This release mainly focuses on technical progress, security improvements, and groundwork for upcoming features. While there are no major functional deliveries this time, several important areas have been strengthened to improve stability, security, and future scalability.

🚨 Global Information 🚨

Publishing : End of Support

SharePoint Online Content Security : Policy Update
 

⭐ Foundation Pack ⭐

• Discussion : Security Enhancements
   

📱 Mobile Application 📱

• Bug fixes & feedback
• Error tracking
   

🤖 Buddy 🤖

• [PREVIEW]  Chatbot webpart

Required Updates : 

• To get those evolutions, no global updates are required 
   

🚨 Global Information 🚨
 

Publishing : End of Support

Microsoft is retiring the classic Publishing model and the “Allow custom scripts” setting.
There’s no immediate impact for Powell customers — existing intranets will continue to run normally, as custom scripting is already managed on our side. If needed, scripting can still be temporarily re-enabled using Microsoft’s PowerShell script.

However, Microsoft will fully remove custom script support by March 2026, which means classic components (like Script Editor or custom layouts) will stop working.

To stay secure and supported, we recommend starting your migration to the modern SharePoint experience as soon as possible.

Reference: MC1117115 – Updates to custom scripting in sites and Classic Publishing site creation | Microsoft

SharePoint Online Content Security  : Policy Update

To ensure Powell Manager and your intranet function correctly with SharePoint Online's Content Security Policy (CSP), trusted script sources must be configured. 
This is critical to prevent issues with script execution and maintain compatibility with the latest security updates. Microsoft plans to enforce script blocking for non-compliant scripts on March 1st, 2026. 

Why This Matters ?

SharePoint Online's Content Security Policy enhances security by restricting script sources to trusted domains. Starting March 1st, 2026, scripts not listed in the trusted sources will be blocked, which could cause Powell Manager and your intranet to malfunction, significantly impacting user experience and productivity.
If these configurations are not completed before the enforcement date, scripts will no longer be accessible from your intranet, resulting in broken functionality.

Immediate action is recommended to avoid disruptions.

Key Actions :  

Powell Software has automated the deployment of trusted script sources to minimize manual actions. Two configuration methods are available depending on your environment:

• Option 1: Automated Configuration (Recommended)

  • Powell Manager can automatically configure the trusted script sources through a background job during deployment.

  • Prerequisites: SharePoint Administrator permissions are requiredAccess to Powell Manager administration console

  • Steps to Configure: Launch an SPFx Extension synchronization. The background job will automatically update the authorized scripts in your SharePoint tenant

• Option 2: Manual Configuration

  • If automated configuration is not possible (e.g., insufficient SharePoint Administrator permissions), trusted script sources must be configured manually through the SharePoint Admin Center.
     

  • Steps to Configure Manually:  

    • Navigate to SharePoint Admin CenterAccess the Content Security Policy settings at: https://<tenant>-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/contentSecurityPolicy

    • Add the following trusted script sources: 

    • Required URLs: 

      • https://*.powell-software.comhttps://cdnjs.cloudflare.com

      • https://static.addtoany.com

      • https://unpkg.com

      • https://cdn.jsdelivr.net

      • https://connect.facebook.net

      • https://maps.googleapis.com

      • https://amp.azure.net

      • https://apis.google.com

      • https://www.youtube.com

      • https://az416426.vo.msecnd.net

Testing and Validation 
After configuring the trusted script sources (either automatically or manually), verify that all Powell Manager features and intranet components function as expected

Recommended Validation Steps: 

• Test all custom web parts and dashboards

• Verify navigation and search functionality

• Check for script-related errors in the browser's developer console

• Monitor user feedback for any functionality issues

References: 
For more information on Content Security Policy in SharePoint Online, please refer to the official Microsoft documentation :

• Support for Content Security Policy (CSP) in SharePoint Online

• Viewing Content Security Policy Violations

⭐ Foundation Pack ⭐

Discussion : Security Enhancements

Security has been reinforced in the Discussion module to better control shared content. HTML inputs are now cleaned and validated using DOMPurify, ensuring that only supported tags and attributes are allowed. URLs are secured to prevent unsafe links, and file uploads are validated by blocking dangerous extensions based on predefined patterns. Additional checks have also been added to the “Add media” action to ensure only authorized content types can be shared.

📱 Mobile Application 📱

Bug fixes & feedback

As said, this release mainly focuses on strengthening the mobile application through stabilization, monitoring, and technical improvements.

Error tracking

Additional telemetry has been implemented using Application Insights, this provides a clearer bug reference and helps identify issues more quickly in production environments.
 

🤖 Buddy 🤖

Chatbot webpart [PREVIEW]

We are have introducing a new Chatbot webpart that centralizes AI service management. Administrators can now select and configure AI services directly within the settings. 



This update is a prerequisite for launching more specialized, thematic chatbot scenarios (such as HR or IT assistants) in the near future.