgs and Sandboxes with a large number of tests, this can be insufficient. To increase the timeout, click on your project and then navigate to Overview > Project Settings > General settings.

In General Settings, click on the CodeScan tab on the left and edit the timeout under the Unit Test timeout.

Common Issues and Solutions

Common Issues

Why is the Add & Run Scan tab grayed out?

If a user does not have approval/permission to run a scan, when they try to add a project for analysis, the Add & Run Scan tab will be grayed out.

Errors

Error: Project reports are not available for branches created outside the CodeScan Cloud.

Solution: In the Edit Project section, select “Attach Analysis Project,” and choose project type as “Webhook.” After this step, project reports will be accessible.

Error: `Salesforce\force-app\main\default\applications\Chatter_Delete_Blocker.app-meta.xml` when writing a custom SonarQube rules using the Xpath Template rule for Salesforce Metadata (sfmeta:XPathRule)

The analysis is looking for a match with a file name and the suffix entered in the field, but it cannot find any, which is why the above error is thrown. This is expected behavior because CodeScan cannot decide which rules to apply to the files. To remove file patterns listed for sonar.lang.patterns.xml, navigate to Project Settings > General Settings > Language.

Error: `"Job took long. We will attempt to rerun with more memory."`?

This error may occur for projects having huge metadata.

Increase the Project's Java heap memory size to analyze the project sources.
- On the CodeScan Project page, navigate to Project Settings > Project Analysis.
- Click on the Edit Project button.
- Update the Project Memory by selecting the required memory from the dropdown. The memory size can be overridden and increased at the organization level.
Check for the rule "Avoid Cleartext Transmission of Sensitive Information in the default quality profile" in your default quality profile. If available, please deactivate it. Use the steps below:
- Create a new quality profile for Apex language.
- Deactivate the "Avoid Cleartext Transmission of Sensitive Information in the default quality profile" rule.
- Set the newly created profile as default.

For detailed steps, please refer to Customizing Quality Profiles.

Error: Background Tasks Failing

This error either occurs if it’s out of memory or when multiple analyses have been triggered at the same time. The one triggered last gets completed first.

Error: Not Able to Download Code from SF in the Project Analysis Page

Check to see whether CodeScan is blocked in Salesforce (Setup > Connected Apps > CodeScan). If it's blocked, unblocked it. If it's already unblocked, yet you are still seeing the error, uninstall then reinstall, block it, and then unblock it.

Error(s): Expired Access/Refresh Token or Authentication Failure

Following a sandbox refresh, you may encounter issues scanning your environment. In most cases, an “expired access/refresh token” or “authentication failure” error shows under the Project Analysis tab.

To resolve these issues, simply reauthenticate your environment. Follow these steps:

Select Project -> Project Analysis tab
Click Delete Analysis
Delete Project Analysis
Make sure you DO NOT select the checkbox to Delete the Project Also (as you just want to reattach it while maintaining the same project and its history).
DO NOT select the checkbox to Delete the Project Also

Selecting the checkbox and deleting the entire project is irreversible and leads to the complete loss of historical analysis data.

Then select Attach Analysis Project.
Attach Analysis Project
Select Salesforce.
Choose Salesforce Analysis Project
It will redirect you to the authorization page. Enter your credentials.
Salesforce Credentials Authorization
After successful authentication, you will be redirected to CodeScan, and a new analysis will kick off.

Copado Integration

Should the user add a new analysis project after the CodeScan-Copado integration is complete? If the user creates one, how does CodeScan understand it's the same project as the Copado connection?

Adding a new analysis project is not required. The project in CodeScan is automatically created in Copado Integration using the organization key and security token provided by CodeScan.

Why am I unable to see the results in CodeScan using the Copado integration?

Check if the specific user has permission to access the 'Result Record' in Copado.

Vault-FAQs

Archival

What determines whether a child record is mandatory for archival?

AutoRABIT Vault considers a child record mandatory for archival if it meets any of the following criteria:

It is related to the parent via a Master-Detail Relationship.
It is linked through a Lookup Relationship that is marked as required.
It is configured for Cascade Delete, meaning it is deleted when the parent is deleted.
The parent record cannot be deleted unless the child is removed, necessitating their joint archival.

A Lookup Relationship can also be configured like a Master-Detail Relationship.

For more information, visit the page on Parent-Child Archival.

Are email messages mandatory child records for objects they have a direct relationship with?

Yes, email messages are mandatory child records for those objects with which the email messages have a direct relationship through the fields 'RelatedTold' and 'ParentId'. Refer to the Email Messages Relationships section for a full list of objects with which email messages have a direct relationship.

How are backup and archival handled for objects with both parent and child references?

If an object has a reference from another object as both parent and a child record, then the parent will only be considered for a backup but not for archival. The child record will only be considered for archival.

PCI Compliance

Does Vault adhere to the Payment Card Industry (PCI) Data Security Standards (DSS)?

PCI DSS is the global standard for protecting payment data. These security requirements and global access control measures are established by the Payment Card Industry Security Standards Council. Vault ensures the storage and transmission of cardholder data is kept private, safe, and secure.

How does Vault ensure PCI compliance?

Vault firewalls, software, data encryption, secure passwords, transmission, and physical access to data storage all serve to protect data security. AutoRABIT performs continual software and security updates, testing to verify compliance. Data access logs are monitored regularly monitored to identify outliers.

For more information, refer to our page on PCI Compliance.

Sandbox Refresh vs. Backup and Restore Timing

How long does it take to perform a sandbox refresh versus a backup and restore?

Sandbox Refresh: A sandbox refresh creates a full replica of a Salesforce org, including data and metadata, in another sandbox environment. It can take hours or days, depending on the org's data and metadata size and complexity. Salesforce limits full-copy sandbox refreshes to once every 29 days.

Backup and Restore: Backup and restore processes involve creating backups and restoring specific or full data sets as needed. AutoRABIT Vault uses backups from AWS S3 or Azure Blob Storage for selective or full restoration. The time to perform a backup and restore is typically faster than a sandbox refresh. It also has no Salesforce-imposed frequency limits.

Replicate RTO (Recovery Time Objective) estimates depend on:

Data volume
Schema complexity
API availability

For specific estimates, contact the product team.

Backup and Compare

Can I delete specific, condition-based data from an existing backup?

No, if the data is backed up in GCP and AWS, it is not possible to delete data from a field in Vault. If you want to delete it from the Org, you can archive the whole record but not the data for a single field.

Is it possible to mask an existing field/record already backed up in GCP?

It is impossible to mask existing data in a backup, as backups are kept immutable in compliance with General Data Protection Regulation (GDPR) requirements.

Where can I find my backup expiration date?

Users can verify the expiry date by reviewing the backup history in Vault. In our application, a column will display the backup's expiration date.

Can I migrate data from other Salesforce backup solutions?

All backup solutions will ideally provide an option for users to download their data, which can be uploaded to our storage bucket and connected to our application to reinstate the backups/archives as if they were done through Vault. This is considered a professional service on our end, as there is significant effort involved from us to perform the migration.

Where in Vault can I view the attachments that were backed up?

File attachments can be downloaded from the Vault user interface or in CSV format. Refer to https://knowledgebase.autorabit.com/product-guides/vault/vault-features/backup/start-the-backup#downloading-files for further details on download options.

How can I filter backup data by specific dates and use it as the source to Restore/Replicate?

To filter data based on specific dates from a backup using a CSV file and Excel, follow these steps:

Download CSV File: Download the CSV file corresponding to the object on which the date needs to be filtered from the backup.
Filter Dates Using Excel: Open the downloaded CSV file in Excel. Use Excel's filtering features to filter out the IDs for which the dates match the required criteria.
Create Final CSV File: Save the filtered data in a new CSV file. This file should contain only the filtered IDs.
Upload and Filter Backup: Use the final CSV file with the filtered IDs as the source. In the restore/replicate module, use the file upload option in the filters to filter the backup data accordingly.

If I delete the backup configuration, will the backup still exist in Vault?

If the backup configuration is deleted, all its related backup snapshots are also deleted from the Vault UI. The backup will be available in the storage, but it'll be in Excel format. Restoring/Replicating along with the relationships will be a challenge and must be done manually. That's why we recommend users do not delete any configurations unless they are certain they will not be needed in the future.

If a Salesforce org is decommissioned, will its backup still be available and can I Replicate it to another org?

If the Backup snapshots are available in the storage, i.e., not expired, you can Replicate them to another org (Restore is for the same org, which is not possible if the org is decommissioned).
If the configuration is deleted, all its related backup snapshots are also deleted from the Vault UI. The Backup will be available in the storage, but it will be in Excel format. Restoring/Replicating, along with the relationships, will be a challenge and must be done manually, which is why we recommend users not delete any configurations unless they are certain they won't be needed in the future.

Where can I find the backup after it expires in Vault?

Once a backup has reached its expiration, it will move to lower tier storage, such as Glacier. The backup will stay there for a month after this, and then it will be permanently deleted. During the time it stays in Glacier, we can retrieve it with the help of SRO and share to customer if required.

Restore and Replicate

Will the Restore operation create a duplicate if a record already exists in Salesforce?

A duplicate will not be created during a Restore operation because detection is achieved via Unique IDs. More details on Unique IDs can be found here.

Can I specify the order in which objects are restored, e.g., users first, then other objects?

No, the order of a Restore operation is established by internal logic using data schema.

Can I determine the number of API calls made during the Restore process, similar to a Backup?

API calls are not currently displayed on the user interface during the Restore process.

Data Encryption

Does Vault encrypt data at rest by default?

Yes, by default, Vault encrypts data at rest in Amazon S3 buckets using AES-256 encryption, a highly secure encryption standard.

What is AES-256 encryption, and why is it used?

AES-256 (Advanced Encryption Standard) is a powerful encryption algorithm that ensures data is stored in an unreadable format unless decrypted with the proper key. It is widely recognized for its security and compliance with regulations like GDPR, HIPAA, and PCI-DSS.

Can I disable data encryption at rest?

No, encryption at rest is enforced by default in Vault and cannot be disabled. This ensures all stored data remains secure, even in the unlikely event of unauthorized access to storage.

Where is encrypted data stored?

Encrypted data is stored in Amazon S3 buckets, part of Amazon Web Services (AWS), which provides secure, scalable, and reliable cloud storage.

Admin

Does Vault support the Terafina managed packages?

Currently, Vault does not support the Terafina managed package.

Does Vault integrate with Salesforce Shield?

Salesforce Shield ensures that data is encrypted at rest within Salesforce. However, when data is queried through APIs, Salesforce returns it in a decrypted format. Since Vault leverages Salesforce APIs to retrieve data, our solution fully supports the backup and restoration of Salesforce orgs where Salesforce Shield is enabled.

Data Migration to Vault

1. Should I retain existing backup snapshots after moving to Vault?

Yes. It is strongly recommended to retain your existing backup snapshots for at least 3 months. This buffer allows for coverage in the event of immediate Salesforce failures or restoration needs.

2. Why is the 3-month retention period suggested?

The 3-month period provides sufficient time to:

Capture multiple snapshots of both full and incremental changes in Vault.
Ensure data reliability in Vault moving forward.
Account for variations in data and file size across orgs.

3. What happens if we were using an archival feature with our previous provider?

If you previously used an archival feature, check whether you utilized any "unarchive" functionality within Salesforce:

If you did use unarchiving: Vault currently does not support this functionality. A ticketing system or custom implementation may be necessary if unarchiving is a critical requirement.
If unarchiving wasn’t used: You can rely on Vault's archival features and proceed to delete your old archival history after ensuring everything you need is archived properly in Vault.

4. How long should I keep archival history with the previous provider?

A 90-day period is typically adequate. During this time:

Vault can archive the required data.
You can verify the completeness of archived information before decommissioning the older archive history.

5. What precautions should I take before deleting old archives?

Before removing archived data from your previous solution:

Conduct a thorough analysis of your existing archive.
Confirm whether any data within the legacy archive might require restoration.
Any restoration needs during the 90-day transition must be handled via the legacy system.

6. Is this a full migration of backups and snapshots into Vault?

No. This process does not involve migrating historical snapshots into Vault. Instead:

The focus is on setting up Vault to capture ongoing backups and archives.
This reduces engineering effort and complexity while ensuring data continuity.

Limitations

Vault FAQs

Common Error Messages + Resolutions

Restore/Replicate

CANNOT_INSERT_UPDATE_ACTIVATE_ENTITY

This error is a result of an issue stemming from a trigger in the Org.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in the 'Error' column.
Use the option to disable the triggers in the job configuration. For the triggers that cannot be disabled via metadata API, manually disable the triggers in Salesforce and re-run the job.

CANNOT_EXECUTE_FLOW_TRIGGER

Typical error message - We can't save this record because the ‘Online Applicant Validation’ process failed. Give your Salesforce admin these details. An error occurred when executing a flow interview. Error ID: 1545064308-45750 (1670083917)
This error typically indicates that there is a Process Builder process / Flow in place which is causing the upsert operation to fail.

Resolution steps:

Click on Replicate/restore job summary-> Click on Failure records-> view error in 'Error' column.
Locate the process builder process / flow that caused the error. Temporarily disable the automation and rerun the job to restore/replicate failed records.
Alternatively, the job can be retried by specifying a lower batch size in the job config which prevents the process builders/flows from hitting the parallel processing limits in Salesforce.

INACTIVE_OWNER_OR_USER

This error is due to the owner of the records about to be inserted into the destination Org is inactive in the destination Org.

Resolution Steps:

Click on Replicate/Restore job summary-> Click on Failure records-> download details-> view error in the 'Error' column.
Enable "Set Audit Fields upon Record Creation" and "Update Records with Inactive Owners" permissions in Salesforce settings.
Enable these permissions in the permission set corresponding to the dataloading user in the destination Org.
To access details on how to do this in Salesforce, click on this link:

FIELD_CUSTOM_VALIDATION_EXCEPTION

This error is due to validation rules applied to certain fields.

Resolution Steps:

Click on Restore/Replicate job summary-> Click on Failure records-> download details-> view error in the 'Error' column.
Disable validation rules in the restore modal in the final step of the restore process.

INVALID_OR_NULL_FOR_RESTRICTED_PICKLIST

This error occurs when the destination Org doesn't have the value enabled that is selected in the source Org.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in the 'Error' column.
Sync the values in the restricted picklist between the source and destination.
Alternatively, use the mappings for restricted picklist to cross-map a value in the restricted picklist from the source to another value in the destination Org as part of the replicate job configuration.

REQUIRED_FIELD_MISSING

This error occurs due to a failure of a required parent record (related through master-detail/required).

Resolution Steps:

Click on Replicate/Restore job summary-> Click on Failure records-> download details-> view error in the 'Error' column.
Such errors occur when failure of a required parent record (related through master-detail/required lookup) leads to the failure of its associated child records.
Check the fields that failed. Review the error corresponding to the failure of the referencing parent record(s), rectify them, and restore the corresponding failed parent records first, then restore failed related child records.

INVALID_CROSS_REFERENCE_KEY

This error is caused by the Parent record not being included in the job or permission issue(s) on the parent object or a lookup relationship is not included in the job.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Verify the parent object is included in the job.
Review the authenticated user to ensure the user has access to the parent record that is referenced within the error.
If it is a lookup relationship then ensure the parent object is included in the job.

CANNOT_UPDATE_CONVERTED_LEAD

This error is due to a Lead record once converted (to a contact) becomes read only which prevents you from updating the lead.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
You can check to ensure that the lead is converted by checking the isConverted field.

FIELD_INTEGRITY_EXCEPTION

This error typically occurs when upsert tried to populate a lookup field with a wrong ID either because the parent failed or Vault is unable to recognize the parent record Id.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> view error in 'Error' column.
Need to pass the correct Id for a lookup field.

INVALID_OPERATION: Too many files in zip

Typical error message - Metadata deployment error...com.sforce.ws.SoapFaultException
This error is generated when there are more than 10,000 files in the .zip file which violates the governor limit.

Resolution Steps:

Click on Replicate/restore job summary-> Click on logs-> view error the 'Error' column.
Reduce the number of metadata components restored/replicated in each job to less than 10,000 files

RECORD-TYPE ACCESS ISSUE

This error indicates that the Salesforce user authenticated on Vault doesn’t have access to some record types of an object(s).

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Give appropriate access using profiles and permissions to the Salesforce user authenticated on Vault

UNKNOWN USER PERMISSION

This error is generated when the required user permissions are missing in Salesforce.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> view error in 'Error' column.
Assign user to the desired permission set in Salesforce.

INVALID RECORD TYPE ID FOR THE USER

Typical error message - Record Type ID: this ID value isn't valid for the user: 012D0000000BfaLIAS:RecordTypeId --
This error is generated when the Salesforce user authenticated on Vault doesn’t have access to some record types of an object(s).

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Give appropriate access using profiles and permissions to the Salesforce user authenticated on Vault.

CANNOT_INSERT_UPDATE_ACTIVATE_ENTITY

Typical error message - SFSSDupeCatcher.SSDupeCatcherContactTrigger: System.LimitException: Apex CPU time limit exceeded
Error is generated by Triggers preventing the records from getting loaded in the destination Org.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Disable the triggers on the destination Org either by using the option to disable triggers in Vault or by performing the same in the Salesforce Org.
Alternately, try lowering the batch size of the operation to avoid more records from getting inserted/updated in parallel which may result in a CPU time limit exception.

UNABLE_TO_LOCK_ROW

Typical error message - unable to obtain exclusive access to this record or 126 records.
Error is caused by Dependent records causing the load of records from populating in the destination Org.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Execute the job in serial mode instead of parallel mode to help prevent records in different batches having dependency with each other getting inserted into Salesforce in parallel and causing the error.

TooManyLockFailure

Typical error message - Too many lock failure 200 Trying again later.
Error is caused by Dependent records causing the load of records from populating in the destination Org.

Resolution Steps:

Click on Replicate/restore job summary-> Click on Failure records-> download details-> view error in 'Error' column.
Decrease the batch size or execute the job in serial mode instead of parallel mode to help prevent records in different batches having dependency with each other getting inserted into Salesforce in parallel and causing the error.
For more information, go to

Replicate

DUPLICATE_VALUE

Such failures occurs when such records are already present in the destination

Resolution Steps:

Click on Replicate job summary-> Click on Failure records-> download details-> view error in 'Error' column.
An existing automation is blocking the upsert operation. Try disabling the automation if necessary.
If you would like Vault to recognize the existing records in the destination that are created/transferred outside of Vault, you can configure the unique identifier for the object and enable the option ‘Prevent duplicate record creation using unique identifiers in replicate job config to avoid Vault from attempting to recreate an existing record matching the value in the unique identifier specified.
For steps on how to configure unique identifiers, go to this link:

Limitations

Restoration of System-Generated Chatter-Feed Items

Issue: Salesforce does not allow the restoration of chatter-feed items generated by the system.
Details: Only feed items manually added by users to the chatter feed can be restored.
Error Message: Attempting to restore system-generated chatter-feed items will result in the error: "Required field missing: Body."

Restoration of Shared Objects Data

Issue: Salesforce does not permit the restoration of data in shared objects generated by sharing rules.
Details: Only manually added share-related records in the shared object can be restored.

Installed Packages

MuleSoft operates as an installed package component in Salesforce. Consequently, it cannot be backed up, restored, or replicated using API calls.
Installed packages, which includes MuleSoft or anything related to Mule, cannot be backed up directly; they must be obtained from the Salesforce AppExchange platform and installed.

File Size Limits

Issue: If the metadata zip file exceeds the file size limit of 39 MB, then Vault cannot restore the file to the destination Org.
Details: Use the workbench to restore larger files.
Error Message in the UI logs: "Metadata ZIP file exceeds the maximum allowed size of 39 MB. Please refer to the for more details.”
Additional Info: Refer to this for more information on file size limitations.

Unsupported Metadata Types

The following metadata items are NOT supported in the 24.1 release. They may be supported from 24.2 onward. This list will continue to be updated.

AIApplication

AIConvSummarizationConfig

BriefcaseDefinition

CanvasMetadata

ChannelObjectLinkingRule

ConversationMessageDefinition

CustomIndex

DataConnectorS3

DataPackageKitObject

DataSource

DataSourceBundleDefinition

DataSourceObject

DataSourceTenant

DataSrcDataModelFieldMap

DataStreamDefinition

DataStreamTemplate

DigitalExperience

DigitalExperienceBundle

DigitalExperienceConfig

ExperienceContainer

ExternalAIModel

ExternalDataConnector

InternalDataConnector

MktCalcInsightObjectDef

MktDataTranObject

MLDataDefinition

MLPredictionDefinition

OmniSupervisorConfig

Release Notes

Welcome to the AutoRABIT Release Notes page! This is your go-to resource for the latest updates and changes to all of our key products, including ARM, CodeScan, Vault, and nCino Integration.

Here, you'll find detailed release notes that provide insights into new features, enhancements, and bug fixes for each product update. Our goal is to keep you informed and equipped with the knowledge to make the most of our products.

By staying tuned to this page, you'll gain a deeper understanding of how our products are evolving to meet your needs and the changing landscape of software development. From small adjustments to major overhauls, every update is documented here to ensure you have all the information you need at your fingertips.

Whether you're a new user learning the ropes or an experienced customer seeking to optimize your use of our products, our Release Notes page is an invaluable tool for staying up-to-date with AutoRABIT's dynamic suite of solutions.

CodeScan Release Notes

CodeScan offers three primary deployment options: Cloud, Self-Hosted, and Government. Release notes and information are available for each deployment type.

Cloud Releases

Prior Versions

Release Notes 23

Release Notes 22

Release Notes 22.8

December 2022 - New Updates, Improvements

Date of release: 18 December 2022 Article last updated: 24 April 2023

New Updates

1. User Registration Flow Enhanced for CodeScan Cloud

The user registration flow is now enhanced for improved user experience in the CodeScan cloud by updating several options and removing others that no longer apply.

Validate Email address- The CodeScan team to allow users to register for a new CodeScan account using corporate email addresses only.
The users who attempt to sign up using an email domain not registered with us require approval from the CodeScan team. To simplify the approval process, it is recommended that you only invite persons whose email domains already exist with us.

2. SOQL/DML Rule Upgrade

The existing CodeScan rule is now enhanced to verify if SOQL queries are in the loop. With this release, if a SOQL query is called in a loop in another method or class, the rule will now alert the users with information like class name, method name, and the line number of the violation.

3. CodeScan IntelliJ plugin Upgrade

The CodeScan IntelliJ plugin has been upgraded to the stable 6.1.4 version. This update improves the connection process with your server.

Improvements

This release includes minor stability fixes and improvements for the CodeScan platform.

Changelogs

19 April 2023

(CodeScan v23.0.6)

This is a maintenance release. The following items were fixed and/or added:

Fixed the following issues with the static code analysis (SCA) report observed in ARM where,
- SCA report shows only ApexClass and AuraDefinitionBundle results in ARM, whereas the CodeScan app displays the accurate issues count.
- Log file displays the error: Only first 10000 issues can be shown (#).

22 March 2023

(CodeScan v23.0.5)

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with the Custom Metadata components must have a description field rule. The user added the description field to their quality profile's metadata and implemented the aforementioned rule, yet the problem still persists (#).
Fixed an issue where the master scan was failing in the CodeScan application. The multiple scan running for the same environment caused the issue. (#).
Fixed an issue where the rule was missing the below case when permissions are checked through a local variable instance: {noformat}SObject objAcc; if (objAcc != null && objAcc.getSObjectType().getDescribe().isUpdateable()) {{noformat} This case is now added to the rule.(#).

15 March 2023

(CodeScan v23.0.4)

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the Avoid running Soql and DML inside loops rules were not evaluating properly and throws wrong issue (#).
Fixed an issue with the integration of VS Code and CodeScan where, when a user clicked on the quality profile in the project information page, they were sent to a screen that read, The requested Quality Profile was not found (#).

28 Feb 2023

(CodeScan v23.0.3)

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the \triggers and \aura folders were not scanned for full code coverage. (#).
Added a new column Rull Name to the CSV export report for better issue/rule identification (#).
Fixed an issue where the users were not receieving notification for My issues/My new issues/Issues with false positive although the notifications feature was enabled (#).
Fixed an issue where the user when initiated a manual analysis inside CodeScan, the application throws the classes/WSRS_DistributionPartnerDAEventHandler.cls error (#).
Fixed an issue whehre the unit test did not include the System.Assert() Update.
Update the input text on the SSO Login screen from "Your company email" to “Company SSO Domain”.

Release Notes 22.7

October 2022 - New Features, Enhancements, Improvements, and Bugs Fixed

New Features

You can easily log in to CodeScan Cloud by setting up a Single Sign-On (SSO) through SAML-based third-party identity providers such as Okta, PingOne, and Microsoft Azure.

For more information, see .

2. CSV Export tool for CodeScan Cloud

The ability to download a CSV file containing the issues has now been added. The CodeScan CSV issue export option can be found in the More menu. Prior to this release, this functionality was only accessible to CodeScan Self-Hosted users; however, we have now enabled support for Cloud users as well.

For more information, see

3. New CodeScan Rule

CodeScan now has a new rule added to their Quality Profile called Do not use vulnerable packages, which checks for deprecated and outdated dependencies in the project and highlights the vulnerabilities available.

Enhancements

Scheduled Reports available for Project Branches

Previously, project reports were available for download for the main branches. With this update, we now support generating reports manually or by scheduling them for every project branch.

For more information, see

UX Enhancement

The drop-down list for the entry of Rule Parameters has been introduced to the improved Activate in Quality Profiles page. You could only feed regular text into fields prior to this release.

Fig 1: Old Screen

Fig 2: New Screen

With this update, the Add Member button on the Members page for all CodeScan versions is deleted.

Improvements

This release includes significant security improvements. Updating is strongly recommended.
The existing metadata rules in CodeScan have been tweaked for SFDX compatibility.
Significant improvements in the ways GitHub is triggered within CodeScan.

Bugs fixed

Fixed a minor issue where the analysis would start for both branches when merging a feature branch into the master branch. This shouldn't happen as analysis should be initiated only on the master branch and not the feature branch.
Fixed an issue where the target branch's newly added code was not being fetched when the analysis was running.
Fixed an issue where users could view invalid grant type errors while running a pull request analysis.
Fixed an issue where users received a CE job timeout error in SonarQube's CE job.

Release Notes 22.4

May 2022 - New Features, Enhancements, and Improvements

New Features

The following are the "ncino-goldstandard" nCino-related rules that have been added to the current Apex/Salesforce Metadata rule sets.

Rule

Description

SonarQube compatible

CodeScan self-hosted is compatible with SonarQube™ 8.9 and SonarJS 6.2+. For more information, see

Enhancements

Updated existing nCino rules

Below are the exisitng CodeScan rules key that are tagged as “ncino-goldstandard.”

Rule Key

Improvements

Updated all third-party libraries to the most recent versions to address security, stability, and reliability issues.
The CodeScan portal has been updated to include minor speed, bug fixes, and security enhancements.

Changelog

CodeScan v22.6.2

(12 July 2022) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Codescan and Visual Studio Code's rule and file-type issue counts were out of sync. We have updated Codescan Visual Studio Code extension to version 1.6.9, which fixes the issue with analysing metadata files ()
Writing XPath rules based on filename on SFMeta is now supported ().
There was an issue that prevented users from editing the settings for Branches and caused an error message that said, Cannot read properties of undefined (reading "config") ().
Resolved an issue where the Project Analysis jobs were stuck in the queue and were not triggered at the scheduled time ().
Fixed an issue where the CodeScan-Visual Studio Code plugin failed to detect javascript errors even though SonarQube have identified it at the Salesforce Lightning web component ().

CodeScan v22.6.1

(23 June 2022) This is a maintenance release. The following items were fixed and/or added:

The sf:UnusedFormalParameter rule's false positive issue has been resolved ()
Fixed an issue that prevented SonarQube 9.4.0 from functioning properly with Java 11 version.
The sonar-java-plugin has been updated to version 7.6.0.28201.
Fixed an issue for all child rule violations that happen when files are crossed (rule violation location in two different files).. This was fixed by setting the correct file location for child rule violations.
Fixed an issue where users were experiencing an expired token error that appeared on the master branch every time a comparison branch was analysed before it ().

CodeScan v22.6

(13 June 2022) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue that prevented the CodeScan and Azure DevOps integration from functioning as expected. The Azure DevOps plugin was updated to version 1.6.8 to overcome these issues.
Fixed an issue where the Field Level Security Rule displayed a false negative for the code below: update Security.stripInaccessible(AccessType.UPDATABLE, new List<vlocity_ins__ContactEmployment__c> { ceLst.get(0) }).getRecords();

CodeScan v22.5

(30 May 2022) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue that prevented the user from logging into the CodeScan instance.
Fixed an issue that prevented the user from creating the Salesforce project in their CodeScan instance.
The issue where the user were not able to create a CodeScan project using the Gitlab plugin has been resolved.
Fixed an issue where the codeScan rules which were not a part of active Quality Profiles were getting applied.
Fixed a bug where, after logging out from the CodeScan application, the user was directed to the CodeScan's Project screen rather than being asked for their login information (username and password) when they selected the Login with AuthO button.
Fixed an issue where the Field Level Security Rule shows false negative for the below cases:

Vulnerability detection in For-each loop. for eg., for(Contact c : [SELECT Name FROM Contact])
Vulnerability detection in Database method calls. for eg., Database.insert([SELECT Name FROM Contact]);

Migrated IntelliJPluginErrorAction web servlet to Spring MVC.

Release Notes 22.3

New Features

1. Comparison branches for Salesforce projects

Added the ability to add comparison branches to a Salesforce project in this release.

Key characteristics to look for:

The comparison of issues
The transfer of issue resolutions to the main branch of the Salesforce project.

For more information, see .

2. New nCino rules

Below are the nCino related rules added to the existing Apex/Salesforce Metadata rule sets and are tagged as “ncino-goldstandard.”

Process Builder Must Reference Product: For general automation and validation best practices, associate actions in the system to a product line, product type, or product feature. Depending on how widespread the automation is, this ensures that follow-on phases for new lines of business have limited rework
Workflow Must Reference Product: For general automation and validation best practices, associate actions in the system to a product line, product type, or product feature
Validation Rule Must Reference Product: For general automation and validation best practices, associate actions in the system to a product line, product type, or product feature
System Bypass Logic - Workflow Rules: This rule is required in custom workflow rules for integration users
System Bypass Logic - Validation Rules: This rule is required in custom validation rules for integration users.

3. Compute Engine parallel processing

This April's CodeScan cloud release includes the Compute Engine parallel processing capability. The key benefit is that it allows multiple analysis jobs to run in parallel in a fluid manner, reducing analysis job duration during peak usage and thereby improving user experience.

SonarQube compatible

CodeScan self-hosted is now compatible with SonarQube™ 8.9 and SonarJS 6.2+. For more information, see

Enhancements

1. Enhanced log report

The log report is now better than before. View your project analysis job's detailed log report, which includes the reasons for failed jobs.

2. CodeScan integration with Github

In this release, the CodeScan integration with GitHub actions has been improved. When working on Github actions, the report generation feature has been included, which displays accurate findings based on analysis.

Improvements

Minor performance, bug fixes, and security improvement can also be observed in the CodeScan portal.

Bugs fixed

Fixed a minor bug where the scheduled Salesforce jobs were not running in an instance because of several hardcoded values in the product sources.
Fixed an issue where the project analysis job took a long time to accomplish and displayed the "Job took too long" error in some instances.

Release Notes 22.2

CodeScan 22.2

Released Date: 26 Jan 2022

New Features

New compliance rules added for Apex Class:
- Long Class Names: In the Apex class ruleset, we have added a new rule “Long Class Name” You can now configure an Apex Class with a class name that is longer than 40 characters.
- Long Trigger Names: In the Apex class ruleset, we have added a new rule “Long Trigger Name”. You can now configure an apex trigger with a trigger name that contains more characters than the set limit.
- Long Method Name: In the Apex class ruleset, we have added a new rule “Long Method Name”. This rule helps to create an apex class rule with a method name that contains more characters than a set limit.
New compliance rules added for Salesforce Metadata:
- Avoid Excess Workflow Rules in Org: In the Salesforce metadata ruleset, we have added a new rule “Avoid Excess Workflow Rules in Org”. This rule helps to limit the number of workflow rules in your salesforce org.
Project Analysis Log Report: We've added a new feature that allows users to view their project analysis report by clicking on a link from their VC project. As a result, the user can now view the detailed log report.

Enhancements

Log4j Version: Updated the latest version of log4j to 2.17.1 to address the Apache Log4j security vulnerabilities.
Scheduled project reports: Users with Administrator permission either at the project level or organization level can configure the scheduled project reports. Earlier, this option was available only to the owners of the organization.
Analyze salesforce packages: Users can now analyze the contents of salesforce packages. This will help to keep track of issues in files packages. This feature is especially helpful when the packages are developed and maintained by the user.

Bug Fixes

There was an issue with project reports not being triggered when they were scheduled; this has now been fixed.

Release Notes 22.1

CodeScan 22.1

Released Date: 29 Dec 2021

New Features

Integrated ZOHO as a ticketing tool for CodeScan support: We've now integrated ZOHO as a way to submit a ticket for any CodeScan-related support. The AutoRABIT Support Portal allows users to submit a support request.
New Compliance rules for Salesforce Metadata: We made our Salesforce Metadata Ruleset more powerful with the addition of two new rules that helps minimize and prevent the Salesforce users from being provided with unnecessary privileges.
- Limit number of page layouts per object: In the Salesforce Metadata ruleset, we added a new rule "Limit number of page layouts per object" which helps to restrict the maximum number of page layouts that can be accommodated under a single object.
- Limit number of custom fields per object: In the Salesforce Metadata ruleset, we added a new rule "Limit number of custom fields per object" which helps to limit the number of custom fields set for a salesforce object. The rule also allows users to specify object-specific custom field limits.

Enhancement

Log4j2 core and API versions are upgraded to 2.17.0: To address the Apache Log4j Security Vulnerabilities thread, we updated the Apache Log4j version dependencies to 2.17.0.

Bug Fixes

The user was unable to delete multiple projects from the Manage Projects page due to a bug, which has now been resolved.
After deleting and adding a new repository into the CodeScan, we were getting an 'Unknown error'. It has been fixed now.
There was an issue in CodeScan Cloud where you couldn't create a branching, but it's now fixed and working properly.
When a user attempts to analyze a project by clicking 'Re-run the analysis,' it fails. This problem has now been resolved.
There was an issue with the links from GitHub fork PR and it is not linking to the correct branch. This issue has been fixed now.

Release Notes 21

Release Notes 21.5

CodeScan 21.5

Released Date: 30 Oct 2021

Keeping with our commitment to continuous improvement, our October 21 release of CodeScan offers new features and improvements that will make it more powerful and effective.

New Features

Custom rules using XPath: With this added capability, CodeScan Cloud users can now be able to define their own XPath based rules aligning with their organizational standards.
Fast Scan Mode: CodeScan’s pull-request analysis is now going to be more efficient with the added capability of CodeScan to scan only the changed files in the pull request instead of scanning through the entire branch.
New Compliance rules for Salesforce Metadata: We made our Salesforce Metadata Ruleset be more powerful with the addition of two new rules that helps minimize and prevent the Salesforce users from being provided with unnecessary privileges.
- Limit number of System Administrators: In Salesforce Metadata ruleset, we added a new rule "Limit number of System Administrators" which helps to limit the number of users with System administrator profiles to a defined minimum.
- Limit number of Custom Profiles with Modify All Data Permission: In the Salesforce Metadata ruleset, we added a new rule "Limit number of Custom Profiles with Modify All Data Permission" which helps to limit the number of users with 'Modify all Data' permission to a defined minimum.

Release Notes 21.4

CodeScan 21.4

Released Date: 01 July 2021

Enhancements

Enhanced Reports: CodeScan's weekly reports have been improved, with more scheduling choices, insights into project issue patterns, logs of project configuration changes, and false positives logged.
Enhanced Metadata Ruleset: Before deploying from the developer environment, Salesforce metadata components can now be scanned to ensure that they have an associated description, improving the clarity around their purpose and function.
Rulesets for nCino: In this release, nCino-specific rules have been added. CodeScan can now limit the number of sharing rules, as well as active and inactive workflow rules created on an object in order to prevent performance impact due to system overload caused by extensive calculations when a record is created or updated. Users may customize these rules for their own purposes.
Improved AutoRABIT integration: CodeScan reports generated from AutoRABIT for a project or Salesforce org are now consolidated as individual branches under their respective CodeScan projects rather than in a separate new project. This allows the user to show continuity in the reports and retain history tracking, making the integration more helpful and intuitive.

Release Notes 4

Release Notes 4.5

CodeScan 4.5

New Features

New Cloud Features

Native GitLab Integration: Your GitLab cloud repo's are now just one click away from our new GUI integration.
Verbose Billing Warnings: Billing warnings will now be more verbose.

New Apex Rules

Avoid using null conditions in SOQL WHERE clause: by default, index tables do not include null records. WHERE clauses that include nulls will therefore require a full scan, which can be very slow for large data volumes. The developer must determine if a fix is needed.
Page Action with a simple redirection: avoid creating a page action that makes a simple client side redirect.
Sending outbound emails using Messaging.sendEmail: emails sent with Messaging.sendEmail count against daily limits which can cause rejection. The developer must determine if a fix is needed.
Using Batch Apex from a trigger is dangerous: ensure that jobs created by the trigger do not exceed job limit.
Using Database.AllowCallouts interface in Batch Apex: it is not recommended to make HTTP calls as part of Batch Apex logic.
Source files should have a sufficient density of comment lines (v4.5.3): this version of the rule is able to be used in the IDE. An issue is created on a file as soon as the density of comment lines on this file is less than the required threshold.

Enhancements

DMLWithoutSharingEnabled now takes Inheritance into account (v4.5.2).
FieldLevelSecurity now has a parameter to check classes that extend system level classes ie. Database.Batchable, Queueable, and Install Handler (v4.5.3).
CommentRequired now checks for private methods via parameter (v4.5.3).

Bug Fixes

Parsing issues for the Safe Navigation Operator fixed (v4.5.1).
False positive fixed in SOQLInjection (v4.5.1).
False positive fixed in AuraEnabledWithoutCatchBlock (v4.5.1).
Parsing fixes for Javascript annotations (v4.5.2).
EsLint configuration files are no longer picked up with analysis (v4.5.3).
False positive fixed in BadCrypto (v4.5.3).
False positive fixed in UseSingleton (v4.5.5).
IDE Plugin no longer creates files in the base directory (v4.5.5).
False positive fixed in FieldLevelSecurity (v4.5.6).

Release Notes 4.4

CodeScan 4.4

New Features

New Cloud Features

Salesforce Project Branch Types: when adding a sandbox to your Salesforce project as a branch, you are now able to specify the type of branch you would like to add (Long or Short). Find out more here about branches here.

New Metadata Rules

BETA metadata ruleset added: our beta metadata ruleset has been added to this release. Currently, you will find rules covering security settings, custom fields, permissions, and record type ID's. This edition also includes a setting to define the metadata types to be downloaded. Find out more here for CodeScan Cloud and here for a Self Hosted package.xml file.

New Apex Rules

Aura Controller Naming: Aura Controllers should adhere to certain naming conventions. Only classes linked to a page as a controller or extension are considered.
Track Usage of @SuppressWarnings: overuse of the @SupressWarnings annotation can mean issues in your code are not picked up. This rule flags each usage to make sure it is needed.
Track Usage of //NOSONAR: overuse of the //NOSONAR rule suppression can mean issues in your code are not picked up. This rule flags each usage to make sure it is needed.
Static can not be used in Inner Class (v4.4.5): Static can only be used on fields, properties, and methods of top-level classes only.
Avoid using Tab Characters Check (v4.4.5): Checks that there are no tab characters ('\t') in the source code.

New Visualforce Rules

Avoid using Tab Characters Check (v4.4.5): checks that there are no tab characters ('\t') in the source code.

Enhancements

Field Level Security now specifies the field it is failing on.
Old Page API Version now specifies the API version in the message (v4.4.4).
Metadata parsing was improved to fix memory errors caused by larger types (v4.4.5).

Bug Fixes

Excessive Method Length no longer counts comments as lines.
Use Singleton now ignores Aura controllers.
NPath Complexity now calculates correctly around ternary statements.
False-positive fixed in Unnecessary Boolean Assertion.
Avoid Public Fields now ignores Aura fields.
False positive fixed in InlineStyleAttributesCheck for lightning:formattedNumber tag (v4.4.4).
Field Level Security no longer detects WITH_SECURITY_ENFORCED (v4.4.4).
Edge cases of DML parsing fixed (v4.4.4).
Edge cases of Copado parsing fixed (v4.4.4).
Classes extending nested classes parsing fixed (v4.4.4).
General Parser fixes and improvements (v4.4.4).
InsecureEndpointRule throws StackOverflowError while analyzing the attached Apex class (v4.4.5).
Parsing error caused by using "Sharing" as Enum name fixed (v4.4.5).
Parsing error caused by using "import" (Javascript) fixed. BREAKING CHANGE - This will cause new errors to be created on previously unparsed files (v4.4.6).
Error caused by custom fields in SFDX projects fixed (v4.4.6).

Release Notes 4.3

CodeScan 4.3

New Features

New Apex Security Hotspots

Deserializing JSON Is Security-Sensitive: Deserializing an object from an untrusted source is security-sensitive. An attacker could modify the content of the data.
Encrypting Data Is Security-Sensitive: Encrypting data is security-sensitive. Although most encryption problems are solved or managed by Salesforce, care must be taken when relying on encryption.
Type Reflection Is Security Sensitive: Dynamically executing code is security-sensitive. If the code comes from an untrusted source, the untrusted source may be able to choose which code to run.
Using Cookies Is Security-Sensitive: Attackers can use widely available tools to view the cookie and read the sensitive information. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
Using UserInfo.GetSessionId() Is Security-Sensitive: The use of UserInfo.GetSessionId() is security-sensitive. Ensure that you need to do this.

New Visualforce Security Hotspots

Using GETSESSIONID() and $API.Session_Id is security-sensitive: The use of GETSESSIONID() and $API.Session_Id is security-sensitive. Ensure that you need to do this.

Quality Profiles

Removed Unescaped Source rule from default Apex profile (v4.3.12).
Removed deprecated rule javascript: S2228 from Salesforce Lightning Quality Profile (v4.3.9).

Enhancements

SonarQube™ Ant task has been updated to 2.6.0.1
SOQL Injection Rule updated and improved.(v4.3.11)
Open Redirect Rule updated and improved. (v4.3.11, v4.3.12)

Bug Fixes

Bug fixed in RightLineBracesPositions rule.
Bug fixed in Field Level Security Vulnerabilities rule. (v4.3.10)
Bug fixed in Preserve Stack Trace Rule (v4.3.12)
Bug fixed in Unescaped Source Rule (v4.3.12)

Release Notes 4.2

CodeScan 4.2

New Features

New Apex Rules

Avoid Insecure Digest Algorithms: MD5 and SHA-1 algorithms are no longer considered secure because it's too easy to create a hash collision between two message contents.
Avoid Salesforce System Class Names: Classes with names that already exist as internal classes will take precedence due to namespacing.
Avoid Nested Switch Statements: Avoid creating nested 'switch' statements since they are error-prone, harder to read, and harder to maintain.
Avoid Reversed Operators: Reversing operators may be a bug, or at the very least make it hard to read.
Avoid Using HTTP Referer Headers: HTTP Referer headers can be modified by attackers. Making a decision based on the value of the referer can be dangerous.
Catch Block Should Do More Than Rethrow: Catch blocks that do nothing but rethrow an exception should either be changed or removed.
Field Level Security Vulnerabilities: This rule makes sure that the code checks for access permissions before running a SOQL, SOSL, or DML operation. Single Method Singleton: Avoid using overloaded getInstance methods. Statements Should Be On Separate Lines Statements should be on separate lines to increase readability and maintainability.
Suspicious For Loop Incrementer: Incrementers that do not match the body of the for loop could be a bug.
Ternary operators that can be simplified with || or &&: Ternary operators with the form condition ? literalBoolean : foo or condition ? foo : literalBoolean can be simplified.
Unexpected Casting of Types: When arithmetic is performed on a type, the type remains the same even if the result is a different type. This can return an unexpected result.

Updated Apex Rules

Division By Zero: Division by zero exception may occur when zero could be the denominator to a division or modulo operation.
Apex Classes should use Random IV/Key: Now checks for EncodingUtil.base64Decode(key);

New Visualforce Rules

Avoid using GETSESSIONID() and $API.Session_Id: Lightning Experience does not have access to the API session token. Visualforce pages that access the session ID should be tested within Lightning Experience.
External Script and Style Resources Should Be Avoided: Including content from untrusted sources can lead to various security issues including include injection of malware.
Remove OnClick Javascript: Javascript in "onclick", "onmouseover" and similar actions within components are ignored.
Require CSRF Protection On GET Requests: Require CSRF protection on GET requests must be enabled from the Visual Force Page settings.
Unencoded Formulas In Style Tags XSS: Makes sure that all values obtained from URL parameters are properly escaped / sanitized to avoid XSS attacks.
Unescaped Value Could Cause XSS: Reflected Cross-site Scripting (XSS) occurs when an attacker injects browser executable code within a single HTTP response. Using unescaped parameters can be a security risk.
Avoid Apex Tags Within Script: Avoid using <apex:*> tags within <script> tags for readability and security.

Enhancements

Improved documentation on vulnerabilities including links to OWASP and CERT explanations.
Support for Inherited Sharing Keywords in Apex - Salesforce Documentation

Bug Fixes

Code coverage that does not match the current state of the codebase no longer causes unrecoverable errors (v4.2.0)
Fixed bug that caused component files to not scan correctly (v4.2.2)
Fixed issue that caused certain tags starting with "\" in comments to not parse (v4.2.3)
Fixed issue that caused code coverage to not be applied. (v4.2.3)
Fixed bug in Long Javascript rule that causes the length to be improperly calculated (v4.2.3)
Fixed issue that caused files to not highlight correctly (v4.2.3)
Fixed bug that caused Class Without Test Class rule to ignore certain files (v4.2.3)
Fixed bug that caused errors to appear and disappear (v4.2.3)
Fixed bug that caused certain code coverage data to be displayed incorrectly (v4.2.5)
Fixed bug in the Class Without Test Class rule (v4.2.6)

Other Changes

The rule "Class with only Private Constructors should be Final" has been deprecated and removed completely. Classes are final by default therefore this rule is unnecessary.
The rule "Remove OnClick Javascript" has been removed from the default Visualforce and Lightning Quality Profile.
SonarQube™ 7.6 Support
A selection of new rules has been added to the default Quality Profiles (4.2.1).

Self Hosted Releases

CodeScan Self-Hosted Editions: Latest Release Dates

Tiger Edition v3 was released on Feb 26, 2025.
Eagle Edition v3 was also released on Feb 26, 2025.

Note regarding the 2 different CodeScan Self-Hosted Editions:

We recognize that our self-hosted customers have different requirements regarding the SonarQube (SQ) versions that are supported/allowed by their organizations. As such, CodeScan is committed to supporting a wide spectrum of versions to accommodate this variance.

Currently, the most recent Long Term Active version of SonarQube is 2025.1 LTA. The previous version of SonarQube Long Term Active (LTA) was 9.9 LTA. In between, SonarQube released 9 other versions (10.0 – 10.8).

In order to support all these SonarQube versions, we decided to provide two versions of CodeScan self-hosted editions to the market to ensure ongoing SonarQube compatibility.

Our Eagle Edition is designed for those customers who run on SonarQube 10.4 – 2025.1 LTA.

Our Tiger Edition is designed for those customers who run on SonarQube 9.9 LTA – 10.3.

Please see our corresponding SonarQube Compatibility Matrix for detailed guidance.

We do intend to keep as much feature parity with the editions as possible; however, there will be slight variances. Please review our release notes for detailed information regarding each edition’s respective capabilities.

Additionally, the following diagram provides more detailed information regarding release versioning and release dates.

Regarding earlier CodeScan Versions: Our July 2024 release (24.0.8) fully supports SQ 9.9 LTA as well as SQ 10.0, 10.1, and 10.2.

Recommendations on Editions

For customers running earlier versions of SonarQube, we welcome you to upgrade to our new CodeScan Self-Hosted Tiger Edition v3.0 (25.0.1). This release is generally available as of Feb 26, 2025, and is compatible with SQ 9.9 LTA and SQ 10.0–10.3. Please refer to the release notes for the Tiger Edition v3 for complete documentation of features.

For customers running newer versions of SonarQube, we encourage you to upgrade to our CodeScan Self-Hosted Eagle Edition v3.0 (25.1.0). This release is generally available as of Feb 26, 2025, and is compatible with SQ 2025.1 LTA and SQ 10.1–10.8. Please refer to the release notes for the Eagle Edition v3 for complete documentation of features.

Downloads: After identifying your version of SonarQube, refer to the Installing CodeScan Self-Hosted page to view the CodeScan Downloads & Compatibility Chart.

Future SonarQube Releases: We aim to have support for the latest versions of SonarQube approximately 12 weeks after their release date. Each version will be supported for 12 months.

Additional Support: If you have any questions, comments, or concerns, please contact your Account Team directly.

Eagle Edition

Release Notes 25.1.0 Eagle 3.0

Release Notes 25.1.0 (Eagle v.3)

Release Date: 26 February 2025

Summary

CodeScan Self-Hosted—versions 25.0.1 (Tiger v3) and 25.1.0 (Eagle v3)—are comprised of the following eight components:

3 Enhancements
1 New Rule
4 Fixes

Component details are listed in their corresponding sections within this document.

New Features

There are no new features associated with this release.

Enhancements

Enhanced rule “Avoid Untrusted/Unescaped Variables in DML Query" to account for potential SOQL injections when “queryWithBinds” is used. Historically, CodeScan has offered our “Avoid Untrusted/Unescaped Variables in DML Query” rule to inspect customer’s code and flag where there are SOQL Injection possibilities. Recently, one of our customers performed a test and expected this rule to flag an issue in their code, but it did not. We determined the rule should be enhanced for when “queryWithBinds” is used. Our engineering team utilized specifications within Salesforce documentation (specifically, Help and Training Community) in order to consider only the query for executed with queryWithBinds() for vulnerability check and violation, avoiding the other parameters such as: (Map, accessLevel) . Database.queryWithBinds(query, bindVariablesMap, accessLevel) Example:
Code
Verified after the rule enhancement was engineered that users are able to see the violation for rule “Avoid Untrusted/Unescaped Variables in DML Query” as expected.
Violation for error thrown
Enhancement to our disconnected license type for self-hosted customers requiring a license with a project key embedded. CodeScan has a disconnected license type option for self-hosted license where the project key is embedded.
This feature ensures that when the license check is performed, if the project being scanned has a key that is embedded in the license, then the check will pass without needing to reach out to the license server. This is very useful for customers who are not allowed any connection to sites outside their organization, as it allows the project analysis to complete without connecting to the license server.
Recently, some customers were reporting that while the scans were completing but also throwing a timeout error. We have enhanced this feature by changing this notification to occur as a warning log instead of as an error log.
Enhanced rule “Field Level Security Vulnerabilities”: Violation message now displays the correct object instead of '{0}'.

The existing violation message was neither clear nor accurate. Instead, when the violation is flagged, the message should display the correct object instead of '{0}'.
This fix includes a more clear and accurate message associated with the violation.
Clear, accurate error message

New Rules

New Rule for Apex: “OuterClassExplicitSharing” Enforce security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.
- Name: Outer Class Explicit Sharing
- Key: OuterClassExplicitSharing
- Type: Vulnerability
- Severity: Major
- Message: Class '{className}' does not have an explicit sharing rule
- Tags: convention
- Remediation: 5 minutes

Verified the rule: OuterClassExplicitSharing for the following scenarios:

Verified the Rule’s description, type, severity, message, tag, Remediation, Key, Name
Outer Class Explicit Sharing screenshot
Verified the rule is not throwing a violation if with sharing, without sharing, or inherited sharing are used.
Verified violation not thrown
Verified the violation is thrown if with sharing, without sharing, or inherited sharing are not used.
Example: Explicit sharing rule

NOTE: This rule overlaps with the ClassExplicitSharing rule and will always overlap violations for outer classes. This rule has been created to:

Allow for the reporting of this issue as a Vulnerability instead of as a code smell
Only flag if sharing settings are missing for outer classes (inner classes that are missing sharing settings will not be flagged (which is the opposite of how the ClassExplicitSharing rule works)

If both are active, check the violations that have been reported and disable one of the rules as necessary.

Fixes

Fixed rule “Require CSRF protection on GET requests” to distinguish Visualforce Page settings from Aura components. Previously, this rule was flagging violations on .cmp files that are aura:component files. The guidance in the rule suggested to change the Visualforce page setting, but this is not possible on Aura components because they are not Visualforce components. This fix for the rule “Require CSRF protection on GET requests” now enables CodeScan to distinguish Visualforce Page settings from Aura components.
Fixed issue with rule “Flow DML Should Not Be Called in Loops" Recently, we observed that the rule “Flow DML Should Not Be Called in Loops" throws null pointer exception because of access of parent node without null check. This fix corrects this issue. Verified the fix by testing and confirming that the rule now throws a violation as expected, and, additionally, we are no longer getting the null pointer exception.
Fixed issue in rule for APEX “sf: {{FieldLevelSecurity}} ” {Permissions should be checked before accessing resource }. Previously, this rule was throwing violations that were false positives. This was occurring when a SOSL query having an inner query calls the related Object. The Object needs to be checked by using isAccessible() before accessing its data. As per Salesforce documentation, when checking the Access for the inner query object it allows to check by using __c, but while making inner query on related Objects it must be in plural and end with__r. This fix corrects this issue. In this enhancement, the Object is checked by using isAccessible() before accessing its data.

NOTE: We addressed a similar issue related to SOQL queries in a previous release. That update has been extended in this release to also include SOSL queries.

Verified the rule “Field Level Security Vulnerabilities” for the following scenarios:

Rule is throwing the violation if we didn’t check isAccessible for the objects used in inner query.
Violation thrown if IsAccessible not checked
Rule is not throwing the violation if we checked isAccessible for the objects used in inner query.
REMINDER: In the previous release, we added support for SYSTEM_MODE in this rule. A new parameter has been added, allowing users to choose true or false to include or ignore violations related to SYSTEM_MODE.

We have verified the rule:FieldLevelSecurity for the following Sscenarios:
- Rule is throwing the violation if the object is NOT checked via isAccessible for the methods used in inner query
- Rule is not throwing violation if system mode value is set = “true” (and the object IS NOT checked via isAccessible for methods)
- Rule is not throwing violation if system mode value is set = “false” (and the object IS checked via isAccessible for the methods)

Fixed issue with CodeScan rule to check for special characters in Page Layout Name (for example: : , ( ) ' " - & ) Recently, we added a new rule that checks for special characters used in a Page Layout name (note: Metadata API name: “Layout”). This rule will enforce naming conventions for Page Layouts, which are in line with Salesforce best practices as well as several existing customers’ standards. The aim of this new rule will help identify components for refactoring of current Page Layouts that are incorrectly named. The rule checks layout and layout-meta.xml files for file names that include: - ! @ # $ % ^ & * ? ' : ; ” + = However, we recognize that we inadvertently included hyphen (-) in this special character list. Hyphen should NOT be included because Salesforce automatically adds this special character. This fix removes hyphen in the check for special characters in Page Layout Name.

Release Notes 24.1.0 Eagle

Release Notes Self-Hosted (On-Prem) 24.1.0 - EAGLE Edition

August 29, 2024

Summary

CodeScan Self Hosted 24.1.0 is comprised of the following 8 components:

Component details are listed in their corresponding sections within this document.

Enhancements

Feature Enhancement: The “sf.testfile” parameter in project settings UI Summary: Previously, customers using our Git integration could store their test coverage in their repo branches by using a parameter called sf.testfile (which allows people to add coverage to their code with SFDX JSON outputs) With this enhancement, CodeScan now allows for the parameter to be configured (at the project or instance level) within the UI (in General Settings ->CodeScan section).

Adding this parameter will allow teams that work like this to view the coverage on the CodeScan dashboard. The addition of this parameter notably provides more value for SFDX workflows.

Further details are within the following article:

Enhancement to rule: “Use the null coalescing operator instead of ternary” The original aim of this rule is to identify ternary statements and suggest the potential use of "??" operator. Previously, CodeScan was checking for ternary statements only. This rule was originally developed according to common development practices in Salesforce where most usages would be in ternary. However, it can be applied in scenarios involving if-else and return statements. As such, we have adjusted the rule to account for these use cases. With this enhancement, CodeScan suggests where null coalescing could be used instead of an “if” block (recognizing that if a developer is already thinking about shortening their code with ternary, then they are likely to be considering null coalescing operator as well).
Enhancement to rule: “Validation Rule Must Reference Product” This existing CodeScan rule was enhanced to be compatible with SFDX. Please note that this rule update is part of a larger initiative where we are making “validationRules of CustomObject” Compatible with SFDX. All Metadata rules need to be checked that they support both metadata API and SFDX formats of the issue they were built to find. Metadata pulled with SFDX has a different structure than Metadata pulled with Salesforce’s Metadata API. CodeScan can scan this different structure with some additions to the sf-meta suffixes. However, we need to make sure that the differences are covered within the types of metadata that have these differences. For example, the Object metadata contains all field metadata when pulled from the metadata API. When this is pulled with SFDX, the object and field metadata are separate. See the following SF article for details of these differences:NOTE: This rule is only applicable to nCino customers.
Enhancement to rule “Misuse of Assert Class” This CodeScan rule was introduced in Self-Hosted version 24.0.8. It is comprised of several parameters. This enhancement ensures that a newly created instance is never null. With the fix, a violation is now thrown at the line in bold. Example: public class nullCheck { public void checkOtherClassInstance() { Assert.isNull(new OtherClass()); } } (where the parameter associated with this enhancement is nullCheck)

New Rules

New Rule for “Cognitive Complexity” in CodeScan This is a new rule for assessing Cognitive Complexity. This rule aims to enhance the understanding of code readability and maintainability by identifying areas where the cognitive load on developers may be high. Hypothesis: By introducing a new rule for Cognitive Complexity assessment in CodeScan, we expect to pinpoint specific code structures and circumstances that contribute to increased cognitive load. This will enable developers to refactor complex sections of code, leading to improved code quality, readability, and maintainability. Basic criteria and methodology: A Cognitive Complexity score is assessed according to three basic rules:
- # Ignore structures that allow multiple statements to be readably shorthanded into one
- # Increment (add one) for each break in the linear flow of the code
- # Increment when flow-breaking structures are nested Additionally, a complexity score is made up of four different types of increments:
  - # Nesting - assessed for nesting control flow structures inside each other
  - # Structural - assessed on control flow structures that are subject to a nesting increment, and that increase the nesting count
  - # Fundamental - assessed on statements not subject to a nesting increment
  - # Hybrid - assessed on control flow structures that are not subject to a nesting increment, but which do increase the nesting count
New Rule for APEX: “Avoid Classes Without Explicit Sharing” New Rule to Enforce Sharing Rules in Classes Summary: Enforce security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.

Fixes

Fixed issue in rule “sf:AvoidSoqlInLoops” This CodeScan rule was found to have 2 issues:
- SOQL in the code does not appear to be in a loop, but CodeScan is flagging as a violation
- A violation message is displayed multiple times for the perceived detected violation

The root causes of these issues were identified, and the following enhancements were added:

Top of Form

Added condition to check if the method call is matching to the Method name; if not, do not flag as a violationBottom of Form

Top of Form

· When checking the nested method call, if method name matches, only then it will throw violation.

· Bottom of Form

Top of Form

· Avoid false positive when a recursive call happens without matching to the method name

New Configuration Settings

We are excited to announce that CodeScan now supports SonarQube versions 10.4, 10.5 and 10.6. In order for the Self-Hosted plug-in to function properly, the following configuration settings are introduced. They are:

· sonar.lang.patterns.sf (Replacement for sf.apex.suffixes)

· sonar.lang.patterns.sfmeta (Replacement for sf.sfmeta.suffixes)

· sonar.lang.patterns.vf (Replacement for sf.vf.suffixes)

These properties have the same defaults as those of the existing ones. These properties offer more control than the previous ones as they support wildcards. To learn more about wildcards, refer to the Wildcards section in

Tiger Edition

Release Notes 25.0.1 Tiger 3.0

Release Notes 25.0.1 (Tiger v.3)

Release Date: 26 February 2025

Summary

CodeScan Self-Hosted—versions 25.0.1 (Tiger v3) and 25.1.0 (Eagle v3)—are comprised of the following eight components:

Component details are listed in their corresponding sections within this document.

New Features

There are no new features associated with this release.

Enhancements

Enhanced rule “Avoid Untrusted/Unescaped Variables in DML Query" to account for potential SOQL injections when “queryWithBinds” is used. Historically, CodeScan has offered our “Avoid Untrusted/Unescaped Variables in DML Query” rule to inspect customer’s code and flag where there are SOQL Injection possibilities. Recently, one of our customers performed a test and expected this rule to flag an issue in their code, but it did not. We determined the rule should be enhanced for when “queryWithBinds” is used. Our engineering team utilized specifications within Salesforce documentation (specifically, ) in order to consider only the query for executed with queryWithBinds() for vulnerability check and violation, avoiding the other parameters such as: (Map, accessLevel) . Database.queryWithBinds(query, bindVariablesMap, accessLevel) Example:
Verified after the rule enhancement was engineered that users are able to see the violation for rule “Avoid Untrusted/Unescaped Variables in DML Query” as expected.
Enhancement to our disconnected license type for self-hosted customers requiring a license with a project key embedded. CodeScan has a disconnected license type option for self-hosted license where the project key is embedded.
This feature ensures that when the license check is performed, if the project being scanned has a key that is embedded in the license, then the check will pass without needing to reach out to the license server. This is very useful for customers who are not allowed any connection to sites outside their organization, as it allows the project analysis to complete without connecting to the license server.
Recently, some customers were reporting that while the scans were completing but also throwing a timeout error. We have enhanced this feature by changing this notification to occur as a warning log instead of as an error log.
Enhanced rule “Field Level Security Vulnerabilities”: Violation message now displays the correct object instead of '{0}'.

The existing violation message was neither clear nor accurate. Instead, when the violation is flagged, the message should display the correct object instead of '{0}'.
This fix includes a more clear and accurate message associated with the violation.

New Rules

New Rule for Apex: “OuterClassExplicitSharing” Enforce security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.
- Name: Outer Class Explicit Sharing
- Key: OuterClassExplicitSharing
- Type: Vulnerability
- Severity: Major
- Message: Class '{className}' does not have an explicit sharing rule
- Tags: convention
- Remediation: 5 minutes

Verified the rule: OuterClassExplicitSharing for the following scenarios:

Verified the Rule’s description, type, severity, message, tag, Remediation, Key, Name
Verified the rule is not throwing a violation if with sharing, without sharing, or inherited sharing are used.
Verified the violation is thrown if with sharing, without sharing, or inherited sharing are not used.

NOTE: This rule overlaps with the ClassExplicitSharing rule and will always overlap violations for outer classes. This rule has been created to:

Allow for the reporting of this issue as a Vulnerability instead of as a code smell
Only flag if sharing settings are missing for outer classes (inner classes that are missing sharing settings will not be flagged (which is the opposite of how the ClassExplicitSharing rule works)

If both are active, check the violations that have been reported and disable one of the rules as necessary.

