![Microsoft SharePoint: Update to custom scripting governance in App Catalog site [MC1186368]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-googledeepmind-25630342-1024x683.webp "Microsoft SharePoint: Update to custom scripting governance in App Catalog site [MC1186368] 1")
To strengthen security and reduce the risk of ungoverned scripting, Microsoft is expanding the custom scripting governance in the App Catalog site. This change helps ensure a more secure and manageable environment in SharePoint Online.
What will happen:
Custom scripting will be disabled (setting DenyAddAndCustomizePages to 1 or $true) for the tenant-wide App Catalog site using the APPCATALOG#0 template.
When this will happen: Default custom scripting governance on the App Catalog site will take effect starting in mid-January 2026.
Who is affected: Admins managing the SharePoint tenant-wide App Catalog site and content inside.
How this affects your organization:
- App operations remain unaffected: Uploading, updating, and deploying SharePoint and Office apps will continue to work.
- Custom script-based changes will be blocked: New changes related to custom scripting in the App Catalog Site will be disabled by default; existing custom scripting related customizations will remain unaffected.
What you can do to prepare:
- Inform App Catalog site owners and helpdesk staff in your organization of this upcoming change to reduce confusion and support calls.
- To temporarily opt out of custom scripting governance for a specific site (effective for 24 hours with tenant admin approval), use the following PowerShell command:
Set-SPOSite <SiteURL> -DenyAddAndCustomizePages $false
- To update the site property bag (by default disallowed when custom script governance is enabled), use the following PowerShell commands to enable it at tenant or site level:
Set-SPOTenant -AllowWebPropertyBagUpdateWhenDenyAddAndCustomizePagesIsEnabled $trueSet-SPOSite <SiteURL> -AllowWebPropertyBagUpdateWhenDenyAddAndCustomizePagesIsEnabled $true
Learn more:
- Security considerations of allowing custom script | SharePoint in Microsoft 365 | SharePoint | Microsoft Learn
- Allow or prevent custom script | SharePoint in Microsoft 365 | SharePoint | Microsoft Learn
- Overview of the SharePoint Framework | SharePoint | Microsoft Learn
Compliance considerations:
No compliance considerations identified, review as appropriate for your organization.
Source: Microsoft
Latest Posts
- Amazon Timestream for InfluxDB Now Supports Advanced Metrics
- Amazon CloudWatch Logs now supports data protection, OpenSearch PPL and OpenSearch SQL for the Infrequent Access ingestion class
- Amazon GameLift Servers expands instance support with next-generation EC2 instance families
- (Updated) Microsoft 365 Copilot: Customize how managers are identified in Workforce Insights agent and Copilot responses [MC1260710]
![Microsoft Purview: Data Security Investigations – Introduction of cost estimator and transparency report [MC1186360]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-padrinan-1111317-150x150.webp "Microsoft Purview: Data Security Investigations – Introduction of cost estimator and transparency report [MC1186360] 6")
