Commit graph

4617 commits

Author SHA1 Message Date
Carlo
c0fc3787fc
Fix icon upload for multi-team software titles (#41785)
Fixes #41688

---------

Co-authored-by: Ian Littman <iansltx@gmail.com>
2026-03-17 06:55:22 -04:00
Victor Lyuboslavsky
85b5e7a95a
Fixed 500 and 402 on My Device page. (#41748)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41742

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Fixed crashes on the "My device" page for Fleet Free instances when a
host is assigned to a team.
* Improved error handling to prevent application crashes when policy
data is unavailable.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-16 16:09:43 -05:00
Josh Roskos
ba2c5b5e5c
Add go_binaries table (#39877)
**Related issue:** Resolves #40138

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

Installed: 
```
go install golang.org/x/tools/cmd/goimports@latest
go install golang.org/x/tools/gopls@latest
go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
```

Validated:
```
osquery> SELECT * FROM go_packages;
+---------------+---------+-----------------------------------+-----------------------------------------------------+------------+----------------------------------+
| name          | version | module_path                       | import_path                                         | go_version | installed_path                   |
+---------------+---------+-----------------------------------+-----------------------------------------------------+------------+----------------------------------+
| goimports     | v0.42.0 | golang.org/x/tools                | golang.org/x/tools/cmd/goimports                    | go1.25.5   | /Users/josh/go/bin/goimports     |
| golangci-lint | v1.64.8 | github.com/golangci/golangci-lint | github.com/golangci/golangci-lint/cmd/golangci-lint | go1.25.5   | /Users/josh/go/bin/golangci-lint |
| gopls         | v0.21.1 | golang.org/x/tools/gopls          | golang.org/x/tools/gopls                            | go1.25.5   | /Users/josh/go/bin/gopls         |
+---------------+---------+-----------------------------------+-----------------------------------------------------+------------+----------------------------------+
```

## fleetd/orbit/Fleet Desktop

- [x] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [x] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [x] Verified that fleetd runs on macOS, Linux and Windows

---------

Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2026-03-16 13:27:00 -05:00
Sarah Gillespie
3b859303d2
Improve UI for FileVault "action required" notifications banner (#41594) 2026-03-16 11:21:25 -05:00
Nico
48a1935c2b
Fixed editing reports on free tier failing due to triggering a premium license check (#41747)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41652

Solution is to not pass `labels_include_any` to the payload of the PATCH
endpoint request.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/7c825b92-0b03-448a-8e42-83e39a2acdf6



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-03-16 11:42:58 -03:00
Noah Talerman
4128819e25
Add/edit user modal (#41659)
Purge the purple!
2026-03-15 12:09:19 -07:00
Carlo
2abacc577e
Feat/31914 patch policy (#41518)
Implements patch policies #31914 

- https://github.com/fleetdm/fleet/pull/40816
- https://github.com/fleetdm/fleet/pull/41248
- https://github.com/fleetdm/fleet/pull/41276
- https://github.com/fleetdm/fleet/pull/40948
- https://github.com/fleetdm/fleet/pull/40837
- https://github.com/fleetdm/fleet/pull/40956
- https://github.com/fleetdm/fleet/pull/41168
- https://github.com/fleetdm/fleet/pull/41171
- https://github.com/fleetdm/fleet/pull/40691
- https://github.com/fleetdm/fleet/pull/41524
- https://github.com/fleetdm/fleet/pull/41674

---------

Co-authored-by: Jonathan Katz <44128041+jkatz01@users.noreply.github.com>
Co-authored-by: jkatz01 <yehonatankatz@gmail.com>
Co-authored-by: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
Co-authored-by: Jahziel Villasana-Espinoza <jahziel@fleetdm.com>
2026-03-13 16:47:09 -04:00
Victor Lyuboslavsky
fe1e4d295b
Fixed error message when deleting a certificate authority (#41635)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41532

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved error messaging when deleting a certificate authority that is
referenced by certificate templates. Users now receive a clear,
user-friendly message instead of a generic database error.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-13 13:25:35 -05:00
Juan Fernandez
067e5fb33f
Made Host Results endpoint URL consistent (33714) (#41501)
Resolves #33714

Added alias `GET /api/v1/fleet/scripts/batch/abc-def/host_results` for
`GET /api/v1/fleet/scripts/batch/abc-def/host-results` for consistency
sake.
2026-03-13 14:00:26 -04:00
jacobshandling
9866e9f5bf
Rlp fe follow ups to main (#41658)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
This PR contains identical frontend changes to those currently in
`recovery-pw-feature` - this allows separate frontend review of the code

- [x] QA'd all new/changed functionality manually
2026-03-13 09:43:20 -07:00
jacobshandling
614b4bf8b2
Disallow manage hosts page header buttons from wrapping text (#41654)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41653 
<img width="810" height="597" alt="Screenshot 2026-03-13 at 8 44 23 AM"
src="https://github.com/user-attachments/assets/b5e7feff-e576-4c0d-a9ee-b2ef1a17a7ea"
/>


- [x] Changes file added for user-visible changes in `changes/`
- [x] QA'd all new/changed functionality manually
2026-03-13 09:02:40 -07:00
Scott Gress
3e0552849b
Delete dead code file team_scheduled_queries.ts (#41639)
Deletes a code file that's not referenced by anything and keeps causing
me merge conflicts.

JS linter and tests pass without it, which tells you everything you need
to know 🔪
2026-03-13 10:21:40 -05:00
Scott Gress
2686907dba
Update API calls in front-end to use new, non-deprecated URLs and params (#41515)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41391

# Details

This PR updates front-end API calls to use new URLs and API params, so
that the front end doesn't cause deprecation warnings to appear on the
server.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, should not be user-visible

## Testing

- [X] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
The biggest risk here is not that we missed a spot that still causes a
deprecation warning, but that we might inadvertently make a change that
breaks the front end, for instance by sending `fleet_id` to a function
that drops it silently and thus sends no ID to the server. Fortunately
we use TypeScript in virtually every place affected by these changes, so
the code would not compile if there were mismatches between the API
expectation and what we're sending. Still, spot checking as many places
as possible both for deprecation-warning leaks and loss of functionality
is important.

## Summary by CodeRabbit

* **Refactor**
* Updated API nomenclature across the application to use "fleets"
instead of "teams" and "reports" instead of "queries" in endpoint paths
and request/response payloads.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-12 22:26:48 -05:00
Jordan Montgomery
076157c1a6
Add CSP to fleet(currently disabled - needs frontend work) (#41395)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40538

This is the initial iteration of CSP functionality, currently gated
behind FLEET_SERVER_ENABLE_CSP. If disabled, no CSP is served. Nonces
are still injected into pages however a dummy nonce is used and has no
effect.

With this setting turned on things break and will be addressed by mainly
frontend changes in https://github.com/fleetdm/fleet/issues/41577

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
2026-03-12 18:06:54 -04:00
RachelElysia
5724342147
Fleet UI: Show installed status icon if installed (#41358)
## Issue
Closes #39983 

## Description

This is so long because installation details are within 3 modals and so
all 3 had to be updated:

- SoftwareInstallDetailsModal
  - Updated variables and naming for readability
  -  Added icons to tests
- `shouldShowInventoryVersions` will show if
`overrideFailedMessageWithInstalledMessage` (bug fix)
- SoftwareIpaInstallDetailsModal
  - Updated variables and naming for readability
  - Added icons to tests
  - Use reusable component `IconStatusMessage`
  -  Added pre-4.57 "pending" case just in case to match VPP
- Override icon to success icon if
`overrideFailedMessageWithInstalledMessage || isInstalledManual` (bug
fix)
- `shouldShowInventoryVersions` will show if
`overrideFailedMessageWithInstalledMessage` (bug fix)
- VPPInstallDetailsModal
  - Updated variables and naming for readability
  - TODO: Create tests to add icons to
  -  Use reusable component `IconStatusMessage`
- Override icon to success icon if
`overrideFailedMessageWithInstalledMessage || isInstalledManual` (bug
fix)
- `shouldShowInventoryVersions` will show if
`overrideFailedMessageWithInstalledMessage` (bug fix)

## Screenshots

### BEFORE


https://github.com/user-attachments/assets/3472daef-47bd-4dbb-9ce9-afbf3d13302b



### AFTER


https://github.com/user-attachments/assets/c3212f58-6172-4437-9d60-76c42b98f451


## Testing

- [x] Added/updated automated tests
 Tests already exist, ensured they still passed

- [x] QA'd all new/changed functionality manually
2026-03-12 16:56:48 -05:00
RachelElysia
5f2dc44cf7
Fleet UI: Tighten up matchLoosePrefixKey to be stricter for sourcing software icons (#41598)
## Issue
Closes #41548 

## Description
- Improve string util we use for matching icons

> Note: Lots of retros how this came about

## Screenshot of fix

Arc vs. Archaeology
<img width="522" height="595" alt="Screenshot 2026-03-12 at 4 42 13 PM"
src="https://github.com/user-attachments/assets/9f805678-c08a-4959-ab6a-3b29c4b1f382"
/>


## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-03-12 16:56:01 -05:00
Sarah Gillespie
85af52667d
Update DEP enrollment flow to apply minimum macOS version check when specified (#40720) 2026-03-12 16:54:46 -05:00
RachelElysia
b9f844d9ee
Fleet UI: Clean up link styling (#41485) 2026-03-12 14:11:14 -04:00
Jordan Montgomery
30ad47c8a5
Update default lock end user info value to match EUA when not specified (#41441)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38669 Unreleased bug/Misunderstood
requirements

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* End User Authentication and lock end-user info settings now
synchronize correctly when one is updated without explicitly setting the
other.
* Validation error messages now clearly state that end-user
authentication must be enabled before locking end-user info.

