Blog

The SPCAF Report: Q1 2018

5 min read
5 min read

This blog series aims to provide readers with a report on how users are currently using SPCAF. It compares data from previous months to help build a complete picture of how SPCAF is being used, and this data also helps us tailor future SPCAF updates to customer needs.

In which category do customers fail the most

The categories, in this case, are related to SPCAF’s analysis runs and the discovered issues. We can see that there has been a significant increase in issues and violations regarding security detected from December 2017 through to the end of February 2018. In contrast, many customers running an SPCAF analysis found that performance was an issue in their SharePoint customizations in December 2017. However, this number has decreased to become the category with the least issues detected in February. At this moment, we don’t have any additional details on why this is the case, but we will see if this trend keeps on the same trajectory in the coming months. Risk is ever present with customizing SharePoint so it’s important to put the correct Risk Prevention practices in place to secure your SharePoint environment. Using SPCAF reduces that risk by discovering and reporting violations.

Try SPCAF for free

Applications used to run an analysis

The percentage of customers using SPCAF via client applications has doubled in January compared to December. Although this number decreased slightly in February, we are seeing an overall significant increase. In comparison, Visual Studio has gradually decreased in usage for running SPCAF. Although we would like to see developers using SPCAF more, it does mean that a growing number of non-developers, for example, admins, architects and business decision makers, are using SPCAF for their requirements. Customization Governance is a topic that needs be on top of everybody’s mind – not just developers. And SPCAF usage shows that the importance and urgency of creating secure customizations is entering the consciousness of the business side of organizations as well.

Furthermore, most of our customers are running SPCAF through VSTS which means that they are using SPCAF automatically in the customization build instead of running it manually through Visual Studio. We consider this an extremely positive development because it means customization governance is playing a central role in the build process and SPCAF helps organizations enforce it.

What rulesets customers use for analysis

As we can see in the chart below, the majority of SPCAF users work with the default ruleset that is provided with SPCAF. Whilst this functions perfectly ok, customers should invest in building custom rulesets specifically for their organization’s needs. Adjusting the standard SPCAF ruleset to create a custom rule set means that irrelevant rules are disabled and if necessary, severities of specific rules are adjusted to better reflect organizational priorities. The custom ruleset can be used by everyone performing the analysis to ensure consistency and it allows the organization to accommodate differences between projects should there be any.

Versions of SPCAF customers use

The majority of our customers are currently using SPCAF v7.5 which was released last September. Version 7.6, which we released last month is steadily increasing in usage, and it will be interesting to see when it’s going to be the most used SPCAF version. There is still a fair share of customers using SPCAF v7.4 and lower which were released last June and before. This means that they are missing out on some of our latest features. These features include: support for Visual Studio 2017, support for analyzing SharePoint Framework extensions and many more. You can check our SPCAF v.7.6 release blog to view the full list of benefits. Have you updated your SPCAF license to SPCAF version 7.6? We recommend that you do so.

Over to you

Building SharePoint customizations is not trivial. There are many intricacies you must be aware of to avoid risks and maintain Governance. SPCAF helps you mitigate these risks by making sure only customizations that passed our comprehensive catalogue of best practices and rules get deployed to your SharePoint environment.

Click the button below to request a free trail.

Try for free

Subscribe to our newsletter