Release Updates (Beta)

Salesforce periodically releases updates that improve the performance, logic, security, and usability of Salesforce, but which can affect your existing customizations. Find the Summer ’20 updates in the Release Updates node in Setup.
The Release Updates page provides a list of updates that affect your org. Each update includes step-by-step actions for you to take. To ensure a smooth transition, many release updates have test runs available. Use the test run option to activate and deactivate an update as often as needed before the "Complete Steps By" date so that you can evaluate its impact on your org.
Important

Important

In beta, most updates still appear in the Critical Updates console and Security Alerts still appear in the Security Alerts node in Setup. You can activate or act on an update or alert in either location, but it's not necessary to do so in both.

New Release Updates

These release updates are new in Summer ’20. You can view these updates in the Release Updates node.

Require View Setup Permission to Enqueue Async Apex Jobs (Update)
Improve security for your Salesforce org with this update. Users must have the “View Setup and Configuration” permission to access the AsyncApexJob and FlexQueueItem objects in SOAP API when this update is enabled.
Require View Setup Permission to Access Apex Test Data (Update)
Improve security for your Salesforce org with this update. When this update is enabled, users must have the “View Setup and Configuration” permission to access these SObjects: ApexTestQueueItem, ApexTestResult, ApexTestResultLimits, ApexTestRunResult, ApexTestSuite, and TestSuiteMembership.
Enable Enhanced Folder Sharing (Update)
Enhanced folder sharing introduces new user permissions and changes each user’s access to existing reports and dashboards. In the Winter ’21 release (subject to change to a later release), legacy folder sharing is retiring and enhanced folder sharing replaces it.
Transition CPQ to Permission Set Licenses (Update)
Salesforce CPQ is replacing Managed Package Licenses with Permission Set Licenses. Customers must assign the new license to all users before installing or upgrading to the Winter ‘21 version.
Disable Rules for Enforcing Explicit Access to Apex Classes (New Update)
The "Require User Access to Apex Classes Invoked by Flow" has been retired. New in Summer '20, the "Disable Rules for Enforcing Explicit Access to Apex Classes" update returns orgs to their original state – where users only need access to the flow to be able to run a flow that includes Apex actions.

Previously Released Updates

These updates were announced in a previous release and are still available. You can view these updates in the Release Updates node.

Enable Improved Caching of Org Schema (Previously Released Update)
Improved caching of org schema resolves known issues with version-specific object and field handling. The auto-activation (enforcement) date is now advanced, by almost a year, to August 12, 2020 from August 9, 2021. Sandbox orgs that are upgraded to Summer ’20 have this update enabled by default. You can manually disable the update until it is auto-activated.
Block Certain Fields in the User Record for Orgs with Communities and Portals (Previously Released Security Alert and Update, Enforced)
Salesforce is giving customers the option to enable a user setting that allows the hiding of certain personal information fields on the user records in orgs with communities or portals. The fields are hidden from view when external users are accessing user records. External users can still see their own user records. This change doesn’t apply to queries running in System Mode.
Enable ICU Locale Formats (Previously Released Update)
To help you do business wherever you are, we’re adopting the International Components for Unicode (ICU) formats for dates and times. ICU sets the international standard for these formats for all locales. The new formats provide a consistent experience across the Salesforce platform and improve integration with ICU-compliant applications across the globe. The ICU formats replace Oracle’s Java 8 Development Kit (JDK8) formats. This update was first made available in Winter ’20.
Migrate Legacy Policies to the Enhanced Transaction Security Framework (Previously Released Update)
With the Enhanced Transaction Security Policy framework, you can create transaction security policies that execute actions on any standard or custom object. Now that the new framework is generally available, we no longer allow users to create or modify legacy transaction security policies. We’re retiring the legacy framework in the Winter ’21 release. To prepare for this retirement and take advantage of the new features, migrate your legacy transaction security policies to the new framework as soon as possible. This update was first made available in Winter ’20.
Keep Working with Tab-Focused Dialogs (Previously Released Update)
In Lightning console apps, dialogs no longer stop you from interacting with the rest of the UI. This release update limits the focus of dialogs triggered by a workspace tab or subtab to only the tab that triggered it. This release update was first made available in Winter ’20.