Fixes

Fixed rule “Require CSRF protection on GET requests” to distinguish Visualforce Page settings from Aura components. Previously, this rule was flagging violations on .cmp files that are aura:component files. The guidance in the rule suggested to change the Visualforce page setting, but this is not possible on Aura components because they are not Visualforce components. This fix for the rule “Require CSRF protection on GET requests” now enables CodeScan to distinguish Visualforce Page settings from Aura components.
Fixed issue with rule “Flow DML Should Not Be Called in Loops" Recently, we observed that the rule “Flow DML Should Not Be Called in Loops" throws null pointer exception because of access of parent node without null check. This fix corrects this issue. Verified the fix by testing and confirming that the rule now throws a violation as expected, and, additionally, we are no longer getting the null pointer exception.
Fixed issue in rule for APEX “sf: {{FieldLevelSecurity}} ” {Permissions should be checked before accessing resource }. Previously, this rule was throwing violations that were false positives. This was occurring when a SOSL query having an inner query calls the related Object. The Object needs to be checked by using isAccessible() before accessing its data. As per Salesforce documentation, when checking the Access for the inner query object it allows to check by using __c, but while making inner query on related Objects it must be in plural and end with__r. This fix corrects this issue. In this enhancement, the Object is checked by using isAccessible() before accessing its data.

NOTE: We addressed a similar issue related to SOQL queries in a previous release. That update has been extended in this release to also include SOSL queries.

Verified the rule “Field Level Security Vulnerabilities” for the following scenarios:

Rule is throwing the violation if we didn’t check isAccessible for the objects used in inner query.
Rule is not throwing the violation if we checked isAccessible for the objects used in inner query.
REMINDER: In the previous release, we added support for SYSTEM_MODE in this rule. A new parameter has been added, allowing users to choose true or false to include or ignore violations related to SYSTEM_MODE.

We have verified the rule:FieldLevelSecurity for the following Sscenarios:
- Rule is throwing the violation if the object is NOT checked via isAccessible for the methods used in inner query
- Rule is not throwing violation if system mode value is set = “true” (and the object IS NOT checked via isAccessible for methods)
- Rule is not throwing violation if system mode value is set = “false” (and the object IS checked via isAccessible for the methods)

Fixed issue with CodeScan rule to check for special characters in Page Layout Name (for example: : , ( ) ' " - & ) Recently, we added a new rule that checks for special characters used in a Page Layout name (note: Metadata API name: “Layout”). This rule will enforce naming conventions for Page Layouts, which are in line with Salesforce best practices as well as several existing customers’ standards. The aim of this new rule will help identify components for refactoring of current Page Layouts that are incorrectly named. The rule checks layout and layout-meta.xml files for file names that include: - ! @ # $ % ^ & * ? ' : ; ” + = However, we recognize that we inadvertently included hyphen (-) in this special character list. Hyphen should NOT be included because Salesforce automatically adds this special character. This fix removes hyphen in the check for special characters in Page Layout Name.

Release Notes 24.0.9 Tiger

Release Notes Self-Hosted (On-Prem) 24.0.9 (TIGER edition)

September 05, 2024

Summary

CodeScan Self Hosted 24.0.9 is comprised of the following 10 components:

4 Enhancements
3 New Rules
3 Fixes

Component details are listed in their corresponding sections within this document.

Enhancements

1. Feature Enhancement: The “sf.testfile” parameter in project settings UI

Summary: Previously, customers using our Git integration could store their test coverage in their repo branches by using a parameter called sf.testfile (which allows people to add coverage to their code with SFDX JSON outputs).

With this enhancement, CodeScan now allows for the parameter to be configurable at a project level. The addition of this parameter will allow teams that work like this to view the coverage on the CodeScan dashboard. The addition of this parameter notably provides more value for SFDX workflows.

Further details are within the following article: https://knowledgebase.autorabit.com/product-guides/codescan/codescan-integration/codescan-sfdx-plugin/importing-code-coverage-from-sfdx-projects|https://knowledgebase.autorabit.com/product-guides/codescan/codescan-integration/codescan-sfdx-plugin/importing-code-coverage-from-sfdx-projects|smart-link

2. Enhancement to rule “Use the null coalescing operator instead of ternary”

The original aim of this rule is to identify ternary statements and suggest potential use of "??" operator. Previously, CodeScan was checking for ternary statements only.

This rule was originally developed according to common development practices in Salesforce where most usages of this would be in ternary. However, it can be applied in scenarios involving if-else and return statements. As such, we have adjusted the rule to account for these use cases. With this enhancement, CodeScan suggests where null coalescing could be used instead of an “if” block (recognizing that if a developer is already thinking about shortening their code with ternary, then they are likely to be considering null coalescing operator as well).

3. Enhancement to rule: “Validation Rule Must Reference Product”

This existing CodeScan rule was enhanced to be compatible with SFDX.

Please note that this rule update is part of a larger initiative where we are making “validationRules of CustomObject” Compatible with SFDX

All Metadata rules need to be checked that they support both metadata api and sfdx formats of the issue they were built to find.

Metadata pulled with SFDX has a different structure than Metadata pulled with Salesforce’s Metadata API. CodeScan can scan this different structure with some additions to the sf-meta suffixes. However, we need to make sure that the differences are covered within the types of metadata that have these differences. For example, the Object metadata contains all field metadata when pulled from the metadata API. When this is pulled with SFDX, the object and field metadata is separate.

See the following SF article for details of these differences:https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_source_file_format.htm|https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_source_file_format.htm|smart-link

NOTE: This rule is only applicable to nCino customers

4. Enhancement to rule “Misuse of Assert Class”

This CodeScan rule was introduced in Self Hosted version 24.0.8. It is comprised of several parameters. This enhancement ensures that a newly created instance is never null.

With the fix, a violation is now thrown at the line in bold.

Example: public class nullCheck { public void checkOtherClassInstance() { Assert.isNull(new OtherClass()); } class OtherClass { public void doSomething() { System.debug('Doing something in OtherClass'); } } }

(where the parameter associated with this enhancement is nullCheck)

New Rules

New Rule for “Cognitive Complexity” in CodeScan This is a new rule for assessing Cognitive Complexity. Note that we had a previous Cognitive Complexity rule. What’s different is that this rule aims to enhance the understanding of code readability and maintainability by identifying areas where the cognitive load on developers may be high. Hypothesis: By introducing a new rule for Cognitive Complexity assessment in CodeScan, we expect to pinpoint specific code structures and circumstances that contribute to increased cognitive load. This will enable developers to refactor complex sections of code, leading to improved code quality, readability, and maintainability. Basic criteria and methodology: A Cognitive Complexity score is assessed according to three basic rules:
- # Ignore structures that allow multiple statements to be readably shorthanded into one
- # Increment (add one) for each break in the linear flow of the code
- # Increment when flow-breaking structures are nested Additionally, a complexity score is made up of four different types of increments:
  - # Nesting - assessed for nesting control flow structures inside each other
  - # Structural - assessed on control flow structures that are subject to a nesting increment, and that increase the nesting count
  - # Fundamental - assessed on statements not subject to a nesting increment
  - # Hybrid - assessed on control flow structures that are not subject to a nesting increment, but which do increase the nesting count
New Rule for APEX: “Avoid Classes Without Explicit Sharing” New Rule to Enforce Sharing Rules in Classes Summary: Enforce security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.
New Rule for APEX: “IsBlankForNullChecks” This is a new rule that leverages the built-in {{isBlank}} and {{isNotBlank}} methods instead of the {{!=}} and {{==}} operators to check for null or empty values. This approach is especially relevant in programming environments and languages where {{IsBlank}} or equivalent methods are provided for more readable, maintainable, and less error-prone code. Using the {{IsBlank}} method for null checks improves code clarity, reduces the likelihood of bugs, and enhances maintainability compared to using the {{!=}} operator. Developers are less likely to encounter unexpected behavior due to differences in how null and empty values are handled. Additionally, built-in methods like {{IsBlank}} are optimized and tested to handle various edge cases, reducing the potential for errors compared to using the {{!=}} operator. It also makes the code easier to read and understand.

Fixes

Fixed issue in rule “sf:AvoidSoqlInLoops” This CodeScan rule was found to have 2 issues:
- SOQL in the code does not appear to be in a loop, but CodeScan is flagging as a violation
- A violation message is displayed multiple times for the perceived detected violation
The root causes of these issues were identified, and the following enhancements were added:
- Top of Form
- Added condition to check if the method call is matching to the Method name; if not, do not flag as a violationBottom of Form Top of Form
- When checking the nested method call, if the method name matches, only then will it throw a violation.
- Bottom of Form
- Top of Form
- Avoid false positives when a recursive call happens without matching the method name.
Fixed issue in rule “sf:AvoidPublicFields”, where issues being flagged on private classes(which are false positives). The rule sf:AvoidPublicFields identifies when public fields are used, and flags them as issues. Two of the three reasons this rule is important are:
- The internal representation is exposed, and thus cannot be easily changed
- When the value is changed in an unexpected way (for example nulled), the implementation may not handle it correctly
But these are not concerns when those public fields are on a private class. This enhancement adds a private class validation check first, and will not flag the 2 aforementioned issues if the class is a private class.
Fixed issue in rule “sf:FixDuplicateMethods”, where Nested statements were being flagged (which was a false positive issue). Previously, the sf:FixDuplicateMethods rule was throwing violations for nested statements, which is not the intended behavior. Root cause was identified and fixed, and now the rule is working as designed and expected.

Prior Editions

Release Notes 24

Release Notes 24.0.8

CodeScan Self-Hosted

Release 24.0.8

19 July 2024

Rule enhancement for Misuse of Assert Class Included the ability to configure parameters for the "Misuse of Assert Class" rule, specifically for the Assert methods Assert.isFalse, Assert.isNotNull, hard-coded values, and Assert.areEqual, so that user can customize the rule to better fit the coding standards and practices of their project.
Rule Enhancement for “Avoid Using Test.isRunningTest()” {APEX Rule}: Previously, this rule was flagging violations when finding methods written as Test.isRunningTest(). This rule has been enhanced to also flag violations when finding methods written as System.Test.isRunningTest().
Decrease False Positives reported for Rule “sf:FixDuplicateMethods” Summary: CodeScan recognizes that methods should not share the same implementations. As such, the scope of the rule will be limited to methods with actual implementations, rather than including interface method declarations. This means the rule will now focus solely on detecting and addressing duplicate implementations within concrete classes, ensuring that only methods containing executable code are evaluated. Violations reported by this rule will now include details of all duplicate methods affected. This means each violation will list every instance of a method that shares the same implementation, making it easier to identify and resolve duplicated code. These updates will make the rule more precise, and its violation reports more comprehensive, enhancing its effectiveness.
Enhancement to Rule "Field-Level Security" (FLS): CodeScan’s FLS rule did not detect DML methods called when syntax is insert (record), update (record), etc. Instead, FLS was only detecting when “insert record;” syntax was used. We made a parser update within CodeScan and an enhancement to the rule was applied, which corrected the syntax detection.
Enhancement to Rule "Cyclomatic Complexity" Summary: Several enhancements were applied to the rule cyclomatic complexity, including adding the decision points '?', '&&', '||', and 'catch'.
New Rules: CodeScan Polyfill Protection We are excited to announce that CodeScan has been updated with crucial enhancements to address recent security concerns related to polyfills. Recent advisories have highlighted significant threats stemming from polyfills, particularly those distributed via the CDN polyfill.io, which are linked to malware. This update introduces advanced protection mechanisms to ensure your Salesforce environment remains secure.

Here’s how CodeScan is advancing your security:

Configuration Scanning: Our enhanced system now scans the configuration settings of Salesforce components, including Salesforce Sites, Salesforce CORS (Cross-Origin Resource Sharing), and Salesforce CSP (Content Security Policy), to detect any unauthorized calls to polyfill.io domains.
Component Scanning: We are scanning the core Salesforce components that enable developers to build sophisticated, custom user interfaces including Visualforce, Aura, Lightning, and other web components
Package Scanning: Our updated scanning mechanism checks downloaded packages from Salesforce AppExchange to ensure they do not contain insecure calls to polyfill.io domains

Activate the Polyfill rules, Avoid Script References to Polyfill.io, and Avoid Configuration References to Polyfill.io to your custom quality profile to begin using them.

Rule Updates

The 'Hard-Coded Credentials' rule name has been changed to 'Use Named Credentials' for clarity.
'Use Named Credentials' and 'Field-Level Security' rules have updated descriptions highlighting Salesforce best practices and better paths to resolution.

Bug Fixes

Fixed a false positive in the rule 'Avoid using methods getDescribe and getMap inside Loops' when using custom methods with similar names.

Release Notes 24.0.5

CodeScan On-Premises

Release Notes 24.0.5

Release Date: 7 June 2024

New Rules

Rule Name: “Comment All Hardcoded Values” Category: New APEX rule in CodeScan Purpose: Ensure comments are included when using hardcoded values in Apex classes Detail: Ensures any hard-coded values or strings in the code are accompanied by descriptive comments or, alternatively, use constants. This practice enhances code readability, maintainability, and will make it easier for other developers to understand the purpose of these values.
Rule Name: “Use the null coalescing operator instead of the ternary operator” Category: New APEX rule in CodeScan Purpose: CodeScan recommendation to consider replacing ternary operators (? :) for explicit null checks with the Null Coalescing operator (??) where applicable to enhance code performance and clarity. Detail: In Salesforce's Spring '24 release, the null-coalescing operator has been introduced in Apex. This rule will identify where this operator could be used but isn’t being utilized. For further information, please refer to Salesforce Release Documentation - Null Coalescing Operator.
Rule Name: “Use Accessibility Attributes” Category: New Lightning Web Component Rule in CodeScan Purpose: Updating LWCs with certain attributes makes these components more accessible to users of assistive technology. Detail: Accessibility software such as screen readers interpret the elements on a webpage using the title attribute, so specifying a value for components is very important. Salesforce’s ARIA attributes allow accessibility software to gather more information on the state of the page and align with the ARIA standard. For further information, please refer to: Component Accessibility Attributes Accessible Rich Internet Applications (WAI-ARIA)
Rule Name: “nCino Inactive Workflow Rules” Category: New nCino Gold Standard Rule in CodeScan Purpose: Removing inactive, unmanaged workflow rules in a Salesforce instance allows organizations to maintain an organized workflow environment Detail: Removing inactive UNMANAGED workflow rules will streamline workflow processes, reduce confusion among users, and improve system performance. This action leads to a cleaner and more efficient Salesforce instance. Further, removing inactive UNMANAGED workflow rules helps declutter the Salesforce environment, making it easier for administrators and users to navigate and manage active workflows effectively.

Rule Name: “Avoid JavaScript Scriptlets in Aura Components and Apex Pages” Category: New Aura / Lightning / Visualforce Rule in CodeScan Purpose/Detail: JavaScript scriptlets should not be directly embedded within the markup of Aura components or Apex pages. Instead, utilize Salesforce Static resources for including JavaScript code. Using direct <script> tags in components or pages can pose a security risk, increasing the likelihood of cross-site scripting (XSS) attacks. For further information, please refer to: https://developer.salesforce.com/blogs/2023/08/the-top-20-vulnerabilities-found-in-the-appexchange-security-review - The Top 20 Vulnerabilities Found in the AppExchange Security Review MITRE, CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Rule Name: “Exposed Lightning Message Channel” Category: New LWC / Aura / Visualforce rule in CodeScan Purpose: It is recommended to verify instances where the 'isExposed' flag in Lightning Message Channels is set to true. Setting this flag can lead to unintended access to the Lightning Message Service (LMS) API, potentially resulting in unauthorized message publishing and subscribing across components within the Salesforce ecosystem. Detail: This term specifically refers to cases where you have not configured the 'isExposed' flag in Lightning Message Channel to false. Since this provides access to the Lightning Message Service (LMS) API, which lets you publish and subscribe to messages across the DOM and between Aura, Visualforce, and Lightning Web Components, it should be set to false. For further information, please refer to: https://developer.salesforce.com/blogs/2023/08/the-top-20-vulnerabilities-found-in-the-appexchange-security-review
Rule Name: “Utilizing Apex Unit Tests with @IsTest(IsParallel)” Category: New APEX rule in CodeScan Purpose: The annotation “@isTest(isParallel=true/false)” can be set in Apex test classes to indicate whether the particular test can be executed parallelly or sequentially (performance enhancement). Detail: When writing Apex unit tests, ensure that the @IsTest(IsParallel) annotation is set, whether true or false. This keeps the option of running tests in parallel visible through development to optimize test execution times. However, it should only be enabled in scenarios where it adds value without introducing risks or conflicts. Further information: When utilizing Apex unit tests with the annotation @IsTest(IsParallel=true), it's essential to be aware of potential drawbacks to ensure smooth execution and accurate results. Enabling parallel testing with @IsTest(IsParallel=true) may lead to UNABLE_TO_LOCK_ROW errors due to resource competition, which in turn can result in rerunning failed tests in serial mode. Additionally, it's important to note that this setting does not affect change set deployment or package upload processes. By understanding these drawbacks, developers can effectively manage test execution and deployment processes, minimizing errors, and ensuring the reliability of test results.

Fixes

Updated the rule “Avoid duplicate conditions in "if"/"else if" and "switch" statements to eliminate dead code." Detail: In the Initial implementation, the "if/else-if" statements and the nested "if/else-if" statements present within them were not allowed to have duplicate conditions. Now only the related "if/else-if" statements are checked for duplicate conditions, without considering the nested "if/else-if" statements present within them. Value: The same conditions can cause duplication and lead to dead code in statements such as "if"/"else if" and "switch." This issue often occurs due to a copy/paste error. In the best-case scenario, it results in dead code that serves no purpose, but in the worst-case scenario, it introduces bugs that may propagate as the code is maintained, potentially leading to unexpected behavior.

Updated the documentation and example on rule “API Version is Too Old” to: “This rule identifies visual force pages which are using older versions of the API. Change the API Version of this visual force page.” Reason for change: The description and example needed to be updated for the rule.

Release Notes 24.0.4

CodeScan On-Premises

Release Notes 24.0.4

Release Date: April 2024

Rules & Fixes

This update introduces several new rules and bug fixes for current rules. This includes:

Improved the CodeScan parser as it relates to Visual Force. Specifically, the parser had some issues recognizing parts of Aura code (for example, with components (cmp), the parser was unable to recognize divs and spans across multiple lines). With this release, we have corrected these issues and verified that the Visual Force parser for .cmp, vf, xml, and .page files are all parsed properly. Further, CodeScan users can successfully see these issues after analysis.
Fixed a NullPointerException with the Apex rule “Null Coalescing Operator.”
Apex Rules:

Duplicate method implementations: Methods should not share the same implementations. To prevent duplication and confusion, avoid using two methods with identical implementations.
Code length: Lines should not be too long in APEX. Limiting the length of code lines enhances code clarity and readability by reducing complexity and improving quick understanding.
System.runAs to test user permissions: To ensure accurate and realistic testing of user permissions, it is crucial to utilize System.runAs during test execution, ensuring logic is tested in the same context in which it will run.
Relative Salesforce URLs: Salesforce pages should use relative URLs, as code using absolute URLs for Salesforce pages will break in different environments.
“If ... else if” should have “else” case: Include a default case using an "else" statement at the end of "if" and "else if" clauses to handle all conditions and provide code clarity.
Limit case clauses in switch statements: Using a large number of case clauses in switch statements creates complex, difficult-to-read code.
Avoid Identical Expressions on Both Sides of a Binary Operator: When both sides of a binary operator have identical values, the condition will always give the same result.
Avoid Sending Emails in Loops: Avoid using Messaging.sendEmail within loops to prevent exceeding Salesforce governor limits and to enhance application performance.
Avoid duplicate conditions in "if"/"else if" and "switch": When the same conditions are used in statements like "if"/"else if" and "switch", it can lead to duplicate or dead code.
API Versions 7.0 through 20.0 Retirement: The retirement of older Salesforce Platform API versions (7.0 through 20.0) after the Summer '22 release is a critical step to ensure the continued smooth operation of Salesforce applications.
Avoid using methods getDescribe and getMap inside Loops: The ‘getDescribe’ and ‘getMap’ methods typically involve fetching metadata information for objects and fields. Invoking them inside loops can result in unnecessary overhead.

Assertion Rules:

Use Assert.areEqual instead of Assert.isTrue: This rule detects Unit test assertions in object references equality. Instead of using Assert.isTrue as an equality check, these assertions should be made by more specific methods, like Assert.areEqual.
Use Assert.isTrue instead of Assert.areEqual: When asserting a value that is the same as a Boolean literal, use Assert.isTrue, instead of Assert.areEqual.
Use Assert Equals Instead of Boolean Equality Assertion: This rule detects unit test assertions in object references equality. Instead of using Assert.isTrue combined with "==" as an equality operator, these assertions should be made by more specific methods, like Assert.areEqual (expected, actual).
Unit Assertions should include a Message: Unit assertions should include a message. In other words, use the three-argument version of Assert.areEquals(), not the two-argument version.
Unit Test Method Contains Too Many Asserts: Unit tests should not contain too many asserts. Many asserts are indicative of a complex test, for which it is harder to verify correctness. Consider breaking the test scenario into multiple, shorter test scenarios. Customize the maximum number of assertions used by this Rule to suit your needs.
Non-Unit Test Methods Should Not Contain Asserts: Asserts should only be used in test methods.
Misuse of Assert Class: Assert Class can be misused if not applied correctly. To ensure the correctness of our code and avoid common pitfalls, establish best practices for its usage.
Use Messages in Assert Statements: Ensure that messages are included when using the assert method with the message parameter to improve code quality and make it easier to identify the cause of failures during testing and debugging.
Consider Using Assert in place of System.Assert: This new class aims to enhance the readability and maintainability of test code for developers. It is preferable to use Assert in your tests instead of older System.Assert methods.

LWC Rules:

Enable Salesforce Lightning Web Security (LWS): Enabling LWS ensures that the Lightning components within our Salesforce instance are executed in a secure and controlled environment, reducing the risk of potential security vulnerabilities.

SF Meta:

Adopt the ICU Locale Formats instead of JDK locale formats: Salesforce is retiring the JDK locale formats with the Spring ’24 release. ICU is the new standard enforced in API version 45. Make sure your custom code does not use JDK locale formats and instead uses locale-neutral methods.
Set Flows to Auto Layout: Implementing auto-layout for your flows helps designers modify layouts more quickly, allowing them to iterate on their designs with greater speed. It ensures elements are perfectly aligned and evenly spaced, improving readability in complex Flows.
Potential Overuse of Rollup Summaries: Ensure compliance with Salesforce's limit of 25 roll-up summary fields per object to prevent potential issues arising from exceeding Salesforce platform limits.

Improvement was provided on how to fix for the "Deserializing JSON is Security Sensitive" rule.
We provided a fix on the "sf:AvoidUsingHardCodedId" rule not detecting hard-coded IDs as expected.
Wrongly identified violations in specific scenarios were fixed for the "Comments are Required" rule.
The rule "sf:AvoidPublicFields" was updated to exclude public fields with the @InvocableVariable annotation.
We provided a fix for the rule's missing root element in "RuleSet."
We provided a fix for the "Consider removing inactive flows" rule not working correctly.

Release Notes 24.0.1

CodeScan Self-Hosted

Release Notes 24.0.1

This update introduces several new rules and bug fixes for current rules and the CodeScan analysis.

Flow Rules

There are 19 new rules for Salesforce flows:

Inactive flows should be removed: Inactive flows may cause clutter in the Salesforce org. In extreme cases, they can begin to hit the organization’s limits. These should be removed if not being used.
Avoid Large Flows: Too many nodes can cause your Flow to become complex and unmanageable. Consider using Subflows to make your Flow logic reusable and scalable.
DML statements should not be included in the loops: SOQL and DML in Salesforce are bound by “Governor Limits.” If a large number of SOQL and/or DML calls are made in a short amount of time, you can run into a Governor Limit Exception. This rule minimizes the chances of this happening by letting users know when they are calling these in a loop.
Avoid creating nested loops in Flows: Nested loops within your Flows can cause them to become unreadable, inefficient, and complex. Consider using Invoked Actions to clean up complex Flows.
Document Flows and the Flow components: Flows should have adequate documentation. Any Flow elements without a description should have a violation thrown independently.
Avoid Hard-Coded Values in Flows: Hard-coded values in Flows can lead to unexpected output and make maintenance difficult. Instead, Get Records can be used for the respective object using the DeveloperName. If you’re creating criteria in an entry condition, you can reference DeveloperName (API Name) fields with a formula.
Flows Should Include Fault Paths: Fault paths are a way to handle errors that may occur in your Flow. Depending on the Flow and its purpose, errors can be logged, show an error screen, or send an email of the failure to a group of users. Flows should include Fault paths to ensure that all errors are handled appropriately.
Flow Naming: Standardized naming conventions allow an organization's Flows to be clean, maintainable, and readable. This rule enforces standard naming conventions for Flows and Domains.
Flow Variables & Resources Naming: This rule enforces standard naming conventions for Variables, Formulas, and Choices.
Flow Interaction Naming: This rule enforces standard naming conventions for Screens, Actions, and Emails.
Flow Logic Naming: This rule enforces standard naming conventions for Decisions, Assignments, and Loops.
Flow DML Naming: This rule enforces standard naming conventions for DML operations (Query, Update, Create, Delete).
Migrate Workflows and Processes to Flows: Process Builders and Workflows are being phased out over the coming year. In Winter '23 the ability to create new Workflows is being turned off, in Summer '23 the ability to create new Processes with Process Builder was turned off. It is recommended that these Processes and Workflows be migrated to Flows.
Use Fast Field Updates: If a Flow is only updating the record that triggered it, it should be using the Fast Field Updates option. This can be up to 10 times faster than the more flexible Actions and Related Records Flow.
Get Records Should Be Filtered: This rule mandates the usage of at least one filter in the Data element "Get Records" within Salesforce Flows. Enforcing this rule will encourage flow designers to think critically about their data retrieval needs and apply relevant filters, reducing the risk of performance bottlenecks and unoptimized queries.
Unused Flow Variables: Consider removing unused Flow variables to increase performance and readability.
Missing Null Handler After Get Records in Flow: By implementing a decision element to validate the result of the Get Records operation, you can proactively identify and handle cases where no data is retrieved. This allows you to avoid potential null reference errors and prevent unexpected crashes or data processing issues.
Duplicate DML operations in Flows: This rule aims to avoid potential issues caused by duplicate database operations that might occur if users go back and forth between screens, triggering the same actions multiple times.
Flows API Version Is Too Old: This rule identifies flows that are using older API versions. Consider updating the API versions of any flows found.

Bug Fixes:

Rule Misfire fixed: Corrected Apex code incorrectly detecting TODOs.
Fix provided for the rule “Avoid Using Hard Coded Credentials for Authentication”: Regex updated.
Xpath added for the rule "SOQL Injection possible" to cover the public and class-level variables.
License Key Update: The license has been updated and will now be associated with specified projects.
Parser issue fixed on the rule: “Avoid Untrusted/Unescaped Variables in DML Query."
A new rule parameter, allowList, added to the rule “Track Usage of @SuppressWarnings.”
Apex Parser Update for Null Coalescing Operator: There will be no parsing error when ?? is present in Apex code.

CodeScan for Government

CodeScan for Government

CodeScan for Government is a secure, compliance-focused solution designed to meet the unique needs of public sector Salesforce environments. Built with enhanced security protocols and governance in mind, it empowers agencies to maintain code quality, enforce standards, and reduce risk across their DevOps pipelines.

Please note: Access to CodeScan for Government release notes is currently limited to government license holders only.

nCino Release Notes

Release Notes 25.2

nCino + DL - 25.2.12 Release Notes

Release Date: 06 July, 2025

Job Comment Retention

An issue where the Job Label would overwrite the existing Job Comment during job edits has been resolved. The comment field will now retain its original value unless explicitly modified by the user.

RBC Deployment Templates Accuracy

The logic for handling RBC Deployment Templates has been refined. The system now correctly accounts for omitted templates and accurately calculates the count of selected templates, ensuring consistent and reliable template tracking.

Rollback Execution Stability

Enhancements have been made to ensure that rollback operations, even when triggered on the nth iteration, execute seamlessly without disruptions.

Version Control CI Jobs Ordering

The display order of CI Jobs under Version Control has been improved. Jobs are now consistently sorted by their Modified Date, ensuring that the most recently updated jobs appear at the top of the list.

Selected Templates Preservation

In the CI Job configuration, the order of templates within the Selected Templates section is now preserved as per the user’s arrangement. This ensures better clarity and user-defined control over template sequences.

Triggered Date Population

A fix has been applied to ensure that the Triggered Date field is correctly populated whenever a job is initiated. This resolves earlier inconsistencies and supports accurate build history tracking.

nCino + DL - 25.2.11 Release Notes

Release Date: 29 June 2025

CI Job Failure Resolved an issue causing CI job failures due to improperly rendered template objects. The fix ensures templates are now rendered correctly, allowing jobs to execute successfully.

CI Job Baseline Revision Implemented a fix to ensure the rollback mechanism for CI job baseline revisions functions as expected, maintaining consistency and stability during version changes.

nCino + DL - 25.2.9 Release Notes

Release Date: 15 June 2025

DL Job Execution Stability

A fix has been implemented to ensure that DL job executions complete without errors, improving overall job reliability and system stability.

Post-Deployment Status Tracking

Enhanced the tracking mechanism to accurately reflect both cumulative and individual statuses of deployment jobs, including those targeting post-deployment ORGs.

Salesforce API Upgrade

Upgraded the Salesforce integration to use the latest API version 64, ensuring continued compatibility and access to the newest platform features.

Trigger Build on Commit

Resolved an issue where builds were not reliably triggered upon commit. The trigger-build-on-commit functionality now operates seamlessly and consistently.

nCino + DataLoader 25.2.8 Release Notes

Release Date: 08 June 2025

Validation Rules Activation Resolved an issue where enabling validation rules was not functioning consistently.

Rollback Object Configuration Fixed a bug to ensure object configuration data is loaded without discrepancies during rollback.

Job Group Cloning Addressed issues to ensure job group cloning now completes reliably.

CI Job Baseline Revision Corrected an error encountered during CI Job baseline revision selection.

nCino + DataLoader 25.2.7 Release Notes

Release Date: 01 June, 2025

API Refactoring

Refactored core APIs to align with industry best practices, enhancing performance, scalability, and maintainability across the platform.

User Permissions

Standardized user permission handling across both nCino and DataLoader. Users now have access strictly based on their assigned roles and permissions, ensuring better access control and security.

DL PRO Job Execution Notifications

Enhanced job execution flow so users will now receive notifications only upon completion of DL PRO jobs, reducing noise and improving clarity in system alerts.

DL PRO Filters Persistence

Addressed an issue where filters were reset after being edited. Filters now persist correctly post-edit, ensuring a seamless user experience during job configuration.

DL PRO Job Execution Stability

Resolved an IndexOutOfBoundsException occurring during DL PRO job execution. The fix ensures more stable and error-free job runs moving forward.

nCino + DataLoader 25.2.6 Release Notes

Release Date: 25 May, 2025

Fix on Rollback

A comprehensive fix has been applied to ensure rollback functions correctly across all scenarios without failure.

CI Job Code Fix

Resolved discrepancies in CI job execution. All triggered actions are now accurately reflected, ensuring reliable and traceable job status.

nCino + DataLoader 25.2.5 Release Notes

Release Date: 18 May, 2025

Post-Deploy ORGs Selection

Introduced a validation that prevents selecting post-deployment ORGs unless the main ORG is selected, enhancing deployment integrity.
Fixed an issue where rollbacks for parallelly triggered ORGs did not behave as intended.
Resolved a bug ensuring post-deployment ORG statuses are now independently tracked and are not tied to the destination ORG’s status.

CI Job Fixes

Addressed an issue where failed CI jobs remained stuck in the queue.
Applied a fix to prevent CI jobs from staying queued for extended periods, ensuring timely job execution.

nCino + DataLoader 25.2.4 Release Notes

Release Date: 10 May, 2025

Rollback Behavior Improved

Rollback operations now skip any undeployed changes introduced after deployment edits, ensuring only successfully deployed components are eligible for rollback.

nCino + DataLoader 25.2.3 Release Notes

Release Date: 4 May, 2025

Post-Deployment ORG Rollback

Users can now select specific ORGs used during post-deployment for targeted rollback actions.

Individual Template Rollback

Introduced support for rolling back individual templates, giving users finer control during remediation.

nCino + DataLoader 25.2.2 Release Notes

Release Date: 27 April, 2025

Data Transfer Fix

Resolved an issue causing data transfer failures. Uploaded files are now reliably processed without interruption.

nCino + DataLoader 25.2.1 Release Notes

Release Date: 20 April, 2025

Template Creation Fix

Implemented a fix to ensure template creation with multiple buckets is stable and error-free.

CI Job Execution Fix

Resolved an issue causing CI jobs to fail. Jobs now execute successfully under all expected conditions.

Release Notes 25.1

nCino + Data Loader 25.1.4 Release Notes

Release Notes: 27 April 2025

Enhanced Special Character Handling: The logic has been improved to ensure all required special characters are properly supported during processing.

nCino + Data Loader 25.1.3 Release Notes

Release Date: 6 April 2025

Enhanced Job Prioritization in Queue: The queue functionality has been enhanced to allow users to prioritize jobs effectively. Users can now rearrange jobs based on priority, and the updated job order will be saved persistently in the queue, ensuring execution follows the defined priority.
VC Code Performance Optimization: Refactored the VC code to enhance performance and efficiency, ensuring smoother execution and improved system responsiveness.
Improved Circular Reference Handling: Fixed an issue to ensure circular references are correctly identified and not ignored during processing, improving data integrity and system stability.
Source ID Column Visibility Fix: Resolved an issue where the "Source ID" column was not visible on the results screen. The column is now correctly displayed to ensure complete data visibility.

nCino + Data Loader 25.1.2 Release Notes

Release Date: 9 March 2025

Optimized Field Extraction: nCino introduced an enhancement that optimizes the field extraction process during data retrieval. Previously, Data Loader Pro fetched all available fields from an object during extraction, which could lead to unnecessary data processing and performance inefficiencies. Data Loader Pro now retrieves only the fields explicitly mapped by the user.
Data Loader Performance Improvement
- Enhanced Object Selection: Newly identified objects during job execution are now included only if the selected child objects have Master-Detail parents apart from the master object, preventing unintended inclusion of lookup relation parents.
- Database Persistence: Any newly identified objects during job execution are now saved to the database for future reference.
- Improved Error Handling: If an exception occurs, the job status is now set to "Failed" instead of "No Records," ensuring accurate job execution tracking.
- AutorabitExtId__c Validation: The system now verifies whether AutorabitExtId__c exists and ensures it is marked as "External Id" and "Unique," automatically setting it to true if necessary.

nCino + Data Loader 25.1.0 Release Notes

Release Date: 23 February 2025

Increased Unit Coverage for Data Loader & Data Loader Pro: Expanded unit test coverage to enhance efficiency in nCino & Data Loader.
Data Loader API Migration: SOAP to REST: Converted Data Loader APIs from SOAP to REST for improved performance and maintainability.
Performance Optimization: Enhanced job execution performance for faster processing.
Data Consistency Fix: Resolved an issue to ensure reliable and consistent data transfers.

Release Notes 24.4

nCino + Data Loader 24.4.5 Release Notes

Release Date: 19 January 2025

Group Jobs Stability: Fixed an issue to ensure group jobs execute without failure.
Import Process Stability: Resolved an issue to prevent failures during the import process.
Rollback Functionality: Fixed the rollback functionality on the nCino UAT instance to ensure it works as expected.

nCino + Data Loader 24.4.4 Release Notes

Release Date: 13 December 2024

Revision Range: Improved the checkout logic for the revision range to enhance performance.
Fixed Query Logic: Resolved an issue with adding conditions to queries.
Template Failure: Fixed the issue causing failures in the "nCino Template."
Publish Icon: Ensured the publish icon is visible for "nCino Customers" on the "Feature Template Manage" screen.

nCino 24.4.3 Release Notes

Release Date: 24 November 2024

The following enhancements ensure compliance, improve flexibility, and streamline the user experience.

CI Job Backup: CI job rollback backups have been further streamlined and organized to ensure compliance standards are met.
nCino RBC Deployment Options: Customers can now verify and configure the required externalID during RBC deployments, improving flexibility and control.
Trigger Build on Commit: Scheduling conflicts are now resolved when the "Trigger Build on Commit" option is enabled, ensuring seamless automation.
nCino Step Logs: nCino step logs have been enhanced to provide additional details, improving visibility and troubleshooting capabilities.

nCino 24.4.2 Release Notes

Release Date: 10 November 2024

The following enhancements include an upgrade for version compatibility and fixes to improve user experience and streamline performance.

Salesforce Winter '62 Compatibility: Upgraded nCino to support the latest Salesforce Winter '62 release.
RBC Fixes: Resolved issues with RBC deployments and commits for improved reliability.
Feature Version Loading: Fixed loading issues with the Feature Version page for a smoother experience.

nCino & Data Loader Release Notes 24.4.1

Release Date: 27 October 2024

The following features, enhancements, and fixes have been implemented to improve user experience and streamline performance.

Auto Trigger nCino Jobs
Enabling “Auto Trigger on Commit” in CI Jobs now automatically starts jobs with each new version control commit, streamlining workflows and eliminating manual triggers.
Rollback Error
A rollback failed due to an issue with the selected baseline revision. Verify the baseline selection to proceed.
OwnerID Record Error
The ID of the user who created the record will be retained in the destination records.

Release Notes 24.3

nCino Release Notes 24.3.2

Release Date: 22 September 2024

Default Sorting by ExternalID for CI Jobs The sorting structure for "CI Jobs" has been updated. From now on, the ExternalID will be selected by default for sorting, replacing the previous selection of LookupKey.
CI Job Deletion When a CI job is deleted, the process now ensures that all associated resources are efficiently managed, helping to optimize storage usage.
ExternalID Populated in Single Data Loader The Single Data Loader will automatically populate the ExternalID field, streamlining the data entry process and ensuring consistency.
Disable Delete Button for In-Progress Jobs The delete button will now be grayed out and disabled for any In-Progress CI jobs, preventing accidental deletions during the execution process.

nCino Release Notes 24.3.1

Release Date: 10 September 2024

The following features have been enhanced to facilitate user productivity, simplify tasks, and perform selections more easily.

UI Improvements for VC Baseline Revision The user interface for the VC Baseline Revision has been enhanced to improve usability and navigation.
Download Option for Selected Records A new provision allows users to download selected records directly from the interface, simplifying data management.
"Select All" Option in Feature Type A "Select All" option has been introduced in the Feature Type selection, making it easier to select multiple items at once.

Release Notes 24.2

nCino Release Notes 24.2

09 September 2024

Ability to Download CI Job Backup Snapshot Users can now seamlessly download the entire backup snapshot of CI Jobs, providing quick and easy access to crucial data. Please refer to the for more information.
Support for Post Deployment ORGs in Rollback We’ve added support for including Post Deployment Orgs in rollback processes. This enhancement ensures seamless rollback operations, maintaining environment consistency and control during deployments. Please refer to the for more information.
Skip Records Functionality Enhancement The Skip Records functionality has been improved by replacing the icon with a checkbox. Please refer to the for reference
Depicting Fields Excluded from Compare and Identifying Record Differences Between Environments Fields excluded from the compare operation are now clearly depicted, helping users focus on relevant data. Differences between records across environments are highlighted for quicker, more accurate assessments.
Option to Delete CI Jobs in Queue Users can now delete CI jobs directly from the queue, giving them greater control over their CI pipelines. This feature optimizes resource usage by allowing the removal of unnecessary or outdated jobs.

Release Notes 24.1

nCino Release Notes 24.1

Release Date: 16 June 2024

Overview

nCino 24.1 is a major release that encompasses the following release items:

nCino Compare Functionality
Enhanced Data Loader Pro Job Configuration
Exclude the OwnerID from Automapping in nCino CI jobs
Data Loader Pro Job Run Options in Configuration
Triggering nCino CI Jobs Using REST API
Select external unique identifier During nCino Feature Deployment

New Features

nCino Compare Functionality
Overview: This provides users with enhanced control and insight into the deployment of nCino Record-Based Configurations (RBC). Application: The nCino RBC Comparison Tool allows users to effortlessly compare RBC configurations between those ready for deployment and those already existing in the target environment. This comparison ensures that users can identify discrepancies, confirm consistency, and make informed decisions before finalizing deployments. Benefit: This tool addresses the need for a reliable method to ensure consistency and accuracy in RBC deployments, reducing the risk of configuration errors and streamlining the configuration management process. Further documentation: For more detailed information, please refer to our
Enhanced Data Loader Pro Job Configuration Overview: To provide users with greater flexibility and control over the data loading process by allowing the users to enable and disable the validation rules, workflow rules, and triggers.
Application: Users can now enable or disable validation rules, workflow rules, and triggers as part of the Data Loader Pro job configuration. This feature allows users to leverage pre-configured selections during the scheduled execution of the job, ensuring that the data-loading process adheres to their specific requirements.
Benefit: Enhances flexibility and control over the data loading process, enabling users to customize job configurations to meet their unique needs and reducing the risk of unintended rule or trigger executions.
Further documentation: For more detailed information, please refer to our .
Triggering nCino CI Jobs Using REST API Overview: Customers can now trigger nCino CI (Continuous Integration) jobs using the provided API endpoints.
Application: This enhancement simplifies and automates the Continuous Integration (CI) process for nCino users by allowing them to trigger CI jobs through REST API calls. With this capability, users can integrate CI job execution seamlessly into their existing automation workflows or CI/CD pipelines. By leveraging API endpoints, users gain greater flexibility and control over the CI process, enabling efficient and consistent integration testing and deployment.
Benefit: Addresses the need for streamlined and automated CI processes by providing customers with the ability to trigger nCino CI jobs via API endpoints. This enhancement improves efficiency, reduces manual intervention, and enhances the overall CI experience for users.
Further documentation: For more detailed information, please refer to our .

Enhancements

Exclude the OwnerID from Automapping in nCino CI jobs
Overview: Users can now disable the auto-mapping of ownerIDs between environments within the application.
Application: This new option allows users to prevent the automatic mapping of ownerIDs during record-based configuration migration. This is particularly useful in scenarios where developers in lower environments, such as a development sandbox, have the necessary privileges to own configuration records but lack similar access in higher environments like QA or production. By disabling auto-mapping, users can manually set appropriate ownerIDs, ensuring a smoother and more controlled migration process.
Benefit: Helps avoid issues encountered during record-based configuration migration due to limited access to record owners in higher environments. This enhancement ensures that migrations do not fail or cause access-related issues, improving the reliability and consistency of deployments across different environments.
Further documentation: For more detailed information, please refer to our .
Data Loader Pro Job Run Options in Configuration
Overview: All job run options can now be configured when creating a job in Data Loader Pro.
Application: This enhancement allows users to set all desired job run options at the time of job creation, providing greater customization and control over Data Loader Pro job executions. These configurations are preserved for the scheduled execution of the jobs, ensuring that each job runs with the specified settings without the need for manual adjustments before each execution.
Benefit: Enhances customization and control over Data Loader Pro job executions and ensures that job settings are consistently applied during scheduled runs, reducing the risk of errors and improving efficiency.
Further documentation: For more detailed information, please refer to our .
Select External Unique Identifier During nCino Feature Deployment
Overview: Users now have the option to select the external unique identifier instead of AutoRABIT external ID for deployments.
Application: This enhancement provides users with the flexibility to choose an external unique identifier for deployments, rather than relying solely on AutoRABIT's external ID. This feature ensures accurate data transfer and eliminates the risk of record duplication by allowing users to select an identifier specific to their environment or requirements, such as an external system ID or a custom unique identifier. Users can now confidently deploy data outside of AutoRABIT or in refreshed sandboxes without encountering issues related to record duplication.
Benefit: Addresses the potential for record duplication when transferring data outside of AutoRABIT or deploying default data in refreshed sandboxes. By enabling users to select an external unique identifier, this enhancement mitigates the risk of duplication and ensures data integrity during deployments.
Further documentation: For more detailed information, please refer to our .

Release Notes 23.1

nCino Release Notes 23.1

September 2023 Version 23.1 – Streamlined CI/CD and Enhanced Control

We're thrilled to introduce a series of exciting enhancements to elevate your nCino experience. Get ready for:

1. Precision Deployment: Define your baseline revisions and effortlessly trigger builds for new revisions, enabling delta deployments. Package multiple commit revisions together for swift Record-Based Configuration (RBC) deployments.

2. Multi-Sandbox Mastery: Seamlessly deploy nCino CI builds to multiple target sandboxes, with the flexibility to choose up to 5 organizations per job. Say goodbye to redundant job creations for the same deployment across multiple Orgs.

3. Effortless Job Management: Our revamped CI job flow guides you directly to the ‘Job List’ page, streamlining your experience. A simple ‘Run’ button on this page empowers you to initiate jobs effortlessly.

4. Rollback Assurance: Take control of your nCino RBC deployments with our rollback feature. Capture snapshots before deployment and confidently revert your Org to its prior state if needed.

5. Access + Validation: We've renamed 'Applied Mappings' to 'External ID Mapping' for clarity. Plus, enjoy peace of mind with automated validation, ensuring your access to objects and essential external ID fields.

6. Post-Deployment Insights: Keep a finger on the pulse of post-deployment activities. The ‘Post Deploy Details' section provides consolidated updates for multiple Orgs. Dive deeper with 'View Details’ to explore Orgs and their records effortlessly.

Release Notes 22.3

March 2023 - Version 22.3 (nCino)- Key Features and Enhancements

Date of release: 05 March 2023 Article last updated: 05 March 2023

Key Features

1. Specify baseline revision in continuous integration for version control

With this nCino release, we've added a new option called Version Control to facilitate deployment. The users will now be able to define a starting point from which commit needs to be picked for the range of revisions to be deployed via Continuous Integration (CI) jobs. The key features are:

The user will be able to trigger builds for new revisions (delta deployments).
The user will be able to select baseline revisions as a starting point for CI jobs.
The user will be able to group all commit revisions together to run dataloader operations at once.

Read more →

2. Reuse the package from the build and deploy in multiple Salesforce environments as post-deployment success activity

As a post-deployment success activity, we've provided the ability to reuse a package from a single build from a single CI job to deploy the same data in various Salesforce environments.

While using the current nCino implementation, the user must create multiple CI jobs, one for each destination org, in order to build data from the same repository and branch and deploy it to multiple salesforce environments. This results in repeated effort in building from the same source and defining the same job over and over again merely to choose a different destination, making it difficult to manage several CI jobs. With this new functionality, the user can build once and reuse it for deploying to multiple Salesforce orgs using a single build from a CI job.

The key features are:

Reduced effort in redefining the CI jobs with the same source multiple times.
Reduced time to deploy to multiple environments from the same source.

Read more →

3. New 'Spreads Schedule Template' tile in Feature Creation screen

New objects, such as Schedules and Debt Schedules, were introduced with the latest nCino version release.

All of them are part of the Spreads Schedules group. To include all these objects under a single umbrella, we added a new tile called Spreads Schedules Template.

The Spreads Schedules Template template includes the following objects:

LLC_BI__Underwriting_Bundle__c
LLC_BI__Spread_Statement_Type__c
LLC_BI__Spread_Statement_Record__c
LLC_BI__Debt__c
LLC_BI__Debt_Schedule__c
LLC_BI__Schedule__c
LLC_BI__Schedule_Section__c
LLC_BI__Schedule_Entry__c

Read more →

Enhancements

1. Salesforce Spring '23 (API version 57.0) Support

To keep our product up to current with the most recent Salesforce upgrades, AutoRABIT supports the most recent API 57.0 version in this release. The most recent API version is aimed for customising the metadata schema and developing tools to manage it.

Read more →

Release Notes 25.0

Vault Release Notes 25.1.3

Release Notes: July 09, 2025

Archival Job Enhancement
Previously, the archival job retained additional information even after the configured data retention period had expired. This behavior has now been updated: expired data is fully cleared, ensuring more efficient resource utilization and improved system performance.
Backup Job Reliability Improvement
Resolved an issue where backup jobs processing millions of records would experience timeouts, leading to excessive and unproductive retries without successfully retrieving data. The underlying cause has been addressed to ensure more stable and efficient backup operations at scale.
Optimized Metadata Handling in Restore
The system's capability to process metadata has been improved by increasing the number of files it can handle concurrently. This ensures smoother and more efficient metadata restore operations.

Vault Release Notes 25.1.2

Release Date: July 02 2025

New Archive Enhancement: Disable Automation Rules
Vault now allows users to disable Salesforce automation rules during the archiving process. This improvement helps ensure a smoother and more reliable archival experience by preventing interference from active automation rules. As a result, users can expect fewer errors and increased stability during archival operations.
Selective Record Download for Backups and Archives
Users can now filter and download specific records from a backup or archive, enabling targeted data access without the need to browse through the entire dataset. The downloaded files are easily compatible with common tools like Excel, allowing for quick and convenient analysis of only the required information.
Improved Export Stability for Large Datasets in Compare Module
A fix has been deployed to enhance the reliability and performance of the export functionality in the Compare module. Users can now expect a smoother experience when exporting large datasets, especially during bulk compare operations.
Enhanced Event Logging for Improved Traceability and Integration
The event logging system has been upgraded to provide greater detail and reliability, enabling seamless analysis and traceability of system activities. Logs are now more easily integrated with tools like Splunk, streamlining monitoring and audit workflows.
Schema View Usability Fix: Easy Copying of Object Names
A fix has been implemented to allow users to easily copy object names while viewing the schema. This enhancement improves usability and efficiency, making it more convenient to reference or reuse object names during configuration or documentation tasks.

Vault Release Notes 25.1.1

Release Date: 18 June 2025

Backup Optimization: Streamlined the object processing logic within the backup module to improve performance and reliability.
Dynamic Pagination for Replication Config: Introduced dynamic pagination during replication config creation, ensuring better scalability and responsiveness.
Improved Alert Search: Optimized the search functionality in the Alerts section for quicker results and enhanced user experience.
Accurate Backup Duration Calculation: Fixed an issue to ensure backup durations are now calculated and displayed correctly across all jobs.
Performance Improvement – Replicate Job Optimization: Resolved a performance bottleneck in the replicate job process by identifying and addressing a delay issue. This enhancement improves execution speed and overall system efficiency.

Vault Release Notes 25.1

Release Date: 04 June 2025

Vault Compare Enhancements: Enhanced the user experience with easier navigation to specific fields and more intuitive change review capabilities.
Enhanced Scheduler Architecture: Improved tracking and queuing of jobs for more efficient and reliable execution.
Additional Validations During Cloning of Replicate Jobs: Introduced environment validation checks to alert users of any missing metadata before initiating the cloning process of replicate jobs.
Synthetic Backup: Full backups now utilize delta changes from the previous successful full backup, significantly reducing backup duration.
Improved Salesforce Session Management: Improved session management to prevent inactivity during long-running jobs and enhanced API call tracking for greater accuracy.
Scheduler Distribution: Moved the scheduler to an external server to better manage processing load distribution.
Performance Enhancements: Optimized data retrieval logic to improve performance across backup and archival operations.
Replicate & Restore Performance: Optimized the data loading process, significantly improving replicate and restore performance.
Restore Logic Update: Refined logic to more effectively prevent duplicate record creation, ensuring more reliable and consistent restore operations.
Salesforce Winter ’25 Upgrade: Upgraded the Salesforce integration to support the latest Winter ’25 API version.
S3 Policy Management: Improved S3 configuration checks to surface errors early during Vault account setup.
Tomcat Upgrade: Upgraded Tomcat version 10 to 11 for improved security, performance, and standards compliance.
Vault Data Masking: Improved pattern recognition in specific data types to ensure accurate masking while preserving the original format required for valid data representation.
Restore UI Label Updates: Updated restore flow labels:
- “Restore Now” is renamed to “Create Restore Job”
- “Trigger Restore” is renamed to “Review and Restore”
- “Selected Data to Restore” popup is renamed to “Restore Summary”
Big Objects Support: Implemented support for backing up Big Objects.
Knowledge Article Replication: Enhanced owner ID handling to prevent errors caused by owner mismatches, ensuring smooth and accurate replication of knowledge articles.

Release Notes 24.0

CodeScan Cloud

Release Notes 24.0.14

Release Date: 04 December 2024

Summary

CodeScan 24.0.14 is comprised of the following eight components:

2 Enhancements
2 New Rules
4 Fixes

Component details are listed in their corresponding sections within this document.

New Features

There are no new features associated with this release.

Enhancements

Added “Project Search” in CSV Export Customers with a large number of projects were experiencing a UI issue with the export feature: users who wanted to export issues in CSV format were only able to see the first 100 projects on the list. In this release, we have addressed this issue by adding a search function in the drop-down list to allow users to search for the name of the project they wish to export.
We verified the added “Project Search” on CSV Export page for multiple scenarios including:
1. Verified search option functionality with the drop-down list of projects:
2. Verified the drop-down list shows 20 of the most recently scanned projects by default.
Updated the message for Security Hotspot Status “Exception” We recently added a new status type for Hotspots (status = “Exception”). Its intent is to serve as a more accurate status than 'Acknowledged' or 'Open' for issues being treated as exceptions. When we first delivered an “Exception” status, the associated message was: “The code has been reviewed and does not pose a risk currently. Further review is needed at a later date.” Based upon numerous client suggestions, we have enhanced the message to read: "The issue has an approved exception and will be re-reviewed until mitigated or upon exception expiry.”

New Rules

New Rule for LWCs: “API Version Is Too Old” This is a new rule to ensure that all Lightning Web Components (LWCs) are using an acceptable API version (including the most current API version). Using outdated API versions can lead to compatibility issues, missed opportunities to leverage new features, and potential security vulnerabilities. This rule aims to streamline the process of identifying and updating LWCs to the latest API version. We recognize that by identifying and updating LWCs to the latest API version, developers are able to maintain higher code quality, reduce the risk of deprecated features, and improve the overall performance and security of the application. Verified the new LWC rule (API Version Is Too Old) for these scenarios:
- Verified the description, issue type, severity, message, tags, remediation, and parameters of the rule:
- Verified that a violation is thrown if the API version used is lower than the minimum version allowed:
- Verified that a violation is thrown if the API version used is higher than the maximum version allowed:
- Verified that no violation is thrown when the API version is between the minimum and maximum versions allowed.
New Rule for APEX: “OuterClassExplicitSharing” Enforces security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.
- Name: Outer Class Explicit Sharing
- Key: OuterClassExplicitSharing
- Type: Vulnerability
- Severity: Major
- Message: Class '{className}' does not have an explicit sharing rule
- Tags: Convention
- Remediation: 5 minutes
Verified the rule: OuterClassExplicitSharing for the following scenarios:
- Verified the rule’s description, type, severity, message, tag, remediation, key, and name:
- Verified the rule is not throwing a violation if used with sharing, without sharing, or inherited sharing:
- Verified that a violation is thrown if not used with sharing, without sharing, or inherited sharing.

NOTE: This rule overlaps with the ClassExplicitSharing rule and will always overlap with violations for outer classes. This rule has been created to:

Allow for the reporting of this issue as a vulnerability instead of a code smell
Only flag if sharing settings are missing for outer classes (inner classes that are missing sharing settings will not be flagged—which is opposite of how the ClassExplicitSharing rule works)

If both rules are active, check the violations that were reported and disable one of the rules as necessary.

Fixes

Fixed an issue in the CodeScan application in which flagged violations were not being displayed when using the "issues in new code" filter NOTE: This issue only relates to a separate fix stemming from our last release (24.0.13), when we fixed an issue with reference branch analyses. After that fix, however, users were experiencing a new issue, in which flagged violations were not being displayed when using the "issues in new code" filter. The other parts of the CodeScan application were NOT impacted by the reference branch analyses fix in release 24.0.13. As such, all other parts of CodeScan continued to show the accurate new issue count. Regarding this issue, users were unable to navigate to the issues page after running the project analysis. Further, users were not able to see the issues if the user selected any of the issue types (e.g., vulnerability) after running the project analysis. This fix corrects this issue. Users are now able to navigate to the issues page after running the project analysis. Further, users are now able to see the issues if they select any of the issue types (e.g., vulnerability) after running the project analysis.
Fixed issue in rule for APEX “sf: {{FieldLevelSecurity}}” {Permissions should be checked before accessing resource}. Previously, this rule was throwing violations that were false positives. This was occurring when a SOSL query having an inner query calls the related Object. The Object needs to be checked by using isAccessible() before accessing its data. NOTE: We addressed a similar issue related to SOQL queries in a previous release. That update has been extended in this release to also include SOSL queries. As per Salesforce documentation, when checking the Access for the inner query object, it allows to check by using __c, but while making inner query on related Objects, it must be in plural and end with __r. This fix corrects this issue. In this enhancement, the Object is checked by using isAccessible() before accessing its data. Verified the rule “Field Level Security Vulnerabilities” for the following scenarios:
1. Rule is throwing a violation if isAccessible is not checked for the objects used in the inner query:
2. Rule is not throwing the violation if isAccessible is checked for the objects used in the inner query.
REMINDER: In the previous release, we added support for SYSTEM_MODE in this rule. A new parameter has been added, allowing users to choose true or false to include or ignore violations related to SYSTEM_MODE. We have verified the rule: FieldLevelSecurity for the following scenarios:
- Rule is throwing the violation if the object is NOT checked via isAccessible for the methods used in the inner query.
- Rule is not throwing the violation if the system mode value is set = “true” (and the object IS NOT checked via isAccessible for methods).
- Rule is not throwing the violation if the system mode value is set = “false” (and the object IS checked via isAccessible for the methods).
Fixed issue with Retention Period settings The retention period for project branches in CodeScan was not functioning properly. The UI is able to be set, but it does not affect the cleanup of branches within the project. This setting can be found in Project Settings > General Settings > Housekeeping > Delete inactive branches and PRs after. Also, the text in the “Branches” menu did not reflect the branch retention length change:
Verified the Retention Period fix for the following scenarios:
1. In the UI, users are able to set Delete inactive branches and PRs after value:
2. Users are able to see the same branch retention length value on the Branches & Pull Requests page.
Fixed issue with Group Synchronization for SAML connections We uncovered an issue with Group Synchronization during a recent customer implementation. We identified the root cause and a code change delivered in this release fixes the issue. Group synchronization is now working as designed. Further, we verified the Group synchronization option in SAML connection on a customer environment and have reported that this capability is working as expected.

Release Notes 24.0.13

Release Date: 30 October 2024

Summary

CodeScan 24.0.13 is comprised of the following 4 components:

1 Enhancement
3 Fixes

Component details are listed in their corresponding sections within this document.

New Features

There are no new features associated with this release.

Enhancement

Enhancement to Rule for VF: “"vf:AvoidJavaScriptScriptlets” We recognize that using direct <script> tags in components or pages can pose a security risk by increasing the likelihood of cross-site scripting (XSS) attacks. Separately, but importantly, you cannot use “includeScript” to embed an Aura Application to a Visualforce page (as the $Lightning global object is not available if put in a separate .js file as a static resource). To address this, Salesforce details how to “create a component on a Page,” advising you to add your top-level component to a page using $Lightning.createComponent(String type, Object attributes, String domLocator, function callback). Note that this function is similar to $A.createComponent(), but it includes an additional parameter, domLocator, which specifies the DOM element where you want the component inserted. Access the full documentation athttps://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/components_visualforce.htm. Considering both of these items together, we recognize that there was limitation on this rule where customers were getting violations flagged as false positives. This enhancement involves implementing Regex to detect the use of Lightning components within a {{<script>}} tag in Visualforce pages. The rule {{vf:AvoidJavaScriptScriptlets}} should not trigger a violation if only Lightning components are found. However, if any additional lines of non-Lightning code are detected within the script, a violation will be raised. This ensures the proper use of Lightning components while avoiding insecure or outdated practices in scriptlets.

New Rules

There are no new rules associated with this release.

Fixes

Fixed issue with reference branch analyses: Branch initially fails the quality gate, then passes on subsequent scans without changes.
Previously within CodeScan, branches with new code consistently failed the quality gate when they contained unresolved new issues (such as bugs, vulnerabilities, code smells, or security hotspots). This failure persisted until all new issues were addressed, ensuring only clean code passed the quality gate.
Recently it was reported that "New Code -> Reference Branch" functionality was no longer working as designed, which was impacting quality gate evaluations for new code on branches for some customers. Indeed, branches with new code were initially failing the quality gate if new issues are detected (as expected and desired). However, on subsequent analyses of the same branch—without addressing the new issues—the quality gate was incorrectly passing.

We recognize that this behavior could result in code potentially being deployed to production despite unresolved issues, as the quality gate no longer blocks the release after the first analysis. As such, a fix has been implemented to ensure the quality gate consistently fails whenever unresolved new issues exist in the code, preventing deployment until all issues are addressed.

Verified the functionality of reference branch for the following scenarios:
- Verified the new code of a branch where user is able to see the issues exactly when compared with the reference branch.
- Verified that the quality gate failed status if the new branch has any new code compared to the reference branch.
- Verified that the quality gate passed status if the new branch has no new code compared to the reference branch.
- Verified that we can change the reference branch in the UI and run the analysis locally, with or without specifying the reference branch in the command. (If we didn’t specify the reference branch, it should take master as RB.)
- Verified that renaming of the reference branch and using the new name for analysis are working correctly.
- Verified that when a branch is deleted in the UI and then used as a reference branch in the SFDX command, a 404 error is returned.
- Verified the version option on activity page by providing name and editing name.
- Verified the following options that are present under new code period for any branch under specific settings for a branch.
  - Previous version
  - Number of days
  - Specific analysis
  - Reference branch
- Verified the functionality by adding new code with vulnerabilities and fixed some issues that were marked as false positives in the UI.
- Verified the sonar scanner command as well for the reference branch.
Fixed issue in rule “sf:OptimizeParallelUnitTests” (IsParallel) This rule is designed to ensure that isParallel is present, either True or False. Previously, when a second flag was added to a test, the rule threw a violation, e.g., @IsTest(SomeFlag=True IsParallel=False). This should not throw a violation since IsParallel is specified. Instead, something like @IsTest(SomeFlag=True) should throw a violation, as IsParallel is not specified. This issue was occurring because the rule detection logic was looking for “@isTest(isParallel=true/false)” annotation being defined/set individually on its own (only), but not when used in combination with other annotations. Not being able to detect combination annotations setting was thereby causing false positive violations. Various scenarios tested outcomes for the rule BEFORE the fix was added:
1. Not setting “@isTest(isParallel=false)” (or true) – Violation – Correct behavior.
2. Setting @isTest(isParallel=false) or @isTest(isParallel=true) – No violation – Correct behavior.
3. Setting @isTest(OnInstall=true isParallel=False) – Violation – Incorrect behavior as isParallel is set.
4. Setting @isTest(SeeAllData=False isParallel=True) – Violation – Incorrect behavior as isParallel is set.
Results demonstrated that scenarios a and b were working as expected; however, in scenarios c and d, the rule was not able to understand multiple combined annotations format of @IsTest(xxx=false yyy=true) This fix corrects the issue. We have verified the Apex rule sf:OptimizeParallelUnitTests via multiple scenarios, and all are working as expected.

Fixed issue in rule for VF “vf:AvoidExternalResources” (in which the rule was checking ALL attributes for external resources, producing false positives). Previously, the rule vf:AvoidExternalResources was checking ALL attributes for external resources, which it should not do. This resulted in false positives being flagged as violations. This fix ensures that the check is limited to the “value” attribute only, to avoid false positives and ensure the rule functions as intended. As an example, the following will NOT be flagged as a violation: <apex:includeScript value="{!$Resource.example_js}" loadOnReady="true"/> //Good: Uses a static resource.

Release Notes 24.0.12

Release Date: 9 October 2024

Summary

CodeScan 24.0.12 is comprised of the following 2 components:

1 Rule Enhancement
1 Fix

Component details are listed in their corresponding sections within this document.

Enhancements

Enhanced the rule sf: {{FieldLevelSecurity}} to eliminate false positives

Summary: Previously, this rule was flagging issues that were actually false positives. This was occurring when an SOQL query has an inner query calling the related Object.

In this enhancement, the Object is checked using isAccessible() before accessing its data.

Per Salesforce, when checking the Access for the inner query object, it allows you to check by using __c, but while making an inner query on related Objects, it must be plural and end with __r.

Further, we added SYSTEM_MODE support to the rule enhancement via a rule parameter (where rules admins can choose true or false to include SYSTEM_MODE).

