release-management
Use when planning, coordinating, or governing Salesforce releases: version numbering, rollback strategy, release notes, go/no-go criteria, release calendar, and sandbox preview alignment. NOT for deployment mechanics (use devops/post-deployment-validation or devops/change-set-deployment).
Best use case
release-management is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when planning, coordinating, or governing Salesforce releases: version numbering, rollback strategy, release notes, go/no-go criteria, release calendar, and sandbox preview alignment. NOT for deployment mechanics (use devops/post-deployment-validation or devops/change-set-deployment).
Teams using release-management should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/release-management/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How release-management Compares
| Feature / Agent | release-management | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when planning, coordinating, or governing Salesforce releases: version numbering, rollback strategy, release notes, go/no-go criteria, release calendar, and sandbox preview alignment. NOT for deployment mechanics (use devops/post-deployment-validation or devops/change-set-deployment).
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Release Management This skill activates when a practitioner needs to plan, coordinate, or govern a Salesforce release cycle — covering version numbering schemes, rollback strategy, release notes generation, go/no-go criteria, and release calendar alignment with Salesforce's three seasonal platform releases per year. --- ## Before Starting Gather this context before working on anything in this domain: - Determine whether the project is org-based (change sets, SFDX org-deploy) or artifact-based (unlocked packages, 2GP managed packages). Version numbering and rollback differ fundamentally between the two. - Confirm the Salesforce seasonal release schedule. Salesforce releases three times per year (Spring, Summer, Winter). Sandbox preview opens approximately 4–6 weeks before the production release weekend. Changes deployed just before preview may be disrupted by platform changes. - Identify which environments are in scope: production org, Full/Partial/Developer sandboxes, scratch orgs. Each has different data and metadata state implications for rollback. --- ## Core Concepts ### Seasonal Platform Releases and Sandbox Preview Salesforce delivers three named releases per year (e.g., Spring '25, Summer '25, Winter '26). Each release upgrades all production orgs on a staggered weekend schedule (NA pods first, then EMEA, then APAC). Before production upgrade, Salesforce opens a sandbox preview window — typically 4–6 weeks before the production weekend. Orgs opted into preview receive the new release early. Practical impact: any release you plan to deploy to production in the 2-week window immediately preceding the production upgrade weekend is high risk. Test in a preview sandbox if your deployment overlaps with a platform upgrade. ### Versioning Schemes by Deployment Model **Org-based projects** (change sets, `sf project deploy start`): The platform has no native version number for org metadata. Teams must define their own convention. Common approaches: - Git tag with `vYYYY.MM.DD-N` (date + sequence) - Jira/Linear release milestone label - Custom object to track deployed versions **Unlocked packages**: Version numbers are `Major.Minor.Patch.Build`. Only Major.Minor.Patch are user-controlled; Build auto-increments. The `sf package version create` command creates a new immutable version. The version ancestry is linear — you cannot branch and merge package versions. **2GP managed packages**: Same `Major.Minor.Patch.Build` scheme. Patch versions require a patch org created from the specific version being patched (`sf package version create --package-id 04t...`). ### Rollback Strategy Salesforce has no native undo button for metadata deployments. Rollback means: 1. Pre-deploy: retrieve and archive the current state of every component you are deploying. 2. Post-deploy failure: redeploy the archived version. 3. For org-based: run `sf project deploy start --manifest pre-release-backup.xml` pointing at your archived source. 4. For unlocked packages: install the prior qualified package version with `sf package install --package 04t<prior-version-id>`. Data changes made by the released code cannot be rolled back by redeploying metadata. Identify data mutations in your release notes and plan compensating data fixes if rollback is needed. ### Go/No-Go Criteria A go/no-go gate blocks deployment unless defined criteria pass. Typical criteria: - All Apex tests pass with ≥75% org-wide coverage (RunLocalTests) or ≥75% per-class/trigger coverage (RunSpecifiedTests). - Smoke test checklist passes in a Full sandbox that mirrors production. - Zero open Severity 1 defects from UAT. - Deployment validation (`sf project deploy validate`) completed successfully within the last 10 days (enables Quick Deploy). - Release notes reviewed and signed off by product owner. --- ## Common Patterns ### Validation Deploy + Quick Deploy **When to use:** Large orgs where running full Apex test suite takes 30–90 minutes. You want deployment weekend to be fast. **How it works:** 1. Run `sf project deploy validate --source-dir force-app --test-level RunLocalTests --async` against production before the go-live window (within 10 days). 