I am trying to fully protect a Script Include in my scoped application so that only users with a specific role (upriit_admin) can edit it. To achieve this, I created a record-level ACL with write access on the sys_script_include table , added a role condition and disabled the “admin overrides” option. I set the protection policy to "Read-only". However, when I export this Script Include through an update set and import it into another instance other users — including admins — are still able to edit the Script Include, even though protection and ACLs are created. It seems the protection policy does not persist effectively across instances. I want to make the Script Include truly read-only for everyone except users with the upriit_admin role, but none of these methods are working as expected.