For additional info on Object permission Checks and SYSTEM_MODE, refer to: https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_perms_enforcing.htm|https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_perms_enforcing.htm|smart-link

Fixes

Fixed errors when reattaching Bitbucket projects using new enhanced security.

In the previous CodeScan release (24.0.11), we enhanced the security of our Bitbucket webhooks to stay current with the guidelines provided in Bitbucket’s documentation (https://support.atlassian.com/bitbucket-cloud/docs/manage-webhooks/#Secure-webhooks).

We also implemented a process to make this update easier for existing customers using Bitbucket projects.

Some customers were experiencing errors with this process. This fix has corrected those errors in full, and we have validated that the process works as expected.

For more information on reattaching Bitbucket projects, please refer to our Knowledge Base:

https://knowledgebase.autorabit.com/fundamentals/faq/codescan-faqs/codescan-cloud-issues/reattaching-bitbucket-projects

For your convenience, we are also including the documentation from CodeScan release 24.0.11 regarding the enhanced security for Bitbucket projects.

With this enhancement (in 24.0.11), when you create a new Bitbucket project, you must generate a “secret” key and send it to Bitbucket to create a Webhook. In the Webhook endpoint, you should validate the {{X-Hub-Signature}} header value in accordance with Bitbucket guides.

NOTE: We recognize our customers may have existing Bitbucket projects running in their CodeScan org that were created without this enhanced security feature.

To avoid having errors occur in these existing projects, we have intentionally added a retention period for clients to migrate the projects (reattach them).

We have set 31 December 2024 as the deprecation date. This is the final day to perform the migration before these projects will break (at that point, customers will have to reattach their projects using the enhanced security webhook).

Further, to highlight this notification more visibly, customers with existing Bitbucket projects will receive a new type of Organization Notification directly within the CodeScan UI.

To maximize effectiveness (and only deliver this notification when relevant), CodeScan will check if your organization has any Bitbucket projects without these enhanced security settings.

If true, when Org Admins log in, they will receive this *WARNING* message: “You have to reattach the following Bitbucket projects by the end of 2024 to enhance security: project_key_1, project_key_2, project_key_3, etc."

Starting 1 January 2025, you will not be allowed to trigger the analysis for Bitbucket if that project doesn’t have the secret key configured. Further, instead of the WARNING message, an ERROR message will be displayed.

Release Notes 24.0.11

Release Date: 25 September 2024

Summary

CodeScan 24.0.11 is comprised of the following 3 components:

2 Functional Enhancements
1 Security Enhancement

Component details are listed in their corresponding sections within this document.

Functional Enhancements

Org Names are no longer restricted to a single word only

Summary: Previously, customers had a restriction limiting Org Names to a single word. With this enhancement, that restriction has been removed.

Valid strings now include names such as:

"My Organization"
"Organization-123"
"My Organization-123"
"Org 123"

However, there are some restrictions regarding leading spaces, trailing spaces, trailing hyphens, and invalid characters, such as:

" Organization" (leading space)
"Organization " (trailing space)
"Organization-" (trailing hyphen)
"My Organization-" (trailing hyphen)
"Org-!Name" (contains an invalid character !)

Enhancement of rule “sf:AvoidPublicFields” (reducing false positives on private classes).

The rule sf:AvoidPublicFields identifies when public fields are used and flags them as issues. Two of the three reasons this rule is important are:

The internal representation is exposed and, thus, cannot be easily changed.
When the value is changed in an unexpected way (for example nulled), the implementation may not handle it correctly.

But these are not concerns when those public fields are on a private class.

This enhancement adds a private class validation check first and will not flag the two previously mentioned issues if the class is a private class.

Security Enhancement

Enhanced security for Bitbucket webhooks

We have enhanced the security of our Bitbucket webhooks to stay current with the guidelines provided in Bitbucket’s documentation (https://support.atlassian.com/bitbucket-cloud/docs/manage-webhooks/#Secure-webhooks)

With this enhancement, when you create a new Bitbucket project, you must generate a “secret” key and send it to Bitbucket to create a Webhook. In the Webhook endpoint, you should validate the {{X-Hub-Signature}} header value in accordance with Bitbucket guides.

NOTE: We recognize our customers may have existing Bitbucket projects running in their CodeScan org that were created without this enhanced security feature.

To avoid having errors occur in these existing projects, we have intentionally added a retention period for clients to migrate the projects (reattach them).

Further, to highlight this notification more visibly, customers with existing Bitbucket projects will receive a new type of Organization Notification directly within the CodeScan UI.

To maximize effectiveness (and only deliver this notification when relevant), CodeScan will check if your organization has any Bitbucket projects without these enhanced security settings.

Release Notes 24.0.10

Release Date: 28 August 2024

Summary

CodeScan 24.0.10 is comprised of the following components:

1 Enhancement
2 New Rules
6 Fixes

Component details are listed in their corresponding sections within this document.

Enhancements

1. Enhancement to rule “Use the null coalescing operator instead of ternary”

The original aim of this rule is to identify ternary statements and suggest potential use of "??" operator.  Previously, CodeScan was checking for ternary statements only.

New Rules

1. New Rule for APEX: “IsBlankForNullChecks”

This is a new rule that leverages the built-in {{isBlank}} and {{isNotBlank}} methods instead of the {{!=}} and {{==}} operators to check for null or empty values.

This approach is especially relevant in programming environments and languages where {{IsBlank}} or equivalent methods are provided for more readable, maintainable, and less error-prone code. Using the {{IsBlank}} method for null checks improves code clarity, reduces the likelihood of bugs, and enhances maintainability compared to using the {{!=}} operator. Developers are less likely to encounter unexpected behavior due to differences in how null and empty values are handled. Additionally, built-in methods like {{IsBlank}} are optimized and tested to handle various edge cases, reducing the potential for errors compared to using the {{!=}} operator. It also makes the code easier to read and understand.

2. New Rule for APEX: “Avoid Classes Without Explicit Sharing”

New Rule to Enforce Sharing Rules in Classes

Summary: Enforce security best practices on classes by ensuring that sharing settings ('with sharing', 'without sharing', or 'inherited sharing') are explicitly declared. This prevents accidental data exposure and enhances code maintainability and compliance with security policies.

Fixes

1. Make fields of CustomObject Compatible with SFDX

CodeScan is in the process of updating all of our Salesforce metadata rules to ensure they support both the Salesforce metadata API as well as SFDX formats for the issues they were built to find.

We’ve architected this change because metadata pulled with SFDX has a different structure than metadata pulled with Salesforce’s metadata API. CodeScan can scan these different structures with some additions to the sf-meta suffixes. For this release, we have ensured that the differences are covered within the types of metadata that have these differences (specifically, the Object metadata contains all field metadata when pulled from the metadata API; however, when this is pulled with SFDX, the object and field metadata are separate).

See the following SF article for details of these differences: https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_source_file_format.htm|https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_source_file_format.htm|smart-link

2. Fixed issue in rule “sf:AvoidSoqlInLoops”

This CodeScan rule was found to have two issues:

SOQL in the code does not appear to be in a loop, but CodeScan is flagging as a violation.
A violation message is displayed multiple times for the perceived detected violation.

The root causes of these issues were identified, and the following enhancements were added:

Top of Form

Added condition to check if the method call matches the Method name; if not, do not flag as a violation

Bottom of Form

Top of Form

When checking the nested method call, if method name matches, only then it will throw violation.
Bottom of Form

Top of Form

Avoid false positives when a recursive call happens without matching the method name

Bottom of Form

3. Fixed issue when attaching a GIT project for a second time after initially canceling the request

CodeScan UI was inaccessible (page greys out) during scenarios where users were attaching Git analysis to a project in CodeScan where those projects previously had an unattached analysis.

Detail: When users would follow this navigation, they would encounter an error:

Select a project with an unattached analysis ->
Attach analysis ->
select Git ->
cancel ->
select Git again ->

RESULT: Page is grayed out until the page is refreshed.

The root cause of the issue was identified and fixed. Verification the issue is now resolved included:

Creating an empty project and subsequently attaching a Git analysis to the project
Deleting the project analysis and attaching a new Git analysis
Validating attaching analyses with no issues for:

Salesforce
GITHUB
BITBUCKET
GITLAB
GIT
WEBHOOK

4. Fixed issue in rule “sf:FixDuplicateMethods”, where Nested statements were being flagged (which was a false positive issue).

Previously, the sf:FixDuplicateMethods rule was throwing violations for nested statements, which is not the intended behavior. The root cause was identified and fixed, and now the rule is working as designed and expected.

5. Fixed issue with Date Filter on IDE Usage Page

In the 24.0.9 release, we made several UI enhancements to the “IDE Usage” page, including the addition of a date filter for:

Last 30 days
Last 60 days
Last 90 days
Last 180 days

However, the action “On click” wasn’t showing the filtered list as expected. The root cause was identified and the issue has been remediated. The date filter now works as designed and expected.

6. Fixed issue with Individual / All Filter on IDE Usage Page

In the 24.0.9 release, we made several UI enhancements to the “IDE Usage” page, including the addition of a filter toggle for Individual / All where:

Upon toggling to “Individual,” the last connection for each individual unique user list is shown.
Upon toggling to “All," the full list of activity is shown (every connection for the selected duration).

However, the action “On click” wasn’t showing the filtered list as expected. The root cause was identified, and the issue has been remediated. The date filter now works as designed and expected.

Release Notes 24.0.9

7 August 2024

The latest CodeScan release is comprised of the following components:

Enhancements
New Rule
Fix

Enhancements

Feature Enhances the “sf.testfile” parameter in project settings UI Summary: Previously, customers using our Git integration could store their test coverage in their repository branches by using a parameter called sf.testfile, which allows you to add coverage to your code with SFDX JSON outputs. With this enhancement, CodeScan allows the parameter to be configurable at a project level. Adding this parameter will allow teams to view the coverage on the CodeScan dashboard. The addition of this parameter notably provides more value for SFDX workflows. Further details are available at the following link: Importing Code Coverage from SFDX Projects.
UI Enhancements to the IDE Usage Page Summary: The “IDE Usage” page has been updated with the following UI components:

For the IDE Type, logos are now shown instead of text Added a date filter, including: Last 30 days Last 60 days Last 90 days Last 180 days Updated the Column title of “Use at” to “Time Stamp.“ Added a filter toggle for Individual / All as shown. Upon toggling to “Individual,” the last connection for each unique user list is shown. Upon toggling to “All," the full list of activity—every connection for the selected duration—is shown.

New “Exception” status for Security Hotspots Summary: For this release, the “Exception” status essentially mirrors the functionality of the “Acknowledged” status; but this is just temporary. We will be adding the ability to assign a “date time stamp” to this feature, which will then allow the issue to be flagged after the expiration of the date time stamp.

New Rule

New Rule for “Cognitive Complexity” in CodeScan

This is a new rule for assessing Cognitive Complexity. Note that we had a previous Cognitive Complexity rule. What’s different is that this rule aims to enhance the understanding of code readability and maintainability by identifying areas where the cognitive load on developers may be high.

To introduce this new rule for assessing Cognitive Complexity, we pinpointed specific code structures and circumstances that contribute to increased cognitive load. This enables developers to refactor complex sections of code, leading to improved code quality, readability, and maintainability.

Basic criteria and methodology: A Cognitive Complexity score is assessed according to three basic rules:

Ignore structures that allow multiple statements to be readably shorthanded into one. Increment (add one) for each break in the linear flow of the code.
Increment when flow-breaking structures are nested.
Additionally, a complexity score is made up of four different types of increments:
- Nesting – Assessed for nesting control flow structures inside each other
- Structural – Assessed on control flow structures that are subject to a nesting increment and that increase the nesting count.
- Fundamental – Assessed on statements not subject to a nesting increment.
- Hybrid – Assessed on control flow structures that are not subject to a nesting increment but increase the nesting count.

Fix

Fixed intermittent “400 bad request error” experienced by some users after successfully logging in via SSO. This issue is now resolved. We have verified that users who have been assigned to an organization and have since converted to SSO are able to log in to the application successfully.

Release Notes 24.0.8

Release Date: 10 July 2024

New Features

This update includes several New Features within CodeScan’s Visual Studio Code IDE Extension:

New CodeScan Issue Filter: Quickly sort and filter issues by type and severity for efficient code review.

Fixed a plugin issue that failed to recognize CodeScan-specific JavaScript (JS) and VisualForce (VF) rules.
Resolved duplicate issue detection for specific Apex rules.
Added automatic token generation and connection flow UI.
Added support for SonarQube 9.9 and later versions.

Enhancements

Rule Enhancement for “Avoid Using Test.isRunningTest()” {APEX Rule}: Summary: Previously, this rule was flagging violations when finding methods written as Test.isRunningTest(). This rule has been enhanced to also flag violations when finding methods written as System.Test.isRunningTest().
Decrease False Positives reported for Rule “sf:FixDuplicateMethods” Summary: CodeScan recognizes that methods should not share the same implementations. As such, the scope of the rule will be limited to methods with actual implementations, rather than including interface method declarations. This means the rule will now focus solely on detecting and addressing duplicate implementations within concrete classes, ensuring that only methods containing executable code are evaluated. Violations reported by this rule will now include details of all duplicate methods affected. This means each violation will list every instance of a method that shares the same implementation, making it easier to identify and resolve duplicated code. These updates will make the rule more precise, and its violation reports more comprehensive, enhancing its effectiveness.
Enhancement to Rule: "Field-Level Security" (FLS) CodeScan’s FLS rule did not detect DML methods called when syntax is insert (record), update (record), etc. Instead, FLS was only detecting when “insert record;” syntax was used. We made a parser update within CodeScan and an enhancement to the rule was applied, which corrected the syntax detection.
Enhancement to Rule: "Cyclomatic Complexity" Summary: Several enhancements were applied to the rule cyclomatic complexity, including adding the decision points '?', '&&', '||', and 'catch'.
Added dashboard Url to Job status API Summary: On the Project Analysis page, we have added dashboard Url to Job status API on success/failure of analysis:

Fixes

UI Improvement on Rule “NullCoalescing operator” We completed an alignment adjustment within the CodeScan UI for this specific rule. Previous UI:

Adjusted UI:

UI Improvement on Rule “Lightning channel Exposed” We completed an alignment adjustment within the CodeScan UI for this specific rule. Previous UI:

Adjusted UI:

Improved IDE Usage Tracking Previously, the IDE tracking page was tracking every use of a token by a user and displaying it on this page. The updated functionality is: 1 entry per user, where the tracking page gets updated / refreshed when a user token is used within VS Code. NOTE: Only VS Code updates on the page. Additionally, instead of login ID, we now display the name of the user and the email under a single column called ‘User’. Also, we changed the title to IDE Usage instead of “IDE Usages” * Finally, we removed the token information, as it is not needed. 
Fixed CodeScan IntelliJ Plugin error Previously, the CodeScan IntelliJ Plugin was throwing an error during binding updates when connected to SonarQube 10. The issue was caused by self-hosted connections being incorrectly detected as cloud connections, resulting in an error popup. This issue occurred when connecting to self-hosted SQ 10.x versions in both 2023 and 2024-based IntelliJ versions. The issue error message (popup) resulted from an API call failure. This issue has now been remedied with this fix.
Generated SARIF now associated with the branch being scanned Previously when SARIF was generated while scanning from our SFDX plugin, the SARIF was generated from the main branch of the project and NOT the branch being scanned. This has been corrected, and now the SARIF is generated from the branch of the project that has just been scanned.

CodeScan Polyfill Protection Release

Release Date: 6 July 2024

We are excited to announce that CodeScan has been updated with crucial enhancements to address recent security concerns related to polyfills. Recent advisories have highlighted significant threats stemming from polyfills, particularly those distributed via the CDN polyfill.io, which are linked to malware.

This update, effective July 6th, introduces advanced protection mechanisms to ensure your Salesforce environment remains secure.

Here’s how CodeScan is advancing your security:

Configuration Scanning: Our enhanced system now scans the configuration settings of Salesforce components, including Salesforce Sites, Salesforce CORS (Cross-Origin Resource Sharing), and Salesforce CSP (Content Security Policy), to detect any unauthorized calls to polyfill.io domains.
Component Scanning: We are scanning the core Salesforce components that enable developers to build sophisticated, custom user interfaces including Visualforce, Aura, Lightning, and other web components
Package Scanning: Our updated scanning mechanism checks downloaded packages from Salesforce AppExchange to ensure they do not contain insecure calls to polyfill.io domains

Why This Matters

Recent security advisories highlight the risks associated with compromised polyfills.

What Do I Need to Do?

For our SaaS Cloud clients, these updates were included in the most recent maintenance release on July 06, so no action is required on your side. For our On Prem clients, these rules will be included in the 24.0.8 On Prem release, which is scheduled for July 17. For our Dedicated Cloud clients, please contact your Account Team to schedule your upgrade.

Release Notes 24.0.7

Release Date: 19 June 2024

Rule Updates

The 'Hard Coded Credentials' rule name has been changed to 'Use Named Credentials' for clarity.
'Use Named Credentials' and 'Field Level Security' rules have updated descriptions highlighting Salesforce best practices and better paths to resolution.

Bug Fixes

Fixed a false positive in the rule 'Avoid using methods getDescribe and getMap inside Loops' when using custom methods with similar names.

A link was fixed on the rule description pages.

Filtering the list by project, the rule now works correctly.

New code settings no longer switch depending on the main branch of the project; all branches can be configured independently. A warning will be shown if the setting chosen will have no effect.

Release Notes 24.0.6

Release Date: 5 June 2024

Summary:

CodeScan 24.0.6 is comprised of the following 3 enhancements:

SBOM Upgrade for ADO extension:
- CodeScan currently provides an ADO extension to integrate with Azure DevOps. For this enhancement, we have upgraded components and libraries (within our SBOM), eliminating all high-severity vulnerabilities.
Severity added to SARIF output:
- CodeScan currently generates SARIF output; however, that SARIF output in GitHub does not contain the severity. By adding severity to our SARIF output, CodeScan can now provide a more verbose presentation of the issues in GitHub. This change will provide a better experience for our customers working in GitHub Actions.
Added more fields in our Report Header:
- CodeScan report header contained limited information regarding the context of the report. This enhancement provides much more detailed information including:
Field 1
- Label = "Report Generation Date"
- Value = Date report was created
Field 2
- Label = “Project Name”
- Value = Name of project
Field 3
- Label = “Main Branch”
- Value = Name of the main branch
Field 4
- Label = “Main Branch – Last Analysis Date”
- Value = Date of the last analysis of the main branch
Field 5
- Label = “Comparison Branch”
- Value = Name of the comparison branch or pull request branch

NOTE: If there is not a corresponding comparison branch or pull request branch, the value should be “Not Applicable.”

Field 6

Label = “Comparison Branch – Last Analysis Date”
Value = Date of the last analysis of the comparison branch

NOTE: If there is not a corresponding comparison branch or pull request branch, the value should be “Not Applicable.”

Field 7

Label = “Version”
Value = The corresponding version number listed in version history / measure history

Changelogs

27 June 2024

v. 2.0.3

Changes were required to support fixes and enhancements of the VS Code CodeScan Plugin (v2.0.3) to VS Code Extension Marketplace; specifically, we fixed a plugin issue that caused non-recognition of CodeScan-specific JS and VF rules. Support ticket #114684

13 June 2024

v. 2.0.2

New CodeScan Issue Filter: Quickly sort and filter issues by type and severity for efficient code review. You can click on the specific Type or Severity to only see issues of that type.

The released plugin can be updated directly from VSCode and also can be found in this link: https://marketplace.visualstudio.com/items?itemName=codescansf.codescan-vscode

Release Notes 24.0.5

Release Date: 15 May 2024

New Rules

Rule Name: “Comment All Hardcoded Values” Category: New APEX rule in CodeScan Purpose: Ensure comments are included when using hardcoded values in Apex classes Detail: Ensures any hard-coded values or strings in the code are accompanied by descriptive comments or, alternatively, use constants. This practice enhances code readability, maintainability, and will make it easier for other developers to understand the purpose of these values.
Rule Name: “Use the null coalescing operator instead of the ternary operator” Category: New APEX rule in CodeScan Purpose: CodeScan recommendation to consider replacing ternary operators (? :) for explicit null checks with the Null Coalescing operator (??) where applicable to enhance code performance and clarity. Detail: In Salesforce's Spring '24 release, the null-coalescing operator has been introduced in Apex. This rule will identify where this operator could be used but isn’t being utilized. For further information, please refer to Salesforce Release Documentation - Null Coalescing Operator.
Rule Name: “Use Accessibility Attributes” Category: New Lightning Web Component Rule in CodeScan Purpose: Updating LWCs with certain attributes makes these components more accessible to users of assistive technology. Detail: Accessibility software such as screen readers interpret the elements on a webpage using the title attribute, so specifying a value for components is very important. Salesforce’s ARIA attributes allow accessibility software to gather more information on the state of the page and align with the ARIA standard. For further information, please refer to: Component Accessibility Attributes Accessible Rich Internet Applications (WAI-ARIA)
Rule Name: “nCino Inactive Workflow Rules” Category: New nCino Gold Standard Rule in CodeScan Purpose: Removing inactive, unmanaged workflow rules in a Salesforce instance allows organizations to maintain an organized workflow environment Detail: Removing inactive UNMANAGED workflow rules will streamline workflow processes, reduce confusion among users, and improve system performance. This action leads to a cleaner and more efficient Salesforce instance. Further, removing inactive UNMANAGED workflow rules helps declutter the Salesforce environment, making it easier for administrators and users to navigate and manage active workflows effectively.

Rule Name: “Avoid JavaScript Scriptlets in Aura Components and Apex Pages” Category: New Aura / Lightning / Visualforce Rule in CodeScan Purpose/Detail: JavaScript scriptlets should not be directly embedded within the markup of Aura components or Apex pages. Instead, utilize Salesforce Static resources for including JavaScript code. Using direct <script> tags in components or pages can pose a security risk, increasing the likelihood of cross-site scripting (XSS) attacks. For further information, please refer to: https://developer.salesforce.com/blogs/2023/08/the-top-20-vulnerabilities-found-in-the-appexchange-security-review - The Top 20 Vulnerabilities Found in the AppExchange Security Review MITRE, CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Rule Name: “Exposed Lightning Message Channel” Category: New LWC / Aura / Visualforce rule in CodeScan Purpose: It is recommended to verify instances where the 'isExposed' flag in Lightning Message Channels is set to true. Setting this flag can lead to unintended access to the Lightning Message Service (LMS) API, potentially resulting in unauthorized message publishing and subscribing across components within the Salesforce ecosystem. Detail: This term specifically refers to cases where you have not configured the 'isExposed' flag in Lightning Message Channel to false. Since this provides access to the Lightning Message Service (LMS) API, which lets you publish and subscribe to messages across the DOM and between Aura, Visualforce, and Lightning Web Components, it should be set to false. For further information, please refer to: https://developer.salesforce.com/blogs/2023/08/the-top-20-vulnerabilities-found-in-the-appexchange-security-review
Rule Name: “Utilizing Apex Unit Tests with @IsTest(IsParallel)” Category: New APEX rule in CodeScan Purpose: The annotation “@isTest(isParallel=true/false)” can be set in Apex test classes to indicate whether the particular test can be executed parallelly or sequentially (performance enhancement). Detail: When writing Apex unit tests, ensure that the @IsTest(IsParallel) annotation is set, whether true or false. This keeps the option of running tests in parallel visible through development to optimize test execution times. However, it should only be enabled in scenarios where it adds value without introducing risks or conflicts. Further information: When utilizing Apex unit tests with the annotation @IsTest(IsParallel=true), it's essential to be aware of potential drawbacks to ensure smooth execution and accurate results. Enabling parallel testing with @IsTest(IsParallel=true) may lead to UNABLE_TO_LOCK_ROW errors due to resource competition, which in turn can result in rerunning failed tests in serial mode. Additionally, it's important to note that this setting does not affect change set deployment or package upload processes. By understanding these drawbacks, developers can effectively manage test execution and deployment processes, minimizing errors, and ensuring the reliability of test results.

Fixes

Updated the rule “Avoid duplicate conditions in "if"/"else if" and "switch" statements to eliminate dead code." Detail: In the Initial implementation, the "if/else-if" statements and the nested "if/else-if" statements present within them were not allowed to have duplicate conditions. Now only the related "if/else-if" statements are checked for duplicate conditions, without considering the nested "if/else-if" statements present within them. Value: The same conditions can cause duplication and lead to dead code in statements such as "if"/"else if" and "switch." This issue often occurs due to a copy/paste error. In the best-case scenario, it results in dead code that serves no purpose, but in the worst-case scenario, it introduces bugs that may propagate as the code is maintained, potentially leading to unexpected behavior.

Updated the documentation and example on rule “API Version is Too Old” to: “This rule identifies visual force pages which are using older versions of the API. Change the API Version of this visual force page.” Reason for change: The description and example needed to be updated for the rule.

Release Notes 24.0.4

Release Date: 21 April 2024

New Features

In this release, we've added more metadata suffixes as recognized types for Salesforce metadata:

Newly added CodeScan logic:

Any suffix with .[dot] present will be treated as a correct suffix and not be modified. This means:

.field-meta.xml - will treat all files ending with .field-meta.xml as metafiles.
-meta.xml - will treat all files ending with -meta.xml as metafiles.
.xml - will treat all files with .xml suffix as metafiles.
xml - will treat all files with .xml suffix as metafiles. (.[dot] is added at the start if not provided)

IDE Enhancements

Add UI element within the CodeScan Administration tab to list IDE license usage at the Org level.

Admins are now notified within the UI when IDE licenses have exceeded the maximum allotment.

Users are now notified in IDE when additional IDE licenses are required (i.e., the company has allocated all available licenses).

CodeScan now removes IDE usage records for users who have been removed from their organization’s member group.

Fixes

Improved the CodeScan parser as it relates to Visual Force. Specifically, the parser had some issues recognizing parts of Aura code (for example, with components (cmp), the parser was unable to recognize divs and spans across multiple lines). With this release, we have corrected these issues and verified that the Visual Force parser for .cmp, vf, xml, and .page files are all parsed properly. Further, CodeScan users can successfully see these issues after analysis.
Fixed a NullPointerException with the Apex rule “Null Coalescing Operator.”
Fixed an issue with New Code settings. Customers who were changing new code settings while selecting the reference branch as “main” were receiving a notification that the settings had been saved. However, the change was not reflected/applied properly to the CodeScan engine. This issue is now resolved.

Release Notes 24.0.3

Release Date: 27 March 2024

This release has several new features that support enhanced user capabilities.

CSV Export: With this fix, we added a URL column to the CSV Export that enables teams to quickly navigate to the Issue and get a fix in place.
CSV Export not exporting all issues: To avoid doubling up the queries, when a user presses the Export button, the Export and Reset buttons are grayed out and unusable. After the buttons are clicked, the following message should show underneath: "Please remain on this page while your report is generated. Depending on the number of issues in your report, this may take up to 5 minutes. Your download will start shortly."
CSV Export added functionality – Pull Requests: This enables CSV Exports to include the options to filter and group code issues by specific pull request(s).
Quality Profile error: A bug that caused project analysis issues is now fixed in the sfmeta:FlowNullHandler rule.
NullPointerException in IdempotentBinaryOperatorsRule: This fixes an exception when a null pointer is thrown in IdempotentBinaryOperatorRule.txt.
Quick Report — Issue Counts: This fixes a bug causing issue count errors in Quick Report.
Null Pointer Exception — Apex classes: This fixes an error causing an exception during analysis of Apex classes.
Null Pointer Exception for IfElseDefaultCase Rule: This fixes a null pointer exception thrown for triggers.
False Positives: This fixes false positive errors for the sf:FixDuplicateConditions rule. The same conditions can cause duplication and lead to dead code in statements such as "if"/"else if" and "switch". This issue often occurs due to a copy/paste error. In the best-case scenario, it results in dead code that serves no purpose, while in the worst-case scenario, it introduces bugs that may propagate as the code is maintained, potentially leading to unexpected behavior. Addressing false positives for cases such as:
```
public class sample{
public static void main(){
    if(a==true){}
    else if(a == null){}

    if(super.a){}
    else if(this.a){}

    if(this.a){}
    else if(this.b){}
    }
}
```
Use Relative, not Absolute URLs: Code that uses absolute URLs for Salesforce pages will only work when running on the corresponding Salesforce instances. This can cause code to fail when deployed in another sandbox or production environment. Use relative URLs to avoid this issue.
Null Pointer Exception – sf:AvoidAbsoluteURL rule: Fixed a null pointer exception during analysis associated with the sf:AvoidAbsoluteURL rule.

Release Notes 24.0.2

March 2024

This update introduces several new rules and bug fixes for current rules. This includes:

Apex Rules:

Duplicate method implementations: Methods should not share the same implementations. To prevent duplication and confusion, avoid using two methods with identical implementations.
Code length: Lines should not be too long in APEX. Limiting the length of code lines enhances code clarity and readability by reducing complexity and improving quick understanding.
System.runAs to test user permissions: To ensure accurate and realistic testing of user permissions, it is crucial to utilize System.runAs during test execution, ensuring logic is tested in the same context in which it will run.
Relative Salesforce URLs: Salesforce pages should use relative URLs, as code using absolute URLs for Salesforce pages will break in different environments.
“If ... else if” should have “else” case: Include a default case using an "else" statement at the end of "if" and "else if" clauses to handle all conditions and provide code clarity.
Limit case clauses in switch statements: Using a large number of case clauses in switch statements creates complex, difficult-to-read code.
Avoid Identical Expressions on Both Sides of a Binary Operator: When both sides of a binary operator have identical values, the condition will always give the same result.
Avoid Sending Emails in Loops: Avoid using Messaging.sendEmail within loops to prevent exceeding Salesforce governor limits and to enhance application performance.
Avoid duplicate conditions in "if"/"else if" and "switch": When the same conditions are used in statements like "if"/"else if" and "switch", it can lead to duplicate or dead code.
API Versions 7.0 through 20.0 Retirement: The retirement of older Salesforce Platform API versions (7.0 through 20.0) after the Summer '22 release is a critical step to ensure the continued smooth operation of Salesforce applications.
Avoid using methods getDescribe and getMap inside Loops: The ‘getDescribe’ and ‘getMap’ methods typically involve fetching metadata information for objects and fields. Invoking them inside loops can result in unnecessary overhead.

Assertion Rules:

Use Assert.areEqual instead of Assert.isTrue: This rule detects Unit test assertions in object references equality. Instead of using Assert.isTrue as an equality check, these assertions should be made by more specific methods, like Assert.areEqual.
Use Assert.isTrue instead of Assert.areEqual: When asserting a value that is the same as a Boolean literal, use Assert.isTrue, instead of Assert.areEqual.
Use Assert Equals Instead of Boolean Equality Assertion: This rule detects unit test assertions in object references equality. Instead of using Assert.isTrue combined with "==" as an equality operator, these assertions should be made by more specific methods, like Assert.areEqual (expected, actual).
Unit Assertions should include a Message: Unit assertions should include a message. In other words, use the three-argument version of Assert.areEquals(), not the two-argument version.
Unit Test Method Contains Too Many Asserts: Unit tests should not contain too many asserts. Many asserts are indicative of a complex test, for which it is harder to verify correctness. Consider breaking the test scenario into multiple, shorter test scenarios. Customize the maximum number of assertions used by this Rule to suit your needs.
Non-Unit Test Methods Should Not Contain Asserts: Asserts should only be used in test methods.
Misuse of Assert Class: Assert Class can be misused if not applied correctly. To ensure the correctness of our code and avoid common pitfalls, establish best practices for its usage.
Use Messages in Assert Statements: Ensure that messages are included when using the assert method with the message parameter to improve code quality and make it easier to identify the cause of failures during testing and debugging.
Consider Using Assert in place of System.Assert: This new class aims to enhance the readability and maintainability of test code for developers. It is preferable to use Assert in your tests instead of older System.Assert methods.

LWC Rules:

Enable Salesforce Lightning Web Security (LWS): Enabling LWS ensures that the Lightning components within our Salesforce instance are executed in a secure and controlled environment, reducing the risk of potential security vulnerabilities.

SF Meta:

Adopt the ICU Locale Formats instead of JDK locale formats: Salesforce is retiring the JDK locale formats with the Spring ’24 release. ICU is the new standard enforced in API version 45. Make sure your custom code does not use JDK locale formats and instead uses locale-neutral methods.
Set Flows to Auto Layout: Implementing auto-layout for your flows helps designers modify layouts more quickly, allowing them to iterate on their designs with greater speed. It ensures elements are perfectly aligned and evenly spaced, improving readability in complex Flows.
Potential Overuse of Rollup Summaries: Ensure compliance with Salesforce's limit of 25 roll-up summary fields per object to prevent potential issues arising from exceeding Salesforce platform limits.

Bug Fixes:

Improvement was provided on how to fix for the "Deserializing JSON is Security Sensitive" rule.
We provided a fix on the "sf:AvoidUsingHardCodedId" rule not detecting hard-coded IDs as expected.
Wrongly identified violations in specific scenarios were fixed for the "Comments are Required" rule.
The rule "sf:AvoidPublicFields" was updated to exclude public fields with the @InvocableVariable annotation.
We provided a fix for the rule's missing root element in "RuleSet."
We provided a fix for the "Consider removing inactive flows" rule not working correctly.

Release Notes 24.0.1 Feb 2024

The following items were implemented, fixed, or enhanced with this release:

We fixed a parser issue in the "Avoid Untrusted/Unescaped Variables in DML Query" rule.
A new rule parameter, allowList, was added to the "Track Usage of @SuppressWarnings" rule.
We fixed the "Get help" action, which was not working when users clicked the plus (+) icon.
Security tokens are now sorted by creation date.
A fix was provided for the "Flows API Version Is Too Old" rule to prevent Null Pointer Exceptions.

ARM Release Notes

ARM 25.2.12 Release Notes

Release Date: 6 July 2025 Highlights: Key enhancements and fixes to CI jobs, VS Code integration, deployment modules, audit reports, and environment provisioning.

Bug Fixes

Audit Reports – Deployment Label & Metadata Fixes Added the Deployment Label column in the Audit Reports section. Fixed issues with Invalid Date in the created/modified date columns and removed special characters from downloaded CSV headers.
Env Provisioning – Apex Test Level Execution Support Improved the Enable/Disable Apex Trigger Migration Template by reintroducing the Test Level dropdown in the execution window. Now the execution status updates correctly based on test result outcomes.
CI Jobs – Sharing Rules Not Deployed Resolved an issue where Sharing Rules were skipped during deployment when linked to custom objects from installed packages.
VS Code Plugin – File Diff Undefined Error Fixed an undefined error in EZ Commit via VS Code when accessing file diffs post-commit. The file diff generation model is now available.
Destructive Changes – Entitlement Process Commit Fail Addressed commit failures during the Entitlement Process, destructive changes by updating the logic for DX Repositories.
Deployment – Missing Permissions in Profile Deployments Corrected permission deployment for profiles with “Ignore Missing Visibility” enabled. This included handling for PushTopic permissions.
Audit Reports – Triggered Date Incorrect Fixed the mismatch in deployment-triggered date display under the Audit tab.
CI Jobs – Abort Doesn’t Terminate Background Process Improved CI job abort handling to ensure background processes are completely stopped. Now, aborted jobs no longer get stuck, and subsequent jobs queue and execute as expected.

ARM 25.2.11 Release Notes

Release Date: 29 June 2025

Highlights: Git Performance Optimization, Accurate CI Deployments, and Enhanced Reporting Visibility

Enhancements

Faster Git-Based Version Control Validations We’ve improved how ARM validates Git branches and revisions. These checks are now performed directly on the remote Git repository, eliminating the need for local workspace setup. This significantly boosts performance and reduces processing time during operations.

Bug Fixes

Installed Components Now Properly Excluded in CI Jobs The “Ignore Installed Components” option in CI jobs was previously not functioning as expected—installed components were still being deployed. This has been corrected. The selected option now effectively excludes these components from deployment.
Resolved Validation Error During Permission Set Commit Users encountered commit validation errors when working with permission sets and specific metadata selections. We've refined commit logic to ensure permission set files are filtered correctly based on selected options.
Permissionset Deployments No Longer Drop Object Permissions Deploying a new permission set with “Ignore Missing Visibility” enabled previously removed DataStreamDefinition object permissions. This issue is now resolved. Both DataStream and DataStreamDefinition object permissions are preserved regardless of the setting.
Deployment Reports Display Accurate Results for All Years Reports for years like 2023 and 2024 were previously showing incorrect data due to a mismatch in attribute formatting. We’ve added compatibility for both older and newer report formats, ensuring accurate data display on the dashboard.

ARM 25.2.10 Release Notes

Release date: 22 June 2025

Overview

This release delivers targeted improvements to Vlocity deployments, CI job processing, sandbox provisioning, permission settings, and EZ-Commit behavior. Key internal issues have been resolved to enhance reliability, reduce metadata deployment anomalies, and streamline configuration workflows.

Internal – Vlocity Calculation Matrix Fix

1. Issue: After a commit, comma-separated Calculation Matrix Components were not being correctly committed to the branch. Only the YAML file was pushed, and that too in an incorrect format.

Fix: Introduced logic to backup the Calculation Matrix member name, fetch the correct member, and update the YAML file accordingly. Now, the Calculation Matrix Components are committed as expected, supporting direct commits, commit labels, and release labels.

Vlocity Version Control Deployments (including release, commit label, and AutoRABIT build) now retrieve and deploy comma-separated Calculation Matrix Components accurately.
Vlocity Org-to-Org Deployments are verified and working correctly.
CI Jobs now correctly retrieve and deploy comma-separated Calculation Matrix Components from source to target Salesforce org.

Module: Vlocity Commit, Deployments, and CI Jobs

2. Issue: Managed package components that were intended to be excluded were still being included during deployments.

Fix: Implemented proper filtering logic to ignore installed (managed) components during deployments and CI job executions, ensuring expected exclusion behavior.

Module: CI Jobs and Deployments

3. Issue: During a sandbox refresh, the template failed because the Sandbox Access field was missing for the production. Salesforce updates now require explicit configuration of access levels during the refresh process.

Fix: Introduced a new Sandbox Access field to the environment provisioning template. Users can now define the appropriate access level, enabling complete control during sandbox refresh.

Module: Environment Provisioning

4. Issue: During an EZ-Commit, the Diff view did not correctly reflect profile permission changes (field/object permissions), despite being configured under My Account > Salesforce Settings.

Fix: Applied backend logic to ensure that global profile and permission set rules apply only to the configured profiles/permissions. The Diff screen now accurately displays modifications relevant to the EZ-Commit context.

Module: EZ-Commit (Profile & Permission Set)

5. Issue: In the "Apply Global Profile / PermissionSets Settings" screen under My Account, unnecessary permission selections were displayed. This contradicted the help text stating that all field/object permissions would be universally set to true (grant) or false (revoke), making the checkbox list appear redundant.

Fix: Now, only explicitly granted or revoked object/field permissions are selected or deselected in the UI, making the configuration clearer and more accurate.

Module: Admin → My Account → Profile / Permission Set Configuration

6. Issue: An internal CI Job history API call was failing. Customers were unable to retrieve data via Postman due to an invalid filter applied to the DB query.

Fix: Corrected the filter logic in the DB query that powers the API. The API is now functioning as expected and can return CI job history details without failure.

Module: CI Job History API (Postman & DB Filter)

ARM 25.2.9 Release Notes

Release Date: 15 June 2025

Overview

This release introduces support for Salesforce API 64 (Summer ‘24) and adds compatibility for new metadata types. Key improvements include bug fixes for CI Job execution, Profile Compare deployments, permission retrieval, and DX-based destructive changes in EZ-Merge.

Salesforce API 64 Support

Module: Metadata Compatibility

Added support for the following new metadata types:
- LightningTypeBundle (supported for Non-DX only)
- ExtlClntAppMobileSettings
- ExtlClntAppMobileConfigurablePolicies
- ExtlClntAppNotificationSettings
- ExtlClntAppPushSettings
- ExtlClntAppPushConfigurablePolicies
Also validated existing metadata types (e.g., Objects, Fields, Profiles, Permission Sets) with API 64, and confirmed that they work as expected.

Issue: Newly created CI Jobs were not getting triggered upon pull request creation in a specific branch. CI jobs for other branches in the same repository were functioning correctly.

Fix: The logic was updated to properly retrieve the base branch name when fetching credentials from the database. This now ensures the correct CI job is triggered for all branches.

Module: CI Jobs

Issue: When updating object permissions using the Profile Compare feature, the changes appeared to reflect correctly in the UI but were not applied during deployment. The mismatch was due to inconsistent node names in the backend.

Fix: Standardized object permission node names across the UI and backend to align with Salesforce's profile XML structure, ensuring accurate deployment of user selections.

Module: Profile Compare

Issue: Profiles with special characters in their names were not being retrieved properly. This was due to URL decoding and formatting that altered the original profile name, preventing matching and retrieval.

Fix: Removed unnecessary decoding and now presents the profile name in the exact format received from Salesforce, ensuring such profiles are correctly processed.

Module: Admin → Salesforce Settings → Profiles and Permissions

Internal Enhancement

Issue: Destructive changes related to static resources were not working properly for DX-format deployments in EZ-Merge.

Fix: Destructive change logic for static resource metadata was implemented for DX format, making it consistent with non-DX behavior and ensuring successful validation and deployment.

Module: EZ-Merge

ARM 25.2.8 Release Notes

Release Date: 8 June 2025

Overview

This release brings critical improvements and feature enhancements across multiple modules, including Environment Provisioning, CI Jobs, Admin, EZ-Merge, and Metadata handling. The updates aim to improve system flexibility, performance, and metadata deployment consistency.

Bug Fixes and Improvements

1. Fix / Improvement

Issue: In Environment Provisioning, the Remote Site Settings template was failing to update the URL in the destination org when the user applied alphabetical sorting. This caused deployment inconsistencies.

Fix: Now, the template can update remote site settings correctly regardless of alphabetical sorting. Sorting by Remote Site Name or Remote Site URL no longer blocks the update process. Validation has been completed in the integration branch.

Module: Environment Provisioning

2. Fix / Improvement

Issue: Customers could not edit SSO domain changes directly from the platform, leading to manual intervention.

Fix: Users can now update their SSO domain name via the SSO Configuration page. Once the domain name is changed, an automated email informing all users of the update is triggered.

Module: Admin → My Account → SSO Configuration

3. Fix / Improvement

Issue: While attempting to delete static resources and their .meta files through EZ-Merge, no destructive changes package was being generated, even when the "Run Destructive Changes" checkbox was selected. This caused validation failure during merge.

Fix: Destructive logic has been implemented in EZ-Merge for both DX and non-DX formats, ensuring static resource deletions are correctly handled and packaged.

Module: EZ-Merge

4. Fix / Improvement

Issue: CI Job deployments were failing with a 504 Gateway Timeout error, blocking staging environment activities and causing delays in deployment pipelines.

Fix: Optimized the CI Job execution logic by improving how API timeouts are handled. This ensures better performance and avoids timeout-related failures during large or slow deployments.

Module: CI Jobs

5. Fix / Improvement

Issue: While running test classes in the Admin section, unrelated Apex test classes were being auto-populated.

Fix: The auto-population logic was revised to ensure only relevant Apex classes are retrieved and saved. Unrelated classes are now excluded from test jobs.

Module: Admin → My SF Org Management

6. Fix / Improvement

Issue: During CI Job deployments involving Search and Substitute rules, changes were not being applied to the destination org, even though the deployment was marked successful.

Fix: Provided Fix and also Extended support to apply substitution logic to the following metadata types: AutoResponseRule, CustomLabel, CustomMetadata, CustomObject, CustomSite, Dashboard, DashboardFolderShare, Network, NamedCredential, PermissionSet, Portal, Queue, RemoteSiteSetting, Report, ReportFolderShare, SamlSsoConfig, SharingCriteriaRule, SharingOwnerRule, and Workflow.

Module: Search and Substitute

7. Fix / Improvement

Issue: When performing a destructive change (e.g., deleting a ProfileSearchLayout) and deploying via Single Revision, the system failed to identify the change correctly, expecting the metadata to be present instead.

Fix: The Retrieve Metadata screen now correctly classifies added/modified ProfileSearchLayout changes under "ALL ITEMS" and does not falsely tag them as missing. For Non-DX Deployments and CI Jobs, ProfileSearchLayout changes now appear as constructive updates and deploy successfully.

Behavior Limitation: If a Custom Object contains only a single ProfileSearchLayout node and that node is deleted, the change will not be picked up during deployment, as ProfileSearchLayout is not a standalone metadata type.

Module: Deployment / CI Jobs

Release Notes 25.2.7

Release date: 1 June 2025

Overview

This release improves metadata handling and deployment type consistency and enhances support for Vlocity and Permission Set delta deployments. Several critical fixes have been addressed across the Deployment, CI Jobs, and EZ-Commit modules to improve reliability and reduce deployment anomalies.

Bug Fixes and Improvements

Fix/Improvement 1

Issue: When deploying a new profile search layout for the Case object, the deployment unintentionally removed all other existing profile search layouts in the org, causing a loss of metadata settings for other profiles.
Fix: The logic in the deployment backend (CustomObjectController.java) has been refactored. It now compares layout differences in an additive manner, ensuring that new layouts are added without deleting existing ones.
Impacted Module: Deployment

Fix/Improvement 2

Issue: The “Enable Delta on Permission Sets” checkbox is designed to ensure only changed permissions are committed or deployed. While it did not work correctly for CI Jobs, object permissions were still getting removed even when the checkbox was enabled.
Fix: The delta behavior is now standardized across both CI Jobs and Deployments. A back-end code fix ensures that object permissions are preserved in deployments sourced from version control (SCM) and delta logic is honored properly.
Impacted Modules: CI Jobs, Deployment

Fix/Improvement 3

Issue: During Vlocity SF Org-to-Org deployments, YAML files failed to handle Calculation Matrix fields with comma-separated values that included spaces. This broke deployments and made the downloaded DataPacks unusable.
Fix: The YAML generation process was enhanced to support such field values. Now, comma-separated Calculation Matrix components are parsed and deployed correctly to the target org. YAML downloads are also displayed properly.
Note: This fix currently applies only to Org-to-Org Vlocity deployments. Support for Vlocity deployments via Version Control is under R&D.
Impacted Module: Deployment (Vlocity SF Org-to-Org)

Fix/Improvement 4

Issue: While configuring ScheduleApexClassesMonthly templates in the Environment Provisioning module, all default user fields were incorrectly set to Analytics Cloud Integration User, regardless of what the template intended.
Fix: The back-end logic for template value assignment was fixed. It now correctly pulls in the actual default values specified in the template configuration.
Impacted Module: Environment Provisioning

Fix/Improvement 5

Issue: A customer was performing a merge using a commit that contained only destructive changes. Even though the "Destructive Changes" checkbox was enabled, the merge failed during the Validate Deploy stage.
Fix: Salesforce expects both a postdestructivechanges.xml and an empty package.xml file for validation to pass. The fix ensures that an empty package.xml file is now automatically added to the package folder, along with destructive changes, making the validation step successful.
Impacted Module: EZ-Merge with Validate Deploy

Fix/Improvement 6

Issue: While using a previously validated commit label to perform a new EZ-Commit, customers were unable to see the RecordType component under the “All Metadata Components” tab.
Fix: The component filtering logic was corrected to ensure that RecordType and similar metadata types are displayed when using commit templates, improving usability and completeness of the commit UI.
Impacted Module: EZ-Commit

Release Notes 25.2.6

Release Date: 25 May 2025

Overview

This release focuses on stability, reliability, and enhanced usability across core modules like CI Jobs, EZ-Commit, and Release Management. Key improvements address long-standing issues such as CI job queue blocks, premature status transitions during aborts, metadata filtering inconsistencies, and usability fixes in user management.

We’ve also added support for Provar v25.2.1, improved error handling and logging, and ensured a smoother experience for EZ-Commit users leveraging custom metadata and commit labels.

Bug Fixes and Improvements

1. Release label Abort Stuck Status

Issue: When a user aborts a release label, the system prematurely sets the release status to "Failed" while the abort request to the agent is still pending. If the abort request isn’t successfully sent, the status gets stuck, causing confusion in monitoring and troubleshooting.

Fix: The system now updates the release status to “Failed” only after the agent successfully triggers and acknowledges the abort request. Extra logging has been added to help trace abort scenarios and ensure proper state transitions.

Impacted Module: Release label Management

2. EZ-Commit Metadata Filter with Reused Labels

Issue: When performing an EZ-Commit using the SCA > CodeScan option and enabling “Only newly added supported metadata types,” the commit wasn’t functioning properly if the user reused a previously used commit label.

Fix: Metadata filtering logic has been updated to support commit label reuse, ensuring seamless functionality with Auto Draft.

Impacted Module: EZ-Commit

3. CI Jobs Stuck in Queue

Issue: Some CI jobs were getting stuck in the queue due to:

Unhandled exceptions
Git commit failures where no revision was generated

Fixes:

Prevented downstream processes when Git fails to generate a revision
Improved handling for null messages and unexpected errors
Added enhanced logging to support better troubleshooting

Impacted Module: CI Jobs

4. Admin User Creation Validation

Issue: Fields like Phone Number, Zip Code, and State were mandatory during user creation, restricting onboarding in certain cases.

Fix: These fields are now optional in the Admin module, streamlining user creation.

Impacted Module: Admin (User Management)

5. Fieldset Translation Removal During Commit

Issue: When committing CustomField and CustomObjectTranslations, valid Fieldset translation nodes were unintentionally removed.

Fix: Translation node handling has been refined to preserve valid entries and prevent data loss in multilingual configurations.

Impacted Module: EZ-Commit

6. Credential-Based CI Job Failures

Issue: CI Jobs were failing inconsistently when using existing credentials, with causes difficult to trace.

Fix: Improved logging at credential validation points to isolate issues and aid future debugging.

Impacted Module: CI Jobs

7. Provar v25.2.1 Compatibility Support

Request: Compatibility needed for Provar version 25.2.1 to support automated test execution.

Update: Provar v25.2.1 is now supported and available on demand for integration with ARM workflows.

8. Branch Name Case Sensitivity in Release Labels

Issue: Sub-users could not view their own release labels due to a mismatch in branch name casing logic.

Fix: The filtering logic now respects case sensitivity, ensuring correct visibility of release labels.

Impacted Module: Release Label Management

Release Notes 25.2.5

Release Date: 18 May 2025 Overview

This release includes key bug fixes and improvements focused on enhancing CI Job stability, deployment reliability, and metadata diff accuracy. It addresses critical issues encountered in Salesforce-to-Salesforce deployments, destructive change logic, permission set handling, and package creation workflows. Additionally, customer-requested upgrades such as Provar support enhancements have been implemented.

Bug Fixes and Improvements

1. CI Job: Destructive Changes Handling

Issue: The “Prepare Destructive Changes” option was not selected during initial CI Job creation but was unexpectedly selected during re-runs.

Impacted Modules:

Deploy a package from Salesforce to Salesforce
Deploy a package from Salesforce to Salesforce and back up to Version Control

Fix: Resolved inconsistencies in destructive change logic. The system now retains the correct state of the “Prepare Destructive Changes” flag across CI Job executions.

2. Permission Set FLS Diff Missing

Issue: When attempting to commit FLS changes for a new field within a permission set, the changes were not captured in the diff report, resulting in missing commits.

Fix: Enhanced logic to correctly capture FLS changes by appending Task and Event objects for the Activity object when the Global Permissions option is selected in EZ-Commit.

3. Deployment Abort Functionality

Issue: When performing a Single Revision Deployment, even after aborting it (a confirmation popup showing a successful cancellation), the deployment continued and was marked as successful.

Fix: Fixed the abort logic within the deployment module to correctly halt execution and reflect the accurate status post-abortion.

4. Unlocked Managed Package CI Job Failure

Issue: Customer experienced failures when triggering a CI Job to create and install an unlocked managed package from a version control branch.

Fix: Improved JSON handling during CI Job execution, ensuring compatibility with both internal and customer-specific JSON structures. Now, even in case of exceptions during package creation, the system attempts fallback version creation instead of complete failure, similar to the existing SFDX module behavior.

5. Provar Upgrade Request

Request: Customer requested support for Provar v25.2.1

Update: Support for Provar version 25.2.1 has been added to ensure compatibility with automated test execution workflows. This version will be available on a demand basis.

Release Notes 25.2.4

Release Date: 11 May 2025

Overview

This release introduces feature enhancements and key bug fixes to improve deployment flexibility, metadata handling, CI job stability, and user experience. The update includes enhanced error handling for CI and Apex jobs, metadata recognition updates, and refined UI behavior in merge and licensing workflows.

Bug Fixes & Improvements

CI Job Includes Unsupported Metadata Despite Exclusion Configuration A customer reported that certain metadata types (CallCenterRoutingMap, CallCtrAgentFavTrfrDest) were deployed despite being explicitly excluded in the deployment configuration.

Upon investigation, the data related to CallCenterRoutingMap was retrieved and verified successfully. However, data for CallCtrAgentFavTrfrDest could not be validated.

These metadata types are associated with Salesforce Service Voice features, which require full integration with a compatible telephone system. Currently, such an integration is unavailable in our environment, limiting our ability to validate the issue fully.

Fix: Few metadata types are officially supported and recognized correctly in deployments.
Impacted Module: CI Jobs

Repository URL Migration A customer-requested repository URL migration has been completed.

Fix: Migration was successful, and no further issues were reported.
Impacted Module: Repo Management

Profile Comparison Error: “Salesforce Org Doesn’t Exist” An error occurred when comparing profiles across 2 or 3 environments.

Fix: UI logic for diff loading has been refined to handle multi-org comparisons.
Impacted Module: Metadata Comparison

CI Job Fails When All Standard Value Sets Are Excluded CI Jobs failed to run if standard value sets were excluded from selection.

Fix: Job logic updated to handle scenarios where standard value sets are excluded.
Impacted Module: CI Jobs

Failure in Scheduled Apex Test Runs for Production Orgs Daily scheduled Apex test executions failed due to an issue handling multiple concurrent jobs.

Fix: Logic in ApexTestClassesSchedulerJob refined to support multiple scheduled jobs.
Impacted Module: Apex Test Scheduling

Text Change in Merge Screen UI The label was changed from “Skip all three prevalidation criteria” to “Skip all prevalidation criteria” for better clarity.

Impacted Module: Merge UI

Known Issues

License Upload Not Visible for Expired On-Premise Servers When the license expired, the option to upload a new key was not visible before login.

Fix: The pop-up visibility issue was resolved; users can now upload the license before logging in.
Impacted Module: Licensing (On-Prem)
Issue Type: UI Bug

Release Notes 25.2.3

Release Date: 4 May 2025

Overview

This release of AutoRABIT ARM introduces key bug fixes and stability improvements to deployment label handling, CI job webhook executions, and user management across regions. Notably, a critical internal issue affecting metadata filtering during full deployments has been addressed. Additionally, issues related to saving users for countries without state-level details and CI job webhook failures have been resolved.

Bug Fixes and Improvements

Issue with Full Deployment - Previous Deployment Label Type

A defect was identified when performing a full deployment using the “Previous Deployment Label” type, which inadvertently included all metadata members from the source organization, rather than only those associated with the selected label.

Fix: Updated deployment logic now ensures that only metadata within the selected label is included in the deployment. Impacted Modules: Deployments

Webhook Execution Failures in CI Jobs

Webhooks were not being executed during CI job runs due to limitations in DynamoDB.

Fix: Webhook invocation logic has been revamped to ensure reliable webhook execution in CI pipelines. Impacted Modules: CI Jobs

User Creation Failure – Countries Without States

An issue was reported where creating or editing users with countries that do not have states (e.g., Singapore, American Samoa, Andorra) failed to save the user details.

Fix: Validation logic has been updated to treat the state field as optional for applicable countries, ensuring successful user creation. Impacted Modules: User Management

Release Notes 25.2.2

Release Date: 27 April 2025

Overview

This release introduces significant enhancements to AutoRABIT’s ARM platform, focusing on enhanced metadata support, improved deployment accuracy, and optimized performance across CI workflows. Previously unsupported metadata types are now fully recognized in DX-based branching and deployment. Issues with redundant code coverage reports and performance bottlenecks in ALM item loading have been resolved. Significant improvements also include full profile permission coverage in EZ-Commit and enhanced metadata exclusion logic.

Bug Fixes and Improvements

Support for New Metadata Types in DX Repo CI Deployments Previously unsupported metadata types are now included in deployments created through DX repo-based branching. These include: ApplicationSubtypeDefinition, BusinessProcessTypeDefinition, ConvIntelligenceSignalRule, ExplainabilityActionDefinition, ExpressionSetDefinitionVersion, ForecastingGroup, and PathAssistant. Impacted Modules: CI Jobs (DX Branching & Deployments)

Code Coverage Report Duplication Fixed Resolved an issue where multiple code coverage reports were generated for the same sandbox. The back-end logic has been updated to ensure that only one report is created per sandbox. Impacted Modules: Code Coverage Reports

Improved ALM Item Load Time in Commit/Merge Modules Addressed severe performance lag when loading Azure ALM items after sprint selection. Switched to batch API calls for fetching work item data and states, reducing calls from thousands to single digits. Load time dropped from ~6 minutes to ~4 seconds for large sprints. Impacted Modules: Commit/Merge (ALM Integration with Azure)

Full Profile Commit – Object Permissions & Tab Visibility Fixes Fixed missing object permissions (Documents, Push Topics) and tab visibilities (Reports, Dashboards) in full profile commits during EZ-Commit. The package.xml generation logic now correctly includes all necessary metadata members. Impacted Modules: EZ-Commit, Profiles

Metadata Exclusion Logic Improved – ExpressionSetDefinitionVersion Corrected behavior in which ExpressionSetDefinitionVersion metadata was included in deployments, even when excluded. This enhancement enables precise control over metadata exclusions, particularly for workflows that require separate deployment flows (e.g., OmniStudio jobs). Impacted Modules: CI Jobs, Deployment

nCino + Data Loader Release Notes 25.1.4

Release Date: 27 April 2025

Refer to the latest release notes published for nCino + Data Loader at https://knowledgebase.autorabit.com/release-notes/release-notes/ncino-release-notes/release-notes-25.1#ncino--data-loader-25.1.4-release-notes.

ARM Release Notes 25.2.1

Release Date: 20 April 2025

Overview

This release brings meaningful enhancements that improve reliability, accuracy, and visibility across ARM workflows. Backup CI jobs now consistently capture StandardValueSet changes, ensuring more complete metadata tracking. Improved metadata classification prevents deployment errors, while CustomObjectTranslation handling in EZ-Commit for DX repos is now more precise. Custom settings deploy smoothly through Environment Provisioning, reducing manual effort. File comparisons are clearer with restored full diff visibility, aiding better change reviews. Updates to Search and Substitute and managed package exclusions streamline CI deployments. Audit trails now display correct timestamps, enhancing reporting accuracy.

Bug Fixes and Improvements

StandardValueSet Metadata in Backup Jobs Backup CI jobs now correctly detect and retrieve changes made to StandardValueSet metadata. Previously, these changes were not captured automatically, although manual commits through EZ-Commit functioned as expected. This enhancement ensures StandardValueSet changes are included in automated daily backups. Impacted Modules: CI Jobs backup to VC. Support Case: #132829

Metadata Type Detection for Custom Metadata Labels Improved handling of custom metadata with labels starting with "profile" or "permissionset" by validating based on their file paths instead of label names. The system now checks for profiles/ and permissionset/ in metadata paths to accurately categorize them during commit, merge CI jobs, and deployments. This resolves previous misclassification issues. Impacted Modules: All Modules.

CustomObjectTranslation Handling in DX Repositories Improved the EZ-Commit process to correctly handle CustomObjectTranslation metadata in DX repositories. Previously, some nodes were unintentionally removed, and unrelated changes like validation rules appeared in the compare changes section. The commit process now includes only selected components, matching the behavior of non-DX repositories. Impacted Modules: EZ-Commit while selecting 'customobjecttranslation' [DX/NonDX].

Custom Settings Deployment in Environment Provisioning Resolved an issue where custom settings were not being deployed through the Environment Provisioning module. Although no errors were shown on the history page, specified changes were not applied. This enhancement ensures that custom settings are now correctly deployed as part of the provisioning process. Impacted Modules: Env Pro -> migrate custom settings.

File Difference Display in Comparison Dialog Fixed an issue where the comparison dialog box did not consistently display full file differences for all metadata types. Previously, the UI showed only a limited number of lines without offering a "Load More" option, while the downloaded file revealed additional differences. The "Load More" functionality has been restored, now loading up to 200 lines per click to ensure complete visibility of metadata changes. Impacted Modules: Compare Metadata in Deployment Module.

Search and Substitute for Workflow Alerts in CI Jobs Resolved an issue where applying Search and Substitute rules on Workflow Alerts in SFDX repositories caused CI jobs to fail. The error was due to a logic fault, which has now been corrected. Common code has been refactored and moved to the pipeline to ensure consistent execution across jobs. Impacted Modules: CI Jobs, Deployment, and Pre-Validation Commit.

Exclusion of Managed Components in SFDX CI Job Deployments Fixed an issue where managed components were not properly excluded during SFDX CI job deployments, despite selecting "Ignore installed packages" and configuring exclusions under the Skip Members section. The deployment logic has been corrected to ensure managed components are now accurately excluded as intended. Impacted Modules: Deployments & CI Jobs.

Date and Time Accuracy in Audit Trails Corrected the logic used for date and time conversion in the UI of the Reports Audit Trail. Previously, the created and modified dates were displayed inaccurately. This enhancement ensures that audit timestamps now reflect the correct values. Impacted Modules: Audit Report.

ARM Release Notes 25.1.4

Release Date: 17 April 2025

Overview

This release focuses on streamlining the deployment process and improving reliability across the platform. OmniStudio deployments now handle dependencies more intelligently with Max Depth -1, ensuring a smoother experience from retrieval to deployment. Conflict resolution has been made more precise, avoiding issues like content bleed between files, and users can now seamlessly retry failed merges without losing progress. Improvements to Org Sync and Admin settings make it easier to spot differences and manage roles in real time, while enhancements to file comparison and commit labeling bring greater clarity and control to the deployment workflow.

Bug Fixes and Improvements

Max Depth -1 Support for OmniStudio Deployment Deployments using Max Depth -1 now correctly retrieve and include all dependent components such as IntegrationProcedure, DataRaptor, Document, and VlocityUiTemplate. The retrieved dependencies are now properly reflected in the UI and included in the deployment to the target org. Impacted Modules: Deployment (org → org).
Improved Conflict Resolution Accuracy Resolved an issue where content from previously resolved files was being incorrectly appended to other files during conflict resolution. This fix ensures each conflicted file is processed independently, preventing errors such as duplicate labels during deployment. Impacted Modules: EZ-Merge → Conflicts.
Retry Commit for EZ-Merge After Failure The "Retry Commit" option is now available when a merge fails due to incorrect or unmapped credentials. The system correctly updates the merge status to "CommitPending," enabling users to retry the commit. This fix applies to new merges created after this release. Impacted Modules: EZ-Merge, Dry run merge.
Enhancement: Accurate Filtering in Org Sync The 'Exists in Source Only' filter in Org Sync now accurately reflects the actual number of differing metadata groups. With this fix, both the group count and displayed results are consistent and reliable. Impacted Modules: Org Sync.
Immediate Visibility of 'Skip Org Mapping' Option The 'Skip Org Mapping' permission is now immediately visible in the Roles tab after enabling 'Skip Mappings' on a user’s profile. Previously, a page refresh was required for the option to appear. This enhancement ensures the setting is saved and reflected instantly without additional user actions. Impacted Modules: Admin.
Whitespace Differences in File Diff View The File Diff tab now displays whitespace-only changes when comparing Apex Class files. Previously undetected space differences are now identified and shown, ensuring accurate comparison between source and destination files. Impacted Modules: Org Sync and Deployments.
Vlocity Commit Label Filtering Commit labels associated with Vlocity metadata can now be filtered correctly using the commit label name in the merge screen. Previously created labels without commit type are also supported following a back-end migration fix. Impacted Modules: VC → Change labels → Commit labels.
Support for Initial Commit in Revision Range Deployment Salesforce metadata changes from the initial commit are now included in the retrieve metadata screen when selected as the "From Revision" in a revision range deployment. This ensures changes from both the initial and target revisions are accurately reflected and deployed. Impacted Modules: Custom Deployments - Revision range, single revision.

