Merge branch 'master' into aswamy93_updates

Author: niamccash

README.md

@@ -100,7 +100,7 @@ Variables should be used in  Catalog Item or a Variable Set. Variables not in us
 ### Delete Orphaned Catalog Client Scripts
 Catalog Client Script should be used in either a Catalog Item or a Variable Set. Catalog Client Scripts not in use should be deleted.
 
-### Update set description should not be empty
+### Delete Orphaned Catalog UI Policies
 Catalog UI policy should be used in either a Catalog Item or a Variable Set. Catalog UI Policies not in use should be deleted.
 
 ### Client Script Business rule or Script Include should not have an empty description or be without comments in the script section
@@ -146,6 +146,9 @@ During the time it can be a situation that person is no longer active in the sys
 ### Unsupported API GlideLDAP
 GlideLDAP API usage is unsupported by ServiceNow and hence should be avoided, rather use LDAP Server Data Sources to pull data from LDAP via MID Server or directly through an internet facing LDAP.
 
+### Check for Orphaned Tickets
+Tickets from tables such as Incident, Change Request, Problem, and other task-related tables should always have an Assignment Group specified. These tickets represent issues or requests that require attention and action. Leaving the Assignment Group field empty can result in unresolved issues or delays in implementing fixes, as no team will be accountable for the resolution. Since the Assignment Group is meant to designate the responsible team for managing these tickets, it should not be left blank.
+
 
 ## Category: Upgradability
 
@@ -306,6 +309,9 @@ In general, variables in JavaScript should be properly declared (e.g. using “v
 ### Don't show unpublished knowledge articles
 Unpublished knowledge articles may contain sensitive information that should not be visible to anyone with read access. By preventing access to unpublished articles, reviewers are given the opportunity to verify the content before it is made accessible. This ensures that only properly reviewed and approved information is available to users with read access.
 
+### Scripts in ACLs should be cleared when Advanced is not checked
+Scripts in ACLs ARE executed regardless of whether or not the Advanced checked box is checked off. As such, unnecessary scripts should be cleared from the field OR the Advanced checkbox should be checked in cases where scripts are required to provide better visibility to admins for troubleshooting purposes.
+
 ## Category: User Experience
 
 ### Added a Number Prefix which already exists
@@ -325,6 +331,9 @@ It is recommended to use an OOB library for modals in order to improve the user
 ### Use "last run datetime" for JDBC data loads
 In your JDBC data load configuration, ensure that the 'last run datetime' option is set to true and configure the target database field to serve as a timestamp, as this best practice enables incremental data loading and improves performance in data integration processes using JDBC.
 
+### Use of setWorkflow(false) in business rules will cause unexpected issues
+As setWorkflow(false) method will stop the execution of business rules on that particular GlideRecord object, this will result in unexpected behaviour where the execution of business rules skipped. Maintain caution while using this method and perform regression testing to avoid possible risk. It can have noticeable impact on Audit, Journal fields, notifications, SLA engine, workflow, flow engine etc.,
+
 # Additional resources
 
 Please check these additional links for more information and details:

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_6b1a4ee9c34d9210193f37cc0501312e.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>upgradability</category>
+        <conditions table="sys_dictionary">internal_type=reference^reference=sys_choice^EQ<item display_table="sys_glide_object" display_value="Reference" endquery="false" field="internal_type" goto="false" newquery="false" operator="=" or="false" value="reference"/>
+            <item endquery="false" field="reference" goto="false" newquery="false" operator="=" or="false" value="sys_choice"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>The Choice table should not be used as the reference table for a Reference type field. Reference fields store the sys_id of the corresponding record in the reference table and show the specified display value. For example: the caller_id field stores the sys_id of a record from the user table and displays the corresponding name value. This presents a problem when using the sys_choice table, because existing records are deleted and replaced when choices are modified. This causes a new sys_id to be generated for each record in the choice list. So the sys_id stored in the Reference field is no longer a valid value and the reference is broken.</description>
+        <documentation_url>https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB0813643</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Do not reference sys_choice table</name>
+        <priority>3</priority>
+        <resolution_details/>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Do not reference sys_choice table</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>ronald.karim</sys_created_by>
+        <sys_created_on>2024-10-04 19:35:57</sys_created_on>
+        <sys_id>6b1a4ee9c34d9210193f37cc0501312e</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Do not reference sys_choice table</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_6b1a4ee9c34d9210193f37cc0501312e</sys_update_name>
+        <sys_updated_by>ronald.karim</sys_updated_by>
+        <sys_updated_on>2024-10-04 19:35:57</sys_updated_on>
+        <table>sys_dictionary</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=6b1a4ee9c34d9210193f37cc0501312e"/>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_7334dda283455210ae0854b6feaad378.xml