2. Save the returned deploy ID. 3. On deployment night, run `sf project deploy quick --job-id <validatedDeployID>` — this skips the full test run and completes in minutes. **Why not just deploy directly:** Validation gives you a rehearsal. If it fails, you have days to fix. If you deploy directly and it fails at 2am, you are in a crisis. ### Freeze Window Coordination **When to use:** Shared production org with multiple teams and competing deployment schedules. **How it works:** 1. Publish a release calendar with named code freeze dates. Code freeze = no new feature branch merges to main/release. 2. Only hotfixes (P1/P2) are allowed after code freeze. 3. Define the freeze period: typically 3–5 business days before deployment weekend. 4. Use a shared DevOps Center pipeline or a Jira board column to signal freeze status. **Rollback trigger:** Define trigger conditions in writing before deployment begins — for example: "If any Apex test fails in production post-deploy, or if >3 Sev-1 defects are raised within 2 hours, rollback is initiated." --- ## Decision Guidance | Situation | Recommended Approach | Reason | |---|---|---| | Org-based project, versioning needed | Git tag + internal version custom object | No native version support; git tag provides retrieval anchor for rollback | | Unlocked package, need to patch a GA version | Create patch org from prior version ID, increment Patch number | 2GP patch orgs are immutable snapshots; cannot merge changes into old version | | Release overlaps with Salesforce upgrade weekend | Test in preview sandbox first, consider delaying by 1 week | Platform changes may break your code or reveal regressions | | Need fast deployment night with large test suite | Validation deploy 3–7 days early, Quick Deploy on the night | Quick Deploy skips tests, uses 10-day validated ID | | Multiple teams sharing one production org | Coordinated release train with shared freeze calendar | Competing deploys cause cross-reference errors and test failures | --- ## Recommended Workflow 1. Confirm deployment model (org-based vs package-based) and define the versioning convention for this project before any release is cut. 2. Check the Salesforce release calendar at trust.salesforce.com and flag any overlap between your planned deployment date and the seasonal upgrade weekend. 3. Build the release notes from the component list: list each component changed, the reason for the change, and any data migration steps. 4. Run a validation deploy (`sf project deploy validate`) against production at least 3 days before go-live. Resolve all failures. 5. Conduct UAT sign-off in a Full sandbox with the exact build being deployed. Close Sev-1 and Sev-2 defects before proceeding. 6. Execute deployment using Quick Deploy if within 10-day window; otherwise re-run full deploy. 7. Execute the post-deploy smoke test checklist and confirm all go/no-go criteria pass. If a rollback trigger fires, redeploy the pre-release archived version immediately. --- ## Review Checklist - [ ] Version number is defined and recorded in git tag / release notes / version tracking object - [ ] Salesforce upgrade weekend checked against planned deployment date - [ ] Validation deploy passed against production within the last 10 days - [ ] UAT completed with full sign-off; zero open Sev-1 defects - [ ] Rollback archive retrieved and stored before deployment begins - [ ] Post-deploy smoke test checklist executed and all checks pass - [ ] Release notes distributed to stakeholders before go-live --- ## Salesforce-Specific Gotchas 1. **Quick Deploy uses a new deploy ID** — the `sf project deploy quick` command returns a NEW deploy request ID, not the validation ID. Monitor the new ID for status. Teams that poll the old validation ID will see it as Succeeded (it was) while the actual quick deploy is running. 2. **RunSpecifiedTests is stricter than RunLocalTests** — when you specify individual test classes, Salesforce requires 75% coverage per class AND per trigger in the deployed package, not just org-wide. This catches coverage gaps that RunLocalTests would miss. 3. **Sandbox preview opt-in is per-sandbox** — only sandboxes explicitly opted into the preview release receive it early. Your development sandbox may be on the new release while production is still on the prior one, causing metadata shape mismatches if you deploy preview-era metadata to a non-preview production. 4. **Rollback cannot undo data changes** — redeploying previous metadata does not reverse DML executed by the released code. Document every data mutation in release notes and prepare compensating scripts. --- ## Output Artifacts | Artifact | Description | |---|---| | Release plan document | Version number, scope, deployment date, rollback trigger definition, go/no-go criteria sign-off | | Release notes | Component change log, data migration steps, known issues, stakeholder communication | | Pre-release backup manifest | package.xml listing every component being changed; used as rollback input | | Post-deploy smoke test checklist | Ordered list of manual verifications to execute immediately after deployment | --- ## Related Skills - devops/post-deployment-validation — validation deploy mechanics and Quick Deploy commands - devops/change-set-deployment — org-based deployment when SFDX is not in use - devops/continuous-integration-testing — automated test execution in CI, coverage gates - devops/environment-strategy — sandbox strategy and environment topology decisions
Related Skills
session-management-and-timeout
Use this skill when configuring session timeout values, concurrent session limits, session IP locking, or logout behavior in Salesforce. Covers org-wide session settings, profile-level overrides, Connected App session policies, and Metadata API SecuritySettings deployment. NOT for OAuth token refresh flows, login IP ranges, or MFA/identity-provider configuration.