ARM Release Notes 25.1.3

Release Date: 06 April 2025 This release introduces significant new capabilities and key enhancements across the ARM platform. A major new feature enables multi-level deployment approvals by Org, offering structured release governance with customizable approval groups. Architecture improvements include enhanced global workspace management to handle deleted or missing branches more gracefully. The release also strengthens security with encrypted installation key handling. Core functionality has been optimized, including improved commit revision sorting and faster loading of standard value sets.

1. New Feature

Multi-Level Deployment Approval by Org A two-level deployment approval process has been introduced to provide better control over releases. Each approval level supports group-based approval, allowing any member within the group to approve the deployment. Email notifications are sent to approvers with a link to ARM for approval actions. This approval process can be configured based on Org name. Admins can select applicable orgs and assign separate approvers or approver groups for each. Note: Approval Process support is now limited to Direct Custom Deployment only. It is not supported via Org Sync or Profile Management.

2. Feature Enhancements

Secure Handling of Installation Key in Unlocked Packages CI Job The installation key used in the Unlocked Packages CI Job is now masked and encrypted for improved security. Additionally, a view/hide eye icon has been introduced to toggle the visibility of the installation key.
Clear Status Indicators for Merge Pre-validation Outcomes The "Merge Prevalidation Process" logs now provide clearer visual indicators based on the outcome of the validation. A green checkmark ( ✓) is shown only when the process completes successfully, while a red X clearly indicates when the pre-validation has failed or resulted in auto-rejection. This improvement ensures better visibility into validation outcomes for both merge and commit workflows.

3. Architecture Improvements

3-Tier Architecture for ARM – Separate and Load the UI and Backend Services Individually The ARM UI can now be compiled and run independently from the backend. Based on configurable endpoints, the UI communicates with any designated backend server, defaulting to localhost. All UI components load locally, and API calls are routed according to the configured backend endpoint.
Resilience in Global Workspace Management for Optimized Workspaces A backend fix has been implemented to ensure stability in global workspace creation when the default branch is missing or deleted in the repository. When the default branch no longer exists in AutoRABIT or the remote repository, the system will now automatically update the global workspace and repository configuration to use the last valid branch. This prevents version control operations—such as commit, merge, or revision listing—from being blocked due to a broken global workspace.
A UI enhancement to allow users to change the default branch directly in the VC Repos module will be introduced in an upcoming release to fully resolve the issue.

4. Bug Fixes and Improvements

Reliable CI Job Queue Handling Resolved an issue where CI jobs were stuck in the queue due to mismatched build numbers between CIJobInfo and CIJobHistory tables. The system now handles these cases correctly, ensuring jobs progress without blocking subsequent builds. Impacted Modules: CI Job abort and Queue flows, Release Label abort and Queue flows.
CustomNotificationType Support in Destructive Commits Destructive commits now support the CustomNotificationType metadata. Impacted Modules: Commits, Merges, Release Label Artifact execution, CI Jobs, Deployments while performing the Custom Notifications type destructive changes flow.
Package Key Handling in Deployment Module Resolved an issue where deployments failed due to a null package key during package version installation. The key preparation logic for dependent packages has been corrected, and a migration has been implemented to fix existing invalid keys. Impacted Modules: Unlocked packages, Deployments.
LWC API Check Support in CodeScan Analysis Files with .js-meta.xml suffixes are now included in the CodeScan analysis, enabling proper API checks on Lightning Web Components (LWC) from ARM. This ensures more accurate validation during the scan process. Impacted Modules: ARM CodeScan integration.
Accurate File Name Display in Review Artifact The Review Artifact UI now correctly updates the file name when switching files, ensuring clarity while reviewing changes. Impacted Modules: EZ Commit -> Review-Artifact -> Edit In IDE -> File Names in editor view.
Commit Revisions Sorted by Committed Timestamp Commit revisions in the Commit module are now displayed based on the committed timestamp, aligning with GitHub's behavior. Previously, revisions were shown using the author timestamp, causing confusion. The backend logic has been updated to ensure commits are sorted and displayed consistently. Impacted Modules: New Deployment, New CI Jobs, New Merge, VC Repositories, Release Labels.
Support for Special Characters and Extended Name Lengths in User Profiles User profile fields now support special characters in first and last names. Additionally, the character limits have been extended—first names now allow 3 to 40 characters, and last names allow 1 to 80 characters. Impacted Modules: Admin, My Profile.
Support for Priority 4 Rules in Apex PMD Static Code Analysis Static Code Analysis now includes Priority 4 rule violations in Apex PMD reports. The minimum PMD priority has been updated from Medium (3) to Low (5), allowing visibility into lower-priority issues without affecting CI Job validations configured to fail only on higher priority errors. Impacted Modules: All static code analysis running with Apex PMD.
Optimized Loading of Standard Value Sets in Commit Improved performance and visibility of Standard Value Sets in the EZ-Commit module by minimizing repeated Salesforce API calls. The system now retrieves enabled services during org registration and stores the cloud org type in the database. For existing orgs, the cloud type is updated during retrieval and used for subsequent requests, significantly reducing load times and ensuring correct metadata visibility—especially for Financial Services Cloud orgs. Impacted Modules: EZ-Commit, Commit Templates, Branching Baseline, Deployments, CI Jobs.
Provar Plugin Name Edit Handling Editing the Provar name in the Admin module no longer triggers an invalid notification pop-up when a key file is already uploaded. A response check ensures smoother and more accurate user feedback. Impacted Modules: My Account plugins (Provar).

nCino + Data Loader 25.1.3 Release Notes

Release Date: 6 April 2025

See the Release Notes for nCino + Data Loader improvements.

ARM Release Notes 25.1.2

Release Date: 09 March 2025

This release introduces Checkmarx One Integration, enabling users to perform security scans within ARM using Checkmarx One alongside existing Static Code Analysis tools.

Additionally, we have addressed multiple bug fixes and enhancements, including improved support for PLATFORMEVENTCHANNELMEMBER in destructive commits, enhanced merge conflict detection for layouts, and more reliable duplicate resolution for profiles. Security and stability improvements include fully hiding API tokens after creation, ensuring correct project mapping for CodeScan in CI jobs, and providing consistent permission set deployments in Commit Label deployments.

New Feature

Checkmarx One Integration
Users can now integrate Checkmarx One as a Static Code Analysis tool within ARM. This allows security scans to be performed using Checkmarx One alongside other existing tools, providing a scalable and fully managed security solution for cloud-native and DevOps teams.

Bug Fixes and Improvements

Improved Support for PLATFORMEVENTCHANNELMEMBER in Destructive Commits
ARM supports the destructive commit of PLATFORMEVENTCHANNELMEMBER metadata, ensuring seamless deletion and replacement of platform events without file diff errors. Impacted Modules: Destructive changes, VC, Deployments, CI Jobs.
Enhanced Merge Conflict Detection for Layouts
ARM reliably detects merge conflicts for layout metadata, including files with special characters in their names, ensuring a smoother and more accurate merge process. Impacted Module: EZ-Merge.
Improved Duplicate Resolution for Profiles
ARM ensures stable conflict resolution for profiles by preventing errors caused by commented code on a new line. Users can click on files in the resolve duplicate screen without encountering IndexOutOfBounds exceptions. Impacted Module: EZ-Merge duplicates resolution scenario.
Improved Security for API Tokens
API tokens are now fully hidden after their initial creation and display, ensuring they are no longer exposed in network requests. This enhances security by preventing unauthorized access through browser developer tools. Impacted Module: API Token creation.
Correct Project Mapping for CodeScan in CI Jobs
ARM ensures that CodeScan projects are correctly linked to the scanned Salesforce org in CI jobs. The mapping issue causing a null project name has been resolved, ensuring accurate project creation and association. Impacted Module: CI Job Build Logs.
Improved Commit Label Deployment for Permission Sets
ARM ensures consistent and accurate deployment of permission sets during Commit Label deployments. The Ignore Missing Visibility setting behaves as expected, and redeployments correctly generate a new deployment package instead of reusing the initial one. Impacted Module: Commit Label.

nCino + Data Loader Improvements

Release Date: 9 March 2025

See the Release Notes for nCino + Data Loader improvements.

ARM Release Notes 25.1.0

Release Date: 23 February 2025

The ARM Release 25.1.0 introduces key upgrades, new features, and critical fixes to enhance security, compatibility, and overall performance. This release includes updates to third-party libraries, improved error handling, and several bug fixes to ensure a seamless user experience.

Upgrades and Enhancements

Third-Party Library Updates: OpenJDK, Tomcat, Salesforce CLI, Sonar Scanner, and Local DynamoDB have been updated to their latest versions for improved performance, security, and compatibility.
Salesforce API Version 63.0 Support: ARM now fully supports Salesforce API version 63.0, ensuring compatibility with the latest Salesforce features and functionalities.

Deprecated Features

Picklist to ValueSet Migration: The Picklist feature in the VC Repo section is now deprecated, as Salesforce has discontinued support for it starting from API version 39.

Bug Fixes and Improvements

Clearer Error Messages: Improved UI messages provide more precise and actionable feedback, making troubleshooting easier.
Tag Deployment Fix: Previously, deploying a tag would always result in the same changes, even when those changes were not present in the specified tag or branch. Tags now deploy the correct updates as expected. Impacted Modules: Custom Deployments.
Flow Access & LoginFlows Retrieval: Users can now retrieve and compare Flow Access and LoginFlows seamlessly. Previously, LoginFlows were not visible during change comparisons. Impacted Modules: EZ-Commit with validate deploy, Merge with validate deploy , Profile duplicates.
EZ-Merge Report Accuracy: The EZ-Merge report CSV now includes missing details, such as dates and L1/L2 review statuses, improving tracking and transparency. Impacted Modules: Weekly Report, EZ-Merge report.
CI Job Stability: Resolved issues causing CI job failures and deployment errors for AccelQ tests. Test results now display the correct status and test counts in the Test Summary Report. Impacted Modules: AccelQ CI Jobs.
Deployment Rules Visibility: Deployment rules are now consistently displayed in the Deployment Submit popup window across all deployment types. Impacted Modules: Custom Deployments.
Lightning Email Templates Retrieval: Fixed an issue where Lightning Email Templates were not retrievable across multiple ARM modules, including EZ-Commit, EZ-Merge, Release Label Artifact Preparation, Org-to-Org Deployment, Org Sync, Auto-draft, Commit Template, and Branching Baseline. Impacted Modules: EZ-Commit.
Review Artifact Enhancement: The "Review Artifact" option now correctly displays the package.xml and its corresponding data for commits, deployments, and merges. Additionally, SearchCustomization now functions as expected for both SFDX and non-DX environments, supporting merging, CI jobs, and deployments. Impacted Modules: EZ-Commit, Merge.
SFDX Package Naming Support: Special characters such as @ and . can now be used in SFDX package version names, resolving previous naming limitations. Impacted Modules: SFDX, Unlocked Packages.

Upgrades and Enhancements

Third-Party Library Updates: OpenJDK, Tomcat, Salesforce CLI, Sonar Scanner, and Local DynamoDB have been updated to their latest versions for improved performance, security, and compatibility.
Linux Upgrade: The underlying Linux environment has been upgraded, strengthening security and optimizing system performance.

nCino Improvements

Release Date 23 February 2025

See the Release Notes for nCino + Data Loader improvements.

ARM Release Notes 24.4.5

Release Date: 19 January 2025

With this release, we have implemented the following enhancements and support fixes to improve features and functionality and streamline the user experience.

Security Improvements

Email and Username Validation

Registration processes now enforce unique email addresses and usernames, ensuring each email is linked to only one active account. Added email verification confirms ownership, enhancing security and preventing duplication. Impacted Modules: Admin - User Registration, Subscription Management.

Enhanced XSS Protection

Implemented robust measures to prevent XSS risks, including validation of untrusted data, HTML sanitization, and Content Security Policy (CSP). These updates safeguard data and prevent script-based attacks. Impacted Modules: All Modules.

Support

Improved Remote Site Settings Updates

URL updates now run seamlessly in the destination org. A new mechanism ensures tests proceed smoothly, even if individual cases fail. Impacted Modules: Environment Provisioning.

Consistent Merge Validation

The merge validation process now handles internal folder references accurately. Files in helper folders are fully validated, ensuring consistent results across merges and deployments. Impacted Modules: EZ-Merge with validate deployment.

SharingRules Metadata Visibility

SharingRules metadata is now visible and selectable for deployment and commit operations. Child metadata exclusions were adjusted to ensure proper visibility. Impacted Modules: All Modules.

Support for GenAiPromptTemplate

ARM now supports the GenAiPromptTemplate component, ensuring compatibility with Salesforce updates and enhancing functionality. Impacted Modules: VC, Deployment, CI Jobs.

Aligned Branching Baseline Behavior

Branching Baseline now matches EZ-commit behavior for Default manageable state metadata. Excluded Default metadata, such as Account.object-meta.xml, is no longer committed. Impacted Modules: Branching Baseline.

Faster CI Job Assignment

Agent assignment during CI jobs has been optimized, and a new feature flag allows streamlined verification using repository and username data, reducing delays. Impacted Modules: CI Jobs using Version Control.

Reliable Backup CI Jobs

Backup CI jobs now handle DX metadata exclusions and dashboard queries correctly, ensuring successful scheduled backups. Impacted Modules: CI Jobs, Deployments, EZ-Commits.

Merge Validation for Short Metadata Names

Merge validation now properly handles metadata names shorter than 9 characters. Improved logic ensures accurate validations without failures. Impacted Modules: EZ-Merge, EZ-Commit with validate deployment.

Commit Label Preservation

Commit labels are now retained even when associated pre-validation labels are removed, ensuring labels remain accessible and visible. Impacted Modules: EZ-Commit, Commit Label EZ-Merge, Commit Label Deployment.

Issue Resolution

Optimized Merge File Processing

The VALIDATINGSALESFORCEXML performs a single file check during branch-to-branch merges. Merged file data is stored uniquely, improving performance by preventing duplicate validations. Impacted Modules: EZ-Merge.

ARM Release Notes 24.4.4

Release Date: 15 December 2024

With this release, we have implemented the following enhancements and support fixes to improve features and functionality and streamline the user experience.

Enhancements

TAF Sunset Feature Flag

We introduced a feature flag to support the gradual phase-out of TAF functionality in AutoRABIT. This flag allows controlled activation or deactivation of TAF at the customer account level, enabling a seamless transition without disrupting existing workflows. Automated testing and monitoring have been implemented to ensure functionality operates correctly and customer environments remain stable during the transition. Affected customers will be notified with detailed timelines, guidance, and alternative solutions to support their migration. Impacted Modules: TAF, CI Jobs, Reporting

Protection Against CSV Injection

We strengthened protection against the potential for a security vulnerability related to CSV injection, where malicious formulas embedded in CSV files could execute commands when opened in spreadsheet applications. User-generated data is now thoroughly sanitized, and special characters are omitted to prevent formula execution. This enhancement ensures that exported CSV files are safe to open, enhancing security against attempted cyberattacks. Impacted Modules: Org Sync History, Users, CI Job History, Reports, CI Job List

Unique Email Enforcement for User Registration

We eliminated the possibility for users to register using multiple email accounts for the same email ID, preventing potential confusion and security risks. The registration process now includes strict validation checks to ensure each email address is linked to only one active account. Email verification has also been implemented to confirm ownership and prevent unauthorized registrations, improving data privacy and system integrity.

Asynchronous Deployment Processing

We implemented an update to the deployMetadata SOAP service within the Deployment module, which now enables the process to run asynchronously in the background when initiating a Full Deployment. Previously, the service remained in a "pending" state until the deployment job completed. With this enhancement, the deployment process is more efficient, allowing the service to proceed without blocking user actions while the deployment completes in the background. Impacted Module: Deployments

ARM API Integration with Supported SIEM Systems

AutoRABIT introduced a new API endpoint in the audit logs service to provide structured access to CEF audit logs. The API allows querying audit events based on a specified time range and maximum results, returning a detailed JSON response that includes event metadata, such as timestamps, event types, user actions, and outcomes. This enhancement replaces the previous plain-text log format with a structured system with query capabilities, enabling easier integration and analysis of audit data. Impacted Module: API Audit Log Event

Fixed Redirect for Unsupported Types in Org Sync Report

We corrected an issue in which clicking "Here" in the Org Sync Report failed to redirect to the Unsupported Types Salesforce screen. The href attribute spelling has been corrected, ensuring users are properly redirected to the relevant page for unsupported metadata types. This fix improves navigation and user experience within the Org Sync Report. Impacted Module: Org Sync

Support

Improved Stability for Commit and Merge Operations

We resolved an issue causing failures in commit and merge operations due to corrupted global workspaces. The global workspace handling mechanism has been enhanced to ensure stability, even when the OPTIMIZED_WORKSPACE feature flag is disabled. This fix eliminates runtime exceptions during clone operations, improving the reliability of EZ-Commit and EZ-Merge processes. Impacted Modules: EZ-Commit, EZ-Merge, Deployment & CI Jobs, Repo & Branch Registration.

Accurate Reporting for a CodeScan SCA with a Large Number of Violations

We corrected an error occurring in which a CodeScan code analysis with more than 500 violations displayed incorrect results in the UI and incomplete data in downloaded reports. The fix ensures that all scanned violations are accurately reflected in the UI and included in the downloaded Excel files, providing a complete and reliable report for large code scans. Impacted Modules: CodeScan SCA Execution Reports, CI Jobs, Deployments, Commits, and Merges.

Improved Grouping for Salesforce Scanner Violations

We resolved a mismatch issue between Apex PMD and Salesforce Scanner results. Violations in bundle or static resource subfolders are now correctly grouped under their respective metadata types instead of being displayed as separate components. This fix ensures accurate and consistent results, improving the clarity of scanned violations across all file types, including .JS files. Impacted Modules: SCA Execution for both DX and Non-DX.

ToRevision Included in Scheduled CI Jobs

We fixed an issue in which the ToRevision parameter was missing in scheduled CI jobs. This issue caused jobs to fail by incorrectly using the baseline revision instead of the incremental revision. The fix ensures that ToRevision is consistently included, enabling accurate and reliable execution of CI jobs. Impacted Module: CI Jobs.

Accurate Metadata Selection in AutoRABIT Build Deployments

We resolved an issue in which AutoRABIT Build deployments failed to pick all metadata components when certain components were excluded. The deployment process now ensures that all remaining metadata is correctly included, even after exclusions. This fix addresses issues with missing data-table rows, ensuring complete and accurate metadata deployment. Impacted Module: Deployments.

Accurate Revision Handling in Incremental CI Jobs

We corrected an issue in which manually triggered incremental CI jobs were skipping the previous revision. The build process now ensures accurate handling of "From" and "To" revisions, preventing gaps in deployed commits. This enhancement guarantees that all relevant changes are included during incremental builds, maintaining consistency and reliability in deployment workflows. Impacted Module: CI Jobs.

Improved Handling of Managed Package Components in CI Jobs

We have resolved an issue causing CI job deployments to fail by including managed package components in destructive changes, despite the "Ignore Installed (Managed) Components" setting being enabled. Logic has been added to exclude installed components from destructive changes in both custom deployments and CI jobs. This enhancement ensures successful deployments without errors related to managed package components. Impacted Modules: CI Jobs, Deployments [DX, Non-DX, and Org-to-Org Deployments].

Resolved Deployment Error for DigitalExperienceBundle

We corrected an issue during org-to-org deployments in which DigitalExperienceBundle components were not found in the zipped directory, resulting in deployment failure. The logic handling Digital Experience bundles has been corrected to account for scenarios where excluded components exceed 50. This enhancement ensures successful deployments are completed without errors related to missing DigitalExperienceBundle components. Impacted Module: Custom Deployments with Digital Experience bundles.

Accurate Package Version Updates in sfdx-project.json

We resolved an issue where AutoRABIT failed to commit the latest package version to the sfdx-project.json file. When a new package version is created, it is now correctly updated and committed in the sfdx-project.json file, ensuring consistency between the project configuration and the deployed package versions. Impacted Module: CI Jobs.

ARM Release Notes 24.4.4.1

Release Date: 22 December 2024

Patch to fix bugs in the nCino Query Validation module.

ARM Release Notes 24.4.3

Release Date: 24 November 2024

The following enhancements and support fixes have been implemented with this release to improve features and functionality and streamline the user experience.

Enhancements

Special Character Support in Commit Comments

The EZ-Commit workflow now supports special characters in commit comments, including German characters (ä, ö, ü) and punctuation marks (colon [:], semicolon [;], slash [/]). These characters are correctly displayed in commit messages, and the commit process completes without errors when they are used. Impacted Module: EZ-Commit.

Duplicate Detection for Layout Metadata Subnodes

The system now supports duplicate detection for all subnodes in Layout metadata, ensuring consistent layout configurations and preventing errors during deployment. Duplicate detection functionality has been extended to include the following subnodes:

Header
RelatedLists
Sections
QuickActionList
RelatedContent
EmailDefault
MiniLayout
PlatformActionList

Users will be prompted with clear, actionable messages when duplicates are detected in any of these subnodes, allowing them to resolve issues efficiently. This enhancement builds on existing duplicate detection for <layoutItems>, <layoutColumns>, and <layoutSections>. Impacted Module: Back End.

Support

Digital Experience Metadata Type Improvements

Accurate Metadata Selection in Profile Deployment

When deploying a profile via the CI Job build, only the selected profile is now included in the deployment. The issue in which Digital Experience metadata was incorrectly included has been resolved, ensuring that deployments contain only the metadata explicitly chosen by the user. Impacted Modules: Every module that uses Digital Experience Bundle Metadata type.

Delete Support for DigitalExperience Metadata

Users can now delete DigitalExperience metadata in the EZ-Commit module. Additionally, support for managing DigitalExperience metadata has been extended across all modules. Impacted Modules: EZ-Merge, Custom Deployment, CI Jobs, Prevalidation Deployments, and Release Labels.

Subscription Extension via Super Admin

Super Admin users can now successfully extend subscription counts for active accounts. The issue causing an empty notification pop-up when attempting to increase subscriptions has been resolved. Impacted Module: SuperAdmin - Extend Customer tab. Found in QA.

Vlocity Deployment Visibility in Deployment History

The Vlocity deployment process has been updated to address issues with visibility and interaction:

Deployment History Display:
- Vlocity deployments now appear correctly in the deployment history, ensuring users can track and review their deployments without issues.
UI Interaction Fix:
- Resolved the issue where Vlocity components failed to expand when toggled. Users can now expand and view Vlocity components seamlessly in the deployment history UI.

These improvements enhance the usability and reliability of Vlocity deployments in ARM. Impacted Module: Vlocity Deployments.

Accurate Notifications for Scheduled Code Coverage Report Changes

The notification system for scheduled code coverage reports has been improved to accurately reflect changes in settings.

Test-Level Changes:
- When the test level is altered for a scheduled code coverage report (e.g., weekly schedule), the notification now correctly indicates the change instead of displaying "no changes detected."
Other Configuration Changes:
- Modifications to parameters such as test classes or email lists also trigger accurate and relevant notifications.

This enhancement eliminates misleading messages, ensuring that users receive correct feedback on configuration updates. Impacted Module: Admin-Code coverage report → Reports.

Automatic Mapping of JIRA Credentials

The JIRA credentials mapping process has been improved to eliminate the need for manual workarounds. Credentials using application tokens are now automatically populated in the ALM Mapping section of the profile, without requiring modifications to the default credentials in the ALM Management admin section. This enhancement simplifies the mapping process and ensures seamless integration with JIRA. Impacted Modules: VC Repos, Modularization, EZ-Commit, My Account, SF Org Management.

Improved Handling of Empty Metadata in Release Label Deployment

The release label deployment process has been enhanced to prevent failures caused by empty metadata. When no deployable changes exist and the package.xml is empty, the system now accurately reflects the absence of metadata in both the UI and back end, ensuring consistency and preventing deployment errors. Impacted Module: Release Labels.

Notification Emails for New User Creation

The issue in which notification emails were not being sent to new users upon creation in ARM has been resolved. New users now receive a notification email in their mailbox immediately after being created by an admin, ensuring consistent communication and a smoother onboarding process.

ARM Release Notes 24.4.2

Release Date: 10 November 2024

Enhancements

Salesforce API Version 62 Support

ARM now supports Salesforce API Version 62 for all functions, allowing users to utilize the latest metadata types and capabilities introduced by Salesforce. This upgrade includes comprehensive integration across all ARM functions, including the Data Loader, ensuring alignment with Salesforce's Winter '25 release. ARM Admins can set the global API to version 62, ensuring consistent functionality across all features.

Support

Accurate Metadata Count for Repeated Deployments

ARM now ensures accurate tracking of metadata counts across multiple deployments using previous deployment labels. The request node sent for deployment has been corrected in the front end, ensuring that when performing a follow-up deployment with a prior label, all specified components are included. This enhancement resolves issues in which subsequent deployments using previous labels reflected only a partial count of metadata components, providing a consistent and complete deployment experience across repeated operations.

Confirmation for Destructive-Only Deployments

A new confirmation prompt has been added to notify users when a deployment includes only destructive changes and no constructive changes. This enhancement helps clarify deployment contents, reducing potential confusion for users who may expect other metadata components to be included.

Inclusion of Destructive Changes File in Deployment Backups

The backup.zip file now includes the destructiveChanges.xml file, allowing users to access destructive change data for potential rollback scenarios. This enhancement provides a more comprehensive backup package to support safer and more flexible deployment management.

Improved Commit Label Search Functionality

Enhancements have been made to the commit label search feature to address two user concerns:

Accurate Filtering with Special Characters: The search functionality on the Commit Labels screen now retains all special characters in commit labels, allowing for precise search results even with special characters.
Consistent Label Retrieval Across Screens: The commit label creation and retrieval processes have been standardized across the EZ-Commit and Commit Labels screens. This ensures accurate search results by aligning label keys, resolving prior issues with locating commit labels by revision.

These improvements enhance usability and consistency within the Version Control module, providing a more reliable experience for commit label management.

Corrected Revision Display in EZ-Merge Confirmation

An update has been made to ensure proper display of revision numbers in EZ-Merge confirmations. Previously, certain revision formats containing the character "e" were misinterpreted as exponential values, causing them to display incorrectly as "Infinity" or scientific notation.

This issue has been resolved by adjusting the response handling, allowing revisions to appear as intended without conversion errors. This enhancement improves the accuracy and reliability of revision details displayed during merges, especially for branches with specific revision formats.

Quick Deploy Auto-Population for Deployment Label and Asynchronous ID

An improvement has been made to the Quick Deploy feature to ensure the Deployment Label Name and Asynchronous ID fields auto-populate after a validated deployment. This update addresses issues in which these fields were previously blank, preventing users from completing Quick Deploy without manually reentering data.

This enhancement improves efficiency and consistency for custom deployments, particularly for users working with single revision DX deployments.

Stable Permissions View for Newly Created Teams

An update has been implemented to ensure stable loading of the Permissions View in the Admin module for newly created teams under Subscription Management. Previously, permissions were not displayed due to an incomplete setup for new users created via the "Create Team" option.

Now, the releaseNotify setting for new users defaults to "true," and additional checks have been added to handle null values during data conversion. This enhancement ensures permissions load reliably, enhancing usability for subscription-based team management.

Improved CI Job Editing with Null Check for Checkmarx Configuration

A fix has been implemented to prevent blank pages from displaying when editing CI jobs. Previously, attempting to edit CI jobs with no rules configured for Checkmarx would result in an unresponsive, blank screen.

This enhancement includes a null check, ensuring CI jobs are editable even if no rules are set for Checkmarx configurations. This update improves stability and usability for managing CI jobs in ARM.

Improved Tag-Based Deployment

An update has been made to ensure successful deployments when using tags in the deployment module. Previously, deployments initiated with tags would sometimes fail with a "No Changes are found in the package" error due to issues with file copying during tag-based deployments.

This enhancement ensures accurate file handling for tag-based deployments, providing stable and reliable performance for both DX and non-DX branches.

Accurate Error Messaging for CI Jobs and Deployments

An update has been implemented to improve the accuracy of error messages displayed in CI job logs and deployments. Previously, CI jobs that encountered baseline revision failures or exceeded file limits displayed misleading error messages. Additionally, deployment failures were showing unrelated errors, such as "Invalid Login," instead of indicating the true cause, such as reaching Salesforce file limits or the need for reauthentication.

This enhancement ensures that CI job and deployment errors reflect the actual underlying issues, providing users with clearer, more actionable information for troubleshooting.

Direct Commit Support for Profiles and Permission Sets

An update has been applied to the direct commit process to ensure that both profiles and permission sets are committed together when selected. Previously, when committing Field-Level Security (FLS) for profiles and permission sets in a single direct commit, only profile FLS was committed, while permission sets were excluded.

This enhancement aligns direct commit functionality with pre-validation commits, allowing selected metadata types—including profiles, permission sets, and custom fields—to be consistently committed as intended. This update improves accuracy and flexibility for version control management within ARM.

Improved Merge Conflict Resolution Status

An update has been applied to ensure accurate status updates during merge conflict resolution in EZ-Merge. Previously, after resolving a conflict, the status was sometimes incorrectly set to "Commit," even when additional conflicts remained. This led to repeated merge conflict prompts after refreshing the page.

With this fix, the merge status will correctly display as "In Progress" when unresolved conflicts are pending, and actions will show as "Check Details" instead of "Commit." This enhancement ensures clearer guidance during conflict resolution, streamlining the merge process in EZ-Merge for better user experience.

Optimized Inline Comment Retrieval in Large File Diffs

An improvement has been made to reduce "Network Connection Interrupted" errors when expanding large files under the "Files Changed" tab in EZ-Merge. Previously, each line in files exceeding 3,000 lines triggered an individual API call to fetch inline comments, leading to network interruptions and interface freezes, particularly for files with 15,000 lines or more.

With this enhancement, a single API call now retrieves all inline comments at the file level, significantly improving performance and stability when working with large files. This update prevents excessive network calls and enhances usability during merge and commit actions.

Accurate Component Inclusion for Reused Commit Labels

An update has been made to the "Re-use Previously Validated Commit Labels" functionality to ensure that only selected components are included in the commit. Previously, when reusing a validated commit label, additional, unintended changes (such as Profiles and Permission Sets) could appear in the "Files Changed" tab during the approval stage, even if only specific components were selected initially.

This enhancement corrects the commit process so that only the selected components are retained and displayed in the commit, providing more reliable control and accuracy over component selection in EZ-Commit. This improvement applies to both DX and non-DX formats and supports all commit types, including manual selection, auto-draft, commit templates, and package uploads.

ARM Release Notes 24.4.1

Release Date: 27 October 2024

Enhancements

Manageable-State Selection for Branching Baseline A new option has been added to select the Salesforce org's manageable state when initiating or re-running a branching baseline. This option is available only when the retrieval type is set to Salesforce, ensuring greater control over the data types included in the process.

Consistent Manageable-State Dropdown Across Modules The manageable-state dropdown is now consistently available across several modules, streamlining the user experience. It can be found in the following areas:
- Branching Baseline
- CI Job (Org to Org deployment)
- EZ Commit
- My Account (Save Global Settings for Admins)
- Static Code Analysis
- Org Synchronization History
Global Settings Migration for Manageable State Global settings for manageable state, previously configured in the "My Account → Admin" section, are now automatically retrieved and applied across relevant modules, ensuring consistency across the platform.
Database Support for Manageable State The database schema has been updated to support the manageable-state dropdown in CI Job, EZ-Commit, and Branching Baseline modules. This ensures that user selections are properly saved and retrieved, maintaining data integrity across sessions.

Conditional Abort Functionality for Branching Baseline The "Abort" button is now only clickable when the branching baseline process is actively in progress. The abort functionality behaves as follows:

If the process is in the retrieval stage, clicking "Abort" will stop the operation.
If the process is in the committing stage, clicking "Abort" will cancel the process.
If the revision has already been generated or committed, the "Abort" button will be disabled to prevent unnecessary actions.

Enhancement: Updated Actions in Branching Baseline The actions available for each branching baseline iteration now include "Run," "Abort," and "Delete," providing clear and accessible options based on the process state.
Enhancement: Combined Revision and Info Section in Iterations The "Revision" and "Info" columns in the branching baseline iterations section have been merged into a single "Revision Info" column. This section is now a clickable hyperlink, allowing users to view detailed information for each specific revision easily.

Improved Abort Functionality with Interrupt Method (Internal) The abort functionality has been enhanced across the application by implementing the recommended interrupt method, significantly improving reliability and preventing potential thread-related crashes. This update ensures a smoother and more stable abort process.

The enhanced abort functionality has been applied to the following areas:

Admin
CI Jobs
Version Control Release Labels

Thorough internal QA checks have been performed to ensure the stability of this new approach.

Enable the “Trigger Build On Commit” option when creating a CI Job Users can now enable the “Trigger Build On Commit” option when creating a CI Job, allowing automated builds triggered directly by commits. Upon selecting this option, a webhook setup will become available, ensuring that every new change in the version control system triggers an update to the CI Job. Builds will only initiate for commits made in the feature templates folder.

Support

Accurate Merge Status Display

Customers reported receiving expiry email notifications with a misleading status of "MERGED," even though the merge was still pending approval or awaiting changes to be committed. This confusion has been addressed by updating the merge status in the expiry email. Now, the system retrieves the status from the SCM History table, ensuring the actual state of the merge is reflected. Users will no longer see "MERGED" unless the merge has been fully completed, providing clearer communication on the status of their merges.

Profile Comparison Layout and Behavior Fixes

The following issues in profile comparison have been resolved by adding the "Person Account" column dynamically when person accounts are enabled:

Record Type Column Fix: The Record Type section in new profile comparisons now displays only two columns, as expected. The third column, "Person Account Default," will only appear in the downloadable report if person accounts are enabled.
Layout Fix: The layout issue where five columns were displayed instead of six during profile comparisons has been addressed.
Default and Visible Field Fix: The issue where users could check 'Default' without checking 'Visible' and could not uncheck 'Default' once selected has been fixed.

These changes ensure a more accurate and dynamic display in profile comparisons, improving the overall user experience.

Select All Behavior Correction in Deployment Tab

A UI bug in the Deployment tab has been fixed where unchecking a metadata member under the "All Metadata" tab did not update the "Select All" option as expected. The condition for deselecting "Select All" has been corrected based on metadata types in the front end, ensuring that when individual metadata members are unchecked, the "Select All" option now responds accurately and reflects the correct selection status. This fix improves the consistency and usability of the deployment process.

Apex Test Class Live Status Fix

The issue where the Live status for the Apex Test Class was not populating under the SF Org Management section has been resolved. The fix involved changing the response data type from text to JSON, allowing the Live status to be fetched and displayed correctly for Apex Test Classes. This update ensures accurate status reporting for users.

Vlocity Deployment Failure Fix

A code fix has been implemented to resolve the issue where Vlocity deployments were failing during VC incremental deployments. The failure occurred because the CI job picked a different dependency, specifically the contentVersion dependency, which was not included in the release label deployment. The fix removes non-Vlocity components during CI deployments, ensuring that only relevant dependencies are picked, resulting in consistent and successful Vlocity deployments.

Board Type Selection Fix in Release Label Merge

An issue where the board type was automatically changing from Vlocity to Salesforce during release label merges has been resolved. The problem occurred because the board type was not being explicitly set to Vlocity during the merge operation, causing Salesforce to be selected by default. This fix ensures that the correct board type, Vlocity, is maintained during the merge process.

Unrelated Changes in EZ-Merges Fix

A fix has been implemented to address the issue of unrelated changes being pulled into EZ-Merges. To prevent this, the system now cross-checks the remote head revision against the local revision before allocating the workspace, ensuring the workspace is properly synced with the remote repository.

Additionally, loggers have been added to track and identify the root cause should this issue recur in the future. These updates ensure a more reliable and controlled merge process, reducing the chance of unintended changes being included in EZ-Merges.

Manual Deployment Destructive Changes Fix

An issue was identified during manual deployments using AutoRABIT Build, where clearing all pre-destructive changes did not exclude them as expected. This occurred when deploying via the Metadata.zip option in non-DX custom deployments, where destructive changes were still included despite being deselected.

A code fix has been implemented to ensure that when pre-destructive changes are cleared during deployment, they are properly excluded from the process. This update ensures that all selected components are correctly deployed, without any unwanted destructive changes being included.

Review Artifact Screen Icon Display Fix

An issue on the Review Artifact screen where icons were not displaying correctly during keyword searches (Ctrl + F) has been resolved. Users previously saw only box icons, leading to confusion about the functions of each icon.

The fix involved correcting the file path for font icons and updating the CSS to ensure proper loading. Icons now display correctly, providing clear visual guidance for each action on the screen. Support Case #123456

NamedCredential Search and Substitute Fix

An issue was identified where the "Search and Substitute" feature was not working for the NamedCredential metadata type. The problem occurred because the metadata type was misspelled as "NamedCrendential" in the configuration file.

The root cause has been addressed by correcting the spelling of "NamedCredential" in the JSON file that maintains supported metadata types and their subnodes.

Deactivated User Deletion Error Fix

An issue where an error pop-up appeared when attempting to delete deactivated users has been resolved. While the user was successfully deleted after a page refresh, the error caused confusion.

The fix involved correctly reading the JWT token during the deletion process, ensuring that inactive users can now be deleted without triggering an error message. This update streamlines the user deletion process and eliminates unnecessary pop-ups.

Validation Job NullPointerException Fix

An issue causing validation CI jobs to fail with a java.lang.NullPointerException has been identified. The problem occurred intermittently when the customer changed the baseline revision, with the workaround only providing temporary relief.

A fix has been implemented to address the root cause of the null pointer error. This ensures that validation jobs now run consistently without failure, eliminating the need for manual interventions or workarounds.

Workspace Error in EZ-Commit Delete Tab Fix

An issue where users encountered a "Workspace does not exist" error in the Delete tab of EZ-Commit has been resolved. The error occurred because the system did not check whether the workspace was optimized before throwing a custom exception when the workspace was not locked.

A fix has been implemented by adding a condition to ignore optimized workspaces when checking for locks. This ensures that users no longer see the error pop-up when navigating to the Delete tab in EZ-Commit, improving the overall functionality. Support Case #124537Improvements

Optimized Selective Deployments Selective deployments have been optimized to utilize pre-prepared artifacts, eliminating the need for additional Git operations. This enhancement allows users to perform component selection directly on the pre-prepared artifact, ensuring faster deployment times and reducing the risk of errors associated with manual Git interactions.

Lazy Loading for EZ Commit Data Tables The EZ Commit process now includes lazy loading for metadata components when using the Auto Draft functionality. Initially, only necessary data is loaded, with additional data fetched as the user scrolls or navigates through the table. This ensures a more efficient and responsive experience.

Lazy Loading in Package Manifest and Commit Template Lazy loading has also been implemented in the Package Manifest and Commit Template screens and the Selected and Deleted tabs, enhancing performance and responsiveness across these areas.

A visual indicator has been added during the loading process, ensuring users are informed while additional data loads, without any noticeable delays or interruptions to the user experience.

Third-Party Library Upgrades Third-party libraries have been upgraded to ensure the latest enhancements and fixes from external libraries, improving overall stability across the platform.

By streamlining the selective deployment process, this improvement enhances efficiency and contributes to a more reliable release management workflow.

ARM Release Notes 24.2

Release Date: 25 August 2024

Improved Reporting Features and Enhancements

New Features

The new merge report is now included in the downloaded reports.
Failure/Auto-reject reasons have been added to the reports for merge, commits, deployment, and CI build jobs, ensuring that if any jobs fail, the reason is included in the reports.

Enhancements

Extra fields have been correctly added to the current report.
The name of "Latest Reports" has been changed to "Refresh Reports View."
Users are now restricted from downloading more than six months of data.
Post-download, headers, alignment, and naming conventions in Excel have been checked for readability and usability.

Exclude Metadata in the Branching Baseline Users can now customize their baselines by excluding specific metadata. When selecting the "New Branching Baseline" option, a pop-up appears with available fields. A new "Exclude Metadata" checkbox allows users to choose what metadata to include or exclude from a scrollable or searchable list, with individual checkboxes for each item. Options to "Check All" or "Uncheck All" are available in both sections. Once selections are made, users can click "OK" and then "Run" to execute the process.
Detailed Status Messages for Branching Baseline Process To improve transparency and usability, the branching baseline process now provides specific status messages for different failure scenarios. If some metadata members fail to commit, the status will display as "Partial Success" or "Failed." Users can download the files of the failed batch metadata XML files for better feasibility and view failure reasons, reducing troubleshooting time and improving overall efficiency.
Updated UI and Pagination The UI for EZ-commit, deployments, and commit template screens has been updated with pagination for metadata-type tables. Users can now adjust the number of entries displayed per page.

Pagination Availability:

VC Commit: Components selection screen.
Commit Template: Components selection screen.
Deployments: Retrieval screen and "Additional Metadata" section.

Improvements

In this release, we revolutionized the system by converting all JSP pages into a RESTful API, enhancing modularity, scalability, and interoperability.
SOAP to REST services were upgraded.
Third-party libraries were upgraded.

ARM Release Notes 24.1

June 2024

Version 24.1 – Enhancements and Improvements

Enhancements

Perform Validation Deployment for Multiple Orgs In this release, we're thrilled to introduce an enhanced Validate Deployment feature, responding to a key user request. Users can now choose multiple orgs simultaneously, enabling a forward-looking validation process as they promote from one sandbox to the next and eventually to production. This time-saving enhancement allows users to select up to three organizations from a convenient multi-picklist, and the subsequent summary screen provides a consolidated view of the deployment results for each selected organization. The implementation ensures a seamless experience by allowing users to toggle between different org validations. The introduction of this feature in the EZ-Merge and EZ-Commit options streamlines deployment validations, contributing to a more efficient and informed deployment workflow.
Incorporated Checkbox to Skip Prevalidation Criteria In this release, we're excited to introduce the ability for developers to skip all prevalidation criteria specifically for back merges from designated branches. This enhancement offers a streamlined approach to the back merge process, empowering developers to improve efficiency and simplify code migration upstream. To leverage this feature, developers can configure the branch type in VC Repos → Branch settings, where a new checkbox option allows you to enable skipping prevalidation criteria for a particular branch during back merges. This capability enhances flexibility and productivity, reducing unnecessary steps in the code migration workflow. With the skip option, developers have greater control over the back merge process, ensuring a smoother and more agile development experience.
Revamped Static Code Analysis View We’ve revamped our static code analysis UI to enhance the user experience. Now, errors are conveniently displayed under selected files, streamlining issue identification and resolution across various tools.
Streamlined EZ-Commit Editing This release significantly enhanced the EZ-Commit workflow to empower developers. The introduction of an integrated Compare Changes option in the Review Artifact screen allows for seamless viewing, editing, and visualizing of Salesforce metadata changes in a single, user-friendly interface. Developers can now effortlessly navigate and understand their code edits with color-coded differences, eliminating the need to toggle between multiple screens. This streamlined process enhances the user experience and addresses a crucial blocker in the journey towards CI/CD, providing a more efficient and intuitive path for developers.
Enhanced SCA Label Scheduling In this release, users can now enjoy enhanced control over SCA label scheduling with the introduction of the ability to edit/update schedules. This feature provides greater flexibility, allowing users to modify scheduled times for SCA labels, contributing to a more seamless and user-friendly experience in managing job schedules.
New Email Templates Implementation In this release, a significant enhancement has been made by implementing new email templates that align with current visualization standards. This update reflects our commitment to maintaining high standards in user interface design and enhancing overall user engagement.

Improvements

This update improves the tool's efficiency and responsiveness and leverages new technologies, collectively resulting in a smoother, faster user experience.

In this release, we revolutionized the system by converting all JSP pages into a RESTful API, enhancing modularity, scalability, and interoperability.
SF CLI Version upgrade to 2.41.8
SOAP to REST services upgrade: Upgrading from SOAP to REST services improves performance by reducing overhead with lightweight JSON payloads and enhances security through stateless communication and simplified implementation of HTTPS.
By merging SalesforceDxHub into SalesforceOrg, it effectively reduces redundancy in data storage. Users can now register once from SalesforceOrg, with the added capability to specify a registered org as a Dev hub. When a production org is registered as a Dev hub, it appears on both screens, streamlining data management and enhancing user workflow. This release optimizes data storage, improves user experience, and simplifies registration processes, ultimately enhancing overall system efficiency.
Upgrade of third-party libraries
Salesforce integration credentials (Client ID & Secret) are now encrypted for improved security. Existing tokens are also migrated to the new format. This enhances protection against unauthorized access.
Log-leveling: Dynamically modify log levels for specific logger categories to enhance monitoring and troubleshooting.

Changelogs

The following weekly fixes were implemented.

31 July 2024

ARM 24.1.7

A code fix was applied to the CI Jobs module of version 24.1 related to a data error that caused a CI Job to be unable to be built manually. Support ticket #117587
A code fix was applied to the Admin module of version 24.1 due to a data error that caused Salesforce orgs to not be displayed as mapped to the repository even after enabling them under the profile. Support ticket #117542
A code fix was applied to the nCino module of version 24.1 due to a use-case error identified internally in which rollback failed for inserted records.
A code fix was applied to the nCino module of version 24.1 due to a use-case error in which Data Loader jobs were automatically being deleted. Support ticket #117577
A code fix was applied to the CI Jobs module of versions 23.1 and 24.1 due to a use-case error causing the CI Job History report to not generate. #116943

24 July 2024

ARM 24.1.6

A code fix was applied to the CI Jobs module of version 24.1 due to a typo in the ARM CI Jobs creation screen. Support ticket #116616
A code fix was applied to the Deployments module of version 24.1 due to a use-case error in which the 'add member' option was not working. Support tickets #116545, #117480
A code fix was applied to the Admin module of version 24.1 to correct a use-case error in which test class mappings were missing. Support tickets #116984, #117737
A code fix was applied to the Admin module of version 24.1 to correct a use-case issue with log visibility in the branching baseline for admin users. Support ticket #117485
A code fix was applied to the Admin module of version 24.1 from an internal ticket identifying a use case in which the user was getting an 'unauthorized 401' error during a new account signup registration.
A code fix was applied to the Admin module of version 24.1 identified by internal ticket a use case in which the user was unable to log in via the default SSO login page; also, the build version and revsion information were not displaying.
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which an issue was occurring with the system administrator lite. Support ticket #117297
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which the user was not able to see the metadata through the single revision deployment. Support ticket #116919
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which the user was not able to deploy the Einstein Prediction builder. Support ticket #116909
A code fix was applied to the Admin module of versions 23.1 and 24.1 due to a use-case error with users losing access. Support ticket #111830
A code fix was applied to the Version Control module of versions 23.1 and 24.1 due to a use-case error requiring multiple revisions on an ALM work item. Support ticket #117810
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error with the new profile compare feature. Support ticket #117309
A code fix was applied to the nCino module of version 24.1 due to a use-case error in which Data Loader jobs were being automatically deleted. Support ticket #117577
A code fix was applied to the CI Jobs and Deployment modules of version 24.1 due to a use-case error causing the rollback functionality to not work properly. Support tickets #117512, #118316
A code fix was applied to the CI Jobs module of version 24.1 due to a use-case error in which CI Jobs were experiencing a build issue, which is awaiting QA verification from the customer. Support ticket #118301
A code fix was applied to the CI Jobs module of version 24.1 due to a use-case error identified by internal ticket in which a CI Unlocked package installed CI build failing with Hub connection failure, even though Hub connection was successful.
An internal ticket identified an EBR change request required to the EBR module of version 24.1 to correct EBR plugins.

17 July 2024

ARM 24.1.5

A code fix was applied to version 24.1 as a result of a data error encountered in the CI Jobs module related to CI Jobs not triggering. Support ticket #116677
A code fix was applied to the Version Control module in version 24.1 related to a data error causing the WebLink deletion feature to not work. Support ticket #115994
A code fix was applied to the CI Jobs module in version 24.1 due to a data error identified internally with the CI Edit edit mode where the "Do you want us to update the test classes" feature is not saving.
A code fix was applied to the nCino module in version 24.1 related to a use-case error in which Data Loader Pro was not fetching the child object. Support ticket #116928

10 July 2024

ARM 24.1.4

A use-case error identified in version 23.1 required a code fix applied in versions 23.1 and 24.1 to the Deployment and Version Control modules, to correct a scenario in an org-to-org full-profile deployment in which package visibility and permissions were not captured. Support ticket #110760
A code fix was applied to versions 23.1 and 24.1 due to a use-case error identified in version 23.1 in which commits were failing with a 'no credentials mapped' error in the Version Control module. Support ticket #116704
A code fix identified in version 24.1 was applied to the Admin module in version 24.1 due to a use-case error identified by internal ticket in which the on-premises server was not starting up after migrating from 23.1 to 24.1 build.
A use-case error in the Version Control module identified in version 24.1 by internal ticket required a code fix to version 24.1 to correct an instance in which the user was unable to create a release label.

3 & 7 July 2024

ARM 24.1.3

A use-case error identified in version 24.1 required a code fix to the CI Jobs module, applied in versions 23.1 and 24.1, to correct instances where configuration changes were not being saved to the CI job. Support ticket #116047
A code fix identified in version 24.1 by an internal ticket was implemented in version 24.1 to correct a use-case error in which the Version Control module’s Validate and Merge button was not being reflected immediately after changing the EZ-Merge validation criteria in MyAccounts.
A code fix identified in version 24.1 by an internal ticket was applied to version 24.1 due to the minimization feature not working in the Version Control module.
A code fix identified by an internal ticket in version 24.1 was applied to the Version Control module in version 24.1 due a use-case error where ‘Path View’ section highlighting is occurring when toggling from the ‘File Changes’ screen to the ‘Path’ view, then back to the ‘File Changes Path’ view.
A code fix identified in version 24.1 by an internal ticket was initiated to the EBR Change module in version 24.1, prompted by a change to the EBR plugin info.
A use-case error identified in version 24.1 by an internal ticket required a code fix to the Version Control module in version 24.1 due to the commit history screen getting stuck loading when the repo name has a special character in it (e.g., plus sign [+]).
A use-case scenario identified in version 24.1 by an internal ticket required a code fix to the CI Jobs module in version 24.1 for the time-frame window to be added for the ARM admin API to fetch data.
A use-case error identified in version 24.1 by an internal ticket required a code fix applied to the nCino module in version 24.1 to correct where the option "automap user/owner data" is disabled by default for CI jobs created in 23.1.x versions.
A use-case scenario identified in version 24.1 required a code fix to the Version Control module in version 24.1 due to release labels not showing. Support ticket #116413
A use-case error identified in version 24.1 required a code fix to the Version Control module in version 24.1 due to an issue with choosing the Level 1 approver when performing a merge. Support ticket #116417, #116692
A use-case error was identified in version 24.1 that required a code fix to the nCino module due to the RBC filters not working on commits. Support ticket #116291
A use-case scenario identified in version 24.1 via an internal ticket required a code fix to the nCino module to correct an error in which the Data Loader clone process is not identifying the new CSV file.
A use-case error identified in version 24.1 required a code fix to the Version Control module to correct an error in which user is unable to create an EZ-Merge. Support ticket #116700
A code fix was applied to the Deployment and Version Control modules to correct a use-case error identified in version 24.1 in which the org comparison is not showing diff results. Support ticket #116039
A use-case scenario required a code fix to the version 24.1 Admin module to correct an error that caused the branching baseline to keep running for 24 hours. Support ticket #114734
A code fix was applied to the Version Control module to correct a use-case error identified in version 24.1 that caused commits to be failing with an 'no credentials mapped' error. Support ticket #116704
A use-case error identified in version 23.1 required a code fix to the Deployment module, applied in versions 23.1 and 24.1, to correct the metadata retrieval in the repository from failing. Support ticket #115818
A code fix identified in version 23.1 by an internal request ticket was applied to the Admin and CI jobs modules in versions 23.1 and 24.1 to upgrade v61 (Beta) to v61.

26 June 2024

ARM 24.1.2

A data error reported in version 23.1 with the Version Control module that resulted in version control being deleted was resolved in both 23.1 and 24.1 through adding loggers. Support ticket #114503
A use-case error reported in version 23.1 with the Version Control module in which the user was unable to use an existing conflicted file, which resulted in reraising merge requests, was resolved in both 23.1 and 24.1 through a code fix. Support ticket #115084
A use-case error reported in version 23.1, which resulted in an issue with the Data Loader module in which the software was not inserting the correct record type, was resolved in both 23.1 and 24.1 through a code fix. Support ticket #114076
A use-case error reported in version 23.1 with the nCino module in which rollbacks were only partially being completed was resolved in both 23.1 and 24.1 through a code fix. Support ticket #115204
A use-case error in version 24.1 with the Version Control module in which commits were remaining in progress was resolved through a code fix. Support ticket #115691
A use-case error in version 24.1 with the Version Control module with commit CI Job deployment errors was resolved in 24.1 through a code fix. Support ticket #115817
A use-case error reported in version 24.1 required an update to the Admin module to properly reflect X rather than Twitter along with revised copyright information, which was resolved through a code fix. Support ticket #115756

23 June 2024

ARM 24.1.1

A code fix was applied to the Version Control module for a use-case error related to an EZ-Commit re-login issue identified. Support ticket #115664
A code fix was applied to the Version Control and Admin modules for a use-case error related to an issue in which Azure ADO connection and password were returning errors. Support tickets #115489, 115558
A code fix was applied to the Version Control module for a use-case error related to a validation org being requested when attempting to merge changes. Support ticket #115787
A code fix was applied to the Version Control module for a use-case error related to the create artifact button not being visible when attempting to create a release label.
A code fix was applied to the Reports module for a use-case error related to an alignment issue in the weekly reports filter for no deployments.
A code fix was applied to the Admin module for a use-case error in which the user is unable to create a search and substitute rule.
A code fix was applied to the Admin module for a use-case error related to being unable to register a branch.

nCino Improvements

See the recent updates to nCino release 24.1 notes as well.

ARM Release Notes 23.1

September 2023

Version 23.1 – New Features, Enhancements, and Improvements

Supports Provar Current Version: 2.10.1

Supports Apex PMD Current Version: 7.0.0

New Features

1. Automatic Merge after Successful CI Build We know that understanding and managing version control can sometimes be a challenge. ARM offers the flexibility to cherry-pick branch revisions for merge or deployment. Now you can automate this process of cherry-picking the revisions in CI Jobs as a post-deployment step.

The 'Run Merge process on successful deployment' feature keeps track of builds in source branches and merges them into a designated destination branch if they meet the configured criteria (for example, if the build is successful). Rather than requiring manual effort, upstream merges may now be automated by the Salesforce Release Manager using revision numbers that were determined as part of a build cycle in CI jobs.

Users will be notified via email of the success or failure of the automated merge process.

2. Create and Install an Unlocked Package Version from a Version Control Branch Use ARM CI intelligence to create a package version, build using the SFDX project structure in a Version Control branch, and install the same in the destination org of your choice—all from the same page.

You can now generate an unlocked package version automatically through the CI job, and as part of the deployment, it is deployed in the same build cycle. Until the 22.2 version, it picked the latest package version that was already successfully created in ARM.

When users create a CI job using this option, ARM checks the Version Control. If there is a change, it builds a new version on top of the packages. Once the package is created, then the deployment is triggered automatically.

3. Create Connected Apps ARM now gives access to users to create and maintain their OAuth credentials. Users can set up the Connected Apps for Jira OAuth and register the credentials with ARM.

You can add, edit, and delete your Jira login credentials instead of contacting AutoRABIT to manage the connected apps. Once created, simply provide us with the connected app details like Client ID and Secret Keys.

We use these details to connect as an ALM and test the connection.

4. RESTricted Emails The new RESTricted Emails section on the Notifications page of the Admin module helps ensure that ARM-related emails are not sent to deactivated users.

Admins can either add users to this list manually or deactivate the respective users from the Users page of the Admin module, and they will be automatically added to this list. These users will not receive ANY emails including deactivation, forgotten password, reset password, jobs executed in the application, etc. Admins can also use the same two methods to reactivate a user and remove them from this list.

There is also a provision for an Admin to remove all users from the RESTricted Emails list at once.

5. Dependency Analyzer Dependency Analyzer helps you understand the dependencies among various components in your Salesforce org. It allows you to analyze the relationships among objects, fields, classes, triggers, and other metadata components.

With Quality Gates, ARM helps Salesforce developers run multiple checks to understand if and how their commits can break a Salesforce org. Currently, we enforce the following gates:

SAST, SSPM, and AST (Static Code Analysis, Salesforce Security Posture Management, and Application Security Testing)
Deployment Validation
File Change Footprint
Peer-to-Peer Code Review

With the introduction of the Dependency Analyzer, we can offer a fourth gate, Dependency Check, which will allow users to see what they are missing due to Salesforce specificity.

We have introduced the Dependency Analyzer in CI Jobs for now, and this is just a start at bringing this functionality to the remaining modules soon.

Users now have the option to ‘Run Metadata Dependency on Failed Deployments’ to view the results of failed metadata components with their dependencies and download them in Manifest and XML formats.

6. ServiceNow – ALM Management The ARM–ServiceNow integration automatically posts updates to ServiceNow tickets. It makes tracking the status of your user stories and support tickets faster and easier. Tasks can be organized by project, allowing an organization to track issues within projects transparently.

ServiceNow will make information more easily accessible and workflows more streamlined, reducing the time and effort required to manage and resolve service requests. Additionally, the integration will allow teams to work more effectively, improving collaboration and communication.

Enhancements

Salesforce Spring (API 57.0) & Summer (API 58.0) Support AutoRABIT supports the most recent API 57.0 & API 58.0 versions in this release to keep our product updated with Salesforce updates. The most recent API version is intended for customizing and developing tools to manage the metadata model.
Exporting Selected User Details Users with Admin access can now choose the fields they want to include while exporting users' details to a CSV file. While selecting the Export option, the list of available fields is displayed. Admins can select and deselect the required fields by clicking the corresponding checkbox. Some of the fields are selected by default for ease of use. Admins can always deselect these fields if they are not required. Thus, based on the teams with whom they will be shared, Admins can customize the fields in the list.
More Info on CI Jobs and Info Users are now able to view the CI Jobs they created in the CI Job List screen to date inside ARM. The list is displayed in chronological order with the most recent jobs listed at the top.
'Created and Requested by' in Deployment UI Users are now able to view the ‘Created by’ and ‘Triggered by’ fields in the Deployment home screen without scrolling through multiple screens for this info, enabling monitoring of the deployment’s real-time progress. Read more
Self-Service Connected App Setup for Jira OAuth in ARM We've introduced a self-service feature allowing users to set up Jira OAuth-connected apps in ARM autonomously. With guidance from our user manual's Connected App guide, users can effortlessly create and register their app credentials, eliminating the need for support team assistance. Users can quickly establish a robust connection by inputting the generated Client ID and Server Key into ARM's settings.
Unified Admin Roles We’re excited to introduce a streamlined and more efficient Admin experience. We’ve consolidated the roles of Super Admin and Registered Admin into a single empowered Admin role. This change means Admins now have a unified set of tools and permissions, streamlining tasks and creating a more user-friendly Admin experience.
CI Jobs List and Results: Filter and Export Option We've enhanced the platform with a user-friendly quick filter and export feature in response to user feedback. This functionality empowers administrators, release managers, and users to efficiently organize and analyze data by alphabet or date, facilitating faster insights and informed decision-making.
Create Artifact: Release label more than 180 days In the Create Artifact section, users can now generate a Release Label and have the flexibility to choose an extended timeframe of over 180 days for retrieving comprehensive commit history data. This enhancement offers users a broader historical perspective, facilitating more in-depth analysis and tracking of commits for their projects.
Enhanced security and user experience. (NEW) The new features focus on enhancing security and user experience. They include a single-user session control to prevent multiple active sessions under the same username, automatic logout for inactivity to bolster security, and support for multiple tabs or pages in the same browser, improving user productivity and maintaining the environment's integrity.

Improvements

This update has implemented significant performance upgrades to enhance the tool's efficiency and responsiveness. These enhancements encompass optimized queries and leverage new technologies, collectively resulting in a smoother, faster user experience.

31 July 2024

ARM 23.1.40

A code fix was applied to the CI Jobs module of versions 23.1 and 24.1 related to a use-case error causing the CI Jobs History report to not generate. Support ticket #116943

24 July 2024

ARM 23.1.39

A code fix was applied to the Version Control module in version 23.1 related to a use-case error in which the merge completion was taking too long. Support ticket #113102
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which an issue was occurring with the system administrator lite. Support ticket #117297
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which the user was not able to see the metadata through the single revision deployment. Support ticket #116919
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error in which the user was not able to deploy the Einstein Prediction builder. Support ticket #116909
A code fix was applied to the Admin module of versions 23.1 and 24.1 due to a use-case error with users losing access. Support ticket #111830
A code fix was applied to the Version Control module of versions 23.1 and 24.1 due to a use-case error requiring multiple revisions on an ALM work item. Support ticket #117810
A code fix was applied to the Deployments module of versions 23.1 and 24.1 due to a use-case error with the new profile compare feature. Support ticket #117309
A code fix was applied to the Deployments module of version 23.1 due to a use-case error with 'add additional member' showing duplicates when expanding the toggle. Internal request.
A code fix was applied to the Version Control module of version 23.1 due to a use-case error with users getting an error for a commits tab external pull request using Bit bucket repo. Internal request.