* **Tests**
* Expanded test coverage for MDM configuration handling and related
scenarios.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-12 12:00:51 -04:00
RachelElysia
2e24663f86
Fleet UI: Update discard data option link + styling (#41535) 2026-03-12 10:39:48 -04:00
Noah Talerman
09590bc6e2
"Teams" => "fleets", "queries" => "reports" doc changes (#39585) 2026-03-11 23:41:14 -05:00
Victor Lyuboslavsky
7a4d3ec506
Fixed table shifting left when clicking the copy hash icon (#41411)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40607

# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] QA'd all new/changed functionality manually
2026-03-11 19:15:36 -05:00
Victor Lyuboslavsky
373effbb9e
Fixed Microsoft NDES CA not being selectable (#41490)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38585

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing
- [x] QA'd all new/changed functionality manually


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Fixed Microsoft NDES CA selection to work immediately after deleting
an existing NDES CA without requiring a page refresh.
* Added validation preventing multiple NDES CAs from being added, with a
tooltip message explaining the limitation.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-11 19:15:16 -05:00
kilo-code-bot[bot]
a24c410496
Add Backblaze as a Fleet-maintained app (#41397)
## Summary

- Adds Backblaze (data backup and storage service) as a new
fleet-maintained app with **macOS** support via Homebrew cask
(`backblaze`).
- Backblaze uses a manual installer (`Backblaze Installer.app`) inside a
DMG, so custom install and uninstall scripts are provided following the
same pattern as Adobe Creative Cloud.
- The install script mounts the DMG, locates `Backblaze Installer.app`,
and runs the `bzinstall_mate` binary with the `-nogui` flag for silent
installation.
- The uninstall script stops launchctl services
(`com.backblaze.bzbmenu`, `com.backblaze.bzserv`), removes app bundles,
preference pane, diagnostic reports, package data, and per-user
preferences.

### Files added/changed

| File | Description |
|------|-------------|
| `ee/maintained-apps/inputs/homebrew/backblaze.json` | macOS input
definition |
| `ee/maintained-apps/inputs/homebrew/scripts/backblaze_install.sh` |
Custom install script (DMG mount + manual installer execution) |
| `ee/maintained-apps/inputs/homebrew/scripts/backblaze_uninstall.sh` |
Custom uninstall script (launchctl cleanup + file removal) |
| `ee/maintained-apps/outputs/backblaze/darwin.json` | Generated macOS
output manifest |
| `ee/maintained-apps/outputs/apps.json` | Updated with Backblaze entry
and description |

### Windows support note

Windows support via WinGet (`Backblaze.Backblaze`) is not included in
this PR because the Backblaze package has never been successfully merged
into the [winget-pkgs
repository](https://github.com/microsoft/winget-pkgs). All submission
attempts were rejected due to the installer failing WinGet's unattended
installation validation. Windows support can be added once Backblaze is
available in winget-pkgs.

### Checklist

- [x] macOS input file follows Homebrew input schema
- [x] Custom scripts follow existing patterns (Adobe Creative Cloud)
- [x] Output manifest matches expected format
- [x] `apps.json` updated with description following sentence casing
format
- [x] Entry sorted alphabetically in `apps.json`
- [ ] Icon generation (requires macOS host with Backblaze installed)
- [ ] Validation on macOS host

---

Built for [Mitch
Francese](https://fleetdm.slack.com/archives/D0AG92RJGHY/p1773172809438909?thread_ts=1773163736.129729&cid=D0AG92RJGHY)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)

---------

Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Mitch Francese <2227948+tux234@users.noreply.github.com>
2026-03-11 16:20:54 -05:00
kilo-code-bot[bot]
d5342d5a18
Add Ollama as Fleet-maintained app (#41367)
## Summary

- Adds Ollama as a fleet-maintained app (FMA) with support for both
macOS and Windows platforms
- Ollama is a popular tool to get up and running with large language
models locally

## Changes

### macOS (Darwin)
- **Input**: `ee/maintained-apps/inputs/homebrew/ollama.json` — uses
Homebrew cask `ollama-app`
- **Installer format**: `zip`
- **Bundle identifier**: `com.electron.ollama`
- **Output**: `ee/maintained-apps/outputs/ollama/darwin.json` —
generated via `go run cmd/maintained-apps/main.go --slug="ollama/darwin"
--debug`

### Windows
- **Input**: `ee/maintained-apps/inputs/winget/ollama.json` — uses
WinGet package `Ollama.Ollama`
- **Installer type**: `exe` (Inno Setup)
- **Installer scope**: `user`
- **Custom scripts**: `ollama_install.ps1` and `ollama_uninstall.ps1`
with Inno Setup silent flags (`/VERYSILENT /SUPPRESSMSGBOXES
/NORESTART`)
- **Output**: `ee/maintained-apps/outputs/ollama/windows.json` —
generated via `go run cmd/maintained-apps/main.go
--slug="ollama/windows" --debug`

### App catalog
- Added Ollama entries (darwin + windows) to
`ee/maintained-apps/outputs/apps.json` with description

## Notes
- Icon generation and frontend integration (`tools/software/icons`)
still need to be done separately per the FMA contributing guide
- Category: `Developer tools`

Built for [Mitch
Francese](https://fleetdm.slack.com/archives/D0AG92RJGHY/p1773163983187599?thread_ts=1773163736.129729&cid=D0AG92RJGHY)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)

---------

Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Mitch Francese <2227948+tux234@users.noreply.github.com>
2026-03-11 16:11:13 -05:00
jacobshandling
a6f8c18cc7
UI: Add ability to manually rotate Mac Recovery Lock passwords (#41420)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39781


- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually - TODO with wip
backend work
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
2026-03-11 14:01:56 -07:00
Rachael Shaw
a84cf7a1bf
#15744 copy changes (#39116)
Copy changes for user story:
- #15744
2026-03-11 14:40:34 -05:00
Mitch Francese
eda289f6f5
Add The Unarchiver as a Fleet-maintained app (#41467)
## Summary
- Add The Unarchiver as a new macOS-only Fleet Maintained App
- The Unarchiver is a free archive extraction utility supporting ZIP,
RAR, 7z, and many other formats
- Homebrew cask: `the-unarchiver`, bundle ID: `cx.c3.theunarchiver`
- Category: Utilities

## Changes
- `ee/maintained-apps/inputs/homebrew/the-unarchiver.json` — input
definition
- `ee/maintained-apps/outputs/the-unarchiver/darwin.json` — generated
output with install/uninstall scripts
- `ee/maintained-apps/outputs/apps.json` — added entry in alphabetical
order with description
- `frontend/pages/SoftwarePage/components/icons/TheUnarchiver.tsx` —
generated icon component
- `frontend/pages/SoftwarePage/components/icons/index.ts` — icon import
and map entry
- `website/assets/images/app-icon-the-unarchiver-60x60@2x.png` — app
icon asset
2026-03-11 14:35:49 -05:00
Mitch Francese
64fba279b1
Add IINA as a Fleet-maintained app (#41468)
## Summary
- Add IINA (modern, free and open-source media player) as a macOS-only
fleet-maintained app
- Homebrew cask: `iina`, bundle identifier: `com.colliderli.iina`,
installer format: DMG
- Includes input JSON, generated output, icon assets, and apps.json
entry

## Test plan
- [ ] Verify `go run cmd/maintained-apps/main.go --slug="iina/darwin"
--debug` generates output successfully
- [ ] Verify IINA icon renders correctly in the software page
- [ ] Verify apps.json entry is in correct alphabetical order
2026-03-11 14:33:32 -05:00
Mitch Francese
7d58c9688b
Add Sequel Ace as a Fleet-maintained app (#41469)
## Summary
- Adds Sequel Ace (free, open-source MySQL/MariaDB database manager for
macOS) as a fleet-maintained app
- Includes input JSON, generated output, app icon, and apps.json entry
- macOS only (zip installer format, cask: `sequel-ace`)

## Test plan
- [ ] Verify `sequel-ace/darwin` output JSON has correct installer URL
and SHA256
- [ ] Verify icon renders correctly in the software page
- [ ] Verify apps.json entry is in correct alphabetical order with
description

#41229
2026-03-11 14:31:07 -05:00
kilo-code-bot[bot]
f0ba17c1a2
Add Zotero as fleet-maintained app (#41370)
## Summary

- Adds Zotero (reference/research management tool) as a fleet-maintained
app with macOS and Windows support.
- **macOS**: Uses Homebrew cask `zotero` with DMG installer format
(bundle identifier: `org.zotero.zotero`).
- **Windows**: Uses WinGet package `DigitalScholar.Zotero` with NSIS
(exe) installer, including custom install/uninstall PowerShell scripts
with `/S` silent flag.