oauth-token-management
Use when work depends on how Salesforce OAuth access and refresh tokens are issued, refreshed, rotated, revoked, or introspected for a Connected App or API client—including unexpected logouts, invalid_grant after refresh, or designing token incident response. NOT for choosing which OAuth grant or Connected App flow to implement (use integration/oauth-flows-and-connected-apps), Named Credential packaging (use integration/named-credentials-setup), or broad Connected App IP and PKCE policy hardening without a token-lifecycle angle (use security/connected-app-security-policies).
certificate-and-key-management
Use this skill when creating, uploading, or rotating certificates in Salesforce, configuring mutual TLS (mTLS) client authentication, managing the Java KeyStore for CA-signed certificates, diagnosing certificate expiry in JWT OAuth flows, or understanding which certificate types Salesforce supports and how to migrate them between orgs. NOT for Named Credential configuration (use named-credentials-setup skill), NOT for Shield Platform Encryption key management. Trigger keywords: Certificate and Key Management, self-signed certificate, CA-signed certificate, mutual TLS, mTLS, keystore, JKS, PKCS12, certificate rotation, certificate expiry, JWT certificate.
flexcard-state-management
Use when designing FlexCard actions, conditional visibility, and state that must survive navigation, refresh, or parent/child card transitions. Triggers: 'flexcard state', 'flexcard conditional visibility', 'flexcard actions', 'flexcard refresh', 'child flexcard state'. NOT for raw LWC state or for OmniScript step state.
lwc-state-management
Share state across LWCs using pub/sub, Lightning Message Service, @wire, and reactive stores. NOT for in-component reactivity.
lwc-focus-management
Use when building LWCs that need to manage focus explicitly — modal dialogs, wizard flows, dynamic inserts, list updates, error summaries, and focus after async work. Covers focus restoration, focus traps, programmatic focus across shadow DOM, and patterns for announcing changes to assistive tech. Does NOT cover general LWC a11y audit (see lwc-accessibility).
revenue-lifecycle-management
Use this skill when implementing or troubleshooting Salesforce Revenue Lifecycle Management (RLM) — the native Revenue Cloud product covering order-to-cash lifecycle, Dynamic Revenue Orchestrator (DRO) fulfillment plan design, asset amendments, billing schedule creation via Connect API, and invoice management. Triggers on: Dynamic Revenue Orchestrator, RLM order decomposition, DRO fulfillment swimlanes, native Revenue Cloud billing schedule, asset lifecycle management Salesforce. NOT for CPQ quoting or pricing rules (use cpq-* skills), not for the legacy Salesforce Billing managed package with blng__* objects (different product entirely), not for standard Order objects without Revenue Cloud features.
loyalty-management-setup
Use this skill when setting up or extending Salesforce Loyalty Management — including program and currency creation, tier group design, qualifying vs. non-qualifying point currency separation, DPE batch job activation, partner loyalty configuration, and member portal setup on Experience Cloud. Triggers on: Loyalty Management setup, loyalty tier setup Salesforce, qualifying points vs redemption points, DPE batch job for loyalty, partner loyalty program Salesforce, loyalty member portal. NOT for Marketing Cloud engagement program design (separate product), not for B2B loyalty via Sales Cloud (standard opportunity, not loyalty program), not for general Experience Cloud site setup (use experience-cloud-setup skill).
scratch-org-management
Use this skill when designing, configuring, or troubleshooting scratch orgs: definition file structure, edition selection, allocation limits, Org Shape, CI automation via ScratchOrgInfo, and lifecycle management from the Dev Hub. NOT for SFDX CLI basics (use sf-cli-and-sfdx-essentials), sandbox management, or production org administration.
release-notes-automation
Use when generating customer- or stakeholder-facing release notes from git history, Jira/ADO ticket links, and Salesforce metadata diffs at deploy time. Triggers: 'auto-generate release notes', 'changelog from commits', 'release notes from PR titles', 'what changed in this deployment'. NOT for managed-package version creation, push upgrades, or org assessment.
pipeline-secrets-management
Store and inject Salesforce auth URLs, JWT keys, and API credentials into CI without leaking them. NOT for runtime secrets in Apex.
isv-license-management-and-trialforce
Use when an ISV partner is wiring license enforcement, trial provisioning, or feature-flag distribution into a managed package — covers License Management App (LMA) install and registration, Lead/License object lifecycle, Trialforce Management Org (TMO) and Trialforce Source Org (TSO) split, Trialforce templates, SignupRequest API, AppExchange Checkout integration, and Feature Parameters (LmoToSubscriber / SubscriberToLmo) as the cross-org configuration channel. Triggers: 'register package with LMA', 'set up Trialforce', 'add feature parameter to managed package', 'license expired in subscriber org', 'AppExchange Checkout licensing'. NOT for general managed-package version creation, ancestor pinning, or PostInstall handler design (use managed-package-development); NOT for second-generation packaging mechanics (use second-generation-managed-packages); NOT for non-ISV experience-cloud login licensing (use experience-cloud-licensing-model).