17 July 2024

ARM 23.1.38

A code fix was applied to the nCino module in version 23.1 related to a use-case error in which Data Loader Pro was not fetching the child object. Support ticket #115313

10 July 2024

ARM 23.1.37

A use-case error identified in version 23.1 required a code fix, which was applied in versions 23.1 and 24.1 to the Deployment and Version Control modules, to correct a scenario in an org-to-org full-profile deployment where it was not capturing package visibility and permissions. Support ticket #110760
A use-case error identified a code fix needed to the Reports module of version 23.1 to fix a product test class in which the weekly scheduled job failed. Support ticket #115654
A code fix was applied to versions 23.1 and 24.1 due to a use-case error identified in version 23.1 where commits were failing with a 'no credentials mapped' error in the Version Control module. Support ticket #116704
A code fix was applied to the Admin module in version 23.1 related to a use-case scenario that required additional support to create the ARM instance from scratch. Support ticket #117015
A code fix was applied to the Deployment module in version 23.1 due to a use-case error in which the user was unable to get the popup while deploying using package.xml as the source. Support ticket #116967

3 & 7 July 2024

ARM 23.1.36

A use-case scenario identified an error in version 23.1 with metadata retrieval from the repository failing in the Deployment module, which was resolved in versions 23.1 and 24.1. Support ticket #115818
A code fix identified in version 23.1 was applied to correct a use-case error in the Version Control module of version 23.1 related to commit templates. Support tickets #116124, #116138
A code fix identified in version 23.1 by internal request ticket was applied to the Admin and CI jobs modules in versions 23.1 and 24.1 to upgrade v61 (Beta) to v61.
A use-case error in version 23.1 required a code fix to version 23.1 Deployment and Version Control modules due to an org comparison not showing diff results. Support tickets #112752, #116025

26 June 2024

ARM 23.1.35

A data error reported in version 23.1 with the Version Control module that resulted in version control being deleted was resolved in both 23.1 and 24.1 through adding loggers. Support ticket #114503
A use-case error reported in version 23.1 with the Version Control module in which the user was unable to use an existing conflicted file, which resulted in reraising merge requests, was resolved in both 23.1 and 24.1 through a code fix. Support ticket #115084
A use-case error reported in version 23.1, which resulted in an issue with the Data Loader module in which the software was not inserting the correct record type, was resolved in both 23.1 and 24.1 through a code fix. Support ticket #114076
A use-case error reported in version 23.1 with the nCino module in which rollbacks were only partially being completed was resolved in both 23.1 and 24.1 through a code fix. Support ticket #115204

12 June 2024

ARM 23.1.34

A code fix was performed due to a use-case error related to the CI Jobs module in which nCino CI Jobs were not triggered by metadata CI Jobs on success. Support ticket #113887
A code fix was performed due to a use-case error related to the Version Control module in which the API response from CodeScan returned a page not found (404) error in ARM. Support tickets #108895, #115120, #114434
A code fix was performed due to a use-case error related to the Deployment module in which the Deployment button was not enabled in AutoRABIT after validation. Support ticket #107108
A code fix was performed due to a use-case error related to the Deployment module in which the user was unable to deploy a Bot from a Branch to a sandbox. Support ticket #11497
A code fix was performed due to a use-case error related to the Version Control module in which an ALM work item was not displaying in the merge. Support ticket #113626
A code fix was performed due to a use-case error related to the Admin module in which a user was unable to implement ARM and Zoho desk integration with JWT.
A code fix was performed due to a use-case error related to the Version Control module in which a user was unable to perform EZ-Commits. Support ticket #114441
A code fix was performed due to a use-case error related to the Version Control module in which the previously validated commit label showed to add a date instead of the label dropdown. Support ticket #115249
A code fix was performed due to a use-case error related to the Reports module that required us to fix recursive errors.
A code fix was performed due to a use-case error related to the Data Loader module in which the master-child relationships were not being applied when loaded through Data Loader Pro. Support ticket #111780
A code fix was performed due to a use-case error related to the nCino module in which the CI job was not updating templated objects and object record count when the checkout was not taken from version control. Support ticket #112704
A code fix was performed due to a use-case error related to the nCino module wherein CI Jobs for nCino RBC feature migrations were failing. Support ticket #114991
A code fix was performed to the Admin module as a result of a change request related to users being unable to log in to AutoRABIT. Support tickets #115392, #113300

5 June 2024

ARM 23.1.33

A code fix was applied to all modules prompted by an internal change request in preparation for support of the Salesforce Summer '24 release. This will require updates to internal documentation.
A code fix was applied to the Deployments module resulting from an internal request to correct a use-case error in which a deployment failure and document discrepancy were encountered, with subsequent deployment attempts unsuccessful.
A code fix was applied to the Version Control module initiated by a use-case error in which the team encountered an ALM commit issue related to the label name when testing a user story. Support ticket #113308
A code fix was applied to the Version Control module related to a use-case error occurring when processing merge conflicts. Support ticket #113606
A code fix was applied to the Admin module related to a data error in which the branching baseline was not updating the LWCs in the branch. Support ticket #113174
A code fix was applied to the Data Loader module related to a configuration error causing Data Loader to not work as expected. Support ticket #113575
A code fix was applied to the ARM module related to a use-case audit logging API error with start time and end time issues occurring when fetching logs. #113739

29 May 2024

ARM 23.1.32

A code fix was applied to the Version Control module to resolve a use-case error in which the user cannot approve or reject a Merge Request when the label name contains a "+" symbol. When the merge label contains unsupported characters, the merge label is not submitted as expected and the validation message displays the supported characters. Support ticket #112715
A code fix was applied to the Admin module related to a use-case error occurring when modifying the Team Administrator, it created duplicate Teams, consuming existing licenses. Support ticket #109457
A code fix was applied to the CI Jobs module due to a use-case error in which a Checkmarx scan was not matching up and breaking the build. Support ticket #105217
A code fix was applied to the CI Jobs module due to a use-case error occurring when multiple CI jobs run on GitHub PRs, AutoRABIT reports incorrectly that the jobs were successful. * Issue requires updated documentation. Support ticket #111955
A code fix was applied to the Version Control module related to a use-case error in which Mock Deployment criteria check lines were not logged in the UI during the Prevalidation Deployment refresh, but they do appear after auto-rejection and subsequent refresh.
A code fix was applied to the Deployment module to correct a use-case error occurring when selecting and deselecting ApexClass and CustomField metadata types, the Deploy pop-up incorrectly displayed "All components are selected" for ApexClass instead of the list of selected components.
A code fix was applied to the Version Control module to correct a use-case error displaying unwanted characters, such as different language letters, like “â€” in the message: "Please waitâ€ when a compare and commit is in progress."
A code fix was applied to the Version Control module due to a use-case PrevalidationMerge error occurring when the user was trying to approve a Merge Label through an API with an auto-rejected label, the status changed from "Auto-reject" to "Commit."
A code fix was applied to the Version Control module after a user observed three gaps/issues in Commit Templates: 1) Data Table Change in the Commit Template under the 'All Metadata' tab should also sync across all three places, like Deployments, VC Commit, and Commit Template under the 'All Metadata' tab for data table changes. 2) Folder-Related Members Visibility: Folder-related all members are not visible when selecting the folder. This does not sync with EZ Commit All Metadata, from new commit all members. When selecting the folder, all respective folder-related members are visible but not included in the Commit Template when selecting the same Salesforce org. 3) Input Search Dropdown Missing for selecting Folders.
A code fix was applied to the Data Loader module concerning a use-case error in which the user was unable to create a project journey with a BIC__c field using "LookUp via" feature. Support ticket #110111

22 May 2024

(ARM 23.1.31)

A code fix was applied to the Version Control module due to a use-case error related to EZ-Commits and EZ-Merges not taking the master branch, even when Baseline Branch "master" is selected. #107151
A code fix was applied to the Version Control module due to a use-case error in which reverting a commit failed. #112094
A code fix was applied to the Version Control module due to a use-case error related to the system failing to select multiple reports. #112381, #112812
A code fix was applied to the Deployment module due to a data error in which the org sync was not completing. #111545
A code fix was applied to the Deployment module due to a data error in which there was a problem in component selection during deployment. #111892
A code fix was applied to the Deployment module due to a data error in which the selected items tab was now showing the selected components, as well as the search filter not always being visible. #112095

15 May 2024

(ARM 23.1.30)

Code fix applied to Deployments module due to user receiving error message: INVALID_LOGIN: Invalid username or password or security token or API version or user locked out. #111008
Code fix applied to Version Control module due to user not being able to see the merge request label name in BitBucket after merging. This required a feature flag, MERGE_STRATEGY_ENABLE_NON_FF, which is not enabled by default and must be enabled. #110541
Code fix applied to the Deployments module related to user experiencing Redeploy/Promote hanging if previous deployment used specified tests. This requires a feature flag, AR_33697_ENABLE_APEX_TEST_GET_CALL, which is not enabled by default and must be enabled. #110764
Code fix applied to Deployments module related to email templates of type Visualforce not being added to the package.xml when deploying. #110762
Internal - Code fix applied to Version Control module due to DX Package Directory Selection lists not being visible when configuration changes from Vlocity SF org and Vlocity repo to DX Repo.
Code fix applied to Version Control module related to an auto-rejected merge label being pushed to a remote repository. #112244

7 May 2024

(ARM 23.1.29)

Module

Summary

Status

Fix Version

Resolution

Cause

Version Control

Commits for Fields on Objects are Removing Lines from related Object XML

QA Passed

23.1

Code fix

Configuration

Version Control

Implemented an option to add Reviewers when Creating an External Pull Request

QA Passed

23.1

Code fix

Use case

Version Control

Commit Issue with Custom Page Web Links Deletions

QA Passed

23.1

Code fix

Use case

Version Control

Configure Gated Check-Ins Report for Deployment Validation

QA Passed

23.1

Code fix

Use case

Version Control

Improve Performance of All Metadata Components Screen

QA Passed

23.1

Code fix

Use case

Administration

EBR User Metrics

Done

23.1

Code fix

EBR Change Request

Data Loader

Data Loader Pro jobs not picking up Records

Customer Coordination

23.1

Added Loggers

Use case

29 April 2024

(ARM 23.1.28)

Module

Summary

Status

Fix Version

Resolution

Cause

Deployments

Getting error on deployments

QA Passed

23.1

Code fix

Use case

CI Jobs

Skip member is not working

QA Passed

23.1

Code fix

Use case

Version Control

EZ-Commits failing

QA Passed

23.1

Code fix

Use case

Version Control

Static resources not identified by ARM SCA

QA Passed

23.1

Code fix

Use case

Version Control

Merge showing as no modifications

QA Passed

23.1

Code fix

Use case

Version Control

Error occurred when the user attempted to upload the conflicted zip file from the local system after manual modifications

QA Passed

23.1

Code fix

Use case

Reports

Inquiries regarding report module

QA Passed

23.1

Code fix

Use case

Deployments

Deployment from Dev Sandbox to B2C2 QA Org by using feature - New Deployment

QA Passed

23.1

Code fix

Use case

CI Jobs

Build did not include second revision

Requires Customer Coordination

Loggers added

CI Jobs

Run test based on changes, noticed issues

Requires Customer Coordination

Loggers added

nCino

IDs of parents/children and records not resolving

QA Passed

23.1

Code fix

Use case

24 April 2024

(ARM 23.1.27)

Module

Summary

Resolution

Cause

Version Control

EZ-merges: Successful validations were auto-rejected on 'validate deploy' step

Code fix

Use case

Version Control

Release Label: Package is not preparing

Code fix

Use case

Reports

Weekly Reports tab error

Code fix

Use case

Deployments

Backups not being created for user

Code fix

Use case

Version Control

Code Scan Analysis not showing in AR ARM tool - UI

Code fix

Use case

Version Control

setting default repository

Code fix

Use case

Deployments

ExternalCredentialPrincipalAccess (permissionSet) is ignored on a git revision deployment

Code fix

Use case

Version Control

Unknow error while merging site components

Code fix

Use case

CI Jobs

CI Job does not deploy all components

Code fix

Use case

Admin

SSH connectivity issue

Code fix

Use case

Version Control

request_closure_duration_mins mismatch for the merges

Code fix

Use case

Reports

B2C Prod Code Scan report

Code fix

Use case

nCino

AR issues

Added Loggers

Use case

Dataloader

User Object Requiring ALL Fields for Uploads

Added Loggers

Use case

14 April 2024

(ARM 23.1.26)

Module

Summary

Status

Version

Resolution

Cause

Deployments

Org Sync issue with case components

QA Passed

23.1

Code fix

Use case

Deployments

B2C Org sync diff mail notification issue

QA Passed

23.1

Code fix

Use case

CI Jobs, Deployments

Einstein Chatbot Deployments Failing

QA Passed

23.1

Code fix

Use case

Admin

log files are not present

QA Passed

23.1

Code fix

Use case

Deployments

Deployments are not working

QA Passed

23.1

Code fix

Use case

CI Jobs, Deployments

Failed to initiate the deployment

QA Passed

23.1

Code fix

Use case

Version control

Profile commit progress delay

QA Passed

23.1

Code fix

Use case

Admin

Team Administrator modifications creating duplicate Teams and consuming existing licenses

QA Passed

23.1

Code fix

Use case

Version control

Issue Retrieving Components

QA Passed

23.1

Code fix

Use case

Version control

Release Label Stuck while building Artifact

Requires Customer Coordination

Loggers added

Deployments

utils.js was not deployed as part of package

Requires Customer Coordination

Loggers added

nCino

Version control record deployments to Salesforce Environments falling off

QA Passed

23.1

Code Fix

Use case

nCino

Lack of Consistency in Filter Functionality Across Feature Management, Deployment History, Commit History, and CI Jobs

QA Passed

23.1

Code Fix

Use case

Version control

Unable to view the Autodraft date and managed package changes dropdown

QA Passed

23.1

Code Fix

Use case

Admin

Super Admin EBR Token Security Enhancement

Done

23.1

Code fix

Internal change request

3 April 2024

(ARM 23.1.25)

Module

Summary

Resolution

Cause

Reports, CI Jobs, Deployments, Version Control

ARM overwrites any exclusions set up in CodeScan UI * Requires documentation.

Code Fix

Change Request

Deployments

Single revision deployment taking longer time to retrieve revision

Code Fix

Use Case

Version Control

Org registration issue – resolved by displaying in Logs the exact Salesforce error

Code Fix

Use Case

Version Control

Getting empty revision when performing single revision merge with no modifications

Code Fix

Use Case

Version Control

Unable to create branch with branch name containing "&" through EZ-commit and Modularization

Code Fix

Use Case

nCino

Failure to Display Jobs in Deployment History for Version Control using Salesforce with Single Revision of initial commit

Code Fix

Use Case

nCino

Feature Deployment issue with Salesforce Org Version Control when selecting initial commit as Revision

Code Fix

Use Case

nCino

Version control record deployments to Salesforce environments dropping off

Code Fix

Use Case

27 March 2024

(ARM 23.1.24)

Module

Summary

Status

Version Reported

Fix Version(s)

Resolution

Cause

Deployments

Org Sync question on Moderation Rule difference

QA Passed

23.1

Code Fix

Use Case

Version Control

Unable to create EZ-Commit for the new user

QA Passed

23.1

Code Fix

Use Case

Reports

Problem with scheduled code coverage reports

QA Passed

23.1

Code Fix

Use Case

Deployments

Profile Comparer - Taking too long to deploy

QA Passed

23.1

Code Fix

Use Case

Version Control

Issue in Merging

QA Passed

23.1

Code Fix

Use Case

Version Control

Incorrect merge status issue

QA Passed

23.1

Code Fix

Use Case

Version Control

The page is taking longer time to load the metadata when selecting to show metadata members.

QA Passed

23.1

Code Fix

Use Case

Version Control

Vlocity DataPacks not being baselined

QA Passed

23.1

Code Fix

Use Case

Admin

Getting stuck in loading when trying to Expand ALM mappings

QA Passed

23.1

Code Fix

Use Case

CI Jobs

CI Deploy job link throwing pop-up error message

QA Passed

23.1

Code Fix

Use Case

Version Control

Loggers added in the SCA log to display whether the baseline branch was selected during the commit and merge process

Customer Coordination

23.1

No Code Fix

Loggers Added

nCino

Data Loader Pro jobs failing for Lead

QA Passed

23.1

Code Fix

Use Case

nCino

nCino Deployment History - search filter criteria is not working

QA Passed

23.1

Code Fix

Use Case

Version Control

Unnecessary select all checkbox is showing in added and modified tab

QA Passed

23.1

Code Fix

Use Case

Version Control

Unable to view created credentials

QA Passed

23.1

Code Fix

Use Case

CI Jobs

Returns all CI Jobs History to EBR Data irrespective of active

Done

23.1

Code Fix

Internal change request in EBR Data Visibility

nCino

Feature Deployment Issue with Salesforce Org Version Control

QA Passed

23.1

Code Fix

Use Case

Data Loader Pro

Issue with Audit Fields

QA Passed

23.1

Code Fix

Use Case

Admin, Version Control

Unable to register the same repository twice * REQUIRES FEATURE FLAG: SKIP_DUPLICATE_REPOSITORY_REGISTRATION_CHECK

QA Passed

23.1

Code Fix

Use Case

CI Jobs

Error Message: Cannot invoke "String.startsWith(String)" because the return value of "com.autorabit.entity.admin.UserProject.getProjectType()" is null. Support ticket # 109042

QA Passed

23.1

Code Fix

Use Case

20 March 2024

(ARM v. 23.1.23)

Module

Summary

Status

Fix Version

Resolution

Cause

CI Jobs

nCino CI jobs created are not visible for CI job on successful deployment

QA Passed

23.1

Code Fix

Use Case

Version Control

Regarding unable to approve commit request

QA Passed

23.1

Code Fix

Use Case

Version Control

Very slow commits

QA Passed

23.1

Code Fix

Use Case

Version Control

Unable to create branch with '&' character getting Exception Error

QA Passed

23.1

Code Fix

Use Case

Version Control

Issues after Branching Baseline

Requires Customer Coordination

Added Loggers

No Code Fix

Reports

Static Code Analysis fails with timeout error

Requires Customer Coordination

Post fix awaiting customer confirmation.

Code Fix for SF CL timeout configuration.

Admin

Observing that after the 7th file, RabitCS and Agent logs are not being created or generated. From the 8th file, they are being overridden from Existing files 1 to 7.

QA Passed

23.1

Code Fix

Use Case

CI Jobs, Deployments

Identified below nCino CI Job "related to VC Source job type" displaying issue in CI jobs and Deployments

QA Passed

23.1

Code Fix

Use Case

Flow Center

Enable SSL for the Kafka used to communicate with FlowCenter.

QA Passed

23.1

Code Fix

Use Case

nCino

nCino Feature deployment failed with a “malformed query” error, Feature deployment and Ci Job. nCino CI jobs the customer has run failed with an exception, and the failed records column shows zero.

QA Passed

23.1

Code Fix

Use Case

Data Loader Pro

[ARM-QAN5,7] The job is currently running in progress, but the Success Record Count is showing in the Failure Count.

QA Passed

23.1

Code Fix

Use Case

13 March 2024

(ARM v. 23.1.22)

Module

Summary

Fix Version

Resolution

Cause

Deployments

Profile Comparer was taking too long to deploy

23.1

Code Fix

Use Case

CI Jobs

When the agent is external, DevHub authentication was not properly validated in CI Jobs for DX unlock and install-type CI job

23.1

Code Fix

Use Case

Admin

Signup account creation email not received by respective created-by owner

23.1

Code Fix

Use Case

Deployments

packExport is not failing when selecting data packs

23.1

Code Fix

Use Case

CI Jobs

Status Check API working incorrectly on UI

23.1

Code Fix

Use Case

CI Jobs

Issue when deploying the release to the master branch

23.1

Code Fix

Use Case

Version Control

Issue when creating commit labels with dots (.) post upgrade * Feature Flag required (not enabled by default): INCLUDE_DOT_IN_SFDX_COMMITLABEL_NAME

23.1

Code Fix

Use Case

Version Control

Intermittent issue with the Merge screen

23.1

Code Fix

Use Case

Version Control

Commit Labels within EZ-Merge no longer sorted by latest Commits

23.1

Code Fix

Use Case

Reports

CodeScan analysis discrepancies in APAC Prod * Requires documentation update

23.1

Code Fix

Use Case

Version Control

Territory metadata type is not fetched as destructive changes during EZ-Commit.

23.1

Code Fix

Use Case

Dataloader

Dataloader Pro was not copying over Contact fields when migrating data

23.1

Code Fix

Use Case

Dataloader

When updating the data using a CSV file, the update operation in Dataloader was failing with the error MISSING_ARGUMENT: ID is not specified

23.1

Code Fix

Use Case

Dataloader

The latest record was not being fetched in the single Dataloader

23.1

Code Fix

Use Case

nCino

Deployment History - search filter criteria was not working

23.1

Code Fix

Use Case

Dataloader

Problem loading ContentVersion object

23.1

Code Fix

Use Case

CI Jobs

Deployment stuck

23.1

Code Fix

Use Case

6 March 2024

(ARM v. 23.1.21)

Module

Summary

Version

Resolution

Cause

ARM

Not fetching merges when trying to create a release label for Vlocity components.

23.1

Code Fix

Use Case

Deployments

Org Sync issue

23.1

Code Fix

Use Case

Admin

Unable to Log in to AutoRABIT via Okta

23.1

Code Fix

Use Case

Version Control

EZ-Merge - User Approval Setting is not working as expected

23.1

Code Fix

Use Case

Version Control

EZ-Commit Salesforce Org Authors not completed

23.1

Code Fix

Use Case

CI Jobs

Dashboards and reports were overwritten after the deployment to PROD

23.1

Code Fix

Use Case

Admin

Suggestion-SF org UI

23.1

Code Fix

Use Case

Reports

Suggestion to display a notification if a label has already been created for the same branch previously.

23.1

Code Fix

Use Case

Admin

Expose API for Super Admin Token Authentication to Test Registered Agents' Connections

23.1

Code Fix

Use Case

Version Control

Added metrics in ARM DB

23.1

Code Fix

Use Case

nCino

Post Deployment Org Details need to be displayed on CI Job Info pop-up

23.1

Code Fix

Use Case

nCino

CI Jobs Build Page - Pagination displayed as "undefined"

23.1

Code Fix

Use Case

nCino

nCino CI jobs - Date Literals Value not being populated

23.1

Code Fix

Use Case

nCino

When the Source Org is deleted, scheduled CI Job is not triggered from the queue

23.1

Code Fix

Use Case

nCino

[API Upgrade v59.0] Attachments Object Failed due to "Index 1 out of bounds for length 1" error

23.1

Code Fix

Use Case

Dataloader

Unable to migrate related EmailMessage records of Case

23.1

Code Fix

Use Case

CI Jobs

Unable to view API 59 version in CI configuration under API version dropdown.

23.1

Code Fix

Use Case

28 February 2024

(ARM v. 23.1.20)

Module

Summary

Resolution

Cause

Feature Flag

Admin

Code Fix

Use Case

Ci Jobs

CI Jobs build date sorting is not functioning as expected for non-Admin users

Code Fix

Use Case

ARM

SF CLI version upgrade to 2.28.6 for ARM 23.1 instances

Code Fix

Change Request

Version Control

Able to approve auto-rejected merge from email

Code Fix

Use Case

Version Control

PersonAccount AutoRABIT bug

Code Fix

Use Case

CI Jobs

It is not possible to run several CI Jobs in parallel when jobs are scheduled.

Code Fix

Use Case

SFDX

Error on create package version and install type of job.

Code Fix

Use Case

AR_33235_SKIP_UPDATE_PACKAGE_COMMAND

Dataloader

CPQ Dataload in Developer Sandbox - Errors

Code Fix

Use Case

nCino

nCino CI Job issue

Code Fix

Use Case

Dataloader

Invalid CSV file. Please check for blank columns.

Code Fix

Use Case

Dataloader

CSV file does not reset when you go back to the previous step in a single data loader

Code Fix

Use Case

Version Control

Getting Undefined Error for target branch in External Pull request

Code Fix

Use Case

Version Control

Unable to resolve conflicts in release label merge.

Code Fix

Use Case

Flow Center

Search & Substitute rules are not applied in the pipelines.

Code Fix

Use Case

21 February 2024

(ARM v. 23.1.19)

Module

Summary

Resolution

Cause

VS Code extension Version Control

Cannot set up VS Code Extension

Code Fix

Use Case

Ci Jobs

CI Job and code coverage not running at correct times

Code Fix

Use Case

Version Control

EZ-Commit & EZ-Merge SCA validation issue

Code Fix

Use Case

All Modules

Support for Salesforce Spring ‘24 * Requires Documentation

Code Fix

Change Request

Version Control

Unable to commit the action overrides in service appointment object.

Code Fix

Use Case

Version Control

Quick Merge shows below pop-up

Code Fix

Use Case

Version Control

Unable to add the reviewer's name when using an external pull request

Code Fix

Use Case

Version Control

EZ-Merge Validation Failing: "Metadata package is empty"

Code Fix

Use Case

Admin

Branching baseline for main branch not bringing all components from production. * Feature Flag: METADATA_API_TO_DX_CONVERSION

Code Fix

Use Case

Version Control

Unable to commit a profile

Code Fix

Use Case

Version Control

Release label throwing InvalidFilterExpression error

Code Fix

Use Case

nCino

Error message when attempting to clone a feature template: ‘Request parameters are empty/null.'

Code Fix

Use Case

Dataloader

Dataloader Pro issue while triggering the job

Code Fix

Use Case

Version Control

Add additional metrics in ARM DB.

Code Fix

Use Case

nCino & Dataloader

nCino - Support for Salesforce Spring ‘24

Code Fix

Use Case

FC, Deployments

Flow Center API: Create a metadata bundle from an org

Code Fix

Use Case

Deployments

"Experience container" metadata type component deployment is failed for org-to-org deployment

Code Fix

Use Case

Version Control

Unable to view the revision number when clicking on prevalidation merge details.

Code Fix

Use Case

Version Control

Unable to fetch date from Auto-Draft when selecting DX branch in sub-user with no mappings.

Code Fix

Use Case

Deployments

Deployment failed with error: ‘Cannot invoke "java.util.Map.clear()" because "this.relatedLayoutRecordTypeIdsMap" is null’

Code Fix

Use Case

nCino

CI Jobs: date filter not selectable or enter date value.

Code Fix

Use Case

12 February 2024

(ARM v. 23.1.18)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Feature enabled by default

Feature Flag Name

Deployments

Upgrade to 23.1.16 + Ubuntu OS Upgrade

QA Passed

23.1

Code Fix

Use Case

Dashboards

ARM dashboard

QA Passed

23.1

Code Fix

Use Case

Deployments

Org sync - Scheduler not working

QA Passed

23.1

Code Fix

Use Case

Version Control

Commit failing without any logs

QA Passed

23.1

Code Fix

Use Case

Version Control

Single-revision merge taking a long time

Customer Coordination [Added Loggers]

No Code Fix - Added Loggers

Data

Version Control

Package.xml fetching the Excluded components during Commit

QA Passed

23.1

Code Fix

Use Case

Deployments

Smart checkbox redeployment

QA Passed

23.1

Code Fix

Change Request

Version Control

PG and ARM instances not working as expected

QA Passed

23.1

Code Fix

Use Case

FILE_SYNC_WITH_OPTIMISTIC_LOCK

Version Control

Commit not getting detected

QA Passed

23.1

Code Fix

Use Case

Version Control

Error while trying to select the revision from branch

QA Passed

23.1

Code Fix

Use Case

7 February 2024

(ARM v. 23.1.17)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Administration

Jira On-prem SSO Cooperation

QA Passed

23.1

Code Fix

Use Case

Version Control

Random Error Message

QA Passed

23.1

Code Fix

Use Case

Deployment

Need a feature to save metadata selection before deployment

QA Passed

23.1

Code Fix

Use Case

Deployment

Page unresponsive in new deployment using Previous Deployment as a source type

QA Passed

23.1

Code Fix

Use Case

Administration, CI Jobs

Upgrade v59 (Beta) to v59

QA Passed

23.1

Code Fix

Use Case

Administration

CI Job and Code Coverage Not Running at Correct Times

Customer Coordination

Dataloader

Configuration job failure

QA Passed

23.1

Code Fix

Use Case

Version Control

In the MergeRequest, CI Job View Screen under Build title, the Merge Request comment alignment is not displaying properly; it is not getting trimmed and appears larger than expected.

QA Passed

23.1

Code Fix

Use Case

Administration

Unable to view ‘Should pass validation criteria for Static Code Analysis’ checkbox under commit validation settings when Salesforce API version is not mapped

QA Passed

23.1

Code Fix

Use Case

Administration

Release Label artifact execution is not working.

QA Passed

23.1

Code Fix

Use Case

nCino

Partial error on CI Job - nCino-Fee Template

QA Passed

23.1

Code Fix

Use Case

28 January 2024

(ARM v. 23.1.16)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Version Control

Email communication error in EZ-Commit * Requires documentation.

QA Passed

23.1

Code Fix

Change Request

Version Control

Finding WaveDataflow components for commit

QA Passed

23.1

Code Fix

Use Case

Deployment

‘Not a well-formed XML.' error when attempting org-to-org deployments in UAT

QA Passed

23.1

Code Fix

Use Case

CI Jobs

Package CI Job Issue

QA Passed

23.1

Code Fix

Use Case

Deployment

Vlocity Deployment issue

QA Passed

22.3, 23.1

Code Fix

Use Case

Version Control

Vlocity Release label issue

QA Passed

23.1

Code Fix

Use Case

Version Control

EZ-Commit not creating a branch

QA Passed

23.1

Code Fix

Use Case

Version Control

ARM failed to auto-reject EZ-Merge request that has Apex class with less than 90% code coverage. Merge setting enforcing 90% code coverage in mock deployment.

QA Passed

23.1

Code Fix

Use Case

Version Control

CodeScan – Delta scan

QA Passed

23.1

Code Fix [Added Loggers for customer understanding,]

CI Jobs

Ignore warnings option in CI jobs is not working properly

QA Passed

23.1

Code Fix

Use Case

Version Control

Commit failing without any logs

QA Passed

23.1

Code Fix

Use Case

Environment Provisioning

Apex Anonymous Template not downloadable

QA Passed

23.1

Code Fix

Use Case

Version Control

‘File can't be loaded’ error

QA Passed

23.1

Code Fix

Use Case

Deployment

During Profile Manger Deployment, "NULL MSG: NULL" is displaying in the log

QA Passed

23.1

Code Fix

Use Case

Deployment

Using Package XML: Document XML files are not being listed in the Org compare screen

QA Passed

23.1

Code Fix

Use Case

CI Jobs

CI Job build is failing without printing reason in logs for BY SELECTING LAST TILE: install unlock package/managed tile.

QA Passed

23.1

Code Fix

Use Case

Dataloader Pro

Multiple issues during data masking

Customer Coordination – Added Loggers

23.1

No Code Fix – Added Loggers

Data

21 January 2024

(ARM v. 23.1.15)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Version Control

EZ-Merge 'Reviewer Comments' section not displaying comments entered by reviewer.

QA Passed

23.1

Code Fix

Use Case

Deployments

Profiles Sync Issue-CustomSettings issue

QA Passed

23.1

Code Fix

Use Case

Version Control

Package.xml generated from release label is other components that are not in the commits

QA Passed

23.1

Code Fix

Use Case

Version Control

Finding WaveDataflow components for commit

QA Passed

23.1

Code Fix

Use Case

Admin

Error: Access token as failed while doing a branching baseline

QA Passed

23.1

Code Fix

Use Case

CI Jobs

Provar version upgrade

QA Passed

23.1

No Code Fix – Only Configuration change for specific customer

Customer-specific

Version Control

Initial commit failing

Customer Coordination

No Code Fix – Added Loggers

Data

Admin

Users’ permissions are being reset.

Customer Coordination

No Code Fix – Added Loggers

Data

CI Jobs, Version Control, Admin, Deployments

Adding authentication check on web hook APIs

QA Passed

23.1

Code Fix

Change Request

Dataloader Pro

Issue while deploying promotions from QAT to PRD the rule set criteria is compressing the value while deploying it to RD

QA Passed

22.3 23.1

Code Fix

Use Case

Dataloader Pro

Issue on Feature Deployments

QA Passed

22.3 23.1

Code Fix

Use Case

14 January 2024

(ARM v. 23.1.14)

MODULE

SUMMARY

FIX VERSION

RESOLUTION

CAUSE

Version Control

Internal - Default SCA branch not reflected while merging

23.1

Code Fix

Use Case

Version Control

EZ-Merge request with apex class metadata files failed to identify related test classes and auto-rejected with validation failure

23.1

Code Fix

Use Case

Version Control

Missing Component in Package: PROD

23.1

Code Fix

Use Case

Deployments

Release Label not appearing in Deployment tab

23.1

Code Fix

Use Case

CI Jobs

API broken for job history

23.1

Code Fix

Use Case

CI Jobs

Deploying Flow - Property 'customErrors' not valid in version 58.0

23.1

Code Fix

Use Case

Deployments

Deployment status failed when deploying Vlocity components

22.3, 23.1

Code Fix

Use Case

Version Control

On Prevalidation Commit, the SonarQube SCA process is auto-rejected, even for unsupported metadata types.

23.1

Code Fix

Use Case

Deployments

Brazil Prod to UAT deployment issue

23.1

Code Fix

Use Case

nCino

Metadata update is failing

23.1

Code Fix

Use Case

Version Control

Commit not progressing

23.1

No Code Fix - Loggers Added

Data

7 January 2024

(ARM v. 23.1.13)

Module

Summary

Fix Version

Resolution

Cause

Admin

Client unable to create New Branching Baseline showing loading icon

23.1

Code fix

Use Case

CI jobs

Request to increase the build label size to 150-200 characters

23.1

Code fix

Use Case

CI jobs

Provar CI Job run takes a very long time and stops at status "Timed-Out"

23.1

Code fix

Use Case

Deployments

ARM API to perform a deployment (or a validation, or a quick deploy)

23.1

Code fix

Use Case

nCino

Issue with Regex on Feature Deployments

23.1

Code fix

Use Case

CI jobs

Team/Slack in CI job post activity notification, users should not have email dependency in email notification. Suggestion.

23.1

Code fix

Use Case

CI jobs

Package creation CI job

23.1

Code fix

Use Case

CI jobs

On both CI Results and CI Lists, user getting the “Invalid FilterExpression: Expression size has exceeded the maximum allowed size;(Service: DynamoDb“error) when selecting the “Ungrouped” value under “group by “ filter dropdown

23.1

Code fix

Use Case

Version Control

CodeScan – EZ-Commit Auto Rejected

23.1

Code fix

Use Case

Admin

Client login error

23.1

Code fix

Use Case

Admin

Unable to edit and save changes for Exclude Baseline Managed Package Changes

23.1

Code fix

Use Case

nCino

Deployment getting failed for queued jobs

23.1

Code fix

Use Case

17 December 2023

(ARM v. 23.1.12)

Module

Summary

Fix Version

Resolution

Cause

Deployment

Profile/Permission Set Manager Report not loading

23.1

Code Fix

Use Case

Version Control

ARM and CodeScan integration EZ- Commit validation issue. Feature Flag: USE_MASTER_ANALYSIS_PACKAGE_DIRECTORY

23.1

Code Fix

Change Request

Version Control

A non admin user cannot access the repository under the VC module.

23.1

Code Fix

Use Case

Deployment

Help investigating deployment errors

23.1

Code Fix

Use Case

CI Jobs

Not receiving post activity notifications

23.1

Code Fix

Use Case

Admin

Feedback option change to message. Will require updated documentation.

23.1

Code Fix

Change Request

Admin

[On-premises – Signup for Demo] The registration screen opens when clicking on 'Signup for Demo,' even if the account is already registered.

23.1

Code Fix

Use Case

Admin

[On-premises] Service registration tab, alignment tab not visible properly and, when clicking on the tab, redirects to the logout page.

23.1

Code Fix

Use Case

Admin

Unable to view ‘Credential already exists’ popup under ‘My profile.’

23.1

Code Fix

Use Case

Reports

Previously deleted log showing on other label if created Static Code Analysis label previously deleted SCA label name.

23.1

Code Fix

Use Case

SFDX

When creating the package on a new module for the first time through modularization, Package creation failed with the error ["SaiJun19thprofile: An object 'SaiJun19thprofile' of type Profile was named in package.xml.'] Will require updated documentation.

23.1

Code Fix

Use Case

Version Control

Unable to view committed files in direct EZ revert commit using DX repository.

23.1

Code Fix

Use Case

Deployment

[On-Premises] Getting 'Malformed Id: Null' error displaying for a few seconds when performing a rollback operation for Org-to-Org deployment.

23.1

Code Fix

Use Case

Deployment

[Org Synchronization] ‘SourceOrg,’ ‘Created date,’ and ‘Created by’ filters are not working properly.

23.1

Code Fix

Use Case

nCino

[On-Premise Testing] CI Job with template option failed due to "Data and Metadata retrieval Failed” error.

23.1

Code Fix

Use Case

Deployments

ARM API to perform a deployment (or validation or quick deploy)

23.1

Code Fix

Use Case

Version Control

[ARM-SIT] Unable to view branches in SCM history screen

23.1

Code Fix

Use Case

10 December 2023

(ARM v. 23.1.11)

Module

Summary

Version(s)

Resolution

Cause

All Modules

SF CLI Version upgrade to 2.19.8

23.1

No Code Fix

Configuration Change request

Deployment

Experience bundle not properly generated when deploying using release label

23.1

Code fix

Use Case

SFDX

Error creating unlocked package

23.1

Code fix

Use Case

Version Control

CI Job report for Master-to-BackMerge Org Sync_13-Deployment Failed

23.1

Code fix

Use Case

Version Control

Merge shows no modification, but a CI job is triggered

23.1

Code fix

Use Case

nCino

* User is unable to do nCino Feature Deployments * Requires documentation

23.1, 22.3

Code Fix

Use Case

Dataloader

Getting error when clicking on Dataloader configured filter

23.1

Code Fix

Use Case

CI Jobs and Deployments

ARM API to perform a deployment (or validation or quick deploy)

23.1

Code Fix

Enchancement

Version Control

Unable to perform merge for sub-user, getting error to re-login

23.1

Code Fix

Use Case

Admin

On-premise: ‘Proxy Configuration settings,’ ‘Audit logs’ section, and ‘Pool Mgnt" screen tab are missing.

23.1

Code Fix

Use Case

Admin

On-premise: When trying to save the ‘Audit Logs’ section in ‘My Account’ screen, the error “Uncaught TypeError: Cannot read properties of undefined (reading 'showMessage')” is encountered in the console.

23.1

Code Fix

Use Case

CI Jobs

For the 'Create and Install Package' job, when selecting 'Deploy Using Create a Scratch Org and Install Package,' after successfully completing the build, an error is displayed in the log: “this.salesForceOrgDAO” is null.

23.1

Code Fix

Use Case

Admin

Getting ‘null parameters’ error when clicking on save in the user’s section.

23.1, 22.3

Code Fix

Use Case

Version Control

Unable to perform merge request for sub-user getting error to re-login.

23.1

Code Fix

Use Case

Version

Control

Unable to perform branching baseline on sub-user, getting error to re-login

23.1

Code Fix

Use Case

3 December 2023

(ARM v 23.1.10)

Module

Summary

Fix Version(s)

Resolution

Cause

Admin

Issue adding user mapping

22.3, 23.1

Code Fix

Use Case

Deployments

Full org:org deployment failing with no proper reason

23.1

Code Fix

Use Case

Admin

Issue with registering new branch in the repository

23.1

Code Fix

Use Case

Reports

ARM and CodeScan integration EZ-Commit validation issue

23.1

Code Fix

Change Request

Reports

New branch created CodeScan issue

23.1

Code Fix

Use Case

Deployments

Destructive package is not generated properly when deploying from git revisions

23.1

Code Fix

Use Case

Admin

nCino View Object Failing

No Code Fix - Added Loggers

Data

Deployments

Org sync not completing

No Code Fix - Added Loggers

Data

Dataloader

Corrected a spelling mistake in ARM steps.

23.1, 22.3

Code Fix

Use Case

Dataloader

Corrected data seeding error preventing upsert

23.1, 22.3

Code Fix

Use Case

Reports

Getting ‘cannot invoke "String.length()" because of "text" is “null”’ error when performing the ‘Get latest reports’ in Weekly reports

23.1

Code Fix

Use Case

Reports

When navigating to Static Code Analysis screen from Reports module, getting the “comparison method violates its general contract!” error.

23.1

Code Fix

Data

Version Control

On DX branch release label artifact execution, on deleted components, the destructive changes artifact preparation is not generated.

23.1

Code Fix

Use Case

nCino

On-premise testing: CI Job with template option failed due to "data and metadata retrieval failed” error

23.1, 22.3

Code Fix

Use Case

CI Jobs

Failed to deploy destructive changes though CI jobs.

23.1

Code Fix

Use Case

26 November 2023

(ARM v 23.1.9)

Module

Summary

Fix Version(s)

Resolution

Cause

Admin

Branching baseline issue

23.1

Code Fix

Use Case

CI Jobs

The new feature of merging only revision in the CI job build is not working

23.1

Code Fix

Use Case

CI Jobs

CI job filter not working properly

23.1

Code Fix

Use Case

Version Control

Commit not getting detected

23.1

Code Fix

Use Case

Version Control

Rejecting a commit is merging the changes

23.1

Code Fix

Use Case

Admin

Unable to save Pull Request Plugin config

23.1

Code Fix

Use Case

Version Control

AR commit File Diff process is failing with errors

23.1

Code Fix

Use Case

Version Control

Merge auto-rejected but CI job triggered

23.1

Code Fix

Use Case

Admin

Changing role from Dev to Admin shows orgs and branches in New EZ- Commit without mapping under profile

23.1

Code Fix

Use Case

Version Control and Deployment

Release Label Artifact not including code for a commit

23.1

Loggers Added

Data

Dataloader

Dataloader Pro jobs causing huge threads pileup

23.1

Enhancement

Use Case

CI Jobs

Data Retention – CI Jobs - Observing 'java.lang.NumberFormatException' error in the CI Retention process log when processing the string '2023-08-26.' Please check the date formatting to ensure it is being treated as a string and not causing the exception.

23.1

Code Fix

Use Case

Version Control

While submitting the ALM commit with these “<ALM Issue ID>“, “{ALM Issue ID}” ALM patterns, unable to submit the commit

23.1

Code Fix

Use Case

Deployments

Sub-user - Deployment History - While changing the date range filter, getting "Cannot invoke "String.equalsIgnoreCase(String)" because the return value of "com.autorabit.entity.deployment.DeploymentHistory.getCreatedBy()" is null" error

23.1

Code Fix

Use Case

Version Control

With Release label deployment, the flow-meta.xml retrieval issue both constructive and destructive

23.1

Code Fix

Use Case

22 November 2023

Module

Summary

Fix Version(s)

Resolution

Cause

Enabled by default?

Feature Flag Name

Version Control

Branch Protection Policy enforced and behavior of EZ- merge

23.1

Code Fix

Use Case

GIT_LOGGEDIN_USER_AS_COMMIT_USER

Version Control

Issue while creating feature branches in EZ - Commit screen

23.1

Code Fix

Use Case

Version Control

Upload File option not available during EZ- commit with Option package manifest

23.1

Code Fix

Use Case

19 November 2023

(ARM v. 23.1.8)

Module

Summary

Fix Version

Resolution

Cause

Deployments

Deployment tab - Redeploy/Promote issue

22.3, 23.1

Added Loggers

Data

Dataloader

Optimize the Dataloader Pro job logs in the rabit cs log

23.1

Code Fix

Use Case

nCino

Unable to create Feature Migration Template on Debt Schedule object

22.3, 23.1

Code Fix

Use Case

All Modules

Invalid Email ID

22.3, 23.1

Code Fix

Use Case

CI Jobs, Deployments, Version Control, Admin

Org Sync diff report differs for the same source org compared to different orgs.

23.1

Code Fix

Use Case *

Dataloader

Urgent: AutoRABIT is down

23.1

Code Fix

Use Case

Version Control

Issue with Block button during Merge Conflict

23.1

Code Fix

Use Case

CI Jobs

CI job deployment failing: Restriction rules deployed as moderation rule and made the deployment bugged

23.1

Code Fix

Use Case

CI Jobs

Urgent: Rollback of specific components - Issue

23.1

Code Fix

Use Case

CI Jobs

Unexpected behavior when disabling component category on rollback destructive changes.

23.1

Code Fix

Use Case

SFDX

Error while using Scratch Org Management tab

23.1

Code Fix

Use Case

All Modules

ARM<>ULP Integration Issues

23.1

Code Fix

Use Case

Version Control

Auto-reject on commit validation for SCA & Auto-reject setting in Merge

23.1

Code Fix

Use Case

15 November 2023

Module

Summary

Fix Version

Resolution

Cause

CI Jobs

CI Job is not picking up changes committed on the branch, indicating "No modifications made."

23.1

Code Fix

Use Case

Deployments

Org Synchronization – constructive & destructive changes are not working together

23.1

Code Fix

Use Case

Admin

Sync error between ARM and GIT

23.1

Code Fix

Use Case

Version Control

Deployment validation not working correctly during new EZ-Merge

23.1

Code Fix

Use Case

CI Jobs

Merging only revision in the CI job build not working

23.1

Code Fix

Use Case

12 November 2023

(ARM v. 23.1.7)

Module

Summary

Fix Version(s)

Resolution

Cause

Deployments

During Org Sync, file names are being repeated as part of the deployment results.

23.1

Code Fix

Use Case

Deployments

User is unable to see the Deployment History.

23.1

Code Fix

Use Case

CI Jobs & Deployments

User is unable to deploy static resource.

23.1

Code Fix

Use Case

Reports

Scheduled Code Coverage Reports are running at the wrong time.

23.1

Code Fix

Use Case

nCino

User is unable to create Feature Migration Template on Debt Schedule object.

22.3, 23.1

Code Fix

Use Case

Dataloader

User is unable to upload files and update records; system logs user out instead.

23.1

Code Fix

Use Case

Version Control

User is getting timeouts in merge screen.

23.1

Code Fix

Use Case

5 November 2023

(ARM v. 23.1.6)

Module

Summary

Fix Version(s)

Resolution

Cause

All Modules

SF CLI version upgrade to 2.14.6

23.1

Code Fix

Enhancement

Environment Provisioning

View environment provisioning templates

22.3 & 23.1

Code Fix

Enhancement

Admin

Branching baseline is not picking all components from production

22.3 & 23.1

Code Fix

Use Case

Deployments

Help with destructive change

22.3 & 23.1

Code Fix

Use Case

Version Control

Merge request is failing due to validation credentials

22.3 & 23.1

Code Fix

Use Case

CI Jobs, Deployments

Issues with a release – related to Feature Flag - not automatically deployed: STANDARD_VALUE_SET_DELTA

22.3 & 23.1

Code Fix

Data

Version Control

Approval button is not visible after successful merge validation

22.3 & 23.1

Code Fix

Data

Version Control

Create artifact: not completed

23.1

Code Fix

Data

Admin

AutoRABIT login not working

23.1

Code Fix

Use Case

Version Control

Error pop-up during merge type selection as Commit Label in EZ-Merge

23.1

Code Fix

Data

CI Jobs

AutoRABIT AccelQ Integration/ bhg-inc.com

23.1

Code Fix

Use Case

CI Jobs

Developer API for CI Jobs History not returning latest results.

23.1

Code Fix

Use Case

nCino

Ability to trigger nCino CI jobs using REST API

23.1

Code Fix

Customer Request

CI Jobs

For run test automation scripts job: More than one cycle is not displayed in the individual job history

23.1

Code Fix

Use Case

Version Control

Unable to delete feature branch under merge request, getting internal server error

23.1

Code Fix

Use Case

Version Control

Unable to view the entry of recently created merge request in the merge request history screen

23.1

Code Fix

Use Case

Version Control

Criteria met ALM's not getting fetched under merge request

23.1

Code Fix

Use Case

nCino

Instead of POST methods need to change the GET

23.1

Code Fix

Customer Request

27 October 2023

(ARM v. 23.1.5)

This was a maintenance release. The following items were enhanced, fixed, or added:

Loggers were added to Reports and Dashboard modules in versions 22.3 and 23.1 due to a data error in which users were unable to fetch a Salesforce code coverage report.
An enhancement was made by a code fix applied to the Deployments and Org Synchronization modules in versions 22.3 and 23.1 enabling users to change deploy text for validations.
A code fix was applied to the CI Jobs module in version 23.1 identified by use case to enable validation CI Job comments to be visible on the Bitbucket PR.
A code fix was applied to the Admin module of version 23.1 due to a use case in which modification logs were needed for Version Control mapping setup.
A code fix was applied to the Version Control module of version 23.1 related to a use-case error in which External Pull Requests, when expanding the files in the diff, content was not visible and showing as undefined.
A code fix was applied to the Version Control module of version 23.1 related to a use-case error in which External Pull Requests, when expanding files in the diff, show duplicate content.
A code fix was applied to the nCino module of versions 22.3 and 23.1 due to a use-case scenario during dataset creation with saving only user info in Json that is relevant to current dataset.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 due to a use-case error with an AR merge failing.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 due to a use-case error in which the incorrect removal of Custom Application type in package.xml on EZ-Commit via AR occurred.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 in which two external pull request issues were occurring.

25 October 2023

This was an interim maintenance release. The following items were enhanced, fixed, or added:

A Code Fix was applied to the Deployments module due to the Deployment initiated using Org Synchronization failing caused by a use case with a fix applied to versions 22.3 and 23.1.
A Code Fix was applied to the Version control module due to a Validation Error requiring Feature Flag: VALIDATE_DEPLOY_PICK_FILECHANGES_FROM_DIFF caused by a use case with a fix applied to versions 22.3 and 23.1.
A Code Fix was applied to the Reports module due to the Weekly Code/ Test Coverage Report taking a long time caused by a use case with a fix applied to versions 22.3 and 23.1.
A Code Fix was applied to the Admin module due to an SSO Error as of Sept 25 caused by a use case with a fix applied to versions 23.1.
A Code Fix was applied to the Admin module due to an AutoRABIT Login Issue caused by a use case with a fix applied to versions 23.1.
A Code Fix was applied to the Version Control module due to validation/merge errors after latest release caused by a use case with a fix applied to versions 23.1.
A Code Fix was applied to the Dataloader module due to the download button not working caused by a use case with a fix applied to versions 23.1.

22 October 2023

(ARM v. 23.1.4)

This is a maintenance release. The following items were enhanced, fixed, or added.

Performed a code fix to version 23.1 affecting the Reports module resulting from a use-case error with code coverage report emails missing test class errors in the subject.
Applied a code fix to version 23.1 for the Deployments module resulting from a use-case scenario with user unable to see deployment history.
Instituted a code fix to version 23.1 for the CI Jobs module resulting from a use-case error with the org management page.
Implemented a code fix to versions 22.3 and 23.1 affecting the CI Jobs module due to a use-case issue to SFDX/CI jobs with package version installation key.
Performed a code fix to versions 22.3 and 23.1 affecting the Version Control module for a use-case issue related to custom label translation file.
Applied a code fix to versions 22.3 and 23.1 related to the Deployments module for a use-case error with previous deployment label 'add members' option not working.
Performed a code fix to version 23.1 affecting the Admin module due to a use-case error with MyProfile not redirecting properly and showing the profile icon after clicking on the 'profile' button.
Implemented a flow center change to versions 22.3 and 23.1 for the Dataloader module due to a use-case error with the download button not working.

18 October 2023

This interim release consisted of the following:

Performed a code fix to versions 22.3 and 23.1 affecting the Version Control module for a use-case issue with a custom label translation file.

15 October 2023

(ARM v23.1.3)

AutoRABIT provided the API 59.0 changes as part of its weekly fixes on both 22.3 and 23.1. This is available only for ARM modules, not for Dataloader or nCino. For DL and nCino, API 59.0 changes will be available next week as part of the Wednesday fixes deployment.

This is a maintenance release. The following items were enhanced, fixed, or added.

Instituted an enhancement via code fix to versions 22.3 and 23.1 affecting all ARM modules, applying Salesforce v.59 upgrade for Winter 2024.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the CI Jobs module concerning a package directory issue.
Applied a code fix to versions 22.3 and 23.1 due to a use-case scenario pertaining to the Environmental Provisioning module with users not able to generate a migration template using the migrate custom setting data module.
Issued a code fix to versions 22.3 and 23.1 for a use-case error in the Version Control module with a custom label translation file.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the Deployments module concerning bugs in deployment with multi-packages and static resource.
Applied a code fix to version 22.3 resulting from a use-case error affecting Dataloader returning an 'invalid cross reference id' error for ProcessInput and ProcessingInputCondition objects.
Implemented a code fix to version 23.1 for a use-case error to the Version Control module, in which duplicate commits were being created.
Performed a code fix to version 23.1 for a use-case error to the Version Control module pertaining to Deployment history, with the deployment status not being visible.
Performed a code fix to version 23.1 relating to a use-case error affecting the nCino module in which users are unable to deploy nCino feature (RBC), instead returning a 'malformed query' result.
Performed a code fix to version 23.1 relating to a use-case error to the Version Control module with users unable to perform new pull request commit due to commit template permission.
Executed a code fix to version 23.1 relating to a use-case error affecting the Version Control module with users continually getting a login redirect error when trying to create a branch through an EZ-Commit.
Performed a code fix to version 23.1 relating to a use-case error in the Version Control module with users unable to create a commit label, continually getting a login redirect error.
Performed a code fix to version 23.1 relating to a use-case error affecting the Admin module, particularly a SuperAdmin user, not getting any response to the scheduler's service registration button without expanding the selection.
Initiated a code fix related to a use-case scenario in version 23.1 affecting the Version Control module with release labels getting failed after restarting the agent.
Applied a code fix related to a use-case scenario affecting version 23.1 in the nCino module, when parallel CI jobs limit was reached, the job was not added to the queue.
Performed a code fix to correct a use-case error in version 23.1 related to the nCino module for a merge missing changes.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the Version Control module, in which users were unable to create/append a revision to an existing label for a sub-user.
Implemented a code fix to version 22.3 relating to a use-case error in the Version Control module in which the user was getting empty error pop-ups under the ALM management screen for a sub-user, not displaying the ALM items.
Performed a code fix to version 23.1 relating to a use-case error affecting the nCino module with a job deployment issue.
Applied a code fix to version 23.1 relating to a use-case error affecting the nCino module for a CI job build getting failed.
Initiated a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the nCino module for a 'no modifications status' displayed for a version control BR job.

11 October 2023

Performed a code fix to versions 22.3 and 23.1 related to a use case scenario affecting the Version Control module related to ALM tickets being bugged after using the ALM sync refresh.
Performed a code fix to version 23.1 related to the Deployments and CI Jobs modules affecting a use-case error being issued during CI Deployment for property 'userLicense' not valid in version 57.0.

8 October 2023

(ARM v23.1.2)

This is a maintenance release. The following items were enhanced, fixed, or added.

Performed a code fix to versions 22.3 and 23.1 for a use-case error affecting the Admin module relating to code coverage issues.
Applied a code fix to versions 22.3 and 23.1 related to a use-case error in the Deployments module concerning a flow component missed in the deployment.
Implemented a code fix to versions 22.3 and 23.1 for a use-case error related to a specific customer’s fields for redeployment.
Applied a code fix to version 23.1 for a use-case error affecting the Deployments module related to metadata production and a deployment issue.
Integrated a code fix to version 23.1 affecting the Deployments and CI Jobs modules for a deployment issue running all test classes.
Performed a code fix to the nCino module in version 23.1 pertaining to Salesforce Orgs not showing as source orgs for nCino feature management deployments.
Applied a code fix to the nCino module in versions 22.3 and 23.1 pertaining to [arm-qan] no modification status displayed for version control BR job.
Added loggers to versions 22.3 and 23.1 to correct a use-case error in the Deployments module pertaining to a deployment bug occurring with multi packages and static resources.

1 October 2023

(ARM v23.1.1)

This is a maintenance release. The following items were enhanced, fixed, or added.

A code fix was applied to the version control module in releases 22.3 and 23.1 due to a use-case error with a user being unable to create a new commit.
A code fix was performed in the 23.1 release to the version control module for a use-case error when merging destructive changes.
A code fix was instituted to the CI Jobs module in version 23.1 to address when a CI job has two different package directories. Changes were failing under one package when the analysis was completed in CodeScan.
A code fix was performed for release versions 22.3 and 23.1 to the deployments module for a use-case error resulting in a buggy deployment with multi packages and the static resources being bugged as well.
A code fix was applied to the version control module in releases 22.3 and 23.1 concerning a use-case error for an EZ-Commit, where the user was unable to view the 'deleted components' tab for the commit template when unchecking the 'skip mappings' checkbox.
A code fix was implemented to versions 22.3 and 23.1 to correct an error with the deployments module due to a deployment initiated using org synchronization failing.
A code fix was applied to releases 22.3 and 23.1 due to a use-case error in which the registration date of the repository was not correct in the version control repository (created date in AutoRABIT).
A code fix was performed to versions 22.3 and 23.1 due to a data error in the version control module preventing ALM working items from loading.
A code fix was initiated for versions 22.3 and 23.1 due to a data error affecting the reports module, which occurred when executing a static code analysis (CodeScan) report.
A code fix was performed to version 23.1 in the version control module resulting from a data error on the commit history screen.
A code fix was implemented in versions 22.3 and 23.1 to the version control module related to a use-case error wherein the baseline job has modified the Salesforce folder structure in GitHub.
Loggers were added in the version 23.1 release due to a data error in the version control module causing duplicate commits to be created.
A code fix was implemented to the nCino module for versions 22.3 and 23.1 for a data error in which the records count was not being updated in the object sidebar for the version control baseline revision job.

24 September 2023

(ARM v23.1) This is a maintenance release. The following items were enhanced, fixed, or added:

A code fix was applied to the Deployment module due to a data error concerning an Org difference pulling changes from the managed packages.

ARM Release Notes 22.3

We would like to inform you about the End of Life (EOL) for ARM version 22.3. Per our support agreement, this version is now more than 365 days old and is no longer supported. As part of our ongoing commitment to providing the best possible experience for our users and maintaining the highest standards of security and performance, we have made the decision to discontinue support for ARM 22.3.

End of Life Date: April 1, 2024

What Does This Mean?

End of Support: As of April 1, 2024, we will no longer provide maintenance updates, bug fixes, or technical support for ARM 22.3. This includes both security and non-security updates.
Security Risks: Continuing to use ARM 22.3 after the end of support date may expose your system to potential security vulnerabilities, as we will no longer release security patches.
Upgrade Recommendations: We strongly recommend migrating to a supported version of ARM to ensure continued reliability, security, and performance. Our team is available to assist you with this transition process and provide guidance on your upgrade.
Accessing Resources: While official support for ARM 22.3 will no longer be available, you can still access existing resources such as documentation, knowledge base articles, and the Knowledge Hub for reference purposes.

Action Required:

To mitigate any potential risks associated with the EOL of 22.3, we urge you to take proactive steps towards upgrade immediately. Our customer success and support team are here to assist you every step of the way. Please reach out to your CSM to plan this work.

We understand that this transition may present challenges, and we sincerely apologize for any inconvenience it may cause. However, we believe that focusing our efforts on our latest offerings will ultimately benefit you with enhanced features, improved performance, and better security.

Thank you for your understanding and continued support.

December 2022 - Version 22.3 - New Features, Enhancements, Improvements and Changelogs

Date of release: 18 December 2022 Article last updated: 31 July 2023

New Features

1. Retention Policy

You can now define a data Retention Policy and choose how much data should be stored for how long. ARM will now be considerably quicker by eliminating outdated data. Clearing out old and useless data from the database and moving it to the archives keeps the application from underperforming and improves speed across all modules.

A weekly clean-up will ensure that the application runs smoothly. The default data retention period is set as 12 months which will be implemented with the release of ARM version 22.3. Admins can specify the duration of data retention in the history tables from the My Account section and change the retention period from 12 months to 6 months or 3 months. Read more →

2. Search, Group, and Filter CI Job List

Finding a CI Job has never been easier. Instead of scrolling through endless pages, you can search for a job or a group by simply typing the name in the new dropdown lists. You can further narrow the search results by combining these two options to look for a particular job within a group.

Additionally, the filter feature provides further options to narrow the search results by source type, date range, and more. Read more →

3. Ability to Abort a Vlocity Deployment

We just included new functionality to the ARM 22.3 version that allows users to terminate an ongoing Vlocity deployment process or abort it if get stuck. The Deployment History screen contains the Abort option, which allows you to terminate the deployment process.

Enhancements

1. Release Label Revamp

The revamp of the Release Label page is the feature of version 22.3 that stands out the most. This enhancement is actually a collection of multiple smaller enhancements, each of which is briefly discussed in this section.

While creating a release label, you can choose the specific period for which you want to retrieve the commit history instead of loading the entire commit history, which could take a really long time.
You can also create a release label while simultaneously creating a package simply by selecting a conveniently located checkbox on the same screen.
The selected revisions are also displayed on the same screen and updated dynamically as you select/unselect revisions.
Release labels are color-coded on the Release Label Summary screen for easier identification, and the search now provides leaner results.

Read more →

2. Additional Metadata Support in Search and Substitute

Additional metadata types are now compatible with the Search and Substitute rule, allowing the application to use them for Deployments and Commits.

Until now, the Search and Substitute functionality only had the ability to select a metadata type and then perform the search for substrings across all members in that type. But now, you can select specific metadata members in a type and substitute values for that member(s).

This enhancement is also helpful when users want to add object permissions only to the production and not to the lower sandboxes.

It is also beneficial to have this feature so that the rules can be created and used in CI Jobs to do the replacements automatically, depending on the deployment settings in the CI Job. Read more →

3. Additional details in the Users Export List

Export List is a comprehensive list of all registered users with an organization. This list can be downloaded from the Users module. It includes details like the users' name, email, and title; and information about user accounts created, modified, deactivated, and deleted.

With the recent release, the Export List will include a few additional details related to the last login to ensure security and compliance. Details like the location, login type, IP address, coordinates, and the browser used.

The access level of users is not mentioned in the export list for security reasons, i.e., if any users are Admin or Super Admin, this will not be specified. The company can share this list, if required, with people both inside and outside their organization without jeopardizing the confidentiality of the access granted to the users. Read more →

4. Dataloader Clone process

In addition to providing a new name, Dataloader users can now specify a different Salesforce org as a source or destination for the operation while cloning an existing job. This helps the users to reuse the same job configuration with a different Salesforce org without going through the entire process again.

For the Extract operation, users have the option to edit the query corresponding to the new org selected. For Insert/Update/Upsert/Delete operations, users have the option to upload a different .CSV file instead of the original one. Validation is done to verify whether the object is available in the new org and also if the user edits the query for the cloned process. Read more →

Improvements

The /syncbranchcommits service is no longer supported. The users will no longer require Auto-sync functionality to create a release label. This simplifies the function's use and gets rid of unnecessary steps.
For improved user experience, the metadata.zip file upload option has been added to the New Deployment page itself. When uploading large files, this is extremely useful.
The password policy is reduced from 13 previously used passwords not being allowed to 5 previously used passwords. This gives users more options while resetting their passwords after the three months period or if they forget their password.
Improvements have been made to VC Repo flow as well as to Salesforce Org flow. You can now run scans on a repo or an org to be tagged to the same project and run comparisons so that you have traceability across the scans. The comparison feature allows for every delta scanned to be compared with the baseline. Scans are run on the source, and the results are available in the Reports module. Users can trace the jobs run using the unique identifier. Click HERE to see a few points to note about these improvements.
Super Admin and the user currently logged in are disabled for ALL actions. They cannot be added, deleted, suspended, activated, deactivated, edited, or their roles delegated to other users. Super Admin is displayed at the top of the users' list for easy identification.
The Users module now displays the last login date and time of the users instead of the phone number, and the first and last names appear under the single Name column for better monitoring and tracking.
Super Admin can now enter the desired thread pool count while registering an ARM agent.
Customers can now request for Pendo and Full Story to be enabled or disabled for their instance. Simple toggle buttons to do this are added under the Product Analytics section on the Super User Accounts page. Only Super Admin will have access to this section.
In DataLoader,
- The number of records that are going to be impacted by the specific operation (Extract, Insert, Update, Upsert, or Delete) is displayed as a message before the operation begins and also on the Summary screen as Records.
- Filters have been added to differentiate between the mapped and unmapped fields when auto-map is selected.
- Success and error count of records is displayed while the job is still in progress. Click HERE to read more about these improvements for each of the operations.

Changelogs

28 February 2024

(ARM v. 22.3.55)

Module

Summary

Fix Version

Resolution

Cause

Version Control

Merges are not being fetched when trying to create a release label for Vlocity components.

22.3

Code Fix

Use Case

Version Control

Unable to Commit the Action Overrides in Service Appointment Object

22.3

Code Fix

Use Case

28 January 2024

(ARM v. 22.3.54)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Deployment

Vlocity Deployment issue

QA Passed

22.3, 23.1

Code Fix

Use Case

Version Control

Not fetching merges when trying to create a release label for Vlocity components

QA Passed

22.3

Code Fix

Use Case

21 January 2024

(ARM v. 22.3.53)

Module

Summary

Status

Fix Version(s)

Resolution

Cause

Dataloader Pro

Issue while deploying promotions from QAT to PRD the rule set criteria is compressing the value while deploying it to RD

QA Passed

22.3 23.1

Code Fix

Use Case

Dataloader Pro

Issue on Feature Deployments

QA Passed

22.3 23.1

Code Fix

Use Case

14 January 2024

(ARM v. 22.3.52)

MODULE

SUMMARY

FIXVERSION

RESOLUTION

CAUSE

Admin

After baselining the branch, it did not pull all metadata for development.

22.3

Code Fix

Use Case

Deployments

Deployment status failed when deploying Vlocity components

22.3 23.1

Code Fix

Use Case

10 December 2023

(ARM 22.3.51)

Module

Summary

Version(s)

Resolution

Cause

nCino

User is unable to do nCino Feature Deployments * Requires documentation

23.1, 22.3

Code Fix

Use Case

Admin

Getting ‘null parameters’ error when clicking on save in the user’s section.