## Files added

| File | Purpose |
|------|---------|
| `ee/maintained-apps/inputs/homebrew/zotero.json` | macOS input
manifest |
| `ee/maintained-apps/inputs/winget/zotero.json` | Windows input
manifest |
| `ee/maintained-apps/inputs/winget/scripts/zotero_install.ps1` |
Windows silent install script (NSIS /S) |
| `ee/maintained-apps/inputs/winget/scripts/zotero_uninstall.ps1` |
Windows silent uninstall script (NSIS /S) |

## Remaining steps (per FMA contributing guide)

- [ ] Run `go run cmd/maintained-apps/main.go --slug="zotero/darwin"
--debug` to generate macOS output
- [ ] Run `go run cmd/maintained-apps/main.go --slug="zotero/windows"
--debug` to generate Windows output
- [ ] Generate and add app icon using the `tools/software/icons/` script
- [ ] Add description to `outputs/apps.json`

> **Note:** The WinGet package identifier for Zotero is
`DigitalScholar.Zotero` (the community-maintained identifier in the
winget-pkgs repository).

Built for [Mitch
Francese](https://fleetdm.slack.com/archives/D0AG92RJGHY/p1773163983187599?thread_ts=1773163736.129729&cid=D0AG92RJGHY)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)

---------

Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Mitch Francese <2227948+tux234@users.noreply.github.com>
2026-03-11 14:18:53 -05:00
Nico
b40fa26e2e
Follow-up changes to observer live query bypass (#41146)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #36093

This is a follow-up of https://github.com/fleetdm/fleet/pull/40717

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests

- [x] QA'd all new/changed functionality manually

Verified that the manual test cases I described in
https://github.com/fleetdm/fleet/pull/40717 still pass.

Used the following setup:
- 1 host on Servers.
- 1 host on Servers (canary).
- 9999 hosts on Unassigned.

<img width="1292" height="448" alt="Screenshot 2026-03-10 at 9 41 33 PM"
src="https://github.com/user-attachments/assets/37ba2ad9-aa7b-4d40-b134-56a943e2635c"
/>


Users:
- Team user with these assignments for test cases 1 and 2.

<img width="570" height="269" alt="Screenshot 2026-03-10 at 9 42 41 PM"
src="https://github.com/user-attachments/assets/f4bcf180-b7cc-4d80-a727-26ce887cbe84"
/>

- Global observer user for test cases 3 to 5.

### Test case 1

Report on Workstations (canary) with observers_can_run=true

<img width="470" height="538" alt="Screenshot 2026-03-10 at 9 42 30 PM"
src="https://github.com/user-attachments/assets/11c02ee9-c6eb-463a-9d4b-168a6155feed"
/>

Tested that I'm only able to target that host using "All hosts", "macOS"
and other labels. Also, searching for specific hosts under "Target
specific hosts" only retrieves that host.



https://github.com/user-attachments/assets/150d986a-b4f2-49ab-86d9-0308685873eb

### Test case 2

Confirmed that I'm not able to target `perf-host-1` from `Servers
(canary)` using a manual label with the same report above.
For this, I created a manual label and assigned only to `perf-host-1`:

<img width="603" height="349" alt="Screenshot 2026-03-10 at 9 50 52 PM"
src="https://github.com/user-attachments/assets/98b4a27a-4e46-466e-a377-622d36903feb"
/>

Note that 0 hosts are targeted and **Run** is disabled:
<img width="950" height="814" alt="Screenshot 2026-03-10 at 9 52 26 PM"
src="https://github.com/user-attachments/assets/3b42c0e9-3005-40cc-8733-85b9b729ce89"
/>

### Test case 3

Accessed same report in `Workstations (canary)` above with a Global
Observer user.
Confirmed that no hosts can be targeted in any way:

<img width="977" height="649" alt="Screenshot 2026-03-11 at 8 29 26 AM"
src="https://github.com/user-attachments/assets/ac87ac7e-3097-4228-a724-1d9324dec504"
/>
<img width="986" height="746" alt="Screenshot 2026-03-11 at 8 30 06 AM"
src="https://github.com/user-attachments/assets/5ca592d2-be8c-43c0-8a27-d18fdee35442"
/>
<img width="1017" height="812" alt="Screenshot 2026-03-11 at 8 30 12 AM"
src="https://github.com/user-attachments/assets/fb92940d-3ab2-4136-9e04-825f2c5eb3fe"
/>
<img width="998" height="809" alt="Screenshot 2026-03-11 at 8 30 17 AM"
src="https://github.com/user-attachments/assets/67cc9c0a-e1aa-49df-ad68-1988d6471d32"
/>
<img width="1444" height="311" alt="Screenshot 2026-03-11 at 8 30 35 AM"
src="https://github.com/user-attachments/assets/4b725bf1-0d6d-4458-840e-a96666a34903"
/>
<img width="1444" height="303" alt="Screenshot 2026-03-11 at 8 30 42 AM"
src="https://github.com/user-attachments/assets/54a9cd65-90f5-4454-a713-334e23118295"
/>

### Test case 4

As a global observer, accessing a global report with
observers_can_run=true, I can target all the hosts across all teams.

<img width="951" height="640" alt="Screenshot 2026-03-11 at 8 34 58 AM"
src="https://github.com/user-attachments/assets/3c235b3d-acd5-4801-834f-6fe6cd67d3dd"
/>
<img width="1448" height="527" alt="Screenshot 2026-03-11 at 8 35 06 AM"
src="https://github.com/user-attachments/assets/0f5f663d-8597-4320-aceb-ee6f168ec552"
/>
<img width="1474" height="179" alt="Screenshot 2026-03-11 at 8 35 14 AM"
src="https://github.com/user-attachments/assets/042eda04-e7f6-4c21-9503-878a23435fcd"
/>
 
### Test case 5

With the same report from test case 4, but observers_can_run=false, I
can't target any hosts.

<img width="971" height="804" alt="Screenshot 2026-03-11 at 8 36 49 AM"
src="https://github.com/user-attachments/assets/3a3a9fe3-a159-4ef9-8b08-4c987b9c0828"
/>
<img width="967" height="813" alt="Screenshot 2026-03-11 at 8 37 00 AM"
src="https://github.com/user-attachments/assets/aba5588d-dd96-4b88-9911-ebdd743bfa65"
/>
2026-03-11 13:42:33 -03:00
Mitch Francese
21cfab20cc
Add Warp as Fleet maintained app for macOS (#41051)
## Summary

- Adds Warp terminal as a Fleet maintained app for macOS (darwin)
- Uses direct CDN URL (`releases.warp.dev`) instead of Homebrew's URL
which requires `User-Agent: Homebrew` header
- Single `WarpDirectInstaller` enricher: overrides URL, sets `sha256:
no_check`, strips `.stable_` from version string
- Version: `0.2026.02.25.08.24.01` (latest stable)

## Validation checklist

- [ ] App can be downloaded using manifest URL
- [ ] App installs successfully on macOS host using manifest install
script
- [ ] App exists in software inventory after install
(`dev.warp.Warp-Stable`)
- [ ] App uninstalls successfully using manifest uninstall script

## Notes

Supersedes #37901 (branch had corrupted git history from a rewrite; this
is a clean branch off main).
2026-03-11 09:02:49 -05:00
Steven Palmesano
d5def08586
Add a missing period to ABM pending device tooltip (#41438) 2026-03-11 08:31:55 -05:00
Gabriel Hernandez
e41a9871ac
open enrollment profile download page in safari for ios and ipados (#41240)
**Related issue:** Resolves #39996

This adds a new flow where the user is asked to navigate and dowload the
enrollment profile in safari for ios and ipados devices.

This fixes an issue where the enrollment profile was not downloaded
correctly on browsers other than Safari.


https://github.com/user-attachments/assets/20304389-4b36-445b-9b8f-d4b9bfbff143


# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-03-11 12:12:44 +00:00
jacobshandling
0db86ef2f1
UI housekeeping: Update Modal.children from JSX.Element to React.ReactNode, remove empty fragment wrappers (#41394)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Refactor**
* Simplified modal structures across multiple dialog components for
improved code maintainability.
* Enhanced modal component's flexibility to support broader content
types.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-10 15:30:55 -07:00
Noah Talerman
07a40b2662
Manually enroll Apple: Add done message (#41389)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/41388
2026-03-10 16:48:04 -04:00
Nico
54a9160502
Invalidate vppSoftware and fleet-maintained-apps cache entries after adding software (#41364)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41290 (follow-up of
https://github.com/fleetdm/fleet/pull/41331 - missed invalidating the
App store and FMA lists). Also added a change to refetch all software
titles after a Custom Package is added.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

(Already added as part of the first PR).