These updates were announced in a previous release and are still available. You can view these updates in the Critical Updates console.

Opt Out of Guest User Security Policies Before Summer ’20 (Previously Released Update)
By activating this update, you opt out of three policies aimed at increasing your data security for guest, or unauthenticated, users. Activating this update opts your org out of having the following settings automatically enabled with the Summer ’20 release: Secure guest user record access, Assign new records created by guest users to the default owner, and Assign new records created by Salesforce Sites guest users. If your org already has these settings enabled, activating this update doesn’t change your configuration.
Opt Out of Turning Off Community-Specific Setting for Guest Users to See Other Members (Previously Released Update)
By activating this update, you opt out of turning off the community-specific Let guest users see other members of this community setting in the Winter ’21 release.
Remove the Manage Encryption Keys Permission from the System Admin Profile (Previously Released Update)
Admins must actively assign the ability to perform key management roles. The Manage Encryption Keys permission is revoked for the standard admin profile when you apply this release update. Custom profiles that include the Manage Encryption Keys permission are not affected. Any user who has the permission through a custom profile or permission still has the permission. This release update was first made available in Spring ’16 and applies only to customers who enabled Shield Platform Encryption before the Spring ’16 release.

Enforced Updates

These updates were announced in a previous release and are now enforced. You can view these updates in the Release Updates node.

Route My Domains Through Salesforce Edge (Update, Enforced)
With this update, we accelerate domain requests for My Domains. You can keep the same My Domain address, but requests go through Salesforce Edge. Salesforce Edge uses machine-learning technology to improve connectivity and performance. This update was first available in Winter ’20 and is enforced in Summer ’20.

These updates were announced in a previous release and are now enforced. You can view these updates in the Critical Updates console.

Open Hyperlinks in Formula Fields Correctly (Update, Enforced)
If you have formula fields that contain a HYPERLINK function, Lightning Experience ignores the target value when attempting to open the link. This update ensures that the target value for hyperlinks is honored, whether it’s explicitly configured or set by default. This update was first made available in Winter ’19 and is enforced in Summer ’20.
Require Secure HTTPS Connections (Update, Enforced)
Require Secure HTTPS Connections was an update in Spring ’20 and was enforced in production orgs on May 1, 2020. As part of updates related to Google Chrome’s SameSite cookie changes, HTTPS connections are required to access Salesforce. HTTP connections are no longer permitted. This update enabled the Require secure connections (HTTPS) setting on the Session Settings Setup page and prevented it from being disabled. The Require secure connections (HTTPS) for all third-party domains setting isn’t affected by this update.
Stabilize the Hostname for My Domain URLs in Sandboxes (Update, Enforced)
We’re removing instance names from MyDomain URLs for sandboxes. The instance name identifies where your Salesforce sandbox org is hosted. Removing the instance name makes the URL cleaner and easier for users to remember. For example, MyDomain--SandboxName.my.salesforce.com replaces MyDomain--SandboxName.cs5.my.salesforce.com. This update was first made available in Summer ’18 and is enforced in Summer ’20.
Improve Email Security with Redesigned DKIM Keys (Update, Enforced)
To address potential security vulnerabilities with DomainKeys Identified Mail (DKIM) keys, we improved the way they’re created. You no longer have to work with public and private keys. And, because sharing keys can introduce security vulnerabilities, we removed the ability to import DKIM keys. Improve Email Security with Redesigned DKIM Keys was an update in Winter ’19 and is enforced in Summer ’20.

Postponed Updates

These updates are postponed. You can view these updates in the Release Updates node.