23.1, 22.3

Code Fix

Use Case

3 December 2023

(ARM v. 22.3.50)

Module

Summary

Fix Version(s)

Resolution

Cause

Admin

Issue adding user mapping

22.3, 23.1

Code Fix

Use Case

Admin

nCino View Object Failing

No Code Fix - Added Loggers

Data

Deployments

Org sync not completing

No Code Fix - Added Loggers

Data

Dataloader

Corrected a spelling mistake in ARM steps.

23.1, 22.3

Code Fix

Use Case

Dataloader

Corrected data seeding error preventing upsert

23.1, 22.3

Code Fix

Use Case

nCino

On-premise testing: CI Job with template option failed due to "data and metadata retrieval failed” error

23.1, 22.3

Code Fix

Use Case

26 November 2023

(ARM v. 22.3.49)

Module

Summary

Fix Version(s)

Resolution

Cause

CI Jobs

Post activities, particular job status showing as FAILED in ARM even job execution completed with succeed

22.3

Code Fix

Use Case

Admin

Getting empty Configuration under "Configure Default SCA Baseline Branches"

22.3

Code Fix

Use Case

Admin

Able to view empty role under permissions

22.3

Code Fix

Use Case

19 November 2023

(ARM v. 22.3.48)

Module

Summary

Fix Version

Resolution

Cause

Deployments

In sub-user, unable to get the branch in Salesforce Org Mappings section in SF Org Management screen if Admin user given only admin module permission.

22.3

Code Fix

Use Case

Deployments

Deployment tab - Redeploy/Promote issue

22.3, 23.1

Added Loggers

Data

nCino

Unable to create Feature Migration Template on Debt Schedule object

22.3, 23.1

Code Fix

Use Case

All Modules

Invalid Email ID

22.3, 23.1

Code Fix

Use Case

15 November 2023

Module

Summary

Fix Version

Resolution

Cause

Deployments

Page unresponsive in new deployment for "previous deployment" as source type

22.3

Code Fix

Use Case

12 November 2023

(ARM v. 22.3.47)

Module

Summary

Fix Version(s)

Resolution

Cause

nCino

User is unable to create Feature Migration Template on Debt Schedule object.

22.3, 23.1

Code Fix

Use Case

5 November 2023

(ARM v. 22.3.46)

Module

Summary

Fix Version(s)

Resolution

Cause

All Modules

New User Creation

22.3

Code Fix

Change Request

Environment Provisioning

View environment provisioning templates

22.3 & 23.1

Code Fix

Enhancement

Admin

Branching baseline is not picking all components from production

22.3 & 23.1

Code Fix

Use Case

Deployments

Help with destructive change

22.3 & 23.1

Code Fix

Use Case

Version Control

Merge request is failing due to validation credentials

22.3 & 23.1

Code Fix

Use Case

CI Jobs, Deployments

Issues with a release – related to Feature Flag not automatically set: STANDARD_VALUE_SET_DELTA

22.3 & 23.1

Code Fix

Data

Version Control

Approval button is not visible after successful merge validation

22.3 & 23.1

Code Fix

Data

27 October 2023

(ARM v. 22.3.45)

This was a maintenance release. The following items were enhanced, fixed, or added:

Loggers were added to Reports and Dashboard modules in versions 22.3 and 23.1 due to a data error in which users were unable to fetch a Salesforce code coverage report.
An enhancement was made by a code fix applied to the Environment Provisioning module in version 22.3 to enable users to view Environment Provisioning templates.
An enhancement was made by a code fix applied to the Deployments and Org Synchronization modules in versions 22.3 and 23.1 enabling users to change deploy text for validations.
A code fix was applied to the nCino module of versions 22.3 and 23.1 due to a use-case scenario during dataset creation with saving only user info in Json that is relevant to current dataset.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 due to a use-case error with an AR merge failing.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 due to a use-case error in which the incorrect removal of Custom Application type in package.xml on EZ-Commit via AR occurred.
A code fix was applied to the Version Control module of versions 22.3 and 23.1 in which two external pull request issues were occurring.

25 October 2023

This was a maintenance release. The following items were enhanced, fixed, or added by code fixes resulting from use-case scenarios:

A Code Fix was applied to the Deployments module due to the Deployment initiated using Org Synchronization failing caused by a use case with a fix applied to versions 22.3 and 23.1.
A Code Fix was applied to the Version control module due to a Validation Error requiring Feature Flag: VALIDATE_DEPLOY_PICK_FILECHANGES_FROM_DIFF caused by a use case with a fix applied to versions 22.3 and 23.1.
A Code Fix was applied to the Reports module due to the Weekly Code/ Test Coverage Report taking a long time caused by a use case with a fix applied to versions 22.3 and 23.1.

22 October 2023

(ARM v. 22.3.44)

This is a maintenance release. The following items were enhanced, fixed, or added.

Implemented an enhancement to version 22.3 identified as part of a use-case issue affecting the Deployments and Org Synchronization modules requiring changing deploy text for validations.
Implemented a code fix to versions 22.3 and 23.1 affecting the CI Jobs module due to a use-case issue to SFDX/CI jobs with package version installation key.
Performed a code fix to versions 22.3 and 23.1 affecting the Version Control module for a use-case issue related to custom label translation file.
Applied a code fix to versions 22.3 and 23.1 related to the Deployments module for a use-case error with previous deployment label 'add members' option not working.
Added loggers to version 22.3 affecting the Version Control module due to a use-case error with user roles missing.
Added loggers to version 22.3 affecting the CI Jobs module resulting from a use-case with automated package generation CI job AR server exception error.
Implemented a flow center change to versions 22.3 and 23.1 for the Dataloader module due to a use-case error with the download button not working.

18 October 2023

This interim release consisted of the following:

Performed a code fix to versions 22.3 and 23.1 affecting the Version Control module for a use-case issue with a custom label translation file.

15 October 2023

(ARM v22.3.43)

This is a maintenance release. The following items were enhanced, fixed, or added.

Instituted an enhancement via code fix to versions 22.3 and 23.1 affecting all ARM modules, applying Salesforce v.59 upgrade for Winter 2024.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the CI Jobs module concerning a package directory issue.
Applied a code fix to versions 22.3 and 23.1 due to a use-case scenario pertaining to the Environmental Provisioning module with users not able to generate a migration template using the migrate custom setting data module.
Issued a code fix to versions 22.3 and 23.1 for a use-case error in the Version Control module with a custom label translation file.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the Deployments module concerning bugs in deployment with multi-packages and static resource.
Applied a code fix to version 22.3 resulting from a use-case error affecting Dataloader returning an 'invalid cross reference id' error for ProcessInput and ProcessingInputCondition objects.
Performed a code fix to version 23.1 relating to a use-case error to the Version Control module with users unable to perform new pull request commit due to commit template permission.
Performed a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the Version Control module, in which users were unable to create/append a revision to an existing label for a sub-user.
Implemented a code fix to version 22.3 relating to a use-case error in the Version Control module in which the user was getting empty error pop-ups under the ALM management screen for a sub-user, not displaying the ALM items.
Initiated a code fix to versions 22.3 and 23.1 relating to a use-case error affecting the nCino module for a 'no modifications status' displayed for a version control BR job.

11 October 2023

Performed a code fix to versions 22.3 and 23.1 related to a use case scenario affecting the Version Control module related to ALM tickets being bugged after using the ALM sync refresh.

8 October 2023

(ARM v22.3.42)

This is a maintenance release. The following items were enhanced, fixed, or added.

Performed a code fix to versions 22.3 and 23.1 for a use-case error affecting the Admin module relating to code coverage issues.
Applied a code fix to versions 22.3 and 23.1 related to a use-case error in the Deployments module concerning a flow component missed in the deployment.
Implemented a code fix to versions 22.3 and 23.1 for a use-case error related to a specific customer’s fields for redeployment.
Applied a code fix to the nCino module in versions 22.3 and 23.1 pertaining to [arm-qan] no modification status displayed for version control BR job.
Added loggers to versions 22.3 and 23.1 to correct a use-case error in the Deployments module pertaining to a deployment bug occurring with multi packages and static resources.

1 October 2023

(ARM v22.3.41)

This is a maintenance release. The following items were enhanced, fixed, or added.

A code fix was applied to the version control module in releases 22.3 and 23.1 due to a use-case error with a user being unable to create a new commit.
A code fix was performed for release versions 22.3 and 23.1 to the Deployments module for a use-case error resulting in a buggy deployment with multi packages and the static resources being bugged as well.
A code fix was applied to the version control module in releases 22.3 and 23.1 concerning a use-case error for an EZ-Commit, where the user was unable to view the 'deleted components' tab for the commit template when unchecking the 'skip mappings' checkbox.
A code fix was implemented to versions 22.3 and 23.1 to correct an error with the Deployments module due to a deployment initiated using Org Synchronization failing.
A code fix was applied to releases 22.3 and 23.1 due to a use-case error in which the registration date of the repository was not correct in the version control repository (created date in AutoRABIT).
A code fix was performed to versions 22.3 and 23.1 due to a data error in the version control module preventing ALM working items from loading.
A code fix was initiated to versions 22.3 and 23.1 due to a data error affecting the reports module, in which a user was getting an error message when executing a static code analysis (CodeScan) report.
A code fix was applied to version 22.3 in the version control module pertaining to a use-case error with changes not getting fetched via autodraft after reverting a commit.
A code fix was implemented in versions 22.3 and 23.1 to the version control module related to a use-case error wherein the baseline job has modified the Salesforce folder structure in GitHub.
A code fix was integrated to the version control module in version 22.3 after a data error caused by a feature template migration issue. The feature flag is MERGE_SKIP_AUTORESOLVE_CONFIGURATION_FILES.
A code fix to version 22.3 was implemented affecting all modules from a data error when setting up SFDX deployment.
A code fix was applied to the version control module in version 22.3 resulting from a use-case error with an ARM commit comment label error.
A code fix was implemented to the nCino module for versions 22.3 and 23.1 for a data error in which the records count was not being updated in the object sidebar for the version control baseline revision job.

24 September 2023

(ARM v22.3.40) This is a maintenance release. The following items were enhanced, fixed, or added:

A code fix was implemented due to a use-case error to the Version Control module regarding an issue with merging destructive changes.
A code fix was applied to the Deployment module due to a data error concerning an Org difference pulling changes from the managed packages.
A code fix was applied due to a use-case error relating to the Deployments module with a user unable to deploy components via Org Sync.
A code fix was applied pertaining to the CI Jobs module relating to a use-case error in which the CI Job has two different package directories and changes fall under one package when an analysis is completed on CodeScan
Performed a code fix relating to a use-case error in on the Deployments module in which a deployment bug with multi packags and static resource was bugged.

17 September 2023

(ARM v22.3.39) This is a maintenance release. The following items were enhanced, fixed, or added.

A code fix was implemented to the Deployment module related to a use-case error encountered when deploying Vlocity components from a Git branch.
A code fix was implemented related to the CI Jobs module to institute best practices following a user session.
A code fix was implemented to the Version Control module related to a use-case error pertaining to [integration_EZ-commit]. User was getting a "no package .xml found to retrieve the members" through package manifest when selecting 'all users or the respective SF org user.'

10 September 2023

(ARM v22.3.38)

This is a maintenance release. The following items were enhanced, fixed, or added:

As part of this fix deployment, one of the feature flags, 'RUN_PACKAGE_JOB_ENTIRE_BRANCH_78757,' has been provided. Enabling this feature flag only applies to one specific customer.
Implemented a code fix associated with the version control module for a use-case error in which ALM working items were not loading.
Implemented a code fix for a use-case error pertaining to the version control module for an approval email notification error.
As a result of a use-case error relating to a feature template migration issue, a new feature flag has been provided, 'MERGE_CONFLICTS_AUTORESOLVE_CONFIGFILES_USINGSOURCE,' which must be enabled for one specific customer only: More details are provided in the ticket itself.
Implemented a code fix related to a use-case error where the AutoRABIT deployment initiated using Org Synchronization fails. This error pertains to the Version Control module.
Implemented a code fix related to the CI Jobs module related to setting up SFDX deployment, with the Feature Flag:
RUN_PACKAGE_JOB_ENTIRE_BRANCH_78757
Regarding one ticket, 'Setting up SFDX Deployment': Only for the 'Create and Install an Unlocked/Managed Package Version from a Version Control Branch' CI, type in the CI Job configuration. When selecting the 'Trigger build on commit' option, we have hidden the 'Process commit revision received via hook only' sub-option. This change will be incorporated into our documentation. Further details are available in the ticket itself.
Implemented a code fix related to the nCino module error:
LLC_BI__Schedule_Section__c migration issue#1
Implemented a code fix related to an internal ticket in ARM, in which the user was not able to migrate related data using the Dataloader test environment setup module.
Implemented a code fix related to the Deployment module for an EBR Manual Asyncid XML Copy Automation error.

3 September 2023

(ARM v22.3.37)

This is a maintenance release. The following items were enhanced, fixed, or added:

Implemented a code fix associated with the version control module related to a use-case scenario in which a review artifact was not working.
Implemented a code fix to the nCino module resulting from a user product suggestion to the deployment history filter.
Implemented a code fix to the nCino module related to an instance in which the org name was not displayed for the destination org value field.

27 August 2023

(ARM v22.3.36)

This is a maintenance release. The following items were enhanced, fixed, or added:

Error: "Merging from Devint branch to Developer branch (Back merge) is getting Auto Rejected": Code fix to Version Control module on user merging from Devint branch to Developer branch (Back merge) getting Auto Rejected.
Implemented a UI change to include the “Ignore Warnings” option in both the prevalidation commit and merge flows. This requires a documentation change. See ticket for more details.
Error: “[Client] getting frequent page unresponsive errors in ARM": Introduced a UI change to support Salesforce orgs and the previous label deployment type in the deployment module.
Performed a code fix affecting the Deployments module related to a use-case error with the client getting frequent page unresponsive errors in ARM. This also requires an update in our documentation. Further information is in the ticket.
Error: “Branching baseline is not picking all components from production": Based on the customer-confirmed downtime window, it was necessary to enable the "METADATA_API_TO_DX_CONVERSION" feature flag for this fix deployment.
Performed a code fix concerning the Admin module due to an error with a branching baseline not picking all components from production with feature flag error: ‘METADATA_API_TO_DX_CONVERSION’.
Error in CodeScan Plugin pop-up window where the user was unable to type text in Org key drop-down selection field, which required a code fix to the Admin module. (Internal ticket)
Performed a code fix related to a use-case error during Vlocity deployments showing "NoOrgFoung" after activation of LWC components. Fix applied to the CI Jobs and Deployment modules.
Code fix applied to SFDX module for the user receiving an error message showing login failed. Also related to CI Jobs, scratch org creation was being struck in progress and not able to be deleted.
Applied a code fix for the Version Control module related to a user being unable to select the ALM side, getting a JAVA error.
Initiated a code fix to the Deployments module related to an error during an EZ deployment from a single revision with profiles and comp-specific changes pulling all comps.
Executed a code fix to the Deployments module on a use-case error affecting an AR deployment initiated using Org Synchronization failing.
Applied a code fix related to the following use-case error: [Cijobs-DXModulePckagecreation] facing the "["An unexpected error occurred while preparing endpoint: null. Please contact Salesforce Support and provide the following error code: 795089467-5806 (-1215335089)"].
Initiated a code fix to the nCino module for a client use-case error concerning spread template issues.
Performed a code fix for a customer use-case scenario regarding an error related to an nCino CI job deployment issue.

20 August 2023

(ARM v22.3.35) This is a maintenance release. The following items were fixed and/or added:

Performed a code fix impacting the Deployments and CI Jobs modules related to use cases in which selected test classes for production were not running and users were having code coverage issues.
Performed a code fix for the Admin module related to a specific user having difficulty with PWD policy.
Performed a code fix to the CI Jobs and Deployment modules relating to users unable to deploy changes to production orgs due to a CI Jobs coding issue.
Performed a code fix to the CI Jobs module related to an error message as login failed.
Performed a code fix on the CI Jobs module pertaining to Vlocity SFI components not compiling LWC on destination orgs when deploying via CI Jobs.
Performed a code fix related to the CI Jobs module for CI Job not starting according to schedule.
Performed a code fix related to the CI Jobs module to resolve an error related to setting up SFDX deployment and CI Job configuration.
Performed a code fix to the nCino module for an error in which the screen template failed with a malformed query exception.

13 August 2023

(ARM v22.3.34)

This is a maintenance release. The following items were fixed and/or added:

Performed a code fix pertaining to all modules relating to an SFDX to SF CLI Hotfix.
Performed a code fix relating to version control, CI jobs, and deployment modules initiated via change request due to ALM working items not loading, resolved by enabling the customer domain name.
Performed a code fix for a data error with feature flag name, ‘Disable_Merge_Rename_Detection’ after a merge was failing and took hours to complete.
Performed a code fix for the version control, CI jobs, and deployment modules pertaining to a data error, validation failing for the LWC component despite no error message being displayed in the logs.
Performed a code fix related to a use-case error in the version control module pertaining to a commit showing a “no modification” error.
Performed a code fix related to a use-case error affecting the version control, CI jobs, and deployment modules caused by an error merging a commit from the dev environment to the INT environment.
Performed a code fix to the version control module resulting from a use-case error where the commit was incorrectly showing “no modification”.
Performed a code fix related to a data error pertaining to the version control module, when Jira integration stories redeploy post sandbox refresh.
Performed a code fix for a use-case error in the deployment module related to filter-based retrievals not working when applying the ‘created by,’ ‘modified by,’ ‘created date,’ and ‘modified date’ filters.
Performed a code fix related to a performance issue in the nCino module pertaining to Spread Template issues.
Fixed an error in the deployment module when ‘Run Specified Tests’ is selected from the Apex Test Level dropdown.
Rather than a code fix, a customer-specific utility was provided to address SSO login issues in the admin module. This particular utility only works in versions 22.3.9 or lower for one individual customer.

06 August 2023

(ARM v22.3.33) This is a maintenance release. The following items were fixed and/or added:

Fixed an error under reports where code coverage emails were missing information.
Fixed an error related to a second deployment starting in the middle of a deployment.
Fixed an error in version control module related to not being able to commit or Repush changes in the Training Branch.
Fixed an error in version control module related to a feature flag: USE_PATCH_LOGIC_IN_EZCOMMIT for Code overwritten (feature not enabled by default).
Fixed an error for CI Job module where ALM-enabled failed due to Unparsable date error.
Fixed an error concerning multiple CI Jobs failing due to data error.
Fixed an error related to the Deployment, CI Jobs, and Version Control modules occurring when merging a commit from dev environment to INT environment.
Fixed an error related to deployments getting frequent page unresponsive errors in ARM.
Fixed an error under the Admin module relating to being unable to select the revision number while creating the Tag.
Fixed an error for Create and Install Package CI job deployment failing if having multiple package directories on the branch.
Fixed an error under the Admin module, My Account >> Merge Settings: Not visible Border for "Notify All Criteria Overwrites To" field.
Fixed an error under the Admin module, which enabled Domain names to be visible in the inspect mode.
Fixed an error in the nCino module related to [ARM-QAN] attachments’ deployment Failed with Bulk API.
Fixed an error in the nCino module related to a Pricebook entry.
Fixed an error related to the nCino module with scheduled Job not showing up in UI after completion due to Deploy Status Not Updated.
Fixed an error related to the nCino module with a CI Job Edit not populating with scheduled time details.

30 July 2023

(ARM v22.3.32) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with duplicate not working on EZ-merge requests related to version control.
Fixed EZ deployments from a single revision with profiles comp-specific changes pulling all comps during deployments.
Fixed an error related to CI Jobs not running the pipeline.
Fixed situations with both version control prevalidation commit and merge where static code analysis processes are stuck in an In-progress state when VNC is not started.
Helped generate the reports for CI/CD pipelines for nCino reports.
Performed Jira integration story’s redeploy post-sandbox refresh in version control.
Fixed a specified metadata type is unsupported: [processflowmigration] error in CI Jobs.
Set up the SFDX Deployment in CI Jobs.
Fixed an error with a CI Job not identifying changes.
Fixed an error related to BHG with CI Job webhooks failing to trigger.
Performed nCino AR template updates.

23 July 2023

(ARM v22.3.31) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with a merge use case of handling deleted files in both source and target branches by using git rm command.
Fixed an issue where screen redirects to login page on clicking on User activation email.
Fixed an issue where Commit stuck in InProgress.
Fixed an issue where we receive “JAXB marshall/unmarshall exception” while getting directed to CI results screen.
Fixed an issue where Release labels are taking 30 minutes or more to be available for repository in Version control.
Fixed an issue where Merges are taking a long time to complete in version control.
Fixed an issue where components selected on review component pages were being repeated in the next category in Version Control.
Fixed an issue where same name should be reflected instead of Commit showing a different name in Bitbucket in Version Control.
Fixed an issue where JIRA ALM Filter mappings not working in My profile & Version Control.
Fixed an issue where the Login rate exceeded error on the Salesforce Integration user.
Fixed an issue where Backup to Version Control is not backing up Matching Rules in Salesforce in CI jobs.
Fixed an issue where the shared server with common DB creates another customer weekly report in another server.
Fixed an issue where Custom field property didn’t deploy in CI Jobs and Deployment.
Fixed an issue where Diff report is not generated in New Deployment Module.
Fixed an issue where Unsupported metadata template execution is failing in Sandbox Refresh in Environment Provisioning module.
Enhanced DataLoader uber jar upgrade to 58.0.3.
Fixed an issue where we are facing Record Configuration Time Out in nCino.
Enhanced UI in Post Deployment activities result page in CI Job – nCino.
Enhanced the View details page not being visible unless post-deployment activities are completed – nCino.

18 June 2023

(ARM v22.3.26) This is a maintenance release. The following items were fixed and/or added:

Enhanced ARM by allowing PAT Authentication for Jira.
Fixed an issue where user ran an Org Synchronization history job and tried to access the Diff report to see the metadata difference, but the page kept loading indefinitely without the required diff.
Upgraded Provar to version 2.10.1.
Fixed an issue where the Approval option wasn't functional for L1 Approvers, and the Org Admin couldn't bypass the approval gate on EZ-Merge.
Fixed an issue with nCino where user created a Feature deployment task, but the jobs were stuck the queue.
Introduced a new feature in DataLoader called Hard Delete which can be used to delete the data completely and permanently instead of sending it to the Recycle Bin of the org.
Fixed an issue where CI Job build history was not displaying the results and throwing a blank page instead.
Fixed a UI bug where Abort option for CI job was displaying even after the build was successful.
Fixed an issue where duplicate ALM Commit entries were Displaying while performing ALM Commit with Vlocity repository.
Fixed an issue where the CI edit configuration screen was taking longer to load than expected before throwing Page Unresponsive alert.
Fixed an issue with DataLoader Pro where user created a new job and applied filter, but the source and destination orgs are taken from history page.
Fixed an issue with DataLoader where Insert operation bulk API selection was resulting in console error message serializeToString.
Fixed an issue where Vlocity metadata components were getting expanded on the Finish page.

11 June 2023

(ARM v22.3.25) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where deployment failed with the error message File cannot be loaded.
Fixed an issue where the SharingCriteriaRule component was not deployed to Production even though the user had selected it (#73824).
Fixed an issue where the SharingReasons component was ignored when the deployment/validation was done using Commit Label as source, but the same component was processed using Single Revision deployment or CI Job deployment (#72073).
Fixed an issue where user was trying to create an connect an Active Directory but it kept failing (#73582).
Fixed an issue where user was migrating a field value with Rich Text Area Field type but it was not reflecting in the target org as expected. Hyperlinks, font size, etc., were not migrated as present in the source Salesforce org (#73371 and #56084).
Fixed a UI bug where Deployment Failed line was displayed twice in the logs for failed deployments (internal ticket).
Fixed an issue where admin was unable to release a user from a team (internal ticket).
Fixed an issue where Null Values were displayed on the ALM Labels screen as well as the ALM Details tab on the respective ALM Commit Label Details screen (internal ticket).
Fixed an issue where selected files for DX Commits were not displayed in the File Changes tab, and after the commit it was showing as No Modifications (internal ticket).

04 June 2023

(ARM v22.3.24) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where a CI job failed to pick the external commit revision which was added to an ALM Label as part of Smart Commits sync (#71444).
Fixed an issue where Class Coverage Report generated was empty for one of the Salesforce orgs, and it was intermittent. The same behavior was observed for RunSpecified and RunLocal test levels (#71367).
Fixed an issue where deploying test classes from manual deployment was throwing an out of memory error (#71872).
Fixed an issue where BackUp to Version Control CI Job was failing due to too many retrieval error messages even though the Bulk API option was enabled (#72181).
Fixed an issue where while performing any commit, Pull Request enabled CI Job was triggering as expected; but its Build and Deployment status was not added in the Comments in Bitbucket (#72811).
Fixed an issue where EZ-Commits were stuck with In-progress status for a few hours before failing. But the commit revisions were generated at the repository level and updated in ARM database (#72817).
Fixed an issue where the Git author was overridden by ARM (#71393).
Fixed an issue with DataLoader where user was unable to create an Update job because the functionality prompoted user to select the Required field within the Mapping Fields (#73515).
Fixed an issue with DataLoader where user was getting a script error in the console while editing an existing old job (internal ticket).
Fixed an issue where Destructive commit for DX was not working as expected for Documents, Reports, and Dashboards types (internal ticket).
Fixed an issue where the Layout file was not displayed in the Review Artifact screen after resolving the layout duplicates (internal ticket).
Fixed an issue where 4 CI jobs were running parallelly even though the parallel process limit was 1 on the external agent (internal ticket).

28 May 2023

(ARM v22.3.23) This is a maintenance release. The following items were fixed and/or added:

Fixed a compliance issue with Apache Commons by removing the text dependency (#71947).
Fixed an issue where CI Jobs were failing due to empty JSON file(s) in the remote repository, and throwing the following error: Failed to initiate deployment. Unexpected end of JSON input (#72217).
Improved the UI by removing the Validate Deployment option if Vlocity is selected, and hiding the whole Board Type option if Vlocity is not enabled (#70993).
Fixed an issue where user was performing CI jobs for Validate and Deploy for a successful commit, but only validation was performed but not the deployment (#72751).
Fixed an issue where CI job deployment was failing because the build was picking duplicate Layout values (#71214).
Fixed an issue where unwanted metadata changes were observed in the package.xml file while performing a commit (#72089 and #71820).
Fixed an issue where Branching Baseline was not picking all the components from production (#70720).
Enhanced DataLoader by adding related objects and the fields of those objects displayed, so you can select the required fields of the related objects in the filter criteria and edit the query through SOQL editor (#58549 and #38339).
Fixed an issue with nCino where CI jobs that used a Deployment from Version Control were failing when the build was triggered (#71914).
Improved the New Merge screen by adding Layouts text in the Skip Flow /Profile/ Perm.Set Access-Setting Duplicity Check option (internal ticket).
Fixed a UI bug where SF Org Test Connection notification message was displayed on an unrelated module (internal ticket).
Removed the option to sign up for a 30-day Salesforce trial while registering a DevHub as the trial offer is no longer applicable (internal ticket).

21 May 2023

(ARM v22.3.22) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where wrong timezone region was displaying for users (#71553).
Fixed an issue where the EZ-Commits report file displayed the file count but not the components count (#71538).
Fixed an issue where clone build jobs were taking between 10 and 25 minutes, which is much longer than expected (#70227).
Fixed an issue where CI job build failed to show changes in the org after deployment (#70791 and #71956).
Fixed an issue where CI job to generate Code Coverage Report was not reflected in the org or in the e-mail notification (#72042).
Fixed an issue where merge status is displayed as completed but no revision is generated, and the merge is not available in the UAT branch (#71266).
Enhanced DataLoader by adding the ability to field mapping through the lookup fields (#58480).
Fixed an issue with DataLoader where while running an Extract job on the PUBLISHER object, the job was failing with the following error Publisher: column id is not supported in ORDER BY clause (#71303).
Enhanced the nCino filter criteria by adding the ability to search and filter labels using the whole or partial name (#71826).
Enhanced ARM by using known vulnerable components through the DataTables 1.10.12 plugin for advanced data table functionalities such as sorting, filtering, pagination, and more. This allows users to easily display and manipulate large sets of data on their web pages in a user-friendly manner (internal ticket).
Fixed an issue with Prevalidation Merge where users were unable to deploy the ApexClass Tests related to ApexClasses and Apex Triggers (internal ticket).
Fixed a UI bug where the date column in the EZ-Commit Weekly report was displaying incorrect values (internal ticket).

14 May 2023

(ARM v22.3.21) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was having trouble while deploying LighteningMessageChannel components (#70787).
Fixed an issue where Destructive Changes wasn't working as expected while performing an Entire Branch merge (#68882).
Enhanced the ALM management feature by adding an option to sync Smart Commits (#58904).
Fixed an issue with CI Jobs Destructive Sharing Rule was not deploying to the Salesforce org (#71183).
Fixed an issue where user could not disable the Smart Commits-Sync option for a repository branch in the VC repos section (#70854).
Improved the New Merge screen by removing the Validate Deployment option from the UI if Vlocity is selected (#70993).
Enhanced the Credentials module by adding SSH Cetificate option for Git Authentication (#67725).
Improved Release label creation by requiring at least two revisions to be selected (internal ticket).
Fixed an issue where Classic SF Org URL with a slash at the end of the URL redirects to the 400 error page, and for a Lightning SF Org URL without a slash gives an OAuth Authentication Failed error message (internal ticket).
Fixed an issue with nCino where user was getting a NullPointerException on Saving Permissions using Bulk Assignment (internal ticket).
Fixed an issue with CI Jobs where all the scheduled timings were not displayed in the Preview & Save page (internal ticket).
Fixed an issue with Dataloader where user was able to upload a 900 MB file despite the limit being 100 MB, causing the process to hang (internal ticket).
Fixed an issue with Dataloader where sever crashed after user performed an Extract operation from an SF org which had Account Object with 2 million records (internal ticket).

07 May 2023

(ARM v22.3.20) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was getting a validation deployment error while performing release label deployment (#70400).
Fixed an issue where Branching Baseline was taking longer than expected (#67814).
Fixed an issue where using the AutoDraft functionality in EZ-Commit was resulting in a malformed exception in the UI (#70458).
Fixed an issue where Branching baseline was not picking all components from production (#70720).
Fixed an issue where prevalidation merge failed with empty metadata package even though there were changes in File Diff (#32256).
Fixed an issue where entire ARM application was down temporarily (#70658).
Fixed an issue where Merge was auto-rejected due to an empty package because the metadata folder path not being specified under branch settings (#69788).
Fixed an issue where user was using the Bulk Assignment feature to assign Sandbox permissions on the Permissions page but encountered the following error: Java.lang.NullPointerException (#70868).
Fixed an issue where users weren't receiving SCA reports by email even though the reports were running (#70751).
Fixed an issue where while performing new EZ-Commit, user edited one line using review artifact option but Diff did not capture the same (#70270).
Fixed an issue where if CI Jobs were added in a queue with Scheduled jobs, then not all jobs were displayed in the queue (internal ticket).
Fixed an issue where existing revision file related delta still existed in agent even after uploading to rabitserver (internal ticket).
Fixed an issue where release label creation was failing when user tried to create package manifest and aborted and refreshed the label for DX repo (internal ticket).
Fixed an issue where Super admin user was getting a blank popup screen while trying to click on the Register Agent button from the Pool Mgmt screen (internal ticket).

30 April 2023

(ARM v22.3.19) This is a maintenance release. The following items were fixed and/or added:

Enhanced the Version Control module by adding SSH Certificate for Git authentication while creating user credentials (#67725).
Fixed an issue where CI Job was picking changes one build but not for the other, and the logs weren't capturing this (#69164).
Fixed an issue where Ignore missing visibility settings function was not working as expected and Record type visibility on the profile was not getting deployed using CI Job (#67654).
Fixed an issue where user merged a new component using a single revision merge but the merge missed to perform a CodeScan analysis (#70391).
Fixed an issue where user was unable to commit the destructive Email Template files as part of commit in SFDX format and getting auto failure (#70351).
Fixed a UI issue where OK button to reject an EZ-Merge was not working (#70041).
Fixed an issue where a field was available in the package but still Validation was throwing error that the field was missing (#69831).
Fixed an issue with DataLoader where multiple jobs were not processing parallelly when user loaded a large number of jobs to the queue (#62559).
Fixed an issue with nCino where user created more than 100 jobs with sub-user but was still getting the following error: No jobs exist to load (#69831).
Fixed an issue where Release Label artifact was not displaying metadata types in the Destructive changes tab for DX repos, but was working as expected for non-DX repos (internal ticket).
Fixed an issue where new jobs are getting added to the queue but not getting triggered, and later throwing NullPointer Exception (internal ticket).
Fixed an issue where Rollback button was not enabled for the first job if that job is came from a queued list (internal ticket).
Fixed an issue where ALM CI Job and Release artifact execution was happening at the same time, and the CI Job build was failing (internal ticket).
Fixed an issue where an empty pop-up was displayed when user tried to edit the existing CI jobs label for Sub-User (internal ticket).
Fixed an issue where if Validate only CI job came from the queue, then direct deployment was executing for that job instead of validate deployment (internal ticket).
Fixed an issue where duplicates revisions were being added to the list while creating the release label when user unselected and reselected the same revisions. (internal ticket).
Fixed an issue where Vlocity revisions were not displaying while user was trying to edit a release label (internal ticket).
Enhanced the Release Label creation page by adding options to the Vlocity label type which were only available for Salesforce revisions before (internal ticket).

23 April 2023

(ARM v22.3.18) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the SCA Report failed to run using Codescan plugin with the below Salesforce error: UNKNOWN_EXCEPTION: An unexpected error occurred. (#61676 and #67675).
Enhanced the VC Repos page by introducing a feature that allows users to sync external smart commits (#58904).
Updated the UI on the External pull request creation page to reflect the Source and Target fields clearly so users can trace which one is the source and destination branches (#69772).
Fixed an issue where duplicate entries were created in different lines during the Merge process and user wasn't able to remove the duplicate field without clearing the layout tag as well (#68012).
Fixed an issue where the baseline branch is not displayed during Static Code Analysis job creation if the branch name contains spaces in the Reports module (#69614).
Enhanced deployment in ARM by providing a new option Rollback on error in merge pre-validation. This checkbox allows users to choose if deployment should proceed with remaining components in case of errors (#47794).
Fixed an issue with nCino where CI job filter changes on templates were not taking effect after saving (#66956).
Fixed an issue where user created a baseline revision job with the Automation Sanity repo and triggered the build but it failed without any error (internal ticket).
Fixed an issue where user could not fetch the ApexClass Tests related to ApexTriggers upon selecting Run Tests Based On Changes as an option (internal ticket).
Fixed an issue where error 405 in the build and deployment logs didn't display further details in the UI log (internal ticket).
Fixed a UI bug where dropdown selection in Reports > CodeCoverage Reports was not working after refreshing the page (internal ticket).
Fixed an issue where Release Label artifact was not displaying metadata types in the Destructive changes tab for DX repos, but was working as expected for non-DX repos (internal ticket).
Fixed an issue where user was unable to revert the commit if a previously reverted commit was deleted while in Conflict state (internal ticket).

16 April 2023

(ARM v22.3.17) This is a maintenance release. The following items were fixed and/or added:

Enhanced the SCA report options by removing the 10,000 limit for exporting issues using CodeScan (#48644).
Enhanced Vlocity CI jobs by allowing Local Compilation for Omniscript and Flexcard objects (#55641 and #50301).
Fixed an issue where user was unable to use the Redeploy/Promote option after ten iterations of an existing Deployment label (#69084).
Fixed an issue where user was trying to commit System Permissions which were enabled in Salesforce org, but while performing EZ-Commit, file Diff is not getting generated and the system permissions are not getting committed (#67826).
Fixed an issue where ALM label merge option was not working in EZ-Merge feature. This happened only when the ALM Label contained / in it (#67818).
Fixed an issue where EZ-Merge was failing with NullPointerException (#67502).
Fixed a recurring issue of ARM overwriting the Salesforce Org - Default Apex Test Class Configuration by adding a checkbox Do you want us to update the test classes? (#65565).
Fixed an issue where Revert commits were failing without any error messages (#68771).
Fixed an issue where user created a Release label with multiple commit revisions, each with dependency components, but the revisions were not displaying in the right order in UI (#68939).
Fixed a UI bug where when user unchecked Validate deployment option in EZ-Merge, the Run destructive changes checkbox was hidden (#68750).
Fixed an issue where when user had files in conflicted state, selecting the ALL checkbox was not working and user had to click on each file to resolve conflicts (#65680).
Fixed an issue where the NPM repository Access Key wasn't saving after clicking Save, causing the Local Compilation to fail (internal ticket).
Fixed an issue where comments lines were not executed in Metadata when there were spaces in the comment line in merge flow (internal ticket).
Fixed an issue where an empty popup screen is displayed while resolving conflicts in case of malformed file (internal ticket).
Fixed an issue where improper validation message is displayed after clicking on Resolve Duplicates without selecting any files to resolve (internal ticket).
Fixed an issue where SSO user's org was not deleted from the Security-Context XML (internal ticket).
Fixed an issue where the API Token status was marked as Never Accessed, despite the API being in use already (internal ticket).

09 April 2023

(ARM v22.3.16) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where validation jobs on Pull Requests weren't getting triggered (#67538, #67494, and #67448).
Fixed an issue where Salesforce components were showing under the Apex Test Success tab in the Deployment module, which is not expected behavior (#67537).
Enhanced the Branching Baseline feature by allowing admin to define default baseline branches, making it easier for developers to choose the default branch for each project (#63571).
Fixed an issue where user was unable to register a branch even though Test Connection was successful (#67023).
Fixed an issue where ARM wasn't fetching the ApexClass Tests related to ApexTriggers upon selecting Run Tests Based On Changes option (#67503).
Fixed an issue where SCA Report failed to run using Codescan plugin with the following Salesforce error: An unexpected error occurred. Please include this ErrorId if you contact support: 384187622-16951 (-673032061) (#61676 and #67675).
Fixed an issue where triggered CI jobs were either failing due to an error No Such File or Directory found, or getting aborted automatically after some time and logs weren't printing at the back end (#67549, #66910, #67724, #67720, #66881, and #67667).
Fixed an issue where triggered CI jobs were taking too long to build, and also slowing down ARM altogether (#66846).
Fixed an issue where if the file name contained spaces, Commit Validation via VS Code plugin was unable to detect the file (#63518).
Fixed an issue where Search & Substitute was not updating the value for a custom label in the SF org (#66809).
Fixed an issue where there was a discrepancy between the changes captured in the ARM Diff and the repos in BitBucket (#60596).
Fixed an issue where the SF org URL is not displaying the updated one under Profile (#67718).
Fixed an issue with nCino where CI job filter changes on templates are not reflecting after saving (#66956).
Fixed an issue with Dataloader Pro where user tried to migrate Account Object Data with Attachments Object, but the logs verify that there is a Null Pointer Exception. (internal ticket).
Improved nCino by adding additional loggers for Branching baseline for user to view the status in the UI (internal ticket).
Fixed an issue where user was unable to filter while trying to select a job which had spaces in the job name (internal ticket).

02 April 2023

(ARM v22.3.15) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Custom Metadata type access changes were not detected in version control Diff. There was no diff generated even there were changes in metadata access (#59458).
Fixed an issue where user performed a CI job deployment that had 8 destructive change items in the merge PR, but ARM is displaying only 2 destructive changes (#66587).
Fixed an issue where Git backup job was failing due to unsupported metadata (#66536).
Fixed an issue where scheduled CI jobs were getting queued or not getting triggered as per schedule (#57749).
Fixed an issue where Quick action was not picked for destructive changes (#65058).
Fixed an issue where while running the scan from ARM for the version control branches are failing because .java files were present in the current repository (#63234).
Fixed an issue where user using non-SFDX repo with Custom API enabled failed to pick the changes in the CI job (#64497).
Fixed an issue where Release label displayed commit revisions older than 30 days even when the No. of days filter was set as 30 (#63845).
Fixed an issue where a user had trouble creating artifact for a release label (#65557).
Fixed an issue where there are Vlocity components in Merge Validation, and the validation deployment should bypass and process the merge; instead it is Auto-rejecting as criteria were not met (#65625).
Fixed an issue with Dataloader where a job completes with No records status whenever attachment and content version are selected as child objects in the parent cccount object (#66655).
Fixed an issue with nCino where CI job build status is displayed as Completed for a failed job (#64479).
Fixed an issue with nCino where attachements to nFORMS__Form_Template__c failed to get deployed (#65242).
Fixed an issue where user was unable to initiate static code analysis on a Salesforce Org (#51559).
Fixed an issue with New EZ- Commit where while using Custom YAML file the page was taking much longer to load than usual (#65742).
Fixed an issue where Merge was happening on incorrect files (#64485).
Fixed an issue where for DX repo, Custom field destructive Deployment was failing with the error Package generation without a valid package directory cannot be processed (internal ticket).
Fixed an issue from the VS Code where Static Code Analysis report was not getting executed on the selected files and report generated (internal ticket).
Fixed an issue where Release Label creation with SVN Repo was not successful, and throwing the following errors (internal ticket):
- Supplied AttributeValue is empty, must contain exactly one of the supported datatypes (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: ValidationException; Request ID: a59c77cb-67ad-4a58-80b4-364feb5a4d6c; Proxy: null)
- No Version Control Mappings found for Repo: {} and Branch: {}. Please update it in My Profile
Fixed an issue where Merge was not Auto-rejected after UI logs displayed Mock deployment is failed, so auto rejecting the merge (internal ticket).
Fixed an issue where Revision in Vlocity release label was not getting selected after you clicked save (internal ticket).
Fixed an issue with nCino where user was getting an exception while creating a CI job, and user was selecting the same VC Repo/Branch for multiple times (internal ticket).

26 March 2023

(ARM v22.3.14) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Quick action was not picked for destructive changes (#65058).
Fixed an issue where CI job deployment was failing due to the following error: Error: Cannot set sharingModel to ControlledByParent on a CustomObject without a MasterDetail relationship field (line 0, column 0) (#60914 and #65855).
Fixed an issue where WebStoreTemplates object was not available for deployment (#65854).
Fixed an issue where Merge Request XML file was conflicting with an error No conflict data found for this block (#65164).
Fixed an issue where Release label failed while creating the artifact (#64491).
Fixed an issue where Prevalidation EZ-Commit shows that Diff does not exist even when there are changes. If user tries multiple times, then Diff is displayed sometimes (#64612).
Fixed an issue where user was unable to merge the code from one branch to another branch. (#65570).
Fixed an issue where Ignore Missing Visibility settings not working on EZ-Merge validation (#65162).
Fixed an issue where user was loading multiple DataLoader jobs but it was not processing parallelly (#62559).
Fixed a UI bug in nCino where the header in template details section was missing in Feature Deployment (internal ticket).
Fixed an issue with nCino where Deployment Logs were not displayed when the CI Job failed (internal ticket).

19 March 2023

(ARM v22.3.13) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where CI job deployments were failing with the error, Error 405 Only POST allowed (#64228).
Fixed an issue where multiple deployment requests were being generated while performing Org Sync if the user selected all components instead of a few (#51288).
Fixed an issue where Rollback API threw a 200 response but the Rollback immediately failed in the ARM UI (#65146).
Fixed an issue where SCA report Failed to run using the Codescan Plugin with the following Salesforce error 384187622-16951 (-673032061) (#61676).
Fixed an issue where users were having trouble logging in to ARM due to an error Session Invalid (#64965, #65052, and #64969).
Fixed an issue where after upgrading to ARM version 22.3 user was unable to approve EZ-Commits that were pending approval in the 22.2 (#64094).
Fixed an issue where Auto-draft was taking much longer than expected to retrieve the metadata in EZ-Commit (#65109, #65007, #64950, #64510, #64645, #64161, and #64523).
Fixed an issue where user was trying to resolve a conflict in EZ-Merge but was getting a message on the UI that there are no conflicts (#64185).
Fixed an issue where Branching Baseline job does not delete files in static resources sub directories even though the user has selected the Delete existing metadata and commit new changes option (#64150).
Fixed an issue where user was unable to retrieve MutingPermissionSet using the SFDX repository (#64141).
Fixed an issue where the Release Label failed while creating the artifact (#64491).
Fixed an issue where Sharing Rule Set metadata type was found in the Deployment module but not in the Version Control module (#65060).
Fixed an issue where the user performed a merge and approved both level 1 and level 2 reviews but was unable to approve the merge (#65091).
Fixed an issue where errors were occuring while performing Delete Org (internal ticket).
Fixed an issue where for Build only job source from VC with DX repo, if Master Details Object Change is included in the build, we're getting No Modifications even if changes exist (internal ticket).

12 March 2023

(ARM v22.3.12) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Static Code Anaysis was failing due to missing property tag in Apex PMD rules file, but the UI log wasn't displaying this error (#63554).
Fixed an issue where when there was no results generated, the report displayed an error that there are zero metrics instead of displaying the results as zero in all the places when there is no change (#63272).
Fixed an issue where user was unable to deploy a CI job with the RelationshipGraphDefinition components (#64145).
Fixed an issue where Validate deployment was displayed as failed in UI and the database, but was successful as per the logs (#63868).
Fixed an issue with Review Artifact where similar custom fields from different objects were not populating correctly and switching to other fields (#63676).
Fixed an issue where multiple fields of the respective custom objects were getting selected parallelly while performing edit or save or exit operations on the Review Artifact screen (internal ticket).
Enhanced ARM by adding an option for multiple ARM instances to share a single database cluster (internal ticket).

05 March 2023

(ARM v22.3.11) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where ARM was displaying incorrect installation settings and package version information in the deployment log while installing the package version from a CI job (#63544).
Fixed an issue where user chose Exclude Metadata Type for a particular metadata type during a CI Job, but it was still deployed (#62966).
Fixed an issue where user was unable to perform Destructive Commit with PermissionSetGroups metadata type (#63172).
Fixed an issue where users weren't receiving emails after setting up Mail Settings (#55070).
Fixed an issue where there was a discrepancy between EZ-Commit and Commit templates while retrieving Email Template metadata members (#61696).
Fixed an issue where Merge Labels were taking much longer than expected (#62625).
Fixed an issue where user tried to commit the changes without validation and UI displayed an error Another commit is in progress (#61930).
Fixed an issue where user was creating credentials for JIRA in ARM using JIRA Token and but application wasn't allowing more than 150 characters while JIRA Token should allow up to 192 characters (#61791 and #61970).
Fixed a UI bug where there was a discrepancy in the timestamp displayed for a commit in the Commits History page (#61672).
Fixed an issue where Merge was not auto-rejected when validation criteria was not met (#62287).
Enhanced nCino by adding an option to specify Baseline Revision in Continuous Integration for Version Control to perform feature deployments (#43642 and #44506).
Enhanced nCino by allowing users to deploy nCino CI build to multiple target sandboxes (#41763).
Fixed a UI bug where incorrect notification was displayed in certain components pages when template was created using one org and was used by another org (internal ticket).
Fixed an issue where Baseline Managed Package Changes option was not displayed on the UI when navigating from Package xml to select manually (internal ticket).
Fixed an issue where there was a discrepancy between the Attachments Records Success/Failure Count and the Retrieved Count when BULK API was enabled for Deployment (internal ticket).

26 February 2023

(ARM v22.3.10) This is a maintenance release. The following items were fixed and/or added:

Fixed a UI bug in Profile Manager where User Permissions differences are shown in the report but not in the UI (#61672).
Enhanced the Release Label creation by increasing the range of retrievable commit history (#61714).
Fixed an issue where user was unable to use Release Labels to perform Deployment, and it failed while trying to Create Artifact (#59429).
Fixed an issue where users with non-admin access were unable to register branches in EZ-Commit since upgrading to version 22.3 (#62723, #62949, #62979, and #62969).
Fixed an issue where Release Artifact execution was failing when rabit home did not exist with an external agent (internal ticket).
Fixed a UI bug on the Profile screen where the expand option for the My Projects and My Roles sections was not working (internal ticket).
Fixed an issue where triggering Data Retention for Audit Tables was throwing the following error: Unable to execute HTTP request: Read timed out (internal ticket).
Fixed an issue where extra characters are seen in the Fetch Commit History results while creating a Release Label with Vlocity label type (internal ticket).
Fixed an issue where user was unable to delete Apex test class on the SF Org Management page (internal ticket).
Enhanced nCino by introducing New Spreads Schedule tile in the Feature Creation screen (internal ticket).
Fixed an issue where if the fields did not load for Applied Mappings during deployment, no error was thrown by the application (internal ticket).

19 February 2023

(ARM v22.3.9) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was deploying single revision deployment with only report folder but sub-reports were also getting fetched, and the deployment was failing due to field dependency error (#61403).
Fixed an issue where after deployment with single revision merge, user permission appears to be removed in target org but in the Salesforce target org the user permission is not removed, and an incorrect layout is displayed in UI (#60531).
Fixed an issue where user performed a pre-validation commit and each process like file diff, validate deploy happened thrice as per the logs (#61079).
Fixed an issue where user was unable to select master branch as the parent branch while creating a new branch in EZ-Commit (#56188).
Fixed an issue where user was customer trying to register a Salesforce Org with Custom URL but it was failing with an error (#62192).
Fixed an issue where user was unable to remove Revisions/Commit Labels from a Release label (#59152 and #61578).
Fixed an issue where user was creating credentials for JIRA in ARM using JIRA Token and but application wasn't allowing more than 150 characters while JIRA Token should allow up to 192 characters (#61791 and #61970).
Fixed an issue where user user uploaded a YAML file to retrieve the Vlocity components but ALL metadata types were retrieved and displayed (#61181).
Fixed an issue where the same merge could be approved and rejected by different users simultaneously (#60859).
Fixed an issue where branch creation was faileing for sub-users in the EZ-Commit screen for Non-DX Repo (internal ticket).
Fixed an issue where Null Pointer was seen in Create Branch in EZ-Commit flow (internal ticket).
Fixed an issue where all credentials were listed twice in the Credentials dropdown in Create Branch in EZ-Commit flow (internal ticket).
Fixed an issue where branch creation was failing for sub-users in VC repos when the credential scope was private while Admin credentials were fetched (internal ticket).
Fixed an issue where user was unable to delete the Apex Test class under the SF org Apex default config (internal ticket).
Fixed an issue where the Add manually checkbox under Apex class config was selected by default (internal ticket).
Fixed an issue with nCino where user created a feature Deployment for Credit memo template with attachments, but Attachments Objects Data was not fetched, and the deployment failed with the following error: Data file not fetched for object: Attachment (internal ticket).
Fixed an issue with nCino where Standard Features were not loaded in the Feature Management page (internal ticket).

12 February 2023

(ARM v22.3.8) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was unable to download success/failure reports in Single Dataloader (#61551).
Fixed an issue where when multiple CI Jobs are triggered, jobs are moved into the queue as expected, but new jobs are not starting automatically getting processed once the existing jobs is cleared from the CI Job results page (#59082).
Fixed an issue where Dependency order defined in json file was being changed on every commit but it was not supposed to (#57731).
Fixed an issue where Create Artifact was not working as expected while using Release Label (#61607).
Fixed an issue where user was performing an EZ-Commit with Review Artifact option and download the .zip file to make some changes, but was unable to upload it afterwards (#61751).
Fixed an issue where meta.xml file was not deleted from the repository after committing the destructive changes (#61736).
Fixed an issue where File Diff was empty in case of modified Uploaded via Review Artifact in PV Commit Flow (internal ticket).
Fixed an issue where Review Artifact Tree was not responding after uploading the modified file in Commit Flow (internal ticket).
Fixed an issue where User Permissions and Ip Ranges are completly removed from the branch after commiting the Permission Sets and Profiles (internal ticket).
Fixed an issue where Super Admin was getting an error while trying to activate newly signed up users (internal ticket).

05 February 2023

(ARM v22.3.7) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where SFDX module creation log shows that deployment is successful but the module creation had failed (#57318).
Fixed an issue with Backup from Org CI Jobs where PermissionSet User Permissions were being deleted (#59674).
Fixed an issue where Org to Org Deployment for Profiles including Deploy Profile Access Settings for selected components only was not working as expected (#60559).
Fixed an issue where Post Destruct fields were also added to Pre Destruct despite the user setting it to post (#61162).
Fixed an issue where user set the Max depth value as '0' under Vlocity Configuration Settings but it was retrieving all level dependancy components (#57501).
Fixed an issue with DataLoader where the Credit Memo Template migration was not deploying after user upgraded their instance (#57676).
Fixed an issue where user selected Custom Metadata members (records), but EZ-Commit was failing to generate File Diff with Null error (#59709).
Fixed an issue where Merge was taking longer than usual, and then failing with Null Exception (#60757).
Fixed an issue where EZ-Commits and EZ-Merges were taking much longer than usual (#58098).

29 January 2023

(ARM v22.3.6) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the deployment was failing with the following error when user was deploying Permissionset with a user-permission Manage Public Documents: Permission Manage Public Documents depends on permission(s): Create Document, Delete Document, Edit Document, Read Document (#60597).
Fixed an issue where CI jobs were failing intermittently with the following error: Getting access token failed from refresh tokenHTTP/1.1 400 Bad Request (#59050).
Fixed an issue where Reports deployment validation failed in EZ-Merge but was successful in EZ-Commit and Deployment modules (#57714).
Fixed an issue where user performed a merge and sent it for approval, but it was not available under the Commit history tab (#53759).
Fixed an issue where user initiated the prevalidation commit by enabling the destructive type but the deployment failed with an error null at Diff (#59919).
Fixed an issue where Validate Deploy failed in QuickMerge and displayed the following message: This folder unique name already exists for this folder type or has been previously used. Please choose a different name (internal ticket).
Fixed an issue where CI job wasn't considering the metadata changes, so the destructive changes were not being prepared or displayed on the build. (internal ticket).

22 January 2022

(ARM v22.3.5) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user changed the permissions to list view from visible to all users to visible only for me while using the previous commit label, it is added under the Deleted tab (#59359).
Fixed an issue where commit was running for longer and remained in-progress and validation check log is also in progress (#59199).
Fixed an issue where commits with SFDX metadata structure are failing in metadata retrieval stage (#58888).
Fixed an issue where user couldn't create a managed package with the selected ancestor (#59044).
Fixed an issue where CI Job was occasionally failing with the error BUILD FAILED (#57647).
Fixed an issue where CI job was taking the last modified user name if trigger through API instated of taking API token user (#55438).
Salesforce API version 57 (Beta support) is upgraded. The label is modified throughout ARM application including DataLoader and nCino (internal ticket).
Fixed an issue where nCino CI job was stuck in Build Success status for more than a week (#59040).
Fixed an issue where user was trying to deploy RBC (nCino Screens) and the deployment was failing for some of the objects, but there were no error messages shown on the UI (#58044).
Fixed an issue where user was using SSH credential in AutoRABIT but it was throwing the following error: Invalid Private Key (#59244).
Fixed an issue where user has created a Commit label but it was not available while trying to perform an EZ-Merge (#55176).
Fixed an issue where user was not getting file Diff to commit the previously validated commit label and getting an error in the Diff (#59114).
Fixed an issue where user was getting an error while trying to create a new branch in GitHub (#59193). For more information, click here.
Fixed an issue where user could not create an xml package for deployment because artifact creation and package manifest preparation were failing with an invalid credentials error (#59402).
Fixed an issue where user was trying to perform single revision merge but validation deployment was failing with the following error Metadata package is empty (#59028).
Fixed an issue where when there are special characters in Layout metadata then the user was not able to add it manually in Skip Members section (#58998).
Fixed an issue where user wanted to choose commit revision in a release label based on its comment but if the comment was not in text, it was not completely visible in the UI (#59014).
Fixed a UI bug where an incorrect validation message was seen while adding Skip Members manually (internal ticket).
Fixed an issue where the selected tab checkbox in the metadata components page in the EZ-Commit was not functioning as expected (internal ticket).
Fixed an issue where the EZ-Commit validation screen was displaying incorrect notification when name of the template was empty (internal ticket).

15 January 2022

(ARM v22.3.4) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Merge validation failed to process when there was a Flow metadata (#58309).
Fixed an issue with user received 6 notifications for a failed CI Job instead of 1 (#58436).
Fixed an issue where user was trying to register branches to AutoRABIT through GitHub, but was getting the following error: Lower Region (#58888).
Fixed a recurring issue where Commits and Merges were slowing down at a particular step, and EZ-Merge was failing with an error at commit phase (#51268).
Fixed an issue where while performing destructive changes in EZ-Commit, it was creating package.xml in root path folder in SFDX structure (#57868).
Fixed a UI bug on CI List and CI Results pages where when pagination was changed, the first 25 records were repeated (internal ticket).
Fixed an UI bug where the LastUsedDate column was not displayed in the Branch Table (internal ticket).

8 January 2022

(ARM v22.3.3) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Admin was able to see the Teams field under ALM Integration but the same field was unavailable for sub-users (#55153).
Fixed an issue where Environment provisioning processes were failing to update when user was trying to change the email deliverability access level from No access to All email (#55208).
Fixed a build bug where CI Job Build was failing during package preparation step 5 failing while commiting DecisionMatrixDefinition and throwing an error (#58376).
Fixed an issue with Branching Baseline where the developers were migrating the changes from dev branch to INT, but Diff was showing 100% addition which is incorrect (#58478).
Fixed an issue where generating Diff for a Commit Label was taking much longer than expected (#55220).
Fixed an issue where Code coverage job was running 4 hours earlier than scheduled every time services were restarted (#54837).
Fixed an issue where SFDX scratch org was failing during data deployment but without any errors on UI, and the logs did not capture the failure either (#54837).
Fixed an issue where Merge validation failed to process when there was a Flow metadata (#58244, #58309, and #58438).
Fixed an issue where CheckMarx is executed successfully, but when trying to open the file user is the following error popup: Result file not exists (internal ticket).
Fixed an issue where ActionCall and Decision Nodes were not shown in the Duplicate Resolving screen (internal ticket).

1 January 2022

(ARM v22.3.2) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was unable to create Environment Provisioning templates for multiple component types (#57898).
Fixed an issue where user was creating an EZ-Commit, mapping the ALM Project (VersionOne) but received the following error: JSONObject["Assets"] is not a string (#57238).
Fixed an issue where AutoRABIT SSH credentials were failing with an error Auth failed while trying to connect with AWS CodeCommit (#53694).
Fixed an issue where EZ-Commit Diff was taking approximately 4 hours while Refactoring CustomField, which is much longer than expected (#56650).
Fixed an issue where ExternalCredential metadata type was not getting excluded even when user added it in the excluded lists in CI Configuration (internal ticket).
Fixed an issue where after triggering Branching baseline, standard value set metadata type was getting displayed under the deleted components through Autodraft for Non-DX repo (internal ticket).
Fixed an issue where Destructive Components are not seen in case of PV-DX-Destructive Merge for Report metadata type. Instead, it displaying a message: Package is empty (internal ticket).
Fixed an issue where Deployment was failing with certain Permission set metadatatypes that were not selected (internal ticket).

25 December 2022

(ARM v22.3.1) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Provar jobs were failing due to incorrect files being copied from customer repository branch to Provar project directory (#56662).
Fixed an issue where user triggered a CI Job but it deployed with many more components than expected (#46983).
Fixed an issue where user was performing a single Merge with only two approval process, but while selecting SCA, process is auto rejected (#55671).
Fixed an issue where SFI components were not getting fetched in Commit and Deployment module (#55139).
Fixed an issue where non-admin users were unable to select Branch Type while trying to create a new branch from New EZ-Commit Branch (#57732).
Fixed an issue where CI jobs are failing intermittently with the following error: Getting access token failed from refresh tokenHTTP/1.1 400 Bad Request (#57371).
Fixed an issue where user was trying to deploy only the Documents from the branch to Org, but deployment failed and Asynch ID is not generating (#57263).
Fixed an issue where user was trying to deploy login hours. First they merged it to target branch, then once CI job triggers login hours are not getting deployed to target org (#57359).
Fixed multiple issues where user was having trouble creating new package version from previous ancestor version (#55707).
Fixed an issue where Merge is failing with the following error: failed to push some refs to 'https://github.com/salesforce-align/SFDX.git' (#55939).
Fixed an issue where the Standard Field Account.name is displayed in the deleted components list (#57396).
Fixed an issue where the prevalidation commit failed at delta stage (#55763).
Fixed an issue where user was unable to create commit label for the same repository second time, and branches were not displayed (internal ticket).

18 December 2022

(ARM v22.3.0) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with DataLoader Pro where jobs executed in the last 6 months were not showing in the database process table and in the Reports module (#53980).
Fixed an issue with Deploy SFDX Source With ALM Mapping where CI job with ALM Mapping was not working as expected for Team which is not default (#55995).
Fixed an issue where Profile Diff is working as expected for Selective Deployment, but not while using the same profile in the profile manager (#52868).
Fixed an issue where Environment provisioning processes were failing to update when user was trying to change the email deliverability access level from No access to All email (#55208, #55754).
Fixed an issue where Provar jobs were failing due to incorrect files being copied from customer repository branch to Provar project directory (#56662).
Fixed an issue where user triggered a CI Job but it deployed with many more components than expected (#46983).
Fixed an issue where user was creating an EZ-Commit, mapping the ALM Project (VersionOne) but received the following error: JSONObject["Assets"] is not a string (#57238).

ARM Release Notes 22.2

Date of release: 9 October 2022 Article last updated: 15 May 2023

New Features

1. Teams/Slack Notifications

Mail Settings module in the Admin section is relabeled as Notifications. Through this module, you can choose to send notifications about specific events triggered in ARM to specific groups or channels within your organization through Teams or Slack. For whichever messaging app you use, you can configure a webhook connection for each of the groups or channels, and then integrate them with ARM. You can customize and select which group(s) to notify when events like build failure, build success, deployment failure, merge reports, etc. are triggered.

Read more →

2. Salesforce Scanner plugin

In addition to the existing static code analysis tools, ARM now provides the ability to choose the Salesforce Scanner CLI plugin.

Most static code analysis tools specialize in one language or a set of languages. Many applications (including typical Salesforce packages), however, contain an assortment of components created using different languages. A single static analyzer is insufficient to address all aspects of such applications, and managing multiple static analyzer tools could prove unfeasible.

This is where the Salesforce CLI Scanner plugin shines. This plugin aggregates the results of static analyzers that are most relevant to Salesforce developers while providing a unified experience.

With the Salesforce CLI Scanner plugin, you can look forward to a:

Single installation process
A single set of commands to interact with multiple rule engines
A unified set of rules that are checked by their respective rule engines
Unified rule violation report that includes all issues identified by the engines.

3. AutoRABIT for nCino

We’ve added the ability to view and review datasets corresponding to each version of the nCino feature template before using it for deployment. Prior to this release, the capability was available only for the latest version of the template.

Enhancements

1. ApexPMD Upgrade to 6.49 version

With this release, PMD has been upgraded to version 6.49. If you have not uploaded a rules file, ARM will use the default Apex PMD rules file. However, you can add new rules to the default ruleset.

Click HERE to view the list of currently deprecated rules available on GitHub.

2. Auto-approve on validation success

We have moved one step closer to automating the flow by adding an option to choose if an EZ-Commit or an EZ-Merge should be approved automatically if the SCA validation is successful. Combined with the existing option to auto-commit on approval, this leads to a true CI/CD experience.

Read more →

3. HashiCorp Vault Integration

While adding HashiCorp credentials to ARM, you can now choose the AWS Authentication method so that the Vault Token will be generated automatically whenever the existing token expires. Now the user will not have to update the token manually from the application when it expires.

Read more →

4. SFDX CLI Upgrade

The SFDX CLI has been upgraded to the latest stable 7.169 version.

Key characteristics to look for:

Support for the quick deploy functionality for SFDX jobs.
Use CLI commands to generate the package manifest and rollbacks.