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/6b6d5410-0cd8-4c60-98e0-9b1b4a86be40



https://github.com/user-attachments/assets/815b85e7-98ac-4178-95cb-8b5f61e8edf7

For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-03-10 15:00:14 -03:00
Luke Heath
0172a82b81
Silence webpack warnings (#40756) 2026-03-10 12:29:11 -05:00
Gabriel Hernandez
aefad76342
extend the expiration date for the auth token cookie (#41261)
**Related issue:** Resolves #41262

This extends the expiration date for the host auth token cookie.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-03-10 17:15:09 +00:00
jacobshandling
46f8cf4b12
UI: Set Mac Recovery Lock passwords (#41166)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39723 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
  - [x] With spoofed data
  - [ ] Integrated with backend (wip)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Recovery Lock Passwords: new OS Settings card to enable/disable
enforcement and save changes.
* Host Actions: view a host's Recovery Lock password via a modal from
the host actions menu.
* Activity tracking: new activity entries for viewing, setting,
enabling, and disabling Recovery Lock passwords.
  * Navigation: added a dedicated route for Passwords under OS Settings.

* **Documentation**
* Updated guidance for updating local config after an update to ensure
latest values.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-10 10:05:01 -07:00
jacobshandling
c2237d8576
Update mdm enroll copy (#41060)
- Many users will be single-clicking the downloaded Profile from the
expanded dock - "open" is the right level of specificity.
<img width="199" height="240" alt="Screenshot 2026-03-05 at 10 35 28 AM"
src="https://github.com/user-attachments/assets/5c782753-f479-425c-9492-61e9b13fef86"
/>

- The fact that we call out that there will be a warning communicates
that it is expected, redundant to say so. Also, it looks cleaner.
<img width="829" height="413" alt="Screenshot 2026-03-05 at 10 32 59 AM"
src="https://github.com/user-attachments/assets/f4e1fff2-4391-4971-ba99-32edbf2e25f4"
/>

---------

Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
2026-03-10 10:00:46 -07:00
Noah Talerman
1a693d98ae
Add certificate authority (CA): Clarify instructions are for NDES (#41304)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/41305
2026-03-10 07:32:58 -07:00
Nico
c122bdab9d
Invalidate software-titles query cache after adding VPP or fleet-maintained app (#41331)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41290

Will need to be cherry-picked to 4.82 RC branch.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/60201628-eb4f-4c11-ac02-2481a7764b73



https://github.com/user-attachments/assets/4655d1de-8a0d-41fd-995c-44bc54f369d4



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-03-10 11:18:32 -03:00
Luke Heath
c7e3363f91
Fix old teams name in calendar tooltip (#41301)
For #40912
2026-03-09 17:42:00 -05:00
Nico
a1592259f4
Do not show table footer under Target specific hosts table (#41252)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41111

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

### Before

<img width="1477" height="590" alt="Screenshot 2026-03-09 at 11 50
49 AM"
src="https://github.com/user-attachments/assets/f180371f-c83c-4bee-bfa1-8c78afd46d90"
/>

### After

<img width="1471" height="531" alt="Screenshot 2026-03-09 at 11 50
29 AM"
src="https://github.com/user-attachments/assets/341f7f6c-97b2-4a55-8543-dda0e7f3e867"
/>
2026-03-09 17:23:44 -03:00
Noah Talerman
64a303e1d2
Report details page (#41177)
"Query" => "Report"
2026-03-09 10:18:49 -07:00
Jahziel Villasana-Espinoza
49b7db18fa
always show the filters and search bar (#41163)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40327 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually
2026-03-09 09:05:36 -04:00
Scott Gress
a8fa681467
Reorder columns on Host page (#41180)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40489 

# Detail

This PR re-orders the column on the Manage Hosts page. No columns are
added or removed.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

Did my best to spot check with my human eyes that no code was changed,
only moved. Also had 🤖 check it.

- [X] QA'd all new/changed functionality manually

<img width="1715" height="522" alt="image"
src="https://github.com/user-attachments/assets/0df3081c-55dd-49cf-bc90-9a41114a36a3"
/>

<img width="1699" height="520" alt="image"
src="https://github.com/user-attachments/assets/7bc050a7-18ae-4aa6-a74b-a459b5955be4"
/>

<img width="952" height="521" alt="image"
src="https://github.com/user-attachments/assets/bf0d6d83-9e27-4ba7-af5d-887acf155e22"
/>
2026-03-07 17:32:59 -06:00
Rachael Shaw
88c766bffa
UI: Update table heading and result filter styles (#41072)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41073

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

## Screenshots

### Live report
<img width="1624" height="1061" alt="Screenshot 2026-03-05 at 4 02
32 PM"
src="https://github.com/user-attachments/assets/803b5c7a-81e9-4cc0-aca2-5cfc43e0aeee"
/>

### Report
<img width="1624" height="1061" alt="Screenshot 2026-03-05 at 4 03
32 PM"
src="https://github.com/user-attachments/assets/b28d14c7-d9ff-46f1-a587-67f630aad201"
/>

### Host report
<img width="1624" height="1061" alt="Screenshot 2026-03-05 at 4 32
26 PM"
src="https://github.com/user-attachments/assets/c28f2fb3-8e89-4f3d-a607-93cd6015c68c"
/>


### Regular table
<img width="1624" height="1061" alt="Screenshot 2026-03-05 at 4 03
42 PM"
src="https://github.com/user-attachments/assets/85a5d5dd-1c64-48c3-b586-47e7787ee4a9"
/>
2026-03-06 17:41:28 -06:00
Jahziel Villasana-Espinoza
248f35b78e
refactor path generation (#41126)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38965 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing
- [x] QA'd all new/changed functionality manually
2026-03-06 12:11:37 -05:00
Nico
7e438f1303
Fix 'rolling' alignment on host vitals and key-value pairs alignment on Certificate details modal (#41124)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40641 & Resolves #40287

`line-height: initial` on TooltipWrapper's inner element resets to the
browser default, causing vertical misalignment when rendered alongside
other content.
Scoping `line-height: inherit` to the affected contexts fixes this
without changing the shared component.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

### Before

<img width="230" height="91" alt="Screenshot 2026-03-06 at 12 04 58 PM"
src="https://github.com/user-attachments/assets/a34b7b5f-f254-4837-8c99-d05ad27ab4cf"
/>


<img width="863" height="1044" alt="Screenshot 2026-03-06 at 12 04
40 PM"
src="https://github.com/user-attachments/assets/21e71762-aab6-4a04-bf46-d369151b55da"
/>


### After

<img width="145" height="60" alt="Screenshot 2026-03-06 at 11 55 45 AM"
src="https://github.com/user-attachments/assets/41fd66dc-c9aa-4420-81c5-64d3fe5463b2"
/>

<img width="713" height="840" alt="Screenshot 2026-03-06 at 12 23 25 PM"
src="https://github.com/user-attachments/assets/fb5f405f-6f94-47e9-8519-34c46934ea80"
/>
2026-03-06 14:02:51 -03:00
Magnus Jensen
56e03337bd
block self service on personal enrollments (#41054)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38593 

<img width="375" height="667" alt="My device Fleet 2"
src="https://github.com/user-attachments/assets/e5db8607-761f-40e8-befb-59a0fbdd7aac"
/>

_There was no figma, so wasn't sure if the boldness and spacing is
correct, but just used default values._

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-03-06 10:23:15 -05:00
Mitch Francese
d8461dbca5
Clarify Add hosts modal: fleetctl generates installer, not run on hosts (#41055)
## Summary

- Changes label text from "Run this command with the Fleet command-line
tool" to "Generate your installer with the Fleet command-line tool" —
making clear the command produces an installer package, not something
run on each host
- Adds help text to Windows (MSI), Linux (deb), and macOS (pkg) tabs:
"Run this on your admin computer, then deploy the generated package to
your hosts"

## Problem

Customer feedback: users believe they need to install both `fleetctl`
and the enrollment package on each host they're enrolling. The old copy
didn't convey that:
1. `fleetctl package` is run once on an admin machine (not on hosts)
2. The output is a deployable installer package that goes to the hosts

## Test plan

- [ ] Open the Add hosts modal on macOS, Windows, and Linux tabs
- [ ] Confirm label reads "Generate your installer with the Fleet
command-line tool"
- [ ] Confirm help text below the command reads "Run this on your admin
computer, then deploy the generated package to your hosts"
- [ ] Confirm the Advanced tab label is also updated
- [ ] Confirm plain-osquery path is unaffected (no label shown)
- [ ] Confirm ChromeOS, iOS & iPadOS, Android tabs are unaffected
2026-03-06 09:50:48 -05:00
Scott Gress
fe7be1833a
Update urls to use "fleets" and "reports" instead of "teams" and "queries" (#41084)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** For #41030

# Details

This PR updates front-end routes and redirects the old routes to the new
ones.

While I typically have shied away from renaming vars and constants in
this phase of the renaming work, I chose to rename the path constants
here because they're a lot less useful when they have names that don't
correspond to the paths they're representing. I did the renames using
VSCode's "Rename Symbol" feature which automatically finds and fixes any
references. I then asked Claude to verify the changes and it didn't find
any dangling references (also the code would fail to compile unless all
the new names collided with old ones).