Stabilize URLs for Visualforce, Experience Builder, Site.com Studio, and Content Files (Update, Postponed)
We’re removing the instance names from Visualforce, Experience Builder, Site.com Studio, and content file URLs. An instance name identifies where your Salesforce org is hosted. Instanceless domains are cleaner and easier for users to remember. This update applies to orgs that have a deployed My Domain. After this update is activated, a URL that includes the instance name, such as a bookmark, automatically redirects to the new hostname. Released in Spring ’18, this update was scheduled for automatic activation on July 11, 2020 and has been postponed to Summer ’21.
Restrict Access to @AuraEnabled Apex Methods for Guest and Portal Users Based on User Profile (Update, Postponed)
This update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Spring ’20. This update gives you more control over which guest, portal, or community users can access Apex classes containing @AuraEnabled methods. Add guest user profile access to any @AuraEnabled Apex class used by a community or portal. When this update is activated, a guest, portal, or community user can access an @AuraEnabled Apex method only when the user’s profile or an assigned permission set allows access to the Apex class.
Restrict Access to @AuraEnabled Apex Methods for Authenticated Users Based on User Profile (Update, Postponed)
This update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. This update gives you more control over which authenticated users can access Apex classes containing @AuraEnabled methods. When this update is activated, an authenticated user can access an @AuraEnabled Apex method only when the user’s profile or an assigned permission set allows access to the Apex class.
Prevent Creation of Function Expressions in Dynamically Created Aura Components (Update, Postponed)
This update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. To improve security and stability, this update prevents attribute values passed to $A.createComponent() or $A.createComponents() from being interpreted as Aura function expressions.
Enable Dependency Access Checks In Lightning Components (Update, Postponed)
This update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. This update improves Lightning component access checks by checking the access level of all component dependencies. A dependency is any resource used within a top-level component. For example, a component can use or extend another component in its markup or implement an interface.
Use with sharing for @AuraEnabled Apex Controllers with Implicit Sharing (Update, Postponed)
This update is postponed to Spring ’21. It was scheduled for auto-activation (enforcement) in Spring ’20. This update changes the behavior of @AuraEnabled Apex controllers that don’t specify with sharing or without sharing to default to with sharing.
Disable Access to Non-global Controller Methods in Managed Packages (Update, Postponed)
This update is postponed to Summer ’21. It was scheduled for auto-activation (enforcement) in Winter ’20. This update corrects access controls on Apex controller methods in managed packages. When this update is enabled, only methods marked with the global access modifier are accessible by Aura components from outside the package namespace. These access controls prevent you from using unsupported API methods that the package author didn’t intend for global access.
Enforce Access Modifiers on Apex Properties in Lightning Component Markup (Update, Postponed)
This update is postponed to Summer ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. This update makes Lightning components consistent with the use of Apex properties in other contexts. For example, a markup expression can no longer access an Apex property with a private Apex getter.
Enable Partial Save for Invocable Actions (Update, Postponed)
This release update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Spring ’20. This release update improves the behaviors and effects of failed invocable actions. It only affects external REST API calls to invocable actions done in bulk. With this update, when invoking a set of actions in a single request, a single failed invocable action no longer causes the entire transaction to fail. Without this update, if a single invocable action fails, other invocable actions within the transaction are rolled back and the entire transaction fails.
Enforce Data Access in Flow Formulas (Update, Postponed)
This release update is postponed to Spring ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. This update enforces the running user’s data access when a flow uses a formula resource or a formula field on a record variable to access a field on a record.
Evaluate Criteria Based on Original Record Values in Process Builder (Update, Postponed)
This release update is postponed to Winter ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. This release update ensures that a process with multiple criteria and a record update evaluates the original value of the field that began the process with a value of null. This release update was first made available in Summer ‘19.
Make Flows Respect Access Modifiers for Legacy Apex Actions (Update, Postponed)
This release update is postponed to Spring ’21. It was scheduled for auto-activation (enforcement) in Summer ’20. With this release update enabled, developers can trust that their legacy Apex actions are properly protected and available only to other components in their managed packages. This update makes a flow fail if it contains a public legacy Apex action.
Require Permission to View Record Names in Lookup Fields (Update, Postponed)
To better protect your Salesforce org’s data, we restricted who can view record names in lookup fields. Users must have read access to these records or the View All Lookup Record Names permission to view this data. This update also applies to system fields, such as Created By and Last Modified By. This update, released in Spring ’20, was scheduled for auto-activation (enforcement) in Summer ’20, but was postponed in March 2020 to Winter ’21.

Retired Updates

These updates were announced in a previous release but are retired. They were removed from the Critical Update Console and the Release Updates node and won’t be activated.

Require User Access to Apex Classes Invoked by Flow (Update, Retired)
This update, released in Summer ’19 and postponed to Spring ’21, has been retired. The update was previously called “Improve Security by Requiring User Access to Apex Classes Invoked by Flow.”