5. Salesforce Winter (API 56.0) Support

To keep our product up to date with the most recent Salesforce updates, AutoRABIT supports the most recent API 56.0 version in this release. The most recent API version is intended for customizing the metadata model and developing tools to manage it.

Read more →

6. Merge to multiple branches

With this release, you can choose to merge from one source branch to multiple destination branches upon successful deployment.

Read more →

7. OAuth for Jira

In addition to the Standard access type, users can now set up SSO as authentication for Jira using the OAuth access type while registering an ALM. You can also switch between Standard and OAuth access types for already registered ALMs.

Read more →

Improvements

Users with Admin access can now turn off the Jira comments and notifications created by AR. This ensures a cleaner workspace. These comments and notifications are very development centric, so the end users who use Jira cannot make sense of our technical comments from AR, and this may create confusion for them.

Changelogs

28 May 2023

(ARM v22.2.28) This is a maintenance release. The following items were fixed and/or added:

Fixed a compliance issue with Apache Commons by removing the text dependency (#71947).
Fixed an issue where CI Jobs were failing due to empty JSON file(s) in the remote repository, and throwing the following error: Failed to initiate deployment. Unexpected end of JSON input (#72217).
Improved the UI by removing the Validate Deployment option if Vlocity is selected, and hiding the whole Board Type option if Vlocity is not enabled (#70993).
Fixed an issue where user was performing CI jobs for Validate and Deploy for a successful commit, but only validation was performed but not the deployment (#72751).
Fixed an issue where CI job deployment was failing because the build was picking duplicate Layout values (#71214).
Fixed an issue where unwanted metadata changes were observed in the package.xml file while performing a commit (#72089 and #71820).
Fixed an issue where Branching Baseline was not picking all the components from production (#70720).
Enhanced DataLoader by adding related objects and the fields of those objects displayed, so you can select the required fields of the related objects in the filter criteria and edit the query through SOQL editor (#58549 and #38339).
Fixed an issue with nCino where CI jobs that used a Deployment from Version Control were failing when the build was triggered (#71914).
Improved the New Merge screen by adding Layouts text in the Skip Flow /Profile/ Perm.Set Access-Setting Duplicity Check option (internal ticket).
Fixed a UI bug where SF Org Test Connection notification message was displayed on an unrelated module (internal ticket).
Removed the option to sign up for a 30-day Salesforce trial while registering a DevHub as the trial offer is no longer applicable (internal ticket).

21 May 2023

(ARM v22.2.27) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where wrong timezone region was displaying for users (#71553).
Fixed an issue where the EZ-Commits report file displayed the file count but not the components count (#71538).
Fixed an issue where clone build jobs were taking between 10 and 25 minutes, which is much longer than expected (#70227).
Fixed an issue where CI job build failed to show changes in the org after deployment (#70791 and #71956).
Fixed an issue where CI job to generate Code Coverage Report was not reflected in the org or in the e-mail notification (#72042).
Fixed an issue where merge status is displayed as completed but no revision is generated, and the merge is not available in the UAT branch (#71266).
Enhanced DataLoader by adding the ability to field mapping through the lookup fields (#58480).
Fixed an issue with DataLoader where while running an Extract job on the PUBLISHER object, the job was failing with the following error Publisher: column id is not supported in ORDER BY clause (#71303).
Enhanced the nCino filter criteria by adding the ability to search and filter labels using the whole or partial name (#71826).
Enhanced ARM by using known vulnerable components through the DataTables 1.10.12 plugin for advanced data table functionalities such as sorting, filtering, pagination, and more. This allows users to easily display and manipulate large sets of data on their web pages in a user-friendly manner (internal ticket).
Fixed an issue with Prevalidation Merge where users were unable to deploy the ApexClass Tests related to ApexClasses and Apex Triggers (internal ticket).
Fixed a UI bug where the date column in the EZ-Commit Weekly report was displaying incorrect values (internal ticket).

14 May 2023

(ARM v22.2.26) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was having trouble while deploying LighteningMessageChannel components (#70787).
Fixed an issue where Destructive Changes wasn't working as expected while performing an Entire Branch merge (#68882).
Enhanced the ALM management feature by adding an option to sync Smart Commits (#58904).
Fixed an issue with CI Jobs Destructive Sharing Rule was not deploying to the Salesforce org (#71183).
Fixed an issue where user could not disable the Smart Commits-Sync option for a repository branch in the VC repos section (#70854).
Improved the New Merge screen by removing the Validate Deployment option from the UI if Vlocity is selected (#70993).
Enhanced the Credentials module by adding SSH Cetificate option for Git Authentication (#67725).
Improved Release label creation by requiring at least two revisions to be selected (internal ticket).
Fixed an issue where Classic SF Org URL with a slash at the end of the URL redirects to the 400 error page, and for a Lightning SF Org URL without a slash gives an OAuth Authentication Failed error message (internal ticket).
Fixed an issue with nCino where user was getting a NullPointerException on Saving Permissions using Bulk Assignment (internal ticket).
Fixed an issue with CI Jobs where all the scheduled timings were not displayed in the Preview & Save page (internal ticket).
Fixed an issue with Dataloader where user was able to upload a 900 MB file despite the limit being 100 MB, causing the process to hang (internal ticket).
Fixed an issue with Dataloader where sever crashed after user performed an Extract operation from an SF org which had Account Object with 2 million records (internal ticket).

07 May 2023

(ARM v22.2.25) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was getting a validation deployment error while performing release label deployment (#70400).
Fixed an issue where Branching Baseline was taking longer than expected (#67814).
Fixed an issue where using the AutoDraft functionality in EZ-Commit was resulting in a malformed exception in the UI (#70458).
Fixed an issue where Branching baseline was not picking all components from production (#70720).
Fixed an issue where prevalidation merge failed with empty metadata package even though there were changes in File Diff (#32256).
Fixed an issue where entire ARM application was down temporarily (#70658).
Fixed an issue where Merge was auto-rejected due to an empty package because the metadata folder path not being specified under branch settings (#69788).
Fixed an issue where user was using the Bulk Assignment feature to assign Sandbox permissions on the Permissions page but encountered the following error: Java.lang.NullPointerException (#70868).
Fixed an issue where users weren't receiving SCA reports by email even though the reports were running (#70751).
Fixed an issue where while performing new EZ-Commit, user edited one line using review artifact option but Diff did not capture the same (#70270).
Fixed an issue where if CI Jobs were added in a queue with Scheduled jobs, then not all jobs were displayed in the queue (internal ticket).
Fixed an issue where existing revision file related delta still existed in agent even after uploading to rabitserver (internal ticket).
Fixed an issue where release label creation was failing when user tried to create package manifest and aborted and refreshed the label for DX repo (internal ticket).
Fixed an issue where Super admin user was getting a blank popup screen while trying to click on the Register Agent button from the Pool Mgmt screen (internal ticket).

09 April 2023

(ARM v22.2.23) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where validation jobs on Pull Requests weren't getting triggered (#67538, #67494, and #67448).
Fixed an issue where Salesforce components were showing under the Apex Test Success tab in the Deployment module, which is not expected behavior (#67537).
Enhanced the Branching Baseline feature by allowing admin to define default baseline branches, making it easier for developers to choose the default branch for each project (#63571).
Fixed an issue where user was unable to register a branch even though Test Connection was successful (#67023).
Fixed an issue where ARM wasn't fetching the ApexClass Tests related to ApexTriggers upon selecting Run Tests Based On Changes option (#67503).
Fixed an issue where SCA Report failed to run using Codescan plugin with the following Salesforce error: An unexpected error occurred. Please include this ErrorId if you contact support: 384187622-16951 (-673032061) (#61676 and #67675).
Fixed an issue where triggered CI jobs were either failing due to an error No Such File or Directory found, or getting aborted automatically after some time and logs weren't printing at the back end (#67549, #66910, #67724, #67720, #66881, and #67667).
Fixed an issue where triggered CI jobs were taking too long to build, and also slowing down ARM altogether (#66846).
Fixed an issue where if the file name contained spaces, Commit Validation via VS Code plugin was unable to detect the file (#63518).
Fixed an issue where Search & Substitute was not updating the value for a custom label in the SF org (#66809).
Fixed an issue where there was a discrepancy between the changes captured in the ARM Diff and the repos in BitBucket (#60596).
Fixed an issue where the SF org URL is not displaying the updated one under Profile (#67718).
Fixed an issue with nCino where CI job filter changes on templates are not reflecting after saving (#66956).
Fixed an issue with Dataloader Pro where user tried to migrate Account Object Data with Attachments Object, but the logs verify that there is a Null Pointer Exception. (internal ticket).
Improved nCino by adding additional loggers for Branching baseline for user to view the status in the UI (internal ticket).
Fixed an issue where user was unable to filter while trying to select a job which had spaces in the job name (internal ticket).

19 March 2023

(ARM v22.2.22) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where CI job deployments were failing with the error, Error 405 Only POST allowed (#64228).
Fixed an issue where multiple deployment requests were being generated while performing Org Sync if the user selected all components instead of a few (#51288).
Fixed an issue where Rollback API threw a 200 response but the Rollback immediately failed in the ARM UI (#65146).
Fixed an issue where SCA report Failed to run using the Codescan Plugin with the following Salesforce error 384187622-16951 (-673032061) (#61676).
Fixed an issue where users were having trouble logging in to ARM due to an error Session Invalid (#64965, #65052, and #64969).
Fixed an issue where after upgrading to ARM version 22.3 user was unable to approve EZ-Commits that were pending approval in the 22.2 (#64094).
Fixed an issue where Auto-draft was taking much longer than expected to retrieve the metadata in EZ-Commit (#65109, #65007, #64950, #64510, #64645, #64161, and #64523).
Fixed an issue where user was trying to resolve a conflict in EZ-Merge but was getting a message on the UI that there are no conflicts (#64185).
Fixed an issue where Branching Baseline job does not delete files in static resources sub directories even though the user has selected the Delete existing metadata and commit new changes option (#64150).
Fixed an issue where user was unable to retrieve MutingPermissionSet using the SFDX repository (#64141).
Fixed an issue where the Release Label failed while creating the artifact (#64491).
Fixed an issue where Sharing Rule Set metadata type was found in the Deployment module but not in the Version Control module (#65060).
Fixed an issue where the user performed a merge and approved both level 1 and level 2 reviews but was unable to approve the merge (#65091).
Fixed an issue where errors were occuring while performing Delete Org (internal ticket).
Fixed an issue where for Build only job source from VC with DX repo, if Master Details Object Change is included in the build, we're getting No Modifications even if changes exist (internal ticket).

12 March 2023

(ARM v22.2.21) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Static Code Anaysis was failing due to missing property tag in Apex PMD rules file, but the UI log wasn't displaying this error (#63554).
Fixed an issue where when there was no results generated, the report displayed an error that there are zero metrics instead of displaying the results as zero in all the places when there is no change (#63272).
Fixed an issue where user was unable to deploy a CI job with the RelationshipGraphDefinition components (#64145).
Fixed an issue where Validate deployment was displayed as failed in UI and the database, but was successful as per the logs (#63868).
Fixed an issue with Review Artifact where similar custom fields from different objects were not populating correctly and switching to other fields (#63676).
Fixed an issue where multiple fields of the respective custom objects were getting selected parallelly while performing edit or save or exit operations on the Review Artifact screen (internal ticket).
Enhanced ARM by adding an option for multiple ARM instances to share a single database cluster (internal ticket).

05 March 2023

(ARM v22.2.20) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where ARM was displaying incorrect installation settings and package version information in the deployment log while installing the package version from a CI job (#63544).
Fixed an issue where user chose Exclude Metadata Type for a particular metadata type during a CI Job, but it was still deployed (#62966).
Fixed an issue where user was unable to perform Destructive Commit with PermissionSetGroups metadata type (#63172).
Fixed an issue where users weren't receiving emails after setting up Mail Settings (#55070).
Fixed an issue where there was a discrepancy between EZ-Commit and Commit templates while retrieving Email Template metadata members (#61696).
Fixed an issue where Merge Labels were taking much longer than expected (#62625).
Fixed an issue where user tried to commit the changes without validation and UI displayed an error Another commit is in progress (#61930).
Fixed an issue where user was creating credentials for JIRA in ARM using JIRA Token and but application wasn't allowing more than 150 characters while JIRA Token should allow up to 192 characters (#61791 and #61970).
Fixed a UI bug where there was a discrepancy in the timestamp displayed for a commit in the Commits History page (#61672).
Fixed an issue where Merge was not auto-rejected when validation criteria was not met (#62287).
Enhanced nCino by adding an option to specify Baseline Revision in Continuous Integration for Version Control to perform feature deployments (#43642 and #44506).
Enhanced nCino by allowing users to deploy nCino CI build to multiple target sandboxes (#41763).
Fixed a UI bug where incorrect notification was displayed in certain components pages when template was created using one org and was used by another org (internal ticket).
Fixed an issue where Baseline Managed Package Changes option was not displayed on the UI when navigating from Package xml to select manually (internal ticket).
Fixed an issue where there was a discrepancy between the Attachments Records Success/Failure Count and the Retrieved Count when BULK API was enabled for Deployment (internal ticket).

26 February 2023

(ARM v22.2.19) This is a maintenance release. The following items were fixed and/or added:

Fixed a UI bug in Profile Manager where User Permissions differences are shown in the report but not in the UI (#61672).
Enhanced the Release Label creation by increasing the range of retrievable commit history (#61714).
Fixed an issue where user was unable to use Release Labels to perform Deployment, and it failed while trying to Create Artifact (#59429).
Fixed an issue where users with non-admin access were unable to register branches in EZ-Commit since upgrading to version 22.3 (#62723, #62949, #62979, and #62969).
Fixed an issue where Release Artifact execution was failing when rabit home did not exist with an external agent (internal ticket).
Fixed a UI bug on the Profile screen where the expand option for the My Projects and My Roles sections was not working (internal ticket).
Fixed an issue where triggering Data Retention for Audit Tables was throwing the following error: Unable to execute HTTP request: Read timed out (internal ticket).
Fixed an issue where extra characters are seen in the Fetch Commit History results while creating a Release Label with Vlocity label type (internal ticket).
Fixed an issue where user was unable to delete Apex test class on the SF Org Management page (internal ticket).
Enhanced nCino by introducing New Spreads Schedule tile in the Feature Creation screen (internal ticket).
Fixed an issue where if the fields did not load for Applied Mappings during deployment, no error was thrown by the application (internal ticket).

19 February 2023

(ARM v22.2.18) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was deploying single revision deployment with only report folder but sub-reports were also getting fetched, and the deployment was failing due to field dependency error (#61403).
Fixed an issue where after deployment with single revision merge, user permission appears to be removed in target org but in the Salesforce target org the user permission is not removed, and an incorrect layout is displayed in UI (#60531).
Fixed an issue where user performed a pre-validation commit and each process like file diff, validate deploy happened thrice as per the logs (#61079).
Fixed an issue where user was unable to select master branch as the parent branch while creating a new branch in EZ-Commit (#56188).
Fixed an issue where user was customer trying to register a Salesforce Org with Custom URL but it was failing with an error (#62192).
Fixed an issue where user was unable to remove Revisions/Commit Labels from a Release label (#59152 and #61578).
Fixed an issue where user was creating credentials for JIRA in ARM using JIRA Token and but application wasn't allowing more than 150 characters while JIRA Token should allow up to 192 characters (#61791 and #61970).
Fixed an issue where user user uploaded a YAML file to retrieve the Vlocity components but ALL metadata types were retrieved and displayed (#61181).
Fixed an issue where the same merge could be approved and rejected by different users simultaneously (#60859).
Fixed an issue where branch creation was faileing for sub-users in the EZ-Commit screen for Non-DX Repo (internal ticket).
Fixed an issue where Null Pointer was seen in Create Branch in EZ-Commit flow (internal ticket).
Fixed an issue where all credentials were listed twice in the Credentials dropdown in Create Branch in EZ-Commit flow (internal ticket).
Fixed an issue where branch creation was failing for sub-users in VC repos when the credential scope was private while Admin credentials were fetched (internal ticket).
Fixed an issue where user was unable to delete the Apex Test class under the SF org Apex default config (internal ticket).
Fixed an issue where the Add manually checkbox under Apex class config was selected by default (internal ticket).
Fixed an issue with nCino where user created a feature Deployment for Credit memo template with attachments, but Attachments Objects Data was not fetched, and the deployment failed with the following error: Data file not fetched for object: Attachment (internal ticket).
Fixed an issue with nCino where Standard Features were not loaded in the Feature Management page (internal ticket).

12 February 2023

(ARM v22.2.17) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was unable to download success/failure reports in Single Dataloader (#61551).
Fixed an issue where when multiple CI Jobs are triggered, jobs are moved into the queue as expected, but new jobs are not starting automatically getting processed once the existing jobs is cleared from the CI Job results page (#59082).
Fixed an issue where Dependency order defined in json file was being changed on every commit but it was not supposed to (#57731).
Fixed an issue where Create Artifact was not working as expected while using Release Label (#61607).
Fixed an issue where user was performing an EZ-Commit with Review Artifact option and download the .zip file to make some changes, but was unable to upload it afterwards (#61751).
Fixed an issue where meta.xml file was not deleted from the repository after committing the destructive changes (#61736).
Fixed an issue where File Diff was empty in case of modified Uploaded via Review Artifact in PV Commit Flow (internal ticket).
Fixed an issue where Review Artifact Tree was not responding after uploading the modified file in Commit Flow (internal ticket).
Fixed an issue where User Permissions and Ip Ranges are completly removed from the branch after commiting the Permission Sets and Profiles (internal ticket).
Fixed an issue where Super Admin was getting an error while trying to activate newly signed up users (internal ticket).

05 February 2023

(ARM v22.2.16) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where SFDX module creation log shows that deployment is successful but the module creation had failed (#57318).
Fixed an issue with Backup from Org CI Jobs where PermissionSet User Permissions were being deleted (#59674).
Fixed an issue where Org to Org Deployment for Profiles including Deploy Profile Access Settings for selected components only was not working as expected (#60559).
Fixed an issue where Post Destruct fields were also added to Pre Destruct despite the user setting it to post (#61162).
Fixed an issue where user set the Max depth value as '0' under Vlocity Configuration Settings but it was retrieving all level dependancy components (#57501).
Fixed an issue with DataLoader where the Credit Memo Template migration was not deploying after user upgraded their instance (#57676).
Fixed an issue where user selected Custom Metadata members (records), but EZ-Commit was failing to generate File Diff with Null error (#59709).
Fixed an issue where Merge was taking longer than usual, and then failing with Null Exception (#60757).
Fixed an issue where EZ-Commits and EZ-Merges were taking much longer than usual (#58098).

29 January 2023

(ARM v22.2.15) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the deployment was failing with the following error when user was deploying Permissionset with a user-permission Manage Public Documents: Permission Manage Public Documents depends on permission(s): Create Document, Delete Document, Edit Document, Read Document (#60597).
Fixed an issue where CI jobs were failing intermittently with the following error: Getting access token failed from refresh tokenHTTP/1.1 400 Bad Request (#59050).
Fixed an issue where Reports deployment validation failed in EZ-Merge but was successful in EZ-Commit and Deployment modules (#57714).
Fixed an issue where user performed a merge and sent it for approval, but it was not available under the Commit history tab (#53759).
Fixed an issue where user initiated the prevalidation commit by enabling the destructive type but the deployment failed with an error null at Diff (#59919).
Fixed an issue where Validate Deploy failed in QuickMerge and displayed the following message: This folder unique name already exists for this folder type or has been previously used. Please choose a different name (internal ticket).
Fixed an issue where CI job wasn't considering the metadata changes, so the destructive changes were not being prepared or displayed on the build. (internal ticket).

22 January 2022

(ARM v22.2.14) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user changed the permissions to list view from visible to all users to visible only for me while using the previous commit label, it is added under the Deleted tab (#59359).
Fixed an issue where commit was running for longer and remained in-progress and validation check log is also in progress (#59199).
Fixed an issue where commits with SFDX metadata structure are failing in metadata retrieval stage (#58888).
Fixed an issue where user couldn't create a managed package with the selected ancestor (#59044).
Fixed an issue where CI Job was occasionally failing with the error BUILD FAILED (#57647).
Fixed an issue where CI job was taking the last modified user name if trigger through API instated of taking API token user (#55438).
Salesforce API version 57 (Beta support) is upgraded. The label is modified throughout ARM application including DataLoader and nCino (internal ticket).
Fixed an issue where nCino CI job was stuck in Build Success status for more than a week (#59040).
Fixed an issue where user was trying to deploy RBC (nCino Screens) and the deployment was failing for some of the objects, but there were no error messages shown on the UI (#58044).
Fixed an issue where user was using SSH credential in AutoRABIT but it was throwing the following error: Invalid Private Key (#59244).
Fixed an issue where user has created a Commit label but it was not available while trying to perform an EZ-Merge (#55176).
Fixed an issue where user was not getting file Diff to commit the previously validated commit label and getting an error in the Diff (#59114).
Fixed an issue where user was getting an error while trying to create a new branch in GitHub (#59193). For more information, click here.
Fixed an issue where user could not create an xml package for deployment because artifact creation and package manifest preparation were failing with an invalid credentials error (#59402).
Fixed an issue where user was trying to perform single revision merge but validation deployment was failing with the following error Metadata package is empty (#59028).
Fixed an issue where when there are special characters in Layout metadata then the user was not able to add it manually in Skip Members section (#58998).
Fixed an issue where user wanted to choose commit revision in a release label based on its comment but if the comment was not in text, it was not completely visible in the UI (#59014).
Fixed a UI bug where an incorrect validation message was seen while adding Skip Members manually (internal ticket).
Fixed an issue where the selected tab checkbox in the metadata components page in the EZ-Commit was not functioning as expected (internal ticket).
Fixed an issue where the EZ-Commit validation screen was displaying incorrect notification when name of the template was empty (internal ticket).

15 January 2022

(ARM v22.2.13) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Merge validation failed to process when there was a Flow metadata (#58309).
Fixed an issue with user received 6 notifications for a failed CI Job instead of 1 (#58436).
Fixed an issue where user was trying to register branches to AutoRABIT through GitHub, but was getting the following error: Lower Region (#58888).
Fixed a recurring issue where Commits and Merges were slowing down at a particular step, and EZ-Merge was failing with an error at commit phase (#51268).
Fixed an issue where while performing destructive changes in EZ-Commit, it was creating package.xml in root path folder in SFDX structure (#57868).
Fixed a UI bug on CI List and CI Results pages where when pagination was changed, the first 25 records were repeated (internal ticket).
Fixed an UI bug where the LastUsedDate column was not displayed in the Branch Table (internal ticket).

8 January 2022

(ARM v22.2.12) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Admin was able to see the Teams field under ALM Integration but the same field was unavailable for sub-users (#55153).
Fixed an issue where Environment provisioning processes were failing to update when user was trying to change the email deliverability access level from No access to All email (#55208).
Fixed a build bug where CI Job Build was failing during package preparation step 5 failing while commiting DecisionMatrixDefinition and throwing an error (#58376).
Fixed an issue with Branching Baseline where the developers were migrating the changes from dev branch to INT, but Diff was showing 100% addition which is incorrect (#58478).
Fixed an issue where generating Diff for a Commit Label was taking much longer than expected (#55220).
Fixed an issue where Code coverage job was running 4 hours earlier than scheduled every time services were restarted (#54837).
Fixed a UI bug where scrollbar and pagination were not visible on the Org Sync History page (internal ticket).

01 January 2022

(ARM v22.2.11) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Deployment was failing with no changes in the package (internal ticket).
Fixed an issue where user was unable to create Environment Provisioning templates for multiple component types (#57898).
Fixed an issue where user was creating an EZ-Commit, mapping the ALM Project (VersionOne) but received the following error: JSONObject["Assets"] is not a string (#57238).
Fixed an issue where AutoRABIT SSH credentials were failing with an error Auth failed while trying to connect with AWS CodeCommit (#53694).
Fixed an issue where EZ-Commit Diff was taking approximately 4 hours while Refactoring CustomField, which is much longer than expected (#56650).
Fixed an issue where ExternalCredential metadata type was not getting excluded even when user added it in the excluded lists in CI Configuration (internal ticket).
Fixed an issue where after triggering Branching baseline, standard value set metadata type was getting displayed under the deleted components through Autodraft for Non-DX repo (internal ticket).
Fixed an issue where Destructive Components are not seen in case of PV-DX-Destructive Merge for Report metadata type. Instead, it displaying a message: Package is empty (internal ticket).

25 December 2022

(ARM v22.2.10) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Provar jobs were failing due to incorrect files being copied from customer repository branch to Provar project directory (#56662).
Fixed an issue where user triggered a CI Job but it deployed with many more components than expected (#46983).
Fixed an issue where user was performing a single Merge with only two approval process, but while selecting SCA, process is auto rejected (#55671).
Fixed an issue where SFI components were not getting fetched in Commit and Deployment module (#55139).
Fixed an issue where non-admin users were unable to select Branch Type while trying to create a new branch from New EZ-Commit Branch (#57732).
Fixed an issue where CI jobs are failing intermittently with the following error: Getting access token failed from refresh tokenHTTP/1.1 400 Bad Request (#57371).
Fixed an issue where user was trying to deploy only the Documents from the branch to Org, but deployment failed and Asynch ID is not generating (#57263).
Fixed an issue where user was trying to deploy login hours. First they merged it to target branch, then once CI job triggers login hours are not getting deployed to target org (#57359).
Fixed multiple issues where user was having trouble creating new package version from previous ancestor version (#55707).
Fixed an issue where Merge is failing with the following error: failed to push some refs to 'https://github.com/salesforce-align/SFDX.git' (#55939).
Fixed an issue where the Standard Field Account.name is displayed in the deleted components list (#57396).
Fixed an issue where the prevalidation commit failed at delta stage (#55763).
Fixed an issue where user was unable to create commit label for the same repository second time, and branches were not displayed (internal ticket).

18 December 2022

(ARM v22.2.9) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with DataLoader Pro where jobs executed in the last 6 months were not showing in the database process table and in the Reports module (#53980).
Fixed an issue with Deploy SFDX Source With ALM Mapping where CI job with ALM Mapping was not working as expected for Team which is not default (#55995).
Fixed an issue where Profile Diff is working as expected for Selective Deployment, but not while using the same profile in the profile manager (#52868).
Fixed an issue where Environment provisioning processes were failing to update when user was trying to change the email deliverability access level from No access to All email (#55208, #55754).
Fixed an issue where Provar jobs were failing due to incorrect files being copied from customer repository branch to Provar project directory (#56662).
Fixed an issue where user triggered a CI Job but it deployed with many more components than expected (#46983).
Fixed an issue where user was creating an EZ-Commit, mapping the ALM Project (VersionOne) but received the following error: JSONObject["Assets"] is not a string (#57238).

11 December 2022

(ARM v22.2.8) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where SFI components were not getting fetched in Commit and Deployment module (#55139).
Fixed an issue where multiple metadata types where not able to retrieve (#56668).
Fixed an issue where Commit Label is not Auto rejected when the validation criteria is not met (#55670).
Fixed an issue where user performed a merge and sent it for approval, but it was not available under the Commit history tab (#53759).
Enhanced the Conflict Resolution Log by adding additional loggers like strategy chosen to resolve the conflict and which user did the resolution (#47559).
Fixed an issue where Commits added from non-nCino Repositories were not cleared from the Workspace causing the Commit to either not be visible in the UI or it is added to the queue but not deployed to the Destination Org (internal ticket).
Fixed an issue where user was creating the feature template for some of the nCino objects but it was taking too long to retrieve the objects from Source Org (#53915).
Enhanced nCino to:
- Modify notification messages for null checks on request parameters (internal ticket).
- Display only nCino revisions for Version Control in nCino feature deployment (internal ticket).

04 December 2022

(ARM v22.2.7) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Flexi pages were not picked up in a CI Job even after the commit with same set of metadata was excluded by user (#54518).
Fixed an issue where Abort function to stop Provar jobs was not working as expected (#55511).
Fixed an issue where production backup CI Job was not picking all the changes, and when user modified the job configuration and retriggered the job, the application was throwing the following error java.lang.NullPointerException: null (#55213).
Fixed an issue where all Slack Notifications were selected by default and user was unable to unselect all at once (#55817).
Fixed an issue where SFI components were not being fetched both in Commit and Deployment modules (#55139).
Fixed an issue with DataLoader Pro where user selected a field as External ID in a job and saved it, but the saved entry was lost and user was unable to map it (#55011).
Fixed an issue where Deployment validation in Prevalidation Commit fails because profile validation automatically picks User Permissions even though Remove User Permissions option is selected (#54941).
Fixed an issue where user was performing a single Merge with only two approval process, but while selecting SCA, process is auto rejected (#55671).
Fixed an issue where Commit Label is not Auto rejected when the validation criteria is not met (#55670).
Fixed an issue where Release Label Merge was failing and throwing the following error: fatal: bad revision (#55000).
Fixed an issue with EZ-Commit where user was unable to upload a Custom YAML file (#55826).
Fixed an issue where the Vlocity Component option under Fetch Changes is not populating for sub-users with roles that have all permissions and access (#54962).
Fixed an issue where Commits added from non-nCino Repositories were not cleared from the Workspace causing the Commit to either not be visible in the UI or it is added to the queue but not deployed to the Destination Org (internal ticket).
Fixed an issue where user was performing a merge operation and validating the package on the target org but the validation was failing with multiple errors (#55541).

27 November 2022

(ARM v22.2.6) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was trying to migrate Products, Pricebooks, and its entries but the Deploy was failing for Pricebook and throwing the following error: INSUFFICIENT_ACCESS_ON_CROSS_REFERENCE_ENTITY: insufficient access rights on cross-reference id:-- (#55263).
Fixed an issue with nCino where user was trying to create a custom feature template including product objects as well as product line but the deployment was failing with the following error: Required fields are missing: [LLC_BI_Product_Line_c] (#51209).
Fixed an issue with nCino where CI Job was stuck in Build Success status (#53605).
Fixed an issue where CI Job build was failing with a NullPointerException (#55204).
Fixed an issue where the Repository Branch was unavailable to select to run the Merge process after selecting On successful deployment option (#55537).
Fixed an issue where Admin was able to see the Teams field under ALM Integration but the same field was unavailable for sub-users (#55153).
Fixed an issue with EZ-Commit where user was trying to perform a destructive commit using Autodraft option, but was unable to select deleted components under the Deleted tab (#55507 and #55651).
Fixed an issue where user was getting a NullPointerException when trying to resolve a Merge conflict (#55137).
Fixed an issue with nCino where the UTF-8 Encoding Flag was not displayed in the pop-up during Re-Deployments (internal ticket).
Fixed an issue where during an EZ-Commit, complete information about some of the members of WaveDataflow metadata type was not retreived from the Salesforce Org (#49753).
Fixed an issue where Quick Merge was throwing the following error after clicking Validate & Merge: Please Select Valid revision (#53932 ).
Fixed an issue with EZ-Commit where Autodraft feature was taking too long and eventually failing when user was trying to retrieve components (#48257).
Fixed an issue where user was able to create a Delegated Group but was unable to add a Delegated Admin user to the group using Environment Provisioning (#55266).

20 November 2022

(ARM v22.2.5) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was performing Prevalidation Commit but commits in the repository have different components than the ones shown in Diff before the commit (#52307).
Fixed an issue with Install an Unlocked or Managed Package from a Version Control Branch where CI job getting an exception and the build status was showing as successful but the Scratch Org was not being created (#50702).
Fixed an issue where CI Job shows that the ALM status has been updated successfully but on Azure ALM it is not updated (#54669).
Fixed an issue where Test Automation CI Jobs were failing due to InitializeDriver & quit methods (#45878).
Fixed a bug where user was able to access certain branches in the Deployment module to which he did not have access under Profile Settings (#54879).
Fixed an issue with CI Jobs where the build failed with Checkout conflict for an .svg file (#54172).
Fixed an issue with nCino where Record Classification and Classification Objects were missing in the template (internal ticket).
Fixed an issue with nCino where user was creating a CI Job and observed that Use UTF-8 file encoding for the file read and write operations flag was displayed at the bottom below the Commit Details section (internal ticket).
Fixed an issue with nCino where the UTF-8 Encoding Flag was not displayed in the pop-up during Re-Deployments (internal ticket).
Fixed an issue where during an EZ-Commit, complete information about some of the members of WaveDataflow metadata type was not retreived from the Salesforce Org (#49753).
Fixed an issue where Quick Merge was throwing the following error after clicking Validate & Merge: Please Select Valid revision (#53932 ).
Fixed an issue with EZ-Commit where Autodraft feature was taking too long and eventually failing when user was trying to retrieve components (#48257).
Fixed an issue where user was unable to add another branch to Azure in the ALM MGMT Repository mappings (#55133).
Fixed an issue where the Destructive commit Diff was including more components than selected (#54795).
Fixed an issue where a merge got stuck for a long time and the Commit ID was reflected in BitBucket but unavailable to select for release label deployment (#52964).

13 November 2022

(ARM v22.2.4) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the user was trying to create an Extract process in DataLoader but after validating the query the application was throwing an error: not supported; requires @DynamoDBTyped or @DynamoDBTypeConverted (#54648).
Fixed an issue with CI Jobs where External Credential metadata was not identified during Deployment (#53939).
Fixed a UI bug where user was performing an org to org deployment using package.xml file and the components were successfully deployed and also verified on Salesforce target, but the status on ARM was still In-Progress (#50459 and #51288).
Fixed an issue with DX CI Jobs where user is not getting details of faulty commit revisions in the notification (#54063).
Fixed an issue with Profile Manager where the deployment is not showing any progress in the logger detail in front end. It was updated only after completion of the deployment job at backend (#53706).
Enhanced the Conflict Resolution Log by adding additional loggers like strategy chosen to resolve the conflict and which user did the resolution (#47559).
Fixed a bug where Merge Commit validation was not considering special characters like %,#, etc. as a value and throwing the following error: Merge comment should not contain an empty space (#54512).
Fixed an issue where ARM was slowing at different phases in the EZ-Commit module (#50503).
Fixed an issue where Git check response was not delivered for validation CI Job even though user has added the comment for a Pull request in the remote repository (#53036).

06 November 2022

(ARM v22.2.3) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with DX CI Job where user selected Do Not Include Skip Members but the respective mapper reports were not skipped (internal ticket).
Fixed an issue where the Deployment module page was loading very slowly and then throwing an error: Page Unresponsive (#53675).
Fixed the following issues in CI and Reports modules (internal ticket):
- Build With NULL ERROR (issue exists both with Proxy and without Proxy)
- SF Org Code coverage Execution is failing (issue exists both with Proxy and without Proxy)
- Jenkins Build is updated with FAILED status even after it is successfully completed (issue exists only without Proxy)
- Checkmarx text is not displaying the Proxy Configuration note (Only With Proxy)
Fixed an issue with QA Environments where user was unable to create and delete the SFDX module because of the Apache config CACHE settings (internal ticket).
Fixed an issue with the Deployment module where user initiated a Deployment without selecting the Do not Include Skip Members option, but this option was auto-enabled and skipped the member at the time of deployment (#53747).
Fixed an issue with Modularization where user creating a module and selected the Ignore installed components check box but the installed components were not ignored causing the deployment to fail (#53703).
Fixed an issue with AccelQ Test Automation where test case fails but the error details pop-up is not showing the details of the error that caused the failure (#54224).
Fixed an issue where user is setting up the Apex PMD rules as Priority 1 & Priority 2 in the CI Job but the SCA Report is showing the Priority 3, P4 & P5 which wasn't selected (#54017).
Fixed an issue where the Git check response was not delivered for a validation CI Job (#53036).
Fixed an issue where the Deleted Report metadata components were not found in the EZ-Commit (#53119).
Fixed an issue where user was trying to perform a Quick Merge but was getting an Undefined error for all labels (internal ticket).

30 October 2022

(ARM v22.2.2) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where triggering a CI Job in Objects was resulting in an ambiguous error in the CI Job Build (#53066, #52955, #53631).
Fixed an issue where all CI Jobs were failing and throwing the error: Validation Checking failed Version Control Mappings not found for Repo: SA Repo and Branch: bugfix/Bugfix_PQT_Rel_Validation (#52945, #52950, #52757).
Fixed a UI bug on the CI Jobs page for Install an Unlocked or Managed Package from a Version Control Branch type where old Dev Hubdropdown list was displayed in the Deploy section (internal ticket).
Fixed an issue with AccelQ where running a test execution was successful even before the jobs were completed in AccelQ, but the status was always showing as Not Run instead of Success or Failure even if the jobs have been successfully completed (#50181).
Fixed a Page Unresponsive issue while creating a new Release Label by adding a feature to list limited results on each page (#48563).
Fixed an issue where a merge got auto-approved and was in Merged Not Commit status (#52398, #48084).
Fixed an issue where user created a Release Label, performed a Merge operation, committed changes to the target branch, and created two revisions in the Github branch. But ARM was throwing an error while applying merge stage and only on the revision generated (#51364).
Fixed an issue where EZ-Commit initiation was stuck with the error: Unable to fetch Salesforce Org users. Reason: Invalid login: invalid user name or password or security token or api version or user locked out (#52550).
Fixed an issue where user was not able to select the orgs in the EZ-Commit drop down (#48533, #51219).
Fixed an issue where Page Size value on the Edit Release Label screen is defaulting to the previous value instead of the set value (internal ticket).
Fixed a UI bug where OK Button in Automation is not visible in the Create Release Label pop-up when opened in 100% zoom (internal ticket).

23 October 2022

(ARM v22.2.1) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where CI Job was successful but was including components from GIT revisions from old deleted branches (#46983).
Fixed an issue where user was performing a production deployment using CI job for an object, but it failed with the following error: Cannot set sharingModel to ControlledByParent on a CustomObject without a MasterDetail relationship field (#48626).
Fixed an issue where CI Job was getting an exception, Build status was showing as successful, but Scratch Org not getting created (#50702).
Fixed an issue where Managed Package was picking the wrong ancestor by adding a feature to manually select the preferred ancestor while creating a package version (#48311).
Fixed an issue where user was adding URLs to the Proxy Configuration Settings but the URL List was not reflecting the same (internal ticket).
Fixed an issue where Custom Template Creation failed and the Logs did not record the reason for failure (#52147).
Fixed an issue where the Created By value was not visible in Dataloader, Dataloader Pro DL Config, and the TestEnv History page (internal ticket).
Fixed an issue where the Comment Box was not accepting more than 100 characters while rejecting a Commit, but was working as expected while approving a commit (#51384).
Fixed an issue with Apex Test Class Config. in SF MGMT ORG where the Fetch Current Set, Add Manually, and Auto Populate options were throwing an error: Error 200 (#52408, #52328).
Fixed an issue where user set Commit validation Criteria to Auto reject after 7 days but the older Pre-validation commits are not auto rejected after 7 days (#49874).
Fixed an issue where user cannot add Skip members manually and it is failing due to special characters being included (#53139).

16 October 2022

(ARM v22.2.0) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where skipped members were present in many components but only Report Metadata was failing during Deployment (#51040).
Fixed an issue where CI Job was getting stuck in In Progress status but the log showed that the deployment was successful (#51140).
Fixed an issue where GitHub login credentials were not working when user triggered a CI Job for the second time (#50630).
Fixed an issue where CI Job has failed in the Salesforce org, but still stuck in In Progress status in ARM (#50435).
Fixed an issue where user raised a Pull request on a branch and was getting a webhook response, but CI Job build was not triggered (#51592).
Fixed a UI bug where Add to dashboard button was unavailable for widgets (#52333).
Fixed an issue where a new database file is created and overwritten with an existing database file whenever the server was restarted (internal ticket).
Fixed an issue where user was trying to resolve conflicts on Merge Request Labels created more than 7 days ago, but application was throwing an error: undefined (internal ticket).
Fixed an issue where Custom Email Template was not working for Email notifications (#47484).
Fixed an issue where user was testing SSH Connection but the application was throwing an error: invalid privateKey (#50940).
Fixed an issue with nCino where UI Log was not generated for failed CI Jobs (#50442).
Fixed an issue where New EZ-Merge was throwing an error (#46754).
Fixed an issue where Audit Logs were not generating via Postman Services (#50221).
Fixed an issue where Commits were getting stuck and throwing the following error: No credential have been found with Name:git, but was not reflecting in the UI log (#51713).
Fixed an issue with Workspace Settings where unused workspaces were not being cleared despite selecting Clear all workspaces which are not used in last 7 days (#50164).
Fixed an issue where user was performing a Prevalidation EZ-Commit and found that some Layout Assignments were deleted though those layouts were not part of the commit (#50945).
Fixed an issue with nCino where migration was failing due to errors with Standard Screen and UI Templates (#50432).

ARM Release Notes 22.1

Date of release: 20 March 2022 Article last updated: 23 October 2022

New features

1. Squash and merge

We have added the Squash and Merge feature in this release. Sometimes, when merging a long list of changes from a development branch into the master, it's helpful to squash those commits into one change for ease of review and declutter the repo's commit history. AutoRABIT offers an option to squash all commits in a merge request into one commit after the merge is approved and completed.

Read more →

2. SFDX- Import packages

Packages

The users could previously build a new package (unlocked or managed) and update the package's version in Salesforce DX. With this release, you may now import packages and update the version of packages created outside of AutoRABIT.

Read more →

Dev Hub management

With this update, users will see all of the packages in their dev hub in the record view. You may expand each package to show the package's versions in order and package data such as version name, version number, ancestor version, ancestor dependencies, etc.

Read more →

3. Step-based rollback

The option to list the API-supported and unsupported API components is added to the CI job/deployment rollback. If such components may be deployed to the target environment but do not have API support to delete them, ARM will display them individually as unsupported API types. Take, for example, RecordType.

The RecordType component may be deployed to the target environment, but it cannot be removed; instead, we need to connect to the target Salesforce environment to deactivate the component.

Read more →

Enhancements

1. Checkmarx upgrade to v9.4.1

Checkmarx has been updated to version 9.4.1. Earlier, Checkmarx used a username/password-based authentication method. Now, the user will be able to use token-based authentication with the Checkmarx upgrade.

2. Export all users

The Export All Users feature allows the org admins to export a CSV file of all the users currently in their account. We now have added the following fields to the existing CSV file:

CreatedDate
CreatedByName
DeativatedDate
LastLoginDate
DeactivatedByName
LastModifiedDate
LastModifiedByName.

Read more →

3. Pull request support for Azure cloud repositories

We have extended the support of having the pull request support in the CI Job for the Azure repository. This feature was previously available for Github cloud/Enterprise and Bitbucket cloud/Enterprise; however, we've added support for Azure cloud repositories (DX and non-DX repositories) with this release.

4. Merge/commit approval eligibility

If you want to make sure one or more people approve every commit or merge, you can enforce this workflow by using merge/commit approvals. These approvals allow you to set the number of necessary approvals to approve every commit/ merge in a project.

The org admins' eligibility level has been enhanced with the ARM 22.1 version. If you're an administrator, you will have the privilege to approve self-merge even if the criteria to self-approve a merge is set to FALSE. This permission will be denied to all members of your team except the org admin. To put it another way, no criteria can restrict an org administrator from approving any EZ-commit/ EZ-Merge.

Read more →

5. CodeScan additional metadata support

We have enhanced the scope for analysis of what CodeScan does by adding support for additional metadata and rules. For our ARM users who want to incorporate the SCA tool into their subscriptions, CodeScan would be their first choice as it now supports more robust integrations.

Below is the list of CodeScan supported metadata types:

Apex Triggers

Apex Classes

Aura Definition Bundles

Lightning Component Bundles (LWC)

Visualforce Pages

Custom Object

Settings

Flows

Workflows

Profiles

Sharing Rules

Sharing Criteria Rules

Sharing Owner Rules

Sharing Territory Rules

Permission Sets

6. SFDX CLI update

The SFDX CLI has been upgraded to the latest stable 7.134 version.

Key characteristics to look for:

Single deployment request for constructive and destructive changes
Quick deploy and rollbacks work for both constructive and destructive changes
Package preparation has been improved.

Improvements

The jquery-UI version has been upgraded to v1.13.0 to fix security issues. Upgrading to the most recent version of jquery makes our application more secure and potentially faster in script execution and loading.
Minor performance, bug fixes, and security improvements can also be observed in the ARM portal.

Changelogs

21 May 2023

(ARM v22.1.48) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where wrong timezone region was displaying for users (#71553).
Fixed an issue where the EZ-Commits report file displayed the file count but not the components count (#71538).
Fixed an issue where clone build jobs were taking between 10 and 25 minutes, which is much longer than expected (#70227).
Fixed an issue where CI job build failed to show changes in the org after deployment (#70791 and #71956).
Fixed an issue where CI job to generate Code Coverage Report was not reflected in the org or in the e-mail notification (#72042).
Fixed an issue where merge status is displayed as completed but no revision is generated, and the merge is not available in the UAT branch (#71266).
Enhanced DataLoader by adding the ability to field mapping through the lookup fields (#58480).
Fixed an issue with DataLoader where while running an Extract job on the PUBLISHER object, the job was failing with the following error Publisher: column id is not supported in ORDER BY clause (#71303).
Enhanced the nCino filter criteria by adding the ability to search and filter labels using the whole or partial name (#71826).
Enhanced ARM by using known vulnerable components through the DataTables 1.10.12 plugin for advanced data table functionalities such as sorting, filtering, pagination, and more. This allows users to easily display and manipulate large sets of data on their web pages in a user-friendly manner (internal ticket).
Fixed an issue with Prevalidation Merge where users were unable to deploy the ApexClass Tests related to ApexClasses and Apex Triggers (internal ticket).
Fixed a UI bug where the date column in the EZ-Commit Weekly report was displaying incorrect values (internal ticket).

09 April 2023

(ARM v22.1.46) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where validation jobs on Pull Requests weren't getting triggered (#67538, #67494, and #67448).
Fixed an issue where Salesforce components were showing under the Apex Test Success tab in the Deployment module, which is not expected behavior (#67537).
Enhanced the Branching Baseline feature by allowing admin to define default baseline branches, making it easier for developers to choose the default branch for each project (#63571).
Fixed an issue where user was unable to register a branch even though Test Connection was successful (#67023).
Fixed an issue where ARM wasn't fetching the ApexClass Tests related to ApexTriggers upon selecting Run Tests Based On Changes option (#67503).
Fixed an issue where SCA Report failed to run using Codescan plugin with the following Salesforce error: An unexpected error occurred. Please include this ErrorId if you contact support: 384187622-16951 (-673032061) (#61676 and #67675).
Fixed an issue where triggered CI jobs were either failing due to an error No Such File or Directory found, or getting aborted automatically after some time and logs weren't printing at the back end (#67549, #66910, #67724, #67720, #66881, and #67667).
Fixed an issue where triggered CI jobs were taking too long to build, and also slowing down ARM altogether (#66846).
Fixed an issue where if the file name contained spaces, Commit Validation via VS Code plugin was unable to detect the file (#63518).
Fixed an issue where Search & Substitute was not updating the value for a custom label in the SF org (#66809).
Fixed an issue where there was a discrepancy between the changes captured in the ARM Diff and the repos in BitBucket (#60596).
Fixed an issue where the SF org URL is not displaying the updated one under Profile (#67718).
Fixed an issue with nCino where CI job filter changes on templates are not reflecting after saving (#66956).
Fixed an issue with Dataloader Pro where user tried to migrate Account Object Data with Attachments Object, but the logs verify that there is a Null Pointer Exception. (internal ticket).
Improved nCino by adding additional loggers for Branching baseline for user to view the status in the UI (internal ticket).
Fixed an issue where user was unable to filter while trying to select a job which had spaces in the job name (internal ticket).

25 December 2022

(ARM v22.1.38) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Provar jobs were failing due to incorrect files being copied from customer repository branch to Provar project directory (#56662).
Fixed an issue where user triggered a CI Job but it deployed with many more components than expected (#46983).
Fixed an issue where user was performing a single Merge with only two approval process, but while selecting SCA, process is auto rejected (#55671).
Fixed an issue where SFI components were not getting fetched in Commit and Deployment module (#55139).
Fixed an issue where non-admin users were unable to select Branch Type while trying to create a new branch from New EZ-Commit Branch (#57732).
Fixed an issue where CI jobs are failing intermittently with the following error: Getting access token failed from refresh tokenHTTP/1.1 400 Bad Request (#57371).
Fixed an issue where user was trying to deploy only the Documents from the branch to Org, but deployment failed and Asynch ID is not generating (#57263).
Fixed an issue where user was trying to deploy login hours. First they merged it to target branch, then once CI job triggers login hours are not getting deployed to target org (#57359).
Fixed multiple issues where user was having trouble creating new package version from previous ancestor version (#55707).
Fixed an issue where Merge is failing with the following error: failed to push some refs to 'https://github.com/salesforce-align/SFDX.git' (#55939).
Fixed an issue where the Standard Field Account.name is displayed in the deleted components list (#57396).
Fixed an issue where the prevalidation commit failed at delta stage (#55763).
Fixed an issue where user was unable to create commit label for the same repository second time, and branches were not displayed (internal ticket).

11 December 2022

(ARM v22.1.37) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where SFI components were not getting fetched in Commit and Deployment module (#55139).
Fixed an issue where multiple metadata types where not able to retrieve (#56668).
Fixed an issue where Commit Label is not Auto rejected when the validation criteria is not met (#55670).
Fixed an issue where user performed a merge and sent it for approval, but it was not available under the Commit history tab (#53759).
Enhanced the Conflict Resolution Log by adding additional loggers like strategy chosen to resolve the conflict and which user did the resolution (#47559).
Fixed an issue where Commits added from non-nCino Repositories were not cleared from the Workspace causing the Commit to either not be visible in the UI or it is added to the queue but not deployed to the Destination Org (internal ticket).
Fixed an issue where user was creating the feature template for some of the nCino objects but it was taking too long to retrieve the objects from Source Org (#53915).
Enhanced nCino to:
- Modify notification messages for null checks on request parameters (internal ticket).
- Display only nCino revisions for Version Control in nCino feature deployment (internal ticket).

04 December 2022

(ARM v22.1.36) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Flexi pages were not picked up in a CI Job even after the commit with same set of metadata was excluded by user (#54518).
Fixed an issue where Abort function to stop Provar jobs was not working as expected (#55511).
Fixed an issue where production backup CI Job was not picking all the changes, and when user modified the job configuration and retriggered the job, the application was throwing the following error java.lang.NullPointerException: null (#55213).
Fixed an issue where all Slack Notifications were selected by default and user was unable to unselect all at once (#55817).
Fixed an issue where SFI components were not being fetched both in Commit and Deployment modules (#55139).
Fixed an issue with DataLoader Pro where user selected a field as External ID in a job and saved it, but the saved entry was lost and user was unable to map it (#55011).
Fixed an issue where Deployment validation in Prevalidation Commit fails because profile validation automatically picks User Permissions even though Remove User Permissions option is selected (#54941).
Fixed an issue where user was performing a single Merge with only two approval process, but while selecting SCA, process is auto rejected (#55671).
Fixed an issue where Commit Label is not Auto rejected when the validation criteria is not met (#55670).
Fixed an issue where Release Label Merge was failing and throwing the following error: fatal: bad revision (#55000).
Fixed an issue with EZ-Commit where user was unable to upload a Custom YAML file (#55826).
Fixed an issue where the Vlocity Component option under Fetch Changes is not populating for sub-users with roles that have all permissions and access (#54962).
Fixed an issue where Commits added from non-nCino Repositories were not cleared from the Workspace causing the Commit to either not be visible in the UI or it is added to the queue but not deployed to the Destination Org (internal ticket).
Fixed an issue where user was performing a merge operation and validating the package on the target org but the validation was failing with multiple errors (#55541).

27 November 2022

(ARM v22.1.35) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was trying to migrate Products, Pricebooks, and its entries but the Deploy was failing for Pricebook and throwing the following error: INSUFFICIENT_ACCESS_ON_CROSS_REFERENCE_ENTITY: insufficient access rights on cross-reference id:-- (#55263).
Fixed an issue with nCino where user was trying to create a custom feature template including product objects as well as product line but the deployment was failing with the following error: Required fields are missing: [LLC_BI_Product_Line_c] (#51209).
Fixed an issue with nCino where CI Job was stuck in Build Success status (#53605).
Fixed an issue where CI Job build was failing with a NullPointerException (#55204).
Fixed an issue where the Repository Branch was unavailable to select to run the Merge process after selecting On successful deployment option (#55537).
Fixed an issue where Admin was able to see the Teams field under ALM Integration but the same field was unavailable for sub-users (#55153).
Fixed an issue with EZ-Commit where user was trying to perform a destructive commit using Autodraft option, but was unable to select deleted components under the Deleted tab (#55507 and #55651).
Fixed an issue where user was getting a NullPointerException when trying to resolve a Merge conflict (#55137).
Fixed an issue with nCino where the UTF-8 Encoding Flag was not displayed in the pop-up during Re-Deployments (internal ticket).
Fixed an issue where during an EZ-Commit, complete information about some of the members of WaveDataflow metadata type was not retreived from the Salesforce Org (#49753).
Fixed an issue where Quick Merge was throwing the following error after clicking Validate & Merge: Please Select Valid revision (#53932 ).
Fixed an issue with EZ-Commit where Autodraft feature was taking too long and eventually failing when user was trying to retrieve components (#48257).
Fixed an issue where user was able to create a Delegated Group but was unable to add a Delegated Admin user to the group using Environment Provisioning (#55266).

20 November 2022

(ARM v22.1.34) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was performing Prevalidation Commit but commits in the repository have different components than the ones shown in Diff before the commit (#52307).
Fixed an issue with Install an Unlocked or Managed Package from a Version Control Branch where CI job getting an exception and the build status was showing as successful but the Scratch Org was not being created (#50702).
Fixed an issue where CI Job shows that the ALM status has been updated successfully but on Azure ALM it is not updated (#54669).
Fixed an issue where Test Automation CI Jobs were failing due to InitializeDriver & quit methods (#45878).
Fixed a bug where user was able to access certain branches in the Deployment module to which he did not have access under Profile Settings (#54879).
Fixed an issue with CI Jobs where the build failed with Checkout conflict for an .svg file (#54172).
Fixed an issue with nCino where Record Classification and Classification Objects were missing in the template (internal ticket).
Fixed an issue with nCino where user was creating a CI Job and observed that Use UTF-8 file encoding for the file read and write operations flag was displayed at the bottom below the Commit Details section (internal ticket).
Fixed an issue with nCino where the UTF-8 Encoding Flag was not displayed in the pop-up during Re-Deployments (internal ticket).
Fixed an issue where during an EZ-Commit, complete information about some of the members of WaveDataflow metadata type was not retreived from the Salesforce Org (#49753).
Fixed an issue where Quick Merge was throwing the following error after clicking Validate & Merge: Please Select Valid revision (#53932 ).
Fixed an issue with EZ-Commit where Autodraft feature was taking too long and eventually failing when user was trying to retrieve components (#48257).
Fixed an issue where user was unable to add another branch to Azure in the ALM MGMT Repository mappings (#55133).
Fixed an issue where the Destructive commit Diff was including more components than selected (#54795).
Fixed an issue where a merge got stuck for a long time and the Commit ID was reflected in BitBucket but unavailable to select for release label deployment (#52964).

13 November 2022

(ARM v22.1.33) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the user was trying to create an Extract process in DataLoader but after validating the query the application was throwing an error: not supported; requires @DynamoDBTyped or @DynamoDBTypeConverted (#54648).
Fixed an issue with CI Jobs where External Credential metadata was not identified during Deployment (#53939).
Fixed a UI bug where user was performing an org to org deployment using package.xml file and the components were successfully deployed and also verified on Salesforce target, but the status on ARM was still In-Progress (#50459 and #51288).
Fixed an issue with DX CI Jobs where user is not getting details of faulty commit revisions in the notification (#54063).
Fixed an issue with Profile Manager where the deployment is not showing any progress in the logger detail in front end. It was updated only after completion of the deployment job at backend (#53706).
Enhanced the Conflict Resolution Log by adding additional loggers like strategy chosen to resolve the conflict and which user did the resolution (#47559).
Fixed a bug where Merge Commit validation was not considering special characters like %,#, etc. as a value and throwing the following error: Merge comment should not contain an empty space (#54512).
Fixed an issue where ARM was slowing at different phases in the EZ-Commit module (#50503).
Fixed an issue where Git check response was not delivered for validation CI Job even though user has added the comment for a Pull request in the remote repository (#53036).

06 November 2022

(ARM v22.1.32) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with DX CI Job where user selected Do Not Include Skip Members but the respective mapper reports were not skipped (internal ticket).
Fixed an issue where the Deployment module page was loading very slowly and then thrwing an error: Page Unresponsive (#53675).
Fixed the following issues in CI and Reports modules (internal ticket):
- Build With NULL ERROR (issue exists both with Proxy and without Proxy)
- SF Org Code coverage Execution is failing (issue exists both with Proxy and without Proxy)
- Jenkins Build is updated with FAILED status even after it is successfully completed (issue exists only without Proxy)
- Checkmarx text is not displaying the Proxy Configuration note (Only With Proxy)
Fixed an issue with QA Environments where user was unable to create and delete the SFDX module because of the Apache config CACHE settings (internal ticket).
Fixed an issue with the Deployment module where user initiated a Deployment without selecting the Do not Include Skip Members option, but this option was auto-enabled and skipped the member at the time of deployment (#53747).
Fixed an issue with Modularization where user creating a module and selected the Ignore installed components check box but the installed components were not ignored causing the deployment to fail (#53703).
Fixed an issue with AccelQ Test Automation where test case fails but the error details pop-up is not showing the details of the error that caused the failure (#54224).
Fixed an issue where user is setting up the Apex PMD rules as Priority 1 & Priority 2 in the CI Job but the SCA Report is showing the Priority 3, P4 & P5 which wasn't selected (#54017).
Fixed an issue where the Git check response was not delivered for a validation CI Job (#53036).
Fixed an issue where the Deleted Report metadata components were not found in the EZ-Commit (#53119).
Fixed an issue where user was trying to perform a Quick Merge but was getting an Undefined error for all labels (internal ticket).

30 October 2022

(ARM v22.1.31) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where triggering a CI Job in Objects was resulting in an ambiguous error in the CI Job Build (#53066, #52955, #53631).
Fixed an issue where all CI Jobs were failing and throwing the error: Validation Checking failed Version Control Mappings not found for Repo: SA Repo and Branch: bugfix/Bugfix_PQT_Rel_Validation (#52945, #52950, #52757).
Fixed a UI bug on the CI Jobs page for Install an Unlocked or Managed Package from a Version Control Branch type where old Dev Hubdropdown list was displayed in the Deploy section (internal ticket).
Fixed an issue with AccelQ where running a test execution was successful even before the jobs were completed in AccelQ, but the status was always showing as Not Run instead of Success or Failure even if the jobs have been successfully completed (#50181).
Fixed a Page Unresponsive issue while creating a new Release Label by adding a feature to list limited results on each page (#48563).
Fixed an issue where a merge got auto-approved and was in Merged Not Commit status (#52398, #48084).
Fixed an issue where user created a Release Label, performed a Merge operation, committed changes to the target branch, and created two revisions in the Github branch. But ARM was throwing an error while applying merge stage and only on the revision generated (#51364).
Fixed an issue where EZ-Commit initiation was stuck with the error: Unable to fetch Salesforce Org users. Reason: Invalid login: invalid user name or password or security token or api version or user locked out (#52550).
Fixed an issue where user was not able to select the orgs in the EZ-Commit drop down (#48533, #51219).
Fixed an issue where Page Size value on the Edit Release Label screen is defaulting to the previous value instead of the set value (internal ticket).
Fixed a UI bug where OK Button in Automation is not visible in the Create Release Label pop-up when opened in 100% zoom (internal ticket).

23 October 2022

(ARM v22.1.30) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where CI Job was successful but was including components from GIT revisions from old deleted branches (#46983).
Fixed an issue where user was performing a production deployment using CI job for an object, but it failed with the following error: Cannot set sharingModel to ControlledByParent on a CustomObject without a MasterDetail relationship field (#48626).
Fixed an issue where CI Job was getting an exception, Build status was showing as successful, but Scratch Org not getting created (#50702).
Fixed an issue where Managed Package was picking the wrong ancestor by adding a feature to manually select the preferred ancestor while creating a package version (#48311).
Fixed an issue where user was adding URLs to the Proxy Configuration Settings but the URL List was not reflecting the same (internal ticket).
Fixed an issue where Custom Template Creation failed and the Logs did not record the reason for failure (#52147).
Fixed an issue where the Created By value was not visible in Dataloader, Dataloader Pro DL Config, and the TestEnv History page (internal ticket).
Fixed an issue where the Comment Box was not accepting more than 100 characters while rejecting a Commit, but was working as expected while approving a commit (#51384).
Fixed an issue with Apex Test Class Config. in SF MGMT ORG where the Fetch Current Set, Add Manually, and Auto Populate options were throwing an error: Error 200 (#52408, #52328).
Fixed an issue where user set Commit validation Criteria to Auto reject after 7 days but the older Pre-validation commits are not auto rejected after 7 days (#49874).
Fixed an issue where user cannot add Skip members manually and it is failing due to special characters being included (#53139).

16 October 2022

(ARM v22.1.29) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where skipped members were present in many components but only Report Metadata was failing during Deployment (#51040).
Fixed an issue where CI Job was getting stuck in In Progress status but the log showed that the deployment was successful (#51140).
Fixed an issue where GitHub login credentials were not working when user triggered a CI Job for the second time (#50630).
Fixed an issue where CI Job has failed in the Salesforce org, but still stuck in In Progress status in ARM (#50435).
Fixed an issue where user raised a Pull request on a branch and was getting a webhook response, but CI Job build was not triggered (#51592).
Fixed a UI bug where Add to dashboard button was unavailable for widgets (#52333).
Fixed an issue where a new database file is created and overwritten with an existing database file whenever the server was restarted (internal ticket).
Fixed an issue where user was trying to resolve conflicts on Merge Request Labels created more than 7 days ago, but application was throwing an error: undefined (internal ticket).
Fixed an issue where Custom Email Template was not working for Email notifications (#47484).
Fixed an issue where user was testing SSH Connection but the application was throwing an error: invalid privateKey (#50940).
Fixed an issue with nCino where UI Log was not generated for failed CI Jobs (#50442).
Fixed an issue where New EZ-Merge was throwing an error (#46754).
Fixed an issue where Audit Logs were not generating via Postman Services (#50221).
Fixed an issue where Commits were getting stuck and throwing the following error: No credential have been found with Name:git, but was not reflecting in the UI log (#51713).
Fixed an issue with Workspace Settings where unused workspaces were not being cleared despite selecting Clear all workspaces which are not used in last 7 days (#50164).
Fixed an issue where user was performing a Prevalidation EZ-Commit and found that some Layout Assignments were deleted though those layouts were not part of the commit (#50945).
Fixed an issue with nCino where migration was failing due to errors with Standard Screen and UI Templates (#50432).

09 October 2022

(ARM v22.1.28) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with nCino where user was getting errors with Standard Screen and UI Templates (#50432).
Fixed an issue where user noticed discrepancy in the Conflict Resolution Log (#47559).

02 October 2022

(ARM v22.1.27) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where components were successfully deployed, but deployment status was still showing In-Progress in ARM (#50459, #51288).
Fixed an issue where CI Jobs were getting stuck and throwing the following error: Too many open files (#44319, #49273).
Fixed an issue where email notification wasn't sent for some of the CI Jobs (#48028).
Fixed an issue where the Custom label and remote site setting URLs were not getting updated by ARM through Environmental Provisioning (#49612).
Fixed an issue with Vlocity where selecting one component from a GIT repository was causing all the components from the category to get selected (#49806).
Fixed an issue with ALM Mgmt. where item status was not retrieved properly for Merge Request, but was working as expected for EZ-Merge (#50628).
Fixed a UI bug where Release Labels were showing duplicate Time Stamps (#51205).
Fixed an issue where old Commit Labels were not getting auto-rejected after 7 days as the user had configured under Commit Validation Criteria (#49874).
Fixed an issue where user was getting an error pop-up on the Permissions and the SF ORG MGMNT pages, and the SF org and VC repo mappings were lost in the profile section of a role (#49108).