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a

## Testing

- [ ] Added/updated automated tests
no relevant tests exist
- [X] QA'd all new/changed functionality manually

## Reports (formerly Queries)

**New routes:**
- [x] /reports/manage — Reports list page
- [x] /reports/new — New report editor
- [x] /reports/new/live — New report live query
- [x] /reports/:id — Report details
- [x] /reports/:id/edit — Edit report
- [x] /reports/:id/live — Live report run

**Redirects from old routes:**
- [x] /queries → /reports
- [x] /queries/manage → /reports/manage
- [x] /queries/new → /reports/new
- [x] /queries/new/live → /reports/new/live
- [x] /queries/:id → /reports/:id
- [x] /queries/:id/edit → /reports/:id/edit
- [x] /queries/:id/live → /reports/:id/live

## Host Reports (formerly Host Queries)

**New routes:**
- [x] /hosts/:host_id/reports/:query_id — Host report results

**Redirects from old routes:**
- [ ] ~/hosts/:host_id/schedule → /hosts/:host_id/reports~ <- this is
not a real URL; removed current broken redirect
- [x] /hosts/:host_id/queries/:query_id →
/hosts/:host_id/reports/:query_id

## Fleets (formerly Teams)

**New routes:**
- [x] /settings/fleets — Fleets list page
- [x] /settings/fleets/users?fleet_id=:id — Fleet users
- [x] /settings/fleets/options?fleet_id=:id — Fleet agent options
- [x] /settings/fleets/settings?fleet_id=:id — Fleet settings

**Redirects from old routes:**
- [x] /settings/teams → /settings/fleets
- [x] /settings/teams/users → /settings/fleets/users
- [x] /settings/teams/options → /settings/fleets/options
- [x] /settings/teams/settings → /settings/fleets/settings
- [x] /settings/teams/:team_id → /settings/fleets
- [x] /settings/teams/:team_id/users → /settings/fleets
- [x] /settings/teams/:team_id/options → /settings/fleets

**Navigation & Links**

- [x] Top nav "Reports" link goes to /reports/manage
- [x] User menu team switcher navigates to
/settings/fleets/users?fleet_id=:id
- [x] Admin sidebar "Fleets" tab goes to /settings/fleets
- [x] "Create a fleet" links (user form, transfer host modal) go to
/settings/fleets
- [x] "Back to fleets" button on fleet details goes to /settings/fleets
- [x] Fleet table name links go to /settings/fleets/users?fleet_id=:id
- [x] Host details "Add query" button goes to /reports/new
- [x] Select query modal links go to /reports/new and /reports/:id/edit
- [x] Query report "full report" link goes to /reports/:id
- [x] Browser tab titles show correct names for report pages

**Query params preserved through redirects**

- [x] /queries/:id?fleet_id=1 → /reports/:id?fleet_id=1
- [x] /settings/teams/users?fleet_id=1 →
/settings/fleets/users?fleet_id=1

For unreleased bug fixes in a release candidate, one of:

- [X] Confirmed that the fix is not expected to adversely impact load
test results
2026-03-06 08:24:50 -06:00
Scott Gress
2747c96308
Fix software installer error team -> fleet (#41070)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** For #41031

# Details

* Updates server-side error message about software installers to use
"fleet" instead of "team".
* Update front-end code that rewrites that error text 🤦  

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a

## Testing

- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
- [X] Saw correct error banner when trying to add a VPP app that
conflicted with an FMA
<img width="741" height="67" alt="image"
src="https://github.com/user-attachments/assets/d171097c-b165-45f8-bafb-fd6337c94cb9"
/>
- [X] Saw correct error banner when trying to add a script with the same
contents as a another script
<img width="765" height="60" alt="image"
src="https://github.com/user-attachments/assets/db02b92a-942d-448d-9062-3fca49132a94"
/>

I haven't tested all the other cases but I think these two cover them;
one uses the `CantAddSoftwareConflictMessage` constant on the server and
one uses a hard-coded message. Everything else uses the constant.

For unreleased bug fixes in a release candidate, one of:

- [X] Confirmed that the fix is not expected to adversely impact load
test results
2026-03-05 17:28:52 -06:00
Scott Gress
b2caabd343
Fix "query" to "report" in various places in UI (#41078)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** For #41030

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a

## Testing

- [ ] Added/updated automated tests
- [X] QA'd all new/changed functionality manually

**Query report "Export results" file name (just dropped "Query")**
<img width="481" height="35" alt="image"
src="https://github.com/user-attachments/assets/c7529f1d-07d3-467c-868c-e4b49f4b6eec"
/>

---

**Tooltips on the New Report page**
<img width="308" height="109" alt="image"
src="https://github.com/user-attachments/assets/886cb49c-664a-46f3-bbe3-35712644f7ad"
/>
<img width="309" height="82" alt="image"
src="https://github.com/user-attachments/assets/bb76f48c-548e-4059-835b-b8861f71d37a"
/>

---

**Report automations Example data tooltip**
<img width="619" height="87" alt="image"
src="https://github.com/user-attachments/assets/d400bcad-fca9-413d-a4c3-bdd2c2167d1b"
/>

---

**Activities filter**
<img width="433" height="350" alt="image"
src="https://github.com/user-attachments/assets/cf6379cc-7d64-4e0e-91bd-034e41eeec1f"
/>
<img width="414" height="382" alt="image"
src="https://github.com/user-attachments/assets/4da59326-732d-481c-bacb-8db2965c7bb5"
/>

-- 

**Created/Edited/Deleted query activity**
<img width="403" height="254" alt="image"
src="https://github.com/user-attachments/assets/a87dec83-958d-4803-b42b-28e9683b3a8b"
/>

For unreleased bug fixes in a release candidate, one of:

- [X] Confirmed that the fix is not expected to adversely impact load
test results
2026-03-05 17:16:33 -06:00
Nico
24e0ef47c8
Fix observer query bypass: prevent cross-team targeting (#40717)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #36093 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.


# Testing

- [x] Added/updated automated tests

- [x] QA'd all new/changed functionality manually

## Queries/reports

### Team user with team report (observer_can_run = true)

Created user with the following assignments:

<img width="596" height="285" alt="Screenshot 2026-03-02 at 4 58 47 PM"
src="https://github.com/user-attachments/assets/a3a8e7dd-2bfc-40f9-948c-b26b016162ae"
/>

Created report on **Workstations (canary)** fleet with
**observers_can_run = true**

<img width="1020" height="711" alt="Screenshot 2026-03-02 at 5 09 25 PM"
src="https://github.com/user-attachments/assets/58aa98c7-8cbd-4a7a-a159-f4b40a65f2c9"
/>

Logged in with newly-created user, selected the report above to run it
as a live report.

- Verified that **Servers (canary)** is disabled => user is **Observer**
on that fleet, but query belongs to **Workstations (canary)**.
- All the other fleets are enabled:
  - User is **Observer+ or more** in those fleets.
- User is **Observer** in **Workstations (canary)** => enabled because
report belongs to this fleet, AND **observer_can_run = true**.

<img width="986" height="823" alt="Screenshot 2026-03-02 at 5 07 29 PM"
src="https://github.com/user-attachments/assets/b6b7aa4b-5036-46e3-8497-3a77f93a3a2c"
/>


### Global user with team report (observer_can_run = true)

- Created global Observer user.
- Accessed same report created above for **Workstations (canary)** fleet
with **observers_can_run = true**.
- Logged in with newly-created user, selected the report above to run it
as a live report.
- Verified that the only target available is **Workstations (canary)**:

<img width="1087" height="883" alt="Screenshot 2026-03-03 at 10 47
05 AM"
src="https://github.com/user-attachments/assets/9fc8d4d4-6a38-4ecb-98fe-b56b46ac4f74"
/>

### Global user with global report (observer_can_run = true)

Global Observer user can target all fleets.

<img width="1329" height="609" alt="Screenshot 2026-03-03 at 10 56
03 AM"
src="https://github.com/user-attachments/assets/059d4eb2-546f-4a19-9eee-b64dd0250bf1"
/>

<img width="981" height="818" alt="Screenshot 2026-03-03 at 10 57 50 AM"
src="https://github.com/user-attachments/assets/afa0ee58-3457-4838-a96e-dd508d924079"
/>

### Global user with global report (observer_can_run = false)

Global Observer user can't target any fleet.

<img width="691" height="574" alt="Screenshot 2026-03-03 at 10 59 57 AM"
src="https://github.com/user-attachments/assets/f328d547-ed06-4c30-ac22-5df7bb32240a"
/>

<img width="985" height="814" alt="Screenshot 2026-03-03 at 11 00 06 AM"
src="https://github.com/user-attachments/assets/bb55da11-ea3f-40c7-bd98-652880d9e8f9"
/>

## Policies

On the FE, the same component is used to display the targets for Live
Policies, so just making sure that I didn't introduce any regression.