@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>true</advanced>
+        <category>manageability</category>
+        <conditions table="incident">active=true^EQ<item endquery="false" field="active" goto="false" newquery="false" operator="=" or="false" value="true"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>Tickets from tables such as Incident, Change Request, Problem, and other task-related tables should always have an Assignment Group specified. These tickets represent issues or requests that require attention and action. Leaving the Assignment Group field empty can result in unresolved issues or delays in implementing fixes, as no team will be accountable for the resolution. Since the Assignment Group is meant to designate the responsible team for managing these tickets, it should never be left blank.</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Check for Orphaned tickets</name>
+        <priority>2</priority>
+        <resolution_details>Identify the records with emopty assignment group and assign them to respective assignment groups so that they can work on the tickets and to further prevent it try creating assignment lookup rules</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function(finding, current) {
+    var IncID = current.getValue('sys_id');
+    var inc = new GlideRecord('incident');
+    inc.addQuery('sys_id', IncID);
+    inc.addEncodedQuery("assignment_group!=null");
+    if (!inc.hasNext()) {
+        finding.increment();
+    }
+})(finding, current);]]></script>
+        <short_description>Tickets from Incident table should have assignment group specified.</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>admin</sys_created_by>
+        <sys_created_on>2024-10-07 18:22:05</sys_created_on>
+        <sys_id>7334dda283455210ae0854b6feaad378</sys_id>
+        <sys_mod_count>9</sys_mod_count>
+        <sys_name>Check for Orphaned tickets</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_7334dda283455210ae0854b6feaad378</sys_update_name>
+        <sys_updated_by>admin</sys_updated_by>
+        <sys_updated_on>2024-10-07 18:33:38</sys_updated_on>
+        <table>incident</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=7334dda283455210ae0854b6feaad378"/>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_9d4676f6c34d52d08dbc32f1b4013165.xml

@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>security</category>
+        <conditions table="sys_security_acl">advanced=false^scriptISNOTEMPTY^active=true^EQ<item endquery="false" field="advanced" goto="false" newquery="false" operator="=" or="false" value="false"/>
+            <item endquery="false" field="script" goto="false" newquery="false" operator="ISNOTEMPTY" or="false" value=""/>
+            <item endquery="false" field="active" goto="false" newquery="false" operator="=" or="false" value="true"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>Scripts in ACLs ARE executed regardless of whether or not the Advanced checked box is checked off. As such, unnecessary scripts should be cleared from the field OR the Advanced checkbox should be checked in cases where scripts are required to provide better visibility to admins for troubleshooting purposes.</description>
+        <documentation_url>https://docs.servicenow.com/csh?topicname=t_CreateAnACLRule.html&amp;version=latest</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Scripts in ACLs Should be Cleared when Advanced is not checked</name>
+        <priority>3</priority>
+        <resolution_details>Clear the Script box data if the script is unnecessary and Advanced is not checked off&#13;
+OR&#13;
+Check off the Advanced check box if there is a script in the Script box that is required for the ACL.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Scripts in ACLs Should be Cleared when Advanced is not checked</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>nia.mccash</sys_created_by>
+        <sys_created_on>2024-10-08 20:03:00</sys_created_on>
+        <sys_id>9d4676f6c34d52d08dbc32f1b4013165</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Scripts in ACLs Should be Cleared when Advanced is not checked</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_9d4676f6c34d52d08dbc32f1b4013165</sys_update_name>
+        <sys_updated_by>nia.mccash</sys_updated_by>
+        <sys_updated_on>2024-10-08 20:03:00</sys_updated_on>
+        <table>sys_security_acl</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=9d4676f6c34d52d08dbc32f1b4013165"/>
+</record_update>