26 September 2022

(ARM v22.1.26) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Provar test job was throwing an error while in queue (#49797).
Fixed an issue where scheduled auto-sync of external commits was not working (internal ticket).
Fixed an issue with the New EZ-Commit screen where ALM Types are changing to old ALM type names after resaving details on the ALM Management screen (internal ticket).
Fixed an issue with Pre-validation merge where the Object file content was empty in the CodeScan Analysis SCA report (internal ticket).
Fixed an issue with Branching Baseline where some of the custom object metadata nodes were deleted from the repository (#47239, #47270).
Fixed an issue with EZ-Merge where Diff was not being generated even though there were file changes between the source branch and the destination branch (#50323).
Fixed a UI bug in DataLoader where user was switching from Graphical View to Grid View but Graphical View options were still being displayed (#50431).
Fixed an issue with nCino where the Insert/Update With Null Values option was not getting updated for CI jobs (#50259).
Fixed an issue where users were unable to re-authenticate the Salesforce Org after refreshing their personal sandboxes (#48533).
Fixed an issue where Environment Provisioning Template was not functioning as expected for Custom Labels containing URL (#47892).
Fixed an issue with EZ-Commit where user was trying to deploy Permission Sets and Profiles together, and the pre-validation process was stuck in In-Progress status (#49340).
Fixed an issue where old Commit Labels were not getting auto-rejected as configured (#49874).

19 September 2022

(ARM v22.1.25) This is a maintenance release. The following items were fixed and/or added:

Fixed multiple issues with CodeScan<>ARM Integration (internal ticket).
Fixed an issue where CI Jobs and Deployments were both failing for Reports and Dashboards because the folder could not be found (internal ticket).
Fixed an issue with New Commit screen where the Select All checkbox was getting unselected when navigating from the DELETED tab to the ADDED/MODIFIED METADATA COMPONENTS tab and back to the DELETED tab (internal ticket).
Fixed an issue with Version Control Prevalidation Commit where for the selected Custom Metadata and Permission Set, Diff was being generated as expected but the Deployment was failing (internal ticket).
Fixed an issue with Version Control Prevalidation Merge where SCA report was empty, and throwing the following error in the console: Uncaught TypeError: Cannot read properties of undefined (reading 'length') (internal ticket).
Fixed an issue where user was unable to reset the AutoRABIT password, and was getting an error: getAttribute: Session already invalidated (#50145).
Fixed an issue where CI Jobs was not picking the right number of components unless the user cancelled the build and retriggered it (#47164),(#46981).
Fixed an issue where the user tried to merge to the Dev branch but the CI Job failed and was throwing a Duplicate error (#49661).
Fixed an issue where user was trying to install Unlocked Package via CI Job but it was failing and throwing the following error: ERROR 178928269770891:275 - For input string: "0-2" java.lang.NumberFormatException: For input string: "0-2" (#50093).
Enhanced Vlocity loggers for Branching Baseline by displaying to the user Status Count of Remaining, Success, Error and Ignored (internal ticket).
Fixed an issue where Test Connection was failing on the Version Control Summary page under the Admin module (#49299).
Fixed an issue with Prevalidation Merge by increasing the SCA Response timeout from 50 minutes to 5 hours (#48613).
Fixed an issue where merging Master Branch with the Production branch was throwing the following error: No merge head specified (#46594).
Fixed a bug where New A-Z Merge was throwing an error (#46754).
Fixed an issue with Autorabit Commit Label related to Permission Sets Deployment (#48709).

11 September 2022

(ARM v22.1.24) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was selecting a single package to import, but all available package versions were being imported (#49426).
Fixed an issue with Profile Manager where user was comparing a profile but the deployment was not starting (#48620).
Fixed an issue where deploying components with profiles was not working as expected and throws the following error: Duplicate layoutAssignment:PersonAccount (PersonAccount.Person_Prospect) (#49021).
Fixed an issue where custom metadata records were not being selected during deployment (#49167).
Fixed an issue in Version Control Commit Labels history where Created By and Created Date values were exchanged (internal ticket).
Fixed an issue where user was getting an error while trying to deploy Vlocity Metadata using CI Jobs (#47568).
Fixed an issue where Branching Baseline was not retrieving Workflow Metadata types (#49403).
Fixed an issue where Release Label failed to load revisions from a particular branch and the browser was hanging and throwing an Out of memory error (#48563).
Fixed an issue where EZ-Commit was not getting auto-rejected when CodeScan analysis failed, even though user select the option to run Static Code Analysis (#47155).
Fixed an issue where merge was failing at the Validate Deploy step even before selecting the org to validate (#49724).
Fixed an issue where Layout was being removed from the Diff while deploying Profile changes with related Layouts and RecordTypes (#48268).
Fixed multiple issues with CodeScan<>ARM Integration (#49605).

04 September 2022

(ARM v22.1.23) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where user was performing a new deployment but getting an error when using the Compare Orgs & Deploy button (#48707, #48676, #48737, #48734).
Fixed an issue where the CI job was not working as expected and throws the following error: java.lang.NullPointerException: null (#48706).
Fixed an issue where few fields were not being analyzed in CodeScan SFDX. User was selecting Custom Fields, Apex Classes, and Record Types in E-Z Commit, but Static Code Analysis was only Apex Classes (#48547).
Fixed an issue where dashboards and reports were changing to Destructive and getting deleted (#48119).
Fixed an issue where discrepancies for Document, Assignment Rule and AutoResponseRule metadata types content was observed in package.xml for SFDX and non-SFDX CI Jobs (#47017).
Fixed an issue where the Dataloader Pro Jobsfailing and throws the following error: java.lang.NullPointerException: null (#49170, #49283, #49331, #49199).
Fixed an issue where nCino CI Jobs via RBC were failing during parallel deployment. Instead of falling in queue, the first job was failing while the other succeeded, and the user had to retrigger the failed job (#47335).
Fixed an issue where creating multiple deployment jobs from the same source org to the same destination org for different templates, the jobs were failing with Null Pointer Exception error (internal ticket).
Fixed an issue with DX Pre-validation merge where Destructive Deployment for custom labels failed without any errors (internal ticket).

28 August 2022

(ARM v22.1.22) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where Unpackaged Packages Directory folder was being created in the Deployment Promotion zip package when deploying Static Resource Metadata type using Single revision DX Deployment (internal ticket).
Fixed an issue where after upgrading the AR instance, deployment jobs kept removing the custom metadata access on the Permission Sets (#48296).
Fixed an issue where Org difference jobs were running for more than 24 hours (#48324).
Fixed an issue where Environment provisioning template was not working when trying to update custom label values that contain URL, and the incorrect value was being updated in the org (#47892).
Fixed an issue where choosing the Select Manually option while doing a commit was resulting in a blank screen for the Deleted tab (internal ticket).
Fixed an issue where while doing Prevalidation commit in AR, Commit Only Permissionsets For The Selected Metadata functionality was not working properly for both DX and Non-DX cases (internal ticket).
Fixed an issue in Dataloader where an Undefined Error was displayed when user was trying to create and save the Screens Template (internal ticket).
Fixed an issue where user was trying to validate the commit using single revision, but was getting an Empty Package error even though there were changed files in the commit (#47530).
Fixed an issue where DataLoader Pro jobs were failing with an error duplicate value found: SetupOwnerId duplicates value on record with id for the custom setting Multichannel_Settings_vod__c, even though there is no field mapped with name SetupOwnerId (#48230).
Fixed an issue where the search functionality was not working in Dataloader Configuration as well as Dataloader Test Environment Setup (internal ticket).
Fixed an issue where EZ Commit Logs and Change Labels were not displaying for some of the commit labels (#45364).
Fixed an issue where the user was not able to see the deployment report because the build was failing when only custom fields were being selected without the related object (#45663).
Fixed an issue where merge request was being auto rejected if the selected approver was no longer with AR (#48084).
Fixed a bug where user had enabled Squash and Merge while performing a new merge, but the Squash and Merge option was not displayed after the Merge Request was approved (#48246).
Fixed an issue in CI Jobs deployments where Bulk API option for Attachments was throwing an error (internal ticket).
Fixed an issue where nCino CI Jobs were failing the first time and completing the second time successfully (#46545).

21 August 2022

(ARM v22.1.21) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the CI job build was getting stuck in In-progress status (#47934).
Fixed an issue where RunSpecifiedTest level execution was failing with Test classes dependency errors (#47666).
Fixed an issue where DX CI Job build failed if document metaxml change commit revision includes in the build [Including Email templates and Static Resources types] (internal ticket).
Fixed an issue where entire branch merge was failing with multiple common ancestor errors (#47334).
Enhanced the Dataloader history screen (internal ticket):
- Column mover added to table column alignment for text view.
- Moved Last Run details to the Date/Time column.
Fixed an issue where Standard fields are not retreiving when included in package.xml, and retrieving through E-Z Commit (Package Manifest) option (#47961).
Fixed an issue for the nCino CI Jobs were failing due to default selection of AutorabitExtId__c in Mappings (internal ticket).
Fixed an issue for the nCino Deployments where even if LookupKey is available, by default Name is selected in External ID Mapping (internal ticket).
Fixed an issue for the nCino CI Jobs where Attachments were failing due to External Mappings not being set to the NAME field (internal ticket).
Added the feature to dynamically handle the respective nCino Prefix rather than depending on the JSON file to identify the External Id field

14 August 2022

(ARM v22.1.20) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue with the Profile Manager where the user were unable to select the default app permission during the profile deployment (#47462).
Fixed an issue where the merge revisions were missing from the CI jobs (#46862).
Fixed an issue where the users were unable to commit Vlocity card from one org to another org in ARM (#44938).
Fixed an issue where for both CI Jobs and Deloyments (Non-DX and DX), the deployment was getting failed with the below error although the Ignore missing visibility settings is checked: permissionset error--- Error in field: customPermission not found (internal ticket).
Fixed an UI bug where while performing test connection for any successful Salesforce org registered, the messasge is displayed as "Success" instead of "Testconnection was successful" (internal ticket).
Fixed an issue where the ALM integration was not working when the files are pushed with special characters in their name (#47414).
Fixed an issue where the commit labels was getting auto-rejected while committing Profile FLS (#46844).
Fixed an issue where the users while deploying a destructive XML file from one sandbox to another, is getting auto rejected (#47714, #47747).

07 August 2022

(ARM v22.1.19) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the package URL was not visible for the SFDX modules successfully configured in ARM (internal ticket).
Fixed an issue where our internal team members got the undefined error while creating a new scratch org and selecting the module (internal ticket).
Fixed an issue where after triggering the CI job, the File Changes and Check-ins results mismatched (#40119).
Fixed an issue where the package created to deploy ExperienceBundle misses some of the folder and metadata files contained in it (#46692).
Fixed the below deployment-related issues:
- Unable to find commits that are part of a Release Label while performing a new deployment (#47337)
- Unable to retrieve components from a Release Label during deployment (#47534)
- Changes are not deployed to the destination org which are part of a Release Label (#46908)
Fixed an issue where the users while deploying a destructive XML file from one sandbox to another, is getting auto rejected (#47714, #47747).
Fixed an issue where the deployment failed to initiate when search and substitute rules are selected (#47802).
Fixed an issue where the status log .csv files are inconsistent for deployment via CI jobs (internal ticket).
Fixed an issue where the users were unable to process the migration of RBC object (nForce__Views__c) using the nCino CI jobs, feature template migration, or the Dataloader Pro jobs (#47098).
Fixed an issue where while deploying a nCino-User Interface template, only partial records are deployed and no deployment logs are generated (#47494).
Fixed an issue where the users, while performing an EZ-Commit by enabling the run SCA option, the CodeScan analysis is getting failed, but EZ-Commit is not getting auto-rejected (#47155).

31 July 2022

(ARM v22.1.18) This is a maintenance release. The following items were fixed and/or added:

Upgraded the Spring and AWS libraries on ARM for addressing the Spring vulnerability (#46970).
Fixed an issue where the users were unable to login to ARM via SSO (internal ticket).
Fixed an issue where the ARM is not able to fetch any component using the release label (#46662).
Fixed an issue where the baselining of branches has wiped out the records types for many records, and the users were forced to do manual changes to the Record types (#42719).
Fixed an issue where the ARM allows to associate only one branch to one package, and not able to build beta package versions from various branches. This is now fixed (#46841).
Fixed an issue where the CI job, while deploying manage packages, is installing all the manage packages instead of installing a single package (#46832).
Fixed an issue where the links on the CI Job log screen are redirected to the user's login page instead of redirecting to user's Salesforce org screen (#47151).
Salesforce API version 55 (Beta support) is upgraded. The label is modified throughout ARM application to Salesforce API version 55.0 (#47404).
Duplicate classes from the ARM repo has been removed (internal ticket).
Fixed an issue with the Profile Manager where the user were unable to select the default app permission during the profile deployment (#47462).
Fixed an issue where the merge revisions were missing from the CI jobs (#46862).
Fixed an issue where the users were unable to commit Vlocity card from one org to another org in ARM (#44938).
Fixed an issue where for both CI Jobs and Deloyments (Non-DX and DX), the deployment was getting failed with the below error although the Ignore missing visibility settings is checked: permissionset error--- Error in field: customPermission not found (internal ticket).
Fixed an UI bug where while performing test connection for any successful Salesforce org registered, the messasge is displayed as "Success" instead of "Testconnection was successful" (internal ticket).
Fixed an issue where the ALM integration was not working when the files are pushedwith special characters in their name (#47414).
Fixed an issue where the commit labels was getting auto-rejected while committing Profile FLS (#46844).
Fixed an issue where the merge was getting failed with the following error: Fetch operation is failed due to some runtime exceptions from Git (#46773).
Fixed an issue where the username and passwords fields were not editable for users registered in ARM with basic authentication (#47099).

24 July 2022

(ARM v22.1.17) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where when user triggers a code coverage run in the production environment, the action takes more time than expected. Also, the total time taken for the task completion is shown inaccurate in the log report (#44544, #43527).
Fixed an issue where the CI job was not working as expected and throws the following error: java.lang.OutOfMemoryError: Java heap space (#47182, #47190, #47209, #47191).
Fixed an issue where the Rollback settings were not getting saved in the My Account page (internal ticket).
Fixed a bug where the users could not edit/modify their CI jobs when the build was in progress (#43538).
Fixed an issue with the permissionsets where instead of delta changes, the Permissionset retrieving entire file from the branch and causing dependency issues (#46846).
Fixed an UI bug where the ARM application displays unwanted scrollbar when "Exclude Installed (Managed) components" is selected in the My Account page (internal ticket).
Enhanced the ARM workspace feature to automatically unlock the workspace after sufficient time to run the workspace operations.
Added the feature to set Limit 0 option for the Dataloader Pro jobs. This limit will allow users to skip migrating child or Ancestors objects.
Fixed an issue where while editing an existing nCino CI Job, the version control is not automatically choosing the previous repository set. This is causing the selected nCino Templates to reset (#46952).
Fixed an issue where the ALM labels were missing from the ALM Label lists page (#44410).
Fixed an issue where the settings related with user permissions were erased (#46472).
Fixed an issue where the users when performed EZ-Commit using a package manifest file, doesn't include managed components that are in the package.xml file (#47083).

17 July 2022

(ARM v22.1.16) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the Execute Anonymous Apex metadata is not working as expected when configured as Environment Provisioning template (#46817).
Fixed a bug where our internal team were able to use the perform the prevalidation commit and direct commit without giving the prevalidation commit label name and without commit comment, which are mandatory fields (internal ticket).
Fixed an issue where the ALM workitems are not retrieved in CI job through merge (internal ticket).
Fixed a bug where our internal team were able to save the Install an Unlocked or Managed Package from a Version Control Branch CI job even though Installation key were not uploaded which is a mandatory field (internal ticket).
[Enhancement] Added the Salesforce versions information in the logs for all Dataloader related jobs activities.
[Enhancement] Added the ability to delete a commit before it is pushed to your remote repository so that you have a choice to redo incorrect commits/ merges.
Fixed an issue where the merge prevalidations were auto rejected with status as Approval Pending (#46665, #46864).
Fixed an issue where the Delete Commit button was not seen after approving an EZ-Commit label (internal ticket).
Fixed an issue where the toggle button for the dashboard metadata type in the commit label screen is not working as expected (internal ticket).
Fixed an issue for the nCino Feature Deployments where the users were getting audit field issue when trying to deploy with Insert/Update with Null Values option (internal ticket).
Fixed an issue for the nCino CI jobs using Spreads Templates where the users were getting NullPointerException error when trying to deploy with Insert/Update with Null Values option (internal ticket).

10 July 2022

(ARM v22.1.15) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users failed to enable the pull request support for their version control repositories (#46336).
Fixed an issue where the re-use previously validated commit label takes more time to load (#46171).
Fixed an issue where the constructive changes are picked in the CI build, although no constructive changes are in-between From and To revisions (internal ticket).
Fixed a bug marked deployment as failed, whereas the log report says successful (#46737).
Fixed an issue with the SFDX job, where for the Report metadata type, the rollback feature was working weirdly (internal ticket).
Fixed a bug where the users could not edit/modify their CI jobs when the build was in progress (#43538).
Fixed an issue where entering the package installation key in Install an Unlocked or Managed Package from Version Control Branch CI Job gets altered when manually entered or pasted (#46836).
Fixed an issue where the user could not run the static code scan report on GitHub with APEX PMD Lint Scanner metadata type (#46781).
Fixed an issue with the CodeScan analysis report that failed when running from ARM (#44404).
Fixed an issue where the user could not fetch the latest CI job weekly reports (#42587).
Enhanced the Dataloader Pro, where the attachments are now supported (#41077).
Fixed a bug where editing the Dataloader job shows "Job Group" as null or empty (internal ticket).
Vlocity has been upgraded to v1.15.5.
Fixed an issue with the CI job where the version control using Salesforce with attachments was not picking the attachments during CI build (internal ticket).
Fixed an issue with the EZ-Merge, where merging the main branch to the dev branch failed with a No merge head specified error (#46594).
Fixed an issue that throws Schema as invalid error while running the branching baseline operation (#46593).
Fixed an issue where the merge failed using a single revision (#46491, #45764).
Fixed an issue where our internal team members could not create a new role from the Admin section (internal ticket).
Fixed a bug where the Invalid Schema error is seen for non-SFDX prevalidation merge (internal ticket).
Fixed an EZ-Commit issue where additional permissions were removed from Profiles metadata type, which is not a part of the commit (#44543).

03 July 2022

(ARM v22.1.14) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the deployment via CI job picked unnecessary components for deletion (#44204).
Fixed the issue where the user when trying to delete a component in Community metadata type, deletes the whole Community rather than its components (#43698).
Fixed an issue where DevHub registration in ARM was failing (#46208).
Fixed a bug where our internal team members were not able to view the Salesforce Org URLs in the My Profile section (internal ticket).
Fixed an issue where the deployment using Commit/Release Label was not working (#46419).
Fixed an issue where the mapping more than one class to same test class is not recognized by ARM during commit/merge operation (#46396, #45159).
Fixed an issue where the CI job builds were failing because of missing revisions (#45532, #46352).
Fixed an issue where the Compact Layout were not getting deployed and throws undefined error(#46592).
Fixed an issue where the ALM statuses were not updated/rolled back post CI job rollback completion (#45945).
Fixed an issue where the destructive changes were not working as expected for the CI jobs (#46216).
Fixed an issue where the ARM failed to update the Audit fields when trying to run nCino feature deployment (#46356).
Fixed an issue where our internal team were not able to register their credentials on one of the ARM SAAS instances (#46315).
Fixed an issue where prevalidation commits were getting failed due to credential issues. The following error was thrown No credentials found (#46274, #46098).
Fixed a bug where the deleted components were tagged as UC (UnChanged) instead of D (Deleted) in the EZ-Commit (#46087).
Fixed an issue where the metaXML file were not retrieved for the ContentAsset metadata type for the SFDX "Entire Branch" merge case (internal ticket).
Fixed an issue where the deployment validation were failing for the prevaildation merge with the error: No source backed components present in the package (internal ticket).
Fixed an issue where the merge using single revision (baseline revision) receives the metadata schema error (#46570).
Fixed an issue where the merges were getting failed and throws the Schema is invalid for the file error (#45768).
Fixed an issue where the exported users list contained inaccurate information (#44782).

26 June 2022

(ARM v22.1.13) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the Spread Template in the nCino module was not working as expected (#45078).
Fixed an issue where the user was getting "field integrity exception: unknown (CreatedByID(0051X00000BbMIR) is not in org" for the records that were available in the destination org.
Fixed the issue where the Disable Workflow template in the Environment Provisioning module was not working as expected (#46195).
Fixed an issue where the creation of a scratch org were getting failed. The fix has been deployed to in this weekly release (#46021).
Fixed an issue where the users were unable to use the release label for deployment (#45415).
Fixed an issue where the users were not able to register same DevHub with two different usernames (#46208).
Fixed an issue where the CI Job was picking the deleted components from GitHub branch although the Prepare Destructive Changes checkbox was not selected. This caused the deployment to fail (#42553).
Fixed an issue where the users were not able to view their GitHub branches in the ARM application (#46044, #46353).
Fixed an issue where the CI Job for backing up from org to the version control branch was failing with null pointer exception error (#45646).
Fixed an issue where the EZ-Commits, when included Profile, was not working as expected (#45902).
Fixed an issue where the commits were getting stuck at the delta stage (#45101).
Fixed an issue where the Git tags were being added to the queue but not being processed (internal ticket).
Fixed an isse where the delta was getting failed in the EZ-Commit flow (internal ticket).
Fixed an issue where the Dalaloader Pro job is failing with Required field missing on "nCino_Screen__c" object, however the user were able to view the Screen__c object has a value in their source org (#45139).
Fixed an issue where the user were not able to save the Dataloader Pro jobs and throws the JAVA.NullPointerException error (#46385).
Fixed a bug where the users were not able to view the log reports after registering Tags via ARM (internal ticket).
Fixed an issue where the tags creation got failed when the tag name contains 'error' with custom API flow (internal ticket).

19 June 2022

(ARM v22.1.12) This is a maintenance release. The following items were fixed and/or added:

Fixed a minor bug where the child members checkboxes remained checked even when the parent metadata type was unchecked (internal ticket).
Fixed an issue where CI job build ToRevision number was mismatched in the CI Job Results and the CI Build Info page (#45580).
Fixed an issue where the request parameters were empty in the nCino Feature Commit History screen (#45855).
Fixed an issue where the users while accessing the commits older than 30 days, ARM throws Request parameters are empty/null error (internal ticket).
Fixed an issue where the users when accessing the Commit History page throws Invalid FilterExpression error (internal ticket).
Fixed an issue where the user were unable to fetch the latest CI job weekly reports (#42587).
Fixed an issue where the Diff report in the Merge Request was not working as expected (#45315).
Fixed an issue where the user ran the branching baseline operation by excluding the Managed package components, however, the Package.xml file still had all the managed package components listed in it (#45125).
Fixed an issue where the code coverage report was being generated at a different time than what was scheduled (#45703).
Fixed an issue where the exported users list contained inaccurate information (#44782).
Fixed an issue where the TAF execution were getting failed (internal ticket).
Fixed an issue where the From Revision was not visible when user access their CI job from CI Job History page (internal ticket).
Fixed an issue that caused Chrome to crash anytime a user attempted to view the functional test results for the task of running a Selenium Maven test. The functional test results screen enters a continuous cycle of requests, which crashes the browser (internal ticket).
Fixed an issue where the skip members feature of ARM was not working as expected (internal ticket).
Fixed an issue where the user while performing EZ-Commit with SonarQube code analysis was getting failed with Failed to run the sonar-scanner: null error (#46070).

12 June 2022

(ARM v22.1.11) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the branching baseline feature for profile was not working as expected (#44615, #40836).
Fixed an issue where the Dataloader Pro jobs were failing with no error message (#44620, #44264).
Fixed the issue where the Dataloader Pro jobs was not working as expected (#43966).
Fixed an issue where the users while performing org to org migration of nCino record based configurations, all the related items are getting carried over except the notes and attachment of the Credit Memo from source to the destination environment (#40990)
Fixed an issue where the Jenkins builds were failing during the CI/CD process (internal ticket).

05 June 2022

(ARM v22.1.10) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the picklist values failed to retrieve while preparing the CI job build (#44117, #44029).
Fixed the issue for the SFDX jobs where the user permissions were picked up for the deployment even if the user opts for "Remove User Permissions" (#44027).
Fixed an issue where new tags gets automatically added for the sharing rules after the ARM 22.1 upgrade (#44032)
Fixed an issue where the SFDX CI job picked up extra content for workflow and custom labels (#44028).
Fixed an issue with EZ-commit features where the metadata file was causing the JAXM marshall exception (invalid XML format) error (#43864, #43513).
Fixed an issue where the quick deployment functionality was not working as expected (#42521).
Fixed an issue where the users could not view the commits list to merge them into a release label (#43718).
Fixed an issue where the code coverage reports fail to include all the classes in the CSV file (#42848, #39582).

29 May 2022

(ARM v22.1.9) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the branching baseline feature for profile was not working as expected (#44615, #40836).
Fixed an issue where the Dataloader Pro jobs were failing with no error message (#44620, #44264).
Fixed the issue where the Dataloader Pro jobs was not working as expected (#43966).
Fixed an issue where the users while performing org to org migration of nCino record based configurations, all the related items are getting carried over except the notes and attachment of the Credit Memo from source to the destination environment (#40990)
Fixed an issue where the Jenkins builds were failing during the CI/CD process (internal ticket).

22 May 2022

(ARM v22.1.8) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where performing a validation merge on the Azure repository branch creates the merge label and an external commit label with the same name and the same revision number (#39287).
Fixed an issue where the package deployment job was not triggered automatically once the validation was successful (#43779, #43789).
Fixed the issue where the DiscoveryAIModel metadata type was unsupported, which caused the CI jobs to fail (#42981).
Fixed an issue where the users were unable to fetch the standard fields from the custom objects (#43378)
Fixed an issue where the ARM user interface gets distorted when the zoom is 100% (#43735).
Fixed an issue where the ALM workflow was mismatched (#43775).
Fixed Spring4Shell vulnerability by upgrading the Spring Boot version to 2.6.6 for the AR Agent (#43584).
Fixed an issue where the "invalid session" error occurs when the user tries to delete and resave the cloned CI job.
Fixed an issue where the Conflict Resolution screen was not showing all the merge conflicts (#43663).
Fixed an issue where the CI job build status fails with "java.util.ConcurrentModificationException" error when running the nCino feature migration templates (#40752).
Fixed an issue with the Dataloader Pro job where the users, when trying to migrate the case object along with feed item & feed comment, the ARM application throws the "invalid cross reference id" error (#43703).
Fixed an issue where the merge process, after being sucessful, did not display the code coverage report (#42079).

15 May 2022

(ARM v22.1.7) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where performing a validation merge on the Azure repository branch creates the merge label and an external commit label with the same name and the same revision number (#39287).
Fixed an issue where the package deployment job was not triggered automatically once the validation was successful (#43779, #43789).
Fixed the issue where the DiscoveryAIModel metadata type was unsupported, which caused the CI jobs to fail (#42981).
Fixed an issue where the users were unable to fetch the standard fields from the custom objects (#43378)
Fixed an issue where the ARM user interface gets distorted when the zoom is 100% (#43735).
Fixed an issue where the ALM workflow was mismatched (#43775).

08 May 2022

(ARM v22.1.6) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where performing a validation merge on the Azure repository branch creates the merge label and an external commit label with the same name and the same revision number (#39287).
Fixed an issue where the package deployment job was not triggered automatically once the validation was successful (#43779, #43789).
Fixed the issue where the DiscoveryAIModel metadata type was unsupported, which caused the CI jobs to fail (#42981).
Fixed an issue where the users were unable to fetch the standard fields from the custom objects (#43378)
Fixed an issue where the ARM user interface gets distorted when the zoom is 100% (#43735).
Fixed an issue where the ALM workflow was mismatched (#43775).
Fixed Spring4Shell vulnerability by upgrading the Spring Boot version to 2.6.6 for the AR Agent (#43584).
Fixed an issue where the "invalid session" error occurs when the user tries to delete and resave the cloned CI job.
Fixed an issue where the Conflict Resolution screen was not showing all the merge conflicts (#43663).
Fixed an issue where the CI job build status fails with "java.util.ConcurrentModificationException" error when running the nCino feature migration templates (#40752).
Fixed an issue with the Dataloader Pro job where the users, when trying to migrate the case object along with feed item & feed comment, the ARM application throws the "invalid cross reference id" error (#43703).
Fixed an issue where the merge process, after being sucessful, did not display the code coverage report (#42079).

01 May 2022

(ARM v22.1.5) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the picklist values failed to retrieve while preparing the CI job build (#44117, #44029).
Fixed the issue for the SFDX jobs where the user permissions were picked up for the deployment even if the user opts for "Remove User Permissions" (#44027).
Fixed an issue where new tags gets automatically added for the sharing rules after the ARM 22.1 upgrade (#44032)
Fixed an issue where the SFDX CI job picked up extra content for workflow and custom labels (#44028).
Fixed an issue with EZ-commit features where the metadata file was causing the JAXM marshall exception (invalid XML format) error (#43864, #43513).
Fixed an issue where the quick deployment functionality was not working as expected (#42521).
Fixed an issue where the users could not view the commits list to merge them into a release label (#43718).
Fixed an issue where the code coverage reports fail to include all the classes in the CSV file (#42848, #39582).
Fixed an issue where the commits triggered in ARM shows a different author in Azure DevOps (#44225, #43503).
Fixed a bug where selecting the "Deployment" icon after signing in to the ARM application caused the user to log off and on and return to the home page (#44040).
Fixed a bug where the check-ins display the wrong number of files changed during commit (#40119).
Fixed an issue in the TAF module where nothing pops up when you click on the "View Log" button (#42020, #40284).
Fixed an issue where the users while accessing the help center from ARM application, receiving the ({"result":"failure","cause":"E105 - Request Delayed"}) error (#43579).
Fixed a bug where the commits was getting failed due to SCM (Software Configuration Management) authentication failure (#42276).
Fixed a bug where the merge operations ran for more than 12 hours and later failed (#38755, #42874, #38913).
Fixed an issue where extra metadata members are picked up for the profile component during the EZ-Commit process (#41361).
Fixed an issue where the users could not use commit template for the deployment (#43995, #43586, #43905, #43407).

24 April 2022

(ARM v22.1.4) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where performing a validation merge on the Azure repository branch creates the merge label and an external commit label with the same name and the same revision number (#39287).
Fixed an issue where the package deployment job was not triggered automatically once the validation was successful (#43779, #43789).
Fixed the issue where the DiscoveryAIModel metadata type was unsupported, which caused the CI jobs to fail (#42981).
Fixed an issue where the users were unable to fetch the standard fields from the custom objects (#43378)
Fixed an issue where the ARM user interface gets distorted when the zoom is 100% (#43735).
Fixed an issue where the ALM workflow was mismatched (#43775).
Fixed Spring4Shell vulnerability by upgrading the Spring Boot version to 2.6.6 for the AR Agent (#43584).
Fixed an issue where the "invalid session" error occurs when the user tries to delete and resave the cloned CI job.
Fixed an issue where the Conflict Resolution screen was not showing all the merge conflicts (#43663).
Fixed an issue where the CI job build status fails with "java.util.ConcurrentModificationException" error when running the nCino feature migration templates (#40752).
Fixed an issue with the Dataloader Pro job where the users, when trying to migrate the case object along with feed item & feed comment, the ARM application throws the "invalid cross reference id" error (#43703).
Fixed an issue where the merge process, after being sucessful, did not display the code coverage report (#42079).

17 April 2022

(ARM v22.1.3) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue for the Chrome browser where the ApexPMD ruleset was not uploading incorrectly (under the Plugins section). For other browsers, it was working as expected (#42954).
Fixed the issue with the merge where the changes present in the source branches were not picked up, and therefore latest changes did not reflect on the destination branch (#43553, #43598, #43595, #43593, #43591, #43580, #43574).
Fixed an issue where the Salesforce-DX deployment and rollback mismatches (#35947)
Added the criteria to trigger the callout URL post-deployment. If you set it to success, the callout URL is activated if the salesforce deployment is successful (#38990).
Enabled feature flag settings to select between classic ARM and Salesforce CLI process to generate package manifest.
Fixed an issue where the commit validation is successful for an empty field, whereas the CI job fails (#43324).
Fixed an issue where the deleted metadata components were showing under the "File Changes" tab but did not appear under the "Destructive Changes" column while carrying out a manual deployment (#41670).
Fixed Dataloader Pro job issue where the job is completed successfully without loading all ancestors/master objects data to the destination environment (#43276).
Fixed branching baseline issue where all metadata from the production org were not copied to the version control repo/branch (#42938, #42685, #42955, #42445, #43038, #42753, #42242, #42766, #40836).
Fixed the below nCino issues:
- Unable to proceed with feature deployment using an existing community feature migration template due to the following error: "No External Id field exist in source org." This is now fixed and working as expected (#43263).
- Non-template records were being picked up during nCino deployment.
- Non-template records are fetched in the dataset.
- Spread Statement Record failing with the error “Missing Statement Types.” This is now fixed.

10 April 2022

(ARM v22.1.2) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the Abort option was showing for completed CI jobs (#38177, #39052, #38992, #39682).
Fixed the issue where the SFDX deployment is getting failed even though the user uploaded the correct file.
Fixed a bug where the static code analysis (SCA) status shows as in progress for a failed execution.
Fixed an issue where deleting a custom field was affecting other custom objects where the globalpicklistvalue is shared by multiple objects (#42782).
Fixed a bug where the users were not able to view specific values under the standard value sets in the New EZ-Commit screen (#41773).
Fixed a bug where the New EZ-Commit > Deleted Component tab throws a null error on expanding the metadata types.
Fixed a bug where the deploying records via record based configurations (RBC) was throwing error: "No external Id field exists in the source org" (#43263).
Fixed an issue where creating a new nCino feature migration template takes longer than expected (#41855).
Addressed out of memory (OOM) and other performance issues in this weekly release.

03 April 2022

(ARM v22.1.1) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the skip members feature was not working for the Version Control, Deployments, and CI Job module (#41531).
Fixed an issue where the users were receiving layout permissions errors when using Prevalidation Commit.
The SCA option where not working when users use the EZ commit/ Merge operation. The issue has now been fixed (#39288).
Fixed an issue where the users were unable to generate the deployment report and received validations errors for EZ-Merge operation (#41639).
Fixed an issue where the users were unable to update any changes in the permission section.
Fixed an issue where the non-licensed users were receiving the deployment email failure notification for the unsuccessful deployment (#41705).
Fixed an issue where the users were unable to use the nCino feature after the ARM was upgraded to v21.6 (#41108).

27 March 2022

(ARM v22.1.0) This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to switch the tab from the Test Coverage to the Class Coverage in the Apex test results page (#41455).
Fixed an issue where the users were unable to save Salesforce settings in the My Account screen (#41329).
Fixed an issue where the users were not able to save the exclude metadata types in the My Account page (#41529).
Fixed an issue where the users were not able to create a new ALM project for Azure repository (#41554, #41630).
Fixed an issue where the users having difficulty with the datamigration.properties file while creating a new instance (#41510).

ARM Release Notes 21.6

Date of Release: 21 November 2021

On this page:

New Features
Enhancements
Improvements
Changelogs

New Features

Pull Request Support for Azure DevOps

Pull request is a feature that allows you to review code and provide feedback before merging it into the master branch. Previously, we had GitHub and Bitbucket support. We've included support for Azure DevOps in this release. (Learn More)

During Ez-Commit and new Pull Requests, you can now create a Pull Request in Azure with the assignee.
You should be able to choose the repository, the base branch, and another branch to compare during the creation of a pull request.
A link to the Azure DevOps application will be included in each pull request created in AutoRABIT. The pull request can also be approved directly from the AutoRABIT application.

Enhancements

Audit Log Report

AutoRABIT had an audit report feature that gave you a comprehensive view of your business operations by fostering a collaborative operational audit environment. In this release, we've made some enhancements and added a button called "Audit Log Report" on the CI job page, which allows you to generate a report in PDF format for a specific period.

We've improved the CI Job Result screen by giving users the option to generate an Audit log report for internal auditing purposes. This is a report of CI jobs deployments and the commits associated with each deployment, including commit details such as Author, Commit Time Stamp, and so on.
We changed the timestamp in the Audit log report from 12-Hour format to 24-hour UTC format by default to comply with ISO 8601 notation, which is a commonly recommended format for representing date and time.
Added support for custom “keynames”, “Salesforce Org type“ and “AR SF Org type” in the Audit trail report wherever Salesforce org name details are applicable.

Salesforce CLI Upgrade

Salesforce CLI is a command-line interface for working with your Salesforce org that makes development and build automation easier. It can be used to create and manage organizations, synchronize sources to and from organizations, create and install packages, and more. In this version of ARM, Salesforce-DX CLI is upgraded to the latest 7.129 version.

Salesforce Winter (API 53) Support

In order to keep our product up to date with the most recent Salesforce updates. AutoRABIT now supports the most recent API version 53 in this release. Now our Salesforce developers will begin using API 53 on their Sandboxes for development. The most recent API version is intended for customizing the metadata model and developing tools to manage it.

Improvements

Platform Improvements

We've been working hard over the last few weeks to improve our platform's stability, performance, query optimizations, code smells, security vulnerabilities, and reliability. With this release, you will notice significant improvements in our application, such as faster page load times, improved performance, and faster search functionality, among other things.
JQuery Upgrade: JQuery was updated from version 1.8.3 to version 3.6. Upgrading to the most recent version of jQuery makes our application more secure, as well as potentially faster in terms of script execution and loading.

UI Improvement

Across the CI Job module, "Load More" buttons have been replaced with "Previous" and "Next" buttons. This new feature will allow our users to display 25, 50, 75, or 100 records on a single page and navigate between pages using the Previous and Next buttons. This feature was previously limited to the Version Control module, but it has recently been expanded to include the CI Job module as well.

Changelogs

11 Mar 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to deploy release labels (#40600).
Fixed the following SSO errors:
- Unable to use SSO for AutoRABIT authentication (#37767).
- Unable to log in via SSO in the chrome and the firefox browser.
- Fixed "domain name does not exist" error (#41853).
Fixed a bug where users were getting an undefined error for the standard templates while editing the CI job.
Fixed an issue where the status of the AutoRABIT ExternalId field was showing as processing, but it was marked as completed in the log report (#40669).
Fixed a bug that restricted users from using Dataloader Pro's Auditable Standard field feature (#40794).
Fixed an issue where the users were unable to replace attachment records in the destination org.
Fixed an issue where the attachments were not completely deployed in the target environment (#41208).
Fixed an issue where users were unable to deploy the nCino feature from org to org using the nCino-Forms standard template (#38764).
Fixed an issue where the users were unable to stop/delete the data loader running jobs (#39556).
Fixed an issue where the users when attempting to initiate the deployment, were failing with the "Failed to initiate deployment request" error (#40620).
Fixed an issue where the users were unable to perform the branching baseline operation (#41622).
Fixed an issue where the users were not able to configure the approver's lists on the New Merge Request screen (#41844).
Fixed an issue where the users trying to revert a commit for a commit label was getting failed (#39613).

06 Mar 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the skip members feature was not working for the Version Control, Deployments, and CI Job module (#41531).
Fixed an issue where the users were receiving layout permissions errors when using Prevalidation Commit.
The SCA option was not working when users use the EZ-Commit/merge operation. The issue has now been fixed (#39288).
Fixed an issue where the users were unable to generate the deployment report and received validations errors for the EZ-Merge operation (#41639).
Fixed an issue where the users were unable to update any changes in the permission section.
Fixed an issue where the non-licensed users were receiving the deployment email failure notification for the unsuccessful deployment (#41705).
Fixed an issue where the users were unable to use the nCino feature after the ARM was upgraded to v21.6 (#41108).

27 Feb 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to switch the tab from the Test Coverage to the Class Coverage on the Apex test results page (#41455).
Fixed an issue where the users were unable to save Salesforce settings in the My Account screen (#41329).
Fixed an issue where the users were not able to save the excluded metadata types on the My Account page (#41529).
Fixed an issue where the users were not able to create a new ALM project for the Azure repository (#41554, #41630).
Fixed an issue where the users having difficulty with the datamigration.properties file while creating a new instance (#41510).
Fixed an issue where the users when trying to start a deployment, it was getting failed with the "Failed to start deployment request error" (#40620).
Fixed an issue where the users were unable to revert the commits using AutoRABIT (#39957).
Fixed an issue where the users were not able to use the "Files Changed" functionality on the Merge Request History page (#41456).
Fixed an issue where the users were unable to delete the changes made in the version control branch via AutoRABIT (#39130).
Fixed a bug that prevented users from performing commit and merge operations in AutoRABIT (#39129).
Fixed an issue where the external objects with lookup relationships were not getting displayed under the child objects in the Dataloader Pro (#41084).
Fixed an issue where the users were unable to update the "Validation checks" status from the in-progress state to the completed state.
Fixed an issue where changes from multiple package directories were not being retrieved without selecting a package directory.
Fixed an issue where the users were unable to attach the CSV file while carrying out the CI deployment.
Fixed an issue that caused users to receive an invalid session error when changing their password.

20 Feb 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to see the commits ID in the release label (#41284).
Fixed an issue where the users were unable to view their permission details in the Users and Roles tab (#41043).
Fixed an issue where users were not able to delete the changes made in the source branch using AutoRABIT (#39130).
Fixed an issue where the branching baseline for a profile and branch to branch merge was not working (#40836).
There was an AutoRABIT performance issue that caused searching for revisions, validations, and commits to taking a long time. It has now been fixed (#39129).
Fixed an issue where users were not able to commit their changes to the branch (#39269).
When users attempted to update changes in the target org using the profile manager, the deployment getting failed. It has now been fixed (#40599).
Fixed an issue where users were unable to switch from a credential-based login to an SSO-based login (#40871).
AutoRABIT instances were not supporting the Salesforce API 54 version. It has now been fixed. (#40921).
When a user performs a pre-validation commit on the Azure repository branches, it creates a duplicate external commit with the same revision ID. This issue has now been fixed (#39287).

13 Feb 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the "Group By" functionality was not fetching the correct CI job results (#38870).
Fixed an issue where the deployment status of CI Job has failed in logs but the process is still in-progress stage (#40805).
Fixed an issue where the users were unable to use the SCA for LWC components unlike apex class, triggers, and aura bundle (#39288).
When a pull request is in progress, the job is not triggered for additional changes committed before the work is completed. This is now fixed (#38877).
Fixed a bug where the users were facing challenges while merging the entire branch changes to the target environment (#39451).
Fixed an issue where the File Diff shows full component (especially Aura, LWC components) as a change instead of delta changes (#39351).
Fixed a bug where the sub-users without admin privileges were able to export and download the org users' data from Admin > Users section.
Fixed an issue where the data loader pro throws the error "Error creating output directory: configs" while uploading data from one environment to another (#40832).
Fixed an issue where the external object-related lookups were unable to verify the relationship associated with the external objects in the destination org (#41084).
Fixed a minor user-interface bug where the users were unable to find the Resolve Conflict button to resolve the merges conflict. This is now resolved.

Limitations identified in this release:RestrictionRule metadata type is not supported for the SFDX deployment.

06 Feb 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed the below UI issues:
- The "Commit" button was not available for the merge request label job. (#38876).
- For the entire deployment, the "To Revision" radio button was disabled, and users were unable to select revisions from the list provided.
- Although the field "Timezone" was mandatory upon signup, the users were able to proceed without picking a timezone.
Fixed an issue where the admin was unable to assign permissions to its sub-users. This is now working as expected (#40017).
Fixed an issue where the validation rule automation was not working for the Environment Provisioning module (#41035, (#40991).
Fixed an issue where the data loader pro job is not able to load data for objects with fields exceeding limits(#38790).
Fixed an issue where the users were unable to register the existing branches to AutoRABIT (#40894).
Fixed an issue where the EZ-Merge was showing status as failed in the AutoRABIT application however, in the Salesforce environment the status shows as success (#40673).
Fixed a bug where the users were unable to register a dev hub on the SDFX > Hub Management page.

30 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the commit approvers were not receiving email notifications due to the commit prevalidation being stuck in-progress. (#38908).
Fixed an issue where the users were not able to select the master branch as their parent branch while registering existing branches from the repository in AutoRABIT (#39082).
Fixed an issue where the users were receiving an error message saying "Please select the date" even though the date was selected when registering the SVN Branch.
Fixed an issue where the destructive commit components were still displayed for deployment (#38888).
Fixed a bug where the access token is being printed along with the URL in the Merge Log report (#39546).
Fixed an issue where when users expanded the metadata types on the Profile Manager screen, they were able to spot duplicate child components.
Fixed an issue where the lookup field values were not picked up while creating the nCino feature migrating template (#38868).
Fixed a bug that displays the nCino-related CI Jobs on the ARM CI Jobs Results page.

29 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to close the diff report file in the Org Synchronization History screen (#39149).
Fixed an issue for the SFDX CI Jobs where the metadata types were not excluded without the baseline revision.
Fixed an issue where the release label deployment is adding unselected components in the deployment package (#39239).
Fixed a bug where the users were unable to delete unwanted Dataloader Pro jobs from AutoRABIT (#38600).
Fixed a bug where the parallel CI jobs are not working as expected (#38803).
Fixed a bug where the users were unable to generate the code coverage log report from the Report module (#38673).
Fixed a bug where the search box doesn't work well with uppercase and lowercase in the commit label unlike the search in the dropdowns on the Commit History page (#39286).
Fixed an issue where the metadata types "NavigationMenu" and "IframeWhiteListUrlSettings" were included in the build view changes for both DX and non-DX CI Jobs, despite being excluded.

23 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to generate the code coverage log report from the Report Module (#38717).
Fixed an issue where the users were unable to upload the package.xml file to resolve the merge conflict (#39960).
Fixed an issue where the users were able to commit the changes although the validation got failed. (#38228).
Fixed an issue where the user was unable to perform the Enable/Disable validation rule on the Managed package object using the environment provisioning functionality (#40297).
Fixed a bug where the user was unable to deploy the Email Template on their target environment (#40241).
Fixed an issue where users were unable to upload/migrate the knowledge articles from one sandbox to another sandbox (#37922).
Fixed an issue where the users were facing the "Null Pointer Exception" error during the merge prevalidation process.
Fixed an issue where If the users picked all the conflicted files during a merge request, they would receive an error message saying "Please click on any conflicted file."
Fixed an issue where the users were unable to find the log report for the newly created branch in AutoRABIT.
Fixed an issue where the users were unable to find out the work item statuses during the deployment process for the unlocked packages.
ALM Enhancements:
- Added a new section called "ALM Management" to the Admin module for merge requests
- Detailed information on all of your ALM's active and inactive sprints.
- Smart commits to reading the comment in a revision associated with your ALM story.
- We have introduced the ALM Details section that lists the work items linked with the commits along with the existing and post-merge status.
- Ability to keep the work item status without a change or update it during EZ-Commit.
- You may now configure the job to pick up revisions based on your work item status while deploying from version control to a Salesforce org, allowing you to adjust the status even after a successful rollback.

16 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the users were unable to close the diff report file in the Org Synchronization History screen (#39149).
Fixed an issue for the SFDX CI Jobs where the metadata types were not excluded without the baseline revision.
Fixed an issue where the release label deployment is adding unselected components in the deployment package (#39239).
Fixed a bug where the users were unable to delete unwanted Dataloader Pro jobs from AutoRABIT (#38600).
Fixed a bug where the parallel CI jobs are not working as expected (#38803).
Fixed a bug where the users were unable to generate the code coverage log report from the Report module (#38673).
Fixed a bug where the search box doesn't work well with uppercase and lowercase in the commit label unlike the search in the dropdowns on the Commit History page (#39286).
Fixed an issue where the metadata types "NavigationMenu" and "IframeWhiteListUrlSettings" were included in the build view changes for both DX and non-DX CI Jobs, despite being excluded.

09 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the commit approvers were not receiving email notifications due to the commit prevalidation being stuck in-progress. (#38908).
Fixed an issue where the users were not able to select the master branch as their parent branch while registering existing branches from the repository in AutoRABIT (#39082).
Fixed an issue where the users were receiving an error message saying "Please select the date" even though the date was selected when registering the SVN Branch.
Fixed an issue where the destructive commit components were still displayed for deployment (#38888).
Fixed a bug where the access token is being printed along with the URL in the Merge Log report (#39546).
Fixed an issue where when users expanded the metadata types on the Profile Manager screen, they were able to spot duplicate child components.
Fixed an issue where the lookup field values were not picked up while creating the nCino feature migrating template (#38868).
Fixed a bug that displays the nCino-related CI Jobs on the ARM CI Jobs Results page.

02 Jan 2022

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the CI Job builds are getting stuck and no log information was displayed (#39052, #38992, #39682).
Fixed an issue where the conflicted files downloaded were incorrect during the merge process (#39364).
Fixed an issue where the aura components were not getting retrieved while carrying out the branching baseline operation (#38610).
Fixed a bug that restricted users from entering the credential name on the "Create Credential" screen because the field was disabled.
Fixed a bug where the super administrator was getting an empty popup screen when navigating to the Process Summary page.
Fixed an issue where the users were able to find the Abort option even when the CI Job had been completed successfully (#38177).

26 Dec 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the commit approvers were not receiving email notifications due to the commit prevalidation being stuck in-progress. (#38908).
Fixed an issue where the users were not able to select the master branch as the parent branch while registering existing branches from the repository in AutoRABIT (#39082).
Fixed an issue where the users were receiving an error message saying "Please select the date" even though the date was selected when registering the SVN Branch.
Fixed an issue where the destructive commit components were still displayed for deployment (#38888).
Fixed a bug where the access token is being printed along with the URL in the Merge Log report (#39546).
Fixed an issue where when users expanded the metadata types on the Profile Manager screen, they were able to spot duplicate child components.
Fixed an issue where the lookup field values were not picked up while creating the nCino feature migrating template (#38868).
Fixed a bug that displays the nCino-related CI Jobs on the ARM CI Jobs Results page.

19 Dec 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the user was unable to close the diff report file in the Org Synchronization History screen (#39149).
Fixed an issue for the SFDX CI Jobs where the metadata types were not excluded without the baseline revision.
Fixed an issue where the release label deployment is adding unselected components in the deployment package (#39239).
Fixed a bug where the users were unable to delete unwanted Dataloader Pro jobs from AutoRABIT (#38600).
Fixed a bug where the parallel CI jobs are not working as expected (#38803).
Fixed a bug where the users were unable to generate the code coverage log report from the Report module (#38673).
Fixed a bug where the search box doesn't work well with uppercase and lowercase in the commit label unlike the search in the dropdowns on the Commit History page (#39286).
Fixed an issue where the metadata types "NavigationMenu" and "IframeWhiteListUrlSettings" were included in the build view changes for both DX and non-DX CI Jobs, despite being excluded.

12 Dec 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where when the user is trying to perform pre-validation commit for report metadata, it is getting added under emailservice functions in diff report (#37925, #38581, #38880, #38734).
Fixed an issue where the case entitlementProcess-meta.xml files were not picked up during deployment (#39069, #38361).
Fixed an issue where the deployment report is getting failed while doing prevalidation merge with the report folder.
Fixed an issue where users were unable to retrieve a package which has more than 1000 components (#38737).
Fixed a bug where a null pointer exception was thrown while loading in Dataloader Pro (#38286).
Fixed an issue where the entitlement process is getting removed from Package.xml (#39097).
Fixed an issue where the external commits did not show up on the release label (#38822).
Fixed a bug that displays the wrong statuses in the test reports (#39008, #38986).
Fixed an issue where the code coverage percent is not available in the case of SFDX merge operation.
Fixed an issue where the data loader pro jobs were not able to load data for objects with fields exceeding 800 (#38790).
Fixed an issue where the code coverage percentage shows as 0 in the UI logs even after deployment validation is passed.
Fixed a bug where the changes are being committed even after a failed validation.
Fixed an issue where the package directory filter in the release labels is not working as expected.

05 Dec 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where when pre- and post-destructive changes were added to the process, it caused the deployment to fail (#38330, #38721).
Fixed a bug where for fewer CI jobs, the Older button was disabled. This has now been enabled and is working as expected (#39050).
Fixed an issue in the SFDX module that prevented commits from being executed using scratch org (#38789).
Fixed an issue where the external commits were not displayed when creating release labels or merging single revisions. This is now working as it should (#38822).
Fixed an issue where users were unable to run SCA within the reports module due to an error stating "Invalid mapping credentials." In addition, the number of issues indicated in the Ez-commit process does not match the CodeScan analysis (#38917).
Fixed a bug where single data loader jobs couldn't be edited and there was a mapped field cache issue (#38753).
Fixed an issue where the alm mapping details for the scratch org with alm configuration could not be found.
While executing scratch org alm commit with skip mapping set to false, the current ALM work item status was reporting "empty" results. This is now fixed.
Fixed a bug that allowed users to save multiple criteria rows with the same priorities for ApexPMD.
Fixed an issue where the repository filter on the Commit History screen was reset to default after resolving a conflict.
Fixed a bug where the failed component count position is wrong when the window is scrolled.

28 Nov 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed nCino objects deployment issue during using nCino CI Jobs (#39375).
Fixed an issue where the custom object is being listed during CI Job operation but not during Ez-commit (#38361).
Fixed Ez-merge issue which shows different results in AutoRABIT when compared to the production environment (#38831).
Fixed an issue where the users were unable to extract deleted records and threw "Malformed Query Fault" error (#38448).
Fixed an issue where the pull request support with BitBucket was not working properly. This is now fixed (#38644).
Fixed a bug in the merge request and pull request validation builds which were unable to list the changed components whereas the CI Job build was able to pick them up (#37095, 38713).
Fixed an issue where the org administrator was unable to assign hub level permissions to its sub-users (#38898).
Fixed wrong metadata identification for deletion issue (#37703).
Fixed an issue where the user was unable to update "Configuration For recordTypes picklistValues" (#38901).
Fixed API version error in the CI Job screen (#36550).
Fixed CI build failing issue (#38630).
Fixed EZ-Commit issue where the file diff was throwing an error due to credential scope issue (#38950, 38795).
Fixed an issue where duplicate entries were seen while creating release labels (#37300).
Fixed a bug where the user was unable to click on the OK button on the Merge Request History screen (#38781).
Fixed an issue where the "include delete records" checkbox is de-selected automatically during editing the data loader extract job.
Fixed an issue where the scratch org permissions are not visible on "hub level permissions" and "scratch org permissions" screens.
Fixed Ez-commit issue where a sub user with only one repository registered with AutoRABIT, is not able to find/select his repository in the EZ-Commit screen.
Fixed an issue where the repository filter is reset to default during the conflict resolve flow.
Fixed registering the branch issue when the branch registration crossed 100 limits in AutoRABIT.
Fixed a bug where the parent checkbox in the download zip for CI Job is not working as expected.
Fixed wave-dependent missing files from the package during the prevalidation merge operation.
Fixed an issue where the non-SFDX CI job for WaveTemplates is showing no modifications when triggered.
Fixed single data loader and data loader pro filter issues while carrying out the edit functionality.

21 Nov 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the quick deployment feature was not working as expected and was throwing "Invalid Login" error (#37802).
Fixed a bug where the merge request validation was getting failed (#37095).
Fixed an issue where the commit search was not working as expected in the Version Control module (#36548).
Fixed an issue where the users were facing invalid credentials issue while updating the src as metadata folder path in-branch settings (Admin > VC' Repos) (#38727).
Fixed an issue where the pull request support for BitBucket was not working properly as expected (#38644).
Fixed an issue where the deployment shows failed status although there are no failures and the items did get moved to the destination org. This is now working as expected (#37774, #38363).
Fixed an issue where the user was not able to retrieve the metadata to deploy the changes using AutoRABIT's deployment feature.
Fixed data loader pro issue which was throwing unknown error while migrating the data objects (#38566).

ARM Release Notes 21.5

Date of Release: 29 August 2021

On this page:

In keeping with our dedication to continual improvement, the August-21 (AR 21.5) release delivers a plethora of exciting upgrades and improvements to our AutoRABIT application.

Enhancements

UI/UX Improvements: Focused on application performance and user experience. Try it out for yourself and let us know how to feel:
- Page Navigation: When working with several records, breaking data into multiple pages is always a good idea. You can now view 25, 50, 75, or 100 records on a single page, and use the Previous and Next buttons to switch to the previous or next page. This feature is now only available in the Version Control module, but it will be expanded to other modules in future releases.
- Never miss a required field: You will be prompted to fill in all the required fields before you proceed. Follow the UI highlights to minimize rework.
Customize CI jobs for desired Salesforce API versions: To support different Salesforce API versions for distinct Salesforce orgs instead of a global setup, we've added a new checkbox named Salesforce API version across the CI Job module. This will offer a granular facility in a CI job to select the required Salesforce API version.
Improved Audit Trail Report: Additional data was added to the reports to support improved report analysis.
Performance Improvement: Waiting is always boring- we have reduced that wait for you.
Salesforce CLI Upgrade- Salesforce CLI upgraded to the latest stable 7.112 version.

Changelogs

14 November 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed deployment issues
- Fixed an issue where no metadata was found while validating the components from the master branch to the production environment (#38612, #38587, #38571, #38537, #38552, #38549)
- Fixed revision based deployment issue (#38386)
- Fixed an issue where the commit labels changes are not reflected in the release label (#38569)
- Fixed an issue where the salesforce deployment from GIT to SFDC was not working (#38558)
- Fixed deployment issue where no components were being retrieved via Single Revision or Revision Range (#38550, #38546)
Fixed a bug where the deployment CI Job occurs multiple times (#37454).
Fixed the search and substitute deletion rule issue (#38410).
Fixed SFDX parent and child job triggered the issue.
Fixed an issue where the review artifact with AutoDraft functionality was not working properly in the EZ-commit screen.

07 November 2021

This is a maintenance release. The following items were fixed and/or added:

Fixed an issue where the user couldn't delete a job with special characters in its name (#38332)
Fixed SFDX deployment and rollback mismatches issue (#35947).
Fixed a bug where when attempting to commit the deletion of 19 profiles, a Diff Report listing of 20 profiles was generated. (#38303).
Fixed code coverage report discrepancy issue (#36282).
Fixed an issue where the wave template related dependent files were missing from the package [CI, Deployment, VC].
Fixed an issue where all existing credentials for version control mappings that were created using the Profile screen were reset.

31 October 2021

This is a maintenance release. The following items were fixed and/or added:

The deleted sharing rules were not showing up in the EZ-Commit Deleted tab, which was fixed (#37747)
Fixed a bug where the older commits were not accessible for merge (#38242).
Fixed an issue where when deploying a new custom object, an error "Profile Search Layout: - System Administrator - not appropriate for object XXXXXX" was thrown (#37897).
Fixed a merge conflict issue(#37950).
Fixed a commit label issue (#38275).
Fixed an issue with SSO where users had to log in twice before being able to use the AutoRABIT application (#36634).
The issue with the SSO domain has been fixed (#37232).
Fixed data loader audit logs issue (#37688).
Fixed an issue where the users were unable to exclude EmbeddedServiceLiveAgent from CI Job (#38261).
Fixed an issue where the user couldn't delete a job with special characters in its name (#38332).
Fixed an issue where users were unable to compare profiles using the Profile Manager feature in the Deployment module (#36978).
In CI Jobs, a bug with the "Group By" filter was fixed (#38132).
Fixed an issue where the community site was not getting deployed (#38226).
Fixed a bug that caused metadata retrieval to fail with a Null error during revision range deployment.
[Profile Manager] Fixed an issue where the org compare feature would not work when three orgs were configured, resulting in a "Empty screen" error.
[Profile manager] Fixed an issue where after comparison, duplicate metadata entries and empty popups were displayed.
[nCino CI Jobs] Fixed an issue where the unwanted objects are displayed on editing the cloned CI Job.

AutoRABIT Knowledge Base

Welcome to the Knowledge Base

What is AutoRABIT?

What You'll Find

Quick Links

Fundamentals

AutoRABIT Solutions

Who We Are

What We Offer

Why It Matters

FAQs

General User Definitions

ARM User Definitions

Standard User

Additional Notes:

Platform Integration User

Tracking Platform Integration Users in ARM:

Key Points:

Determining the Count of Platform Integration Users

Notes:

Connection & Authentication

How do I register GitHub repositories with two-factor authentication?

How do I rectify the GOLDENDOODLE vulnerability?

Why am I not able to authenticate JIRA with my account?

How do I generate a new API token for JIRA?

How can I add a repository to AutoRABIT if one already exists?

How does an SSH Key differ from an SSH Certificate?

Why am I unable to register a GitHub repository using SSH keys and getting an 'invalid private key' error?

How do I validate the 'src' folder under branch settings?

Data Loader

Encryption

Is there any encryption for Data Loader files? We don't want our data or upload files (e.g., CSV files) to be accessible by AutoRABIT or any other party.

Can a customer's own key be used to encrypt their data? Is this possible?

Data Storage

Where is the result data (including exported data) physically stored, and can it be moved to a specific location (e.g., another country)? Can we ensure this data is not stored in AutoRABIT?

Error Messages

Why does my Data Loader Pro job fail with an "Invalid ID" error message when the parent object is not selected?

Feature Overview

Why does the record fail when trying to update with "null" values?

Feature Considerations

Why does the current Data Loader setup require parent objects to be included without the Limit 0 option?

Is AutoRABIT compatible with the deployment of CPQ data?

CI Jobs

What are the benefits of using Quick Deploy?

When Is the Quick Deploy option available in a CI Job?

Why am I getting a popup saying, "Not Eligible for Quick Deploy," after selecting Quick Deploy in the CI Job?

Why am I not receiving email notifications for all CI jobs that AutoRABIT has initiated?

Why is it taking longer to build CI jobs triggered on PR submission as compared to CI jobs triggered on Commit?

Why is my CI job failing with the error ‘HTTP ERROR 405 Problem accessing /services/Soap/m/55.0. Reason: Only POST allowed’?

Why are the FLS changes in the CI job reflected in the diff file but not in the sandbox?

Why am I unable to push components from a branch to an org in a CI Job? What is the ‘Maximum size of request reached’ error?

How do User Credentials impact different types of CI Jobs?

Forced/Manually Triggered Build:

Build on Commit and Scheduled CI Job:

CI Job Build Initiated From API:

Why is CI Jobs deploying a metadata type I deselected in the "Exclude Metadata Types" section?

Why is a CI job for production deployment running random test classes, even though there are no Apex classes in the build, causing the deployments to fail?

Why am I getting an error while trying to access CI job builds more than 3 months old?

Why is a CI job failing with an error during validation?

How do I include destructive changes in a CI job?

The "File Changes" tab shows that the Quick Actions metadata type is deleted. Why isn’t this reflected in the Destructive Changes tab or the package xml?

Why am I getting the "License is not valid" error when trying to use CodeScan as the analysis tool while running a CI job in ARM?

Why am I not getting a package for the CI Job?

Why am I receiving the error message: Cannot invoke "String.startsWith(String)"?

Can I update or remove picklist values with my CI Job?

Retention Policy

What is a data retention policy?

How can I change the data retention policy?

Can the data retention policy be disabled?

How can I access the data that has been cleared?

Can the cleared data be restored to the application?

Data from which pages are affected by this policy?

I did not select the period for data retention. Will I lose everything?

What if I decrease the retention period from 12 months to 3 or 6 months?

What if I increase the retention period from 3 to 6 months or 6 to 12 months?

nCino

Record-Based Migration error use case

How to send custom label translations from one nCino environment to another

Conditional rendering references in the 'Screen' sections are not included when using the nCino standard UI template

CodeScan-FAQs