### Global technician user, all fleets policy

Can select all fleets.

<img width="1130" height="858" alt="Screenshot 2026-03-03 at 11 13
40 AM"
src="https://github.com/user-attachments/assets/8d9d97c4-9946-4c4c-9a8a-d79c65d9cb33"
/>

### Team user with team policy

Created user:

- **Technician** on **Servers**.
- **Observer** on **Servers (canary)**.

<img width="745" height="770" alt="Screenshot 2026-03-03 at 11 18 11 AM"
src="https://github.com/user-attachments/assets/56973c34-49bb-4007-9fac-09cf5315bdff"
/>

Can only select **Servers** as a target:

<img width="999" height="754" alt="Screenshot 2026-03-03 at 11 18 56 AM"
src="https://github.com/user-attachments/assets/82d14a8f-46e1-41f5-9355-d717477c85d8"
/>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2026-03-05 15:12:04 -03:00
Gabriel Hernandez
3735e199d6
fix issue where mdm page wasnt updating properly when turning off apple mdm (#40854)
**Related issue:** Resolves #38546

This fixes an issue where the MDM section on the intergation page was
not updating properly when apple mdm was turned off

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Magnus Jensen <magnus@fleetdm.com>
2026-03-05 17:02:21 +00:00
jacobshandling
e9bebfdf96
UI: Remove experimental conditional_access_bypass_enabled policy setting in favor of critical (#40924)
**Related issue:** Resolves #40417
<img width="1624" height="1061" alt="Screenshot 2026-03-03 at 4 17
19 PM"
src="https://github.com/user-attachments/assets/feb3f4cd-af20-42be-887a-73ccef4f2b23"
/>
<img width="1624" height="1061" alt="Screenshot 2026-03-03 at 4 19
17 PM"
src="https://github.com/user-attachments/assets/0b67e5df-525f-444d-8521-f1de1527cfaa"
/>
<img width="1624" height="1061" alt="Screenshot 2026-03-03 at 4 19
26 PM"
src="https://github.com/user-attachments/assets/922f6f05-4889-430f-9da9-3f8f0ac5a11c"
/>
<img width="1624" height="1061" alt="Screenshot 2026-03-03 at 4 19
45 PM"
src="https://github.com/user-attachments/assets/65445602-8a83-429f-aaaf-729f127c4c4b"
/>

- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
  * Added visual badge to identify critical policies.

* **Improvements**
* Critical policies can no longer be bypassed when Okta conditional
access is configured.
* Simplified conditional access policy management UI by removing
per-policy bypass toggles.
* Updated tooltips to clarify bypass restrictions for critical policies.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-03-04 15:16:13 -08:00
Ian Littman
5f608aba63
Fix tone tweaks reverted as part of The Great Rename (#41004)
For #39676.

Work is mine. Diagnosis was courtesy Zed + Sonnet 4.6, which caught this
as I was iterating with it on building a test plan. Ran the prompt below
to catch any other issues:

> Find any cases where `!` as ending punctuation was added to copy since
`bf5d342`.

Will test this along with the QA for the parent issue once it's
cherry-picked.
2026-03-04 14:56:50 -06:00
RachelElysia
4cbc4fdd5e
Fleet UI: Fix refresh preserve toggle, fix border radius (#40947) 2026-03-04 13:41:50 -05:00
Noah Talerman
e408b99013
Edit query: Remove "fleet" (#40943)
It gets awkward...

<img width="383" height="154" alt="Screenshot 2026-03-04 at 8 17 56 AM"
src="https://github.com/user-attachments/assets/82acd9d4-b692-4520-9f07-77466b950391"
/>
2026-03-04 11:10:27 -06:00
Scott Gress
772cddb861
Update stored results setting UI (#40874)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40859

# Details

* Renamed setting from "Disable reports" to "Disable stored results"
* Moved underneath "Disable live reports" for clarity
* Updated related tooltip

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [ ] Added/updated automated tests
- [X] QA'd all new/changed functionality manually

<img width="670" height="531" alt="image"
src="https://github.com/user-attachments/assets/7396a6ab-26ad-4a73-ba6d-b506bff6330c"
/>

---

<img width="406" height="153" alt="image"
src="https://github.com/user-attachments/assets/b86ffbb6-56c3-4cdc-880b-0b39bcd129fa"
/>
2026-03-04 09:58:27 -06:00
Nico
49463f19e9
Fix select-all header checkbox not selecting rows in a specific case (#40940)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40789

Seems like on specific pages of server-side paginated tables, the
select-all header checkbox does not work. This happens when:
- the page has less than 20 rows (I think this is the default page size)
- AND not all the rows are selectable

`headerProps.rows` always contains all rows currently visible in the
table. Using rows also keeps the select logic consistent with the
deselect and "all selected" checks, which already used rows.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

### Before

Clicking on the table header checkbox doesn't perform any selection



https://github.com/user-attachments/assets/d5b1f2fc-1400-4f3e-a2b4-2ae6a3da65af

### After



https://github.com/user-attachments/assets/54a67707-7978-40ec-ba50-c146a67795b2
2026-03-04 11:39:04 -03:00
Noah Talerman
efaa3c5fc5
Live policy results (#40897)
Purge the purple!
2026-03-04 08:02:14 -06:00
Gabriel Hernandez
b92e9efdb5
show apns expiration banner in UI for free tier (#40936)
**Related issue:** Resolves #39184

show apns expiration banner for the free tier in the UI. Before it was
limited to show only for premium tier.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Nico <32375741+nulmete@users.noreply.github.com>
2026-03-04 13:12:33 +00:00
Gabriel Hernandez
744087d2c7
add option to lock end user info during setup experience to UI (#40802)
**Related issue:** Resolves #38669

Added the ability to lock end user info on the end use auth section of
the setup experience page

<img width="468" height="372" alt="image"
src="https://github.com/user-attachments/assets/a5f4e21b-3a1e-4631-b0d4-e3d833a4484c"
/>

# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-03-04 12:02:35 +00:00
jacobshandling
19eebd9657
Fix condition related to whether or not to allow EU to "resolve later" a failing policy (#40878)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves
https://fleetdm.slack.com/archives/C09HG9VMRSS/p1772565135389659?thread_ts=1772563808.929019&cid=C09HG9VMRSS

- [x] QA'd all new/changed functionality manually
2026-03-03 11:54:07 -08:00
Jake Stenger
15567efdae
Clarifying text for ndes_scep_proxy that it's for dynamic SCEP (#40742)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #34521

# Checklist for submitter

- [x] QA'd all new/changed functionality manually
2026-03-03 08:54:26 -08:00
RachelElysia
af9f48eeb1
Fleet UI: Add changes to include google playstore web apps (#40716) 2026-03-03 11:21:56 -05:00
RachelElysia
a1c9115ef0
Fleet UI: Pull platform from url param (#40818) 2026-03-03 11:20:28 -05:00
Noah Talerman
9bf5395e12
Enroll secrets modal: Update copy for "All fleets" and "Unassigned" (#40572)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/40590
2026-03-03 09:41:23 -06:00
Noah Talerman
75215164d1
Add/edit report: Differential callout grey instead of purple (#40746)
Purge the purple!
2026-03-03 09:41:08 -06:00
Noah Talerman
aeeb28e14f
Settings > Agent options: Improve copy (#40817)
- Add purge the purple!

Context:
https://fleetdm.slack.com/archives/C0ACJ8L1FD0/p1772460008632749
2026-03-03 09:40:54 -06:00
RachelElysia
e81f4189da
Fleet UI: Hide native input, don't remove edit from non-FMA flow (#40825) 2026-03-02 17:16:53 -05:00
Nico
da8a178aa2
Fix caching issues on Labels and Software name edits (#40815)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40807, Resolves #40811

More context:
https://fleetdm.slack.com/archives/C019WG4GH0A/p1772470201453599?thread_ts=1772118969.698539&cid=C019WG4GH0A

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/10b07dcc-1048-4aff-aba9-f99abc4631e5



https://github.com/user-attachments/assets/19584e58-c4e6-4869-bc93-97f7d0b01941



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-03-02 16:38:52 -03:00
Claude
6a41c47558
Fix flaky test in EditLabelPage.tests.tsx (#40782)
Fixed intermittent test failure in `EditLabelPage › renders the
ManualLabelForm when the label is manual` caused by redundant assertions
after async queries.

## Changes

- Removed redundant `toBeInTheDocument()` assertions after
`findByText()` calls in the manual label test
- `findByText()` already asserts element presence when it resolves;
storing the result and asserting again created a race condition

**Before:**
```typescript
const host1 = await screen.findByText("Test host #1");
expect(host1).toBeInTheDocument();
```

**After:**
```typescript
await screen.findByText("Test host #1");
```

# Checklist for submitter

- [x] QA'd all new/changed functionality manually
- [x] Added/updated automated tests

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Tests**
* Refactored test assertions to use implicit presence validation instead
of explicit checks, improving test code maintainability without
affecting functionality.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: anthropic-code-agent[bot] <242468646+Claude@users.noreply.github.com>
Co-authored-by: iansltx <472804+iansltx@users.noreply.github.com>
Co-authored-by: Ian Littman <iansltx@gmail.com>
2026-03-02 12:31:12 -06:00
RachelElysia
a4ef7410e2
Fleet UI: Disable cancel checkbox for manual agent install, copy change, ungate from Windows MDM (#40735)
## Issue
Closes #37828 

## Description
3 followups:
- Cancel checkbox should be disabled for manual agent install
- Copy change matches Figma and not previous copy text
- Ungate from Windows MDM (released bug since September 2025 caught by
@iansltx 's thorough QA)

## Screenshots of fixes

- ungated
<img width="1377" height="629" alt="Screenshot 2026-02-27 at 4 24 09 PM"
src="https://github.com/user-attachments/assets/dc6e2a21-ff32-4ad2-aa81-de07c8d4c538"
/>

- checkbox now disabled along with rest of form
<img width="1377" height="638" alt="Screenshot 2026-02-27 at 4 24 00 PM"
src="https://github.com/user-attachments/assets/c2e8fe9e-9f4c-45e5-8934-28e0b5aa2908"
/>


## Testing

- [x] QA'd all new/changed functionality manually
2026-02-28 20:21:45 -06:00
RachelElysia
a2345bb75e
Fleet UI: Allow 'textarea' onBlur, clean to never race (#40744)
## Issue
Closes #34167 

## Followup
- Add missing onBlur to text area inputs app wide
- Update onBlur function to not race with onChange

## Screenshot of fix


https://github.com/user-attachments/assets/9abfbef9-af0d-4247-a18e-e2ea1b4abd4d



## Testing

- [x] QA'd all new/changed functionality manually
2026-02-27 19:51:56 -06:00
Rachael Shaw
9f8e137954
Update tooltip for "End users can bypass" (#40560)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Expedited drafting change for #38041

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

## Testing

- [x] QA'd all new/changed functionality manually


### Screenshot:
<img width="413" height="184" alt="Screenshot 2026-02-25 at 6 04 19 PM"
src="https://github.com/user-attachments/assets/50def1d7-71d4-4c18-932e-ba98f7880ab0"
/>
2026-02-27 14:53:44 -06:00
melpike
891289b687
Update copy for instances when qr code is expired (#40707)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40624
2026-02-27 13:45:48 -07:00
Nico
6543d97f06
Fix end user auth form: allow saving cleared IdP settings (#40424)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #32835

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- Verify that settings can only be cleared if some settings were stored
previously (at least one of the form fields were filled).

## Testing

- [x] Added/updated automated tests

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/522ec6e3-1826-459e-9649-314c4d5f7190
2026-02-27 17:09:54 -03:00
Gabriel Hernandez
1dbed016f8
use best practices for hooks in the app page component (#40591)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->

This updates the functions in `App.tsx` to use the best practice and
include all deps in the dep array. This also requires some of these
functions to use `useCallback`.
2026-02-27 17:06:56 +00:00
Gabriel Hernandez
b220c40152
fix overflow of button off the table on the os settings modal (#40697)
**Related issue:** Resolves #39361

This fixes an issue of the overflow of the resend button off the edge of
the os settting modal table.

We've changed the syling to grow and shrink the error text and column
dynamically so that the table will always be pushed up against the right
edge and the text will grow and shrink as needed so that it wont push
the button any further right

<img width="838" height="436" alt="image"
src="https://github.com/user-attachments/assets/a5acfd44-0d77-4062-92e4-909077827fee"
/>

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-02-27 17:04:14 +00:00
Gabriel Hernandez
18cde24cd9
allow ios and ipados hosts profiles to be resent (#40684)
**Related issue:** Resolves #40066

This allows ipados and ios devices to resend their profiles on the host
details and my device pages

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-02-27 17:03:52 +00:00
RachelElysia
44cf3c2b01
Fleet UI: Add 10 per page to install software setup (#40505) 2026-02-27 10:29:34 -05:00
Rachael Shaw
8110b913d6
Remove hard-coded "(Firefox)" from software display names (#39945)
Potentially resolves #39943. (Needs to be tested; my local Fleet
instance isn't fancy enough to have Firefox addons in software
inventory, so this is just a hunch.)
2026-02-26 12:29:34 -06:00
RachelElysia
0ac2ce8dfd
Fleet UI: Comb through registration buttons (#40444) 2026-02-26 12:13:53 -05:00
Nico
3ab49e49ab
Fix stale data on host details page after subsequent navigations (#40603)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40408

Part of the root cause for this issue is this commit:
5136d40e27

In summary, I moved the QueryClient instantiation out of AppWrapper
because it needs to be a stable reference. I realized this was necessary
when manipulating react-query's cache as part of that work.
(I was debugging react-query's cache using **getQueryData** and it was
always returning **undefined** for every entry -- that was fixed by
doing what I described just above).

When QueryClient was re-created on each AppWrapper mount,
refetchOnMount: false had no effect.. there was never cached data to
serve, so useQuery always fetched on every navigation to the host
details page.

After moving it out of AppWrapper, refetchOnMount: false works as
expected and the cached (stale) data is served instead of refetching.

The fix removes the refetchOnMount: false, refetchOnReconnect: false,
and refetchOnWindowFocus: false overrides, restoring react-query's
defaults so data is refreshed on navigation, tab focus, and reconnect.

# Checklist for submitter

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.


## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/fa3f90ef-46f4-4a30-acc6-2176a22e8299



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-02-26 14:12:41 -03:00
Nico
5fff598211
Fix: Refresh required in order for software inventory to update (#40608)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40606 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/ab873ea4-2baa-4218-b16c-c75f16bbda34



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-02-26 14:12:22 -03:00
Gabriel Hernandez
a0c5102903
update auth token storage (#40504)
**Related issue:** Resolves #14401

# Checklist for submitter

this updates the mechanism of storing the auth token for a user that is
used for making requests and validating a user session. We change the
storage from local storage to a cookie. This allow a bit more security
and prepares for a future change where we will allow the browser to
handle setting and passing the auth token in the request.


- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-02-26 17:05:13 +00:00
RachelElysia
baf7f82aed
Fleet UI: Fix dropdown rendering (#40418) 2026-02-26 11:42:00 -05:00
melpike
c2aa0a4490
[Activity] Make end user authentication activities agnostic of OS (#40525)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40366

---------

Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
2026-02-26 07:18:15 -07:00
Noah Talerman
3ec7ec76c8
Wipe tooltip: Add instructions to delete the host (#40543)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/40550
2026-02-26 09:11:02 -05:00
Juan Fernandez
679264a845
Added tooltip to batch run host count
Resolves #33427: 

Added tooltip to batch run result host count to clarify that the count
might include deleted hosts.
2026-02-26 07:43:24 -04:00
github-actions[bot]
2daf579136
Fleet UI: Update osquery version options (#40464)
Automated update of MIN_OSQUERY_VERSION_OPTIONS with any new osquery
release. (Note: This automatic update is the solution to issue #21431)

Co-authored-by: RachelElysia <RachelElysia@users.noreply.github.com>
2026-02-25 16:41:08 -08:00
Noah Talerman
0b89f16456
Software title page > View YAML: Simplify copy (#40353)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/40354
2026-02-25 18:43:23 -05:00
Scott Gress
824a0f0cc4
Use "unassigned" in addition to / in place of "no teams" in back end checks and messages (#40351)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** For #40348

# Details

This PR replaces the use of "No team" with "Unassigned" and "All teams"
with "All fleets" in appropriate checks and error messages. Specifically
it restricts using "All fleets" or "Unassigned" as team names

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a

## Testing

- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
* tested attempting to add "no team", "all teams", "unassigned" and "all
fleets" as teams and saw appropriate error message
2026-02-25 12:28:04 -06:00
Nico
1f662ca549
Follow-up: Queries and Policies page "Manage Automations" buttons not visible as admin (#40435)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #25080 (specifically this comment
https://github.com/fleetdm/fleet/issues/25080#issuecomment-3954353740)

# Checklist for submitter

- [x] Changes file added (has already been added as part of previous
PRs).

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/e9d1e38c-8a6d-4cc9-9af2-a1466ba3454f
2026-02-25 08:49:07 -03:00
RachelElysia
8eb91600e3
Fleet UI: Back handles team id 0 (#40437) 2026-02-24 15:46:25 -05:00
Jahziel Villasana-Espinoza
ac4ec2ff27
FMA version rollback (#40038)
- **Gitops specify FMA rollback version (#39582)**
- **Fleet UI: Show versions options for FMA installers (#39583)**
- **rollback: DB and core implementation (#39650)**

<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #31919 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Jonathan Katz <44128041+jkatz01@users.noreply.github.com>
Co-authored-by: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
Co-authored-by: Carlo DiCelico <carlo@fleetdm.com>
2026-02-24 14:00:32 -05:00
jacobshandling
55e20da00e
Extend https://github.com/fleetdm/fleet/pull/39732 to the DUP (#40367)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
This isn't strictly necessary on the DUP since the type column is wider
there, but this change will handle any future cases where we have an
even longer type string without affecting current handling. No need for
a cherry-pick.

<img width="959" height="521" alt="Screenshot 2026-02-23 at 3 56 14 PM"
src="https://github.com/user-attachments/assets/f8d9b4b2-ea52-4155-a875-992ba21b3221"
/>

- [x] QA'd all new/changed functionality manually
2026-02-24 09:57:01 -08:00
Harrison Ravazzolo
f442730714
Add .sh tooltip to macOS in software upload module (#40357)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves
https://github.com/fleetdm/fleet/issues/40356
2026-02-24 09:22:43 -05:00
Steven Palmesano
6435fa6c68
Log in > login (#39944)
"Log in" is a verb, "login" is a noun.
2026-02-24 07:34:14 -06:00
jacobshandling
0ec8743cb1
Use 'Agent' dataset title and sort key for vanilla osquery hosts (#40369)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #
https://github.com/fleetdm/fleet/issues/39794#issuecomment-3916992159

Host with vanilla osquery installation lists "Agent" vital:
<img width="959" height="521" alt="Screenshot 2026-02-23 at 5 33 23 PM"
src="https://github.com/user-attachments/assets/216a7209-19ca-46b2-ae1c-ff18bbad3bc7"
/>


- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-02-23 18:14:15 -08:00
Nico
311999fbc7
Migrate some 'Query' occurrences to 'Report' (#40320)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
Observed some places where we still show Query instead of Report:

<img width="1557" height="689" alt="Screenshot 2026-02-23 at 3 54 38 PM"
src="https://github.com/user-attachments/assets/df677e6a-05a3-4d5c-8751-b6f25f845c31"
/>
<img width="2521" height="496" alt="Screenshot 2026-02-23 at 3 54 49 PM"
src="https://github.com/user-attachments/assets/a0c706cf-49b9-410e-919a-2482589114c3"
/>


# Checklist for submitter

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests

- [x] QA'd all new/changed functionality manually

<img width="1496" height="666" alt="Screenshot 2026-02-23 at 4 13 09 PM"
src="https://github.com/user-attachments/assets/de0ed5bc-8156-42f4-9428-b2477ea8c90d"
/>

<img width="2547" height="562" alt="Screenshot 2026-02-23 at 5 11 34 PM"
src="https://github.com/user-attachments/assets/e9d55b93-8221-43d8-9ffe-cc2e8de433f5"
/>
2026-02-23 17:18:43 -03:00
RachelElysia
9bc95aba6f
Fleet UI: Several display name instances (#40123)
## Issue
Closes #39699 

## Description
- `display_name` is super far reaching and was not caught as needing
updates in several places by design nor dev (original ticket made me
deep dive in the code looking for more missed instances and I found
several)

Fixes:
- during setup experience, if a critical software fails, it shows the
display_name instead of the default name
- when viewing the versions modal from fleet desktop, it shows the
display_name instead of the default name as the modal title (screenshot
below)
- when getting an error message from changing the package type when
editing software, it shows the display_name instead of the default name
(screenshot below)
- ORIGINAL REQUEST: when editing auto updates for an ipados/ios
software, it shows the display_name instead of the default name
(screenshot below)

## Screenshots of fixes
<img width="1296" height="483" alt="Screenshot 2026-02-20 at 3 30 26 PM"
src="https://github.com/user-attachments/assets/d3a8659d-1fcf-4384-8670-202c5681ed72"
/>
<img width="1383" height="485" alt="Screenshot 2026-02-20 at 3 36 18 PM"
src="https://github.com/user-attachments/assets/619467dc-5d18-4edf-98ee-116558fa945e"
/>
<img width="1378" height="381" alt="Screenshot 2026-02-20 at 3 41 38 PM"
src="https://github.com/user-attachments/assets/13550024-bd61-4c09-a136-f3a237f01aaf"
/>



## Testing

- [x] QA'd all new/changed functionality manually
2026-02-20 16:03:34 -06:00
jacobshandling
96d27334ec
UI: Fix policies resolvable condition (#40208) 2026-02-20 13:08:04 -08:00
Rachael Shaw
78e6cb3a2e
Update host "Used by" column heading (#40190)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves
https://github.com/fleetdm/fleet/issues/40189

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing
- [x] QA'd all new/changed functionality manually
2026-02-20 12:21:55 -06:00
Magnus Jensen
0130848f6e
show serial for fully managed android (#40184)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40116

This PR also fixes a weird bug that could cause a crash on host details
page, if hosts.users array was missing

<img width="1350" height="472" alt="image"
src="https://github.com/user-attachments/assets/48aba9a3-6145-4a0c-bab0-c99c3345040a"
/>


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-02-20 11:40:31 -05:00
Noah Talerman
2b9cc1f3d0
Host details > Actions dropdown: "Report" => "Live report" (#40110)
To be consistent w/ Query page:
https://fleetdm.slack.com/archives/C0ACJ8L1FD0/p1771521877445639?thread_ts=1771521223.728089&cid=C0ACJ8L1FD0

---------

Co-authored-by: Scott Gress <scott@fleetdm.com>
2026-02-20 10:39:56 -06:00
jacobshandling
4394557c96
Improved spacing on the Controls > OS Settings page (#40188)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #34370 

<img width="932" height="1152" alt="Screenshot 2026-02-20 at 8 23 49 AM"
src="https://github.com/user-attachments/assets/c7b6d0ae-a20e-4115-835d-5d5fb01c12bb"
/>


- [x] Changes file added for user-visible changes in `changes/`
- [x] QA'd all new/changed functionality manually
2026-02-20 08:34:22 -08:00
Scott Gress
e2d2ed4cec
Fix adding/modifying enroll secrets in UI (#40180)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40170

# Details

Fixes an unreleased issue where when attempting to modify a fleet enroll
secret, you get a 400 response indicating that both team_id and fleet_id
params are being sent. The request was piping the "get enroll secrets"
response back into the "modify enroll secrets"

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, unreleased bug

## Testing

- [ ] Added/updated automated tests
- [X] QA'd all new/changed functionality manually

On main: reproduced issue when attempting to add secret to a fleet
On branch: secret added successfully

For unreleased bug fixes in a release candidate, one of:

- [X] Confirmed that the fix is not expected to adversely impact load
test results
2026-02-20 10:27:00 -06:00
RachelElysia
7388bf774e
Fleet UI: Move setup experience software table out of modal (#40075) 2026-02-20 15:36:46 +00:00
Allen Houchins
fe05ce4f48
Add PuTTY as a Windows FMA (#40155)
This pull request adds support for the PuTTY application (Windows) to
the maintained apps system, including metadata,
installation/uninstallation scripts, and frontend icon integration. The
changes ensure that PuTTY can be managed and visually represented in the
software catalog.

**Maintained Apps Integration:**
- Added a new input file `putty.json` with PuTTY metadata for Windows,
specifying installer details and categories.
- Generated an output file `putty/windows.json` containing version
information, install/uninstall scripts, installer URL, and SHA256 hash
for PuTTY.
- Updated the aggregated `apps.json` output to include PuTTY with its
description and unique identifier for the Windows platform.

**Frontend/Icon Integration:**
- Added a new React SVG icon component for PuTTY in `Putty.tsx`.
- Registered the PuTTY icon in the icon index and mapped it in
`SOFTWARE_NAME_TO_ICON_MAP` for display in the software catalog.
[[1]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR15)
[[2]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR412)
2026-02-19 22:23:51 -06:00
Allen Houchins
1f97e3d1eb
Add LastPass as a Windows FMA (#40153)
This pull request adds support for the LastPass password manager to the
maintained apps ecosystem, including its metadata, installation and
uninstallation scripts, and a new icon for the frontend. The changes
ensure that LastPass can be managed like other supported applications
and is visually represented in the software UI.

**LastPass app integration:**

* Added LastPass metadata to `winget` inputs, including installer
details and default categories.
* Added LastPass to the maintained apps output list (`apps.json`) with a
description for display in the UI.
* Created a new output file for LastPass (`lastpass/windows.json`)
specifying versioning, detection queries, install/uninstall scripts, and
installer hash.

**Frontend/UI updates:**

* Added a new React SVG icon component for LastPass (`LastPass.tsx`).
* Registered the LastPass icon in the software icon map so it appears in
the UI when LastPass is detected.
[[1]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR10)
[[2]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR297)
2026-02-19 22:02:34 -06:00
melpike
c3e71779f9
Add placeholder and update helpText for Add user on host details page (#39974)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38574
2026-02-19 10:03:40 -07:00
kiloconnect[bot]
20049689ea
Add copy to Lock modal for iOS/iPadOS: explain that if host is turned off it gets disconnected from WiFI and can't be unlocked (#39967)
Resolves: #39251 

## Changes

This PR updates the lock modal for iOS/iPadOS hosts to display the copy
which explains that host can't be unlocked if restarted, because Wi-Fi
can't be connected.

- [x] Changes are covered by tests
- [x] Manual QA for all new/changed functionality

---

Built for [Marko
Lisica](https://fleetdm.slack.com/archives/D0AFA3M07AