Someone Made Changes Directly in Production and Now Your Sandbox Deployment Is Failing
FAILED DEPLOYMENTS
This is one of the most common Salesforce DevOps problems, and one of the most preventable.
Your team prepares a deployment in sandbox. Everything looks ready. The package is built. Validation starts. Then the deploy fails, not because your sandbox work is wrong, but because production is no longer aligned with it.
Your team prepares a deployment in sandbox. Everything looks ready. The package is built. Validation starts. Then the deploy fails, not because your sandbox work is wrong, but because production is no longer aligned with it.
Someone made a “small” direct fix in production
Maybe it was urgent. Maybe it solved a real issue. But now your environments have drifted apart, and your next deployment is trying to push changes from an outdated version of reality.
Why direct production edits create deployment chaos
Salesforce teams usually do not edit production directly because they want chaos. They do it because something feels urgent.
A user needs a quick fix, a validation rule must be relaxed, a Flow needs one small tweak, a field is added to unblock a team. The change takes five minutes and creates a deployment problem that can take hours to untangle.
Why?
A user needs a quick fix, a validation rule must be relaxed, a Flow needs one small tweak, a field is added to unblock a team. The change takes five minutes and creates a deployment problem that can take hours to untangle.
Why?
Once production changes outside the normal delivery path, your sandbox is no longer the source of truth.
Now the team has two conflicting versions of the same org.
What configuration drift actually looks like
Configuration drift is not always dramatic. Often it starts with things like:
One change may not seem serious. Several over a few weeks can make the next deployment unpredictable.
- a Flow updated directly in production;
- a validation rule changed during a support incident;
- a permission adjustment made outside the release process;
- a field created or renamed manually;
- a hotfix applied but never synced back to version control or sandbox.
One change may not seem serious. Several over a few weeks can make the next deployment unpredictable.
Why deploying from an outdated sandbox is risky
The longer the sandbox has been out of sync, the more dangerous deployment becomes.
If production received hotfixes after the last refresh, your sandbox may be missing critical metadata. In that situation, deploying “your” package is not simply shipping new work. It may also overwrite legitimate production changes your team forgot existed.
That is how teams accidentally:
At that point, deployment failure is actually a warning sign. A silent successful overwrite would be worse.
When drift is discovered, the first step is not to force the deployment through. It is to reconcile reality.
A practical process looks like this:
If production received hotfixes after the last refresh, your sandbox may be missing critical metadata. In that situation, deploying “your” package is not simply shipping new work. It may also overwrite legitimate production changes your team forgot existed.
That is how teams accidentally:
- remove working logic;
- break automation that was patched live;
- overwrite newer production metadata;
- create new defects while trying to fix old ones.
At that point, deployment failure is actually a warning sign. A silent successful overwrite would be worse.
When drift is discovered, the first step is not to force the deployment through. It is to reconcile reality.
A practical process looks like this:
- Identify what changed. You need a clear view of the differences between production, sandbox, and the intended release.
- Decide which version is correct. Not every production edit is bad. Some should be preserved. Others should be formalized and moved back into the controlled workflow.
- Align before deploying. Until environments are reconciled, future deployments remain risky, even if you fix the current error.
Why manual comparison does not scale
Teams can try to identify differences manually, but this gets painful fast in orgs with many metadata types, frequent admin updates, and multiple release streams.
The harder question is usually not “did something change?” It is:
The harder question is usually not “did something change?” It is:
- what changed exactly;
- where the conflict is;
- whether production should keep it;
- whether the sandbox version is safe to deploy.
How mtdt helps when production drift is already happening
mtdt helps teams compare environments more clearly so drift does not remain hidden until release time.
Used well, it can help teams:
That turns a frustrating “why did this suddenly fail?” moment into a more controlled decision process.
The long-term solution is not getting better at emergency production edits. It is reducing the need for them.
That usually means adopting a Git-first or source-driven process where:
When teams skip that discipline, they are effectively using production as a development environment. That always catches up with them.
Used well, it can help teams:
- compare production metadata against a sandbox or branch;
- see differences before deployment;
- detect conflicts earlier;
- avoid overwriting important production changes by accident;
- build a cleaner deployment path after reconciliation.
That turns a frustrating “why did this suddenly fail?” moment into a more controlled decision process.
The long-term solution is not getting better at emergency production edits. It is reducing the need for them.
That usually means adopting a Git-first or source-driven process where:
- changes are made in a controlled environment first;
- version control reflects the intended state;
- deployments originate from tracked changes;
- direct production edits become rare exceptions, not normal operations.
When teams skip that discipline, they are effectively using production as a development environment. That always catches up with them.
Validate earlier, not just before go-live
One of the easiest ways to catch drift before release day is to run validation ahead of the release window. Even a validate-only step can reveal conflicts early enough for the team to compare, reconcile, and make better decisions without pressure.
The point is not just technical success. It is operational predictability. Direct production changes solve one problem and create three more.
A quick production fix can feel efficient in the moment. But unless it is captured, compared, and synchronized, it creates a trail of downstream risk: failed deployments, overwritten metadata, broken automation, and hours of avoidable investigation.
Teams that want stable Salesforce delivery need more than good intentions. They need a process that keeps environments aligned and a toolset that makes differences visible before production is touched.
That is exactly the gap mtdt is designed to help close.
The point is not just technical success. It is operational predictability. Direct production changes solve one problem and create three more.
A quick production fix can feel efficient in the moment. But unless it is captured, compared, and synchronized, it creates a trail of downstream risk: failed deployments, overwritten metadata, broken automation, and hours of avoidable investigation.
Teams that want stable Salesforce delivery need more than good intentions. They need a process that keeps environments aligned and a toolset that makes differences visible before production is touched.
That is exactly the gap mtdt is designed to help close.
Stay tuned!
Subscribe for our newsletters and get special offers.
By clicking the button, you consent to the processing of your personal data and agree to our Privacy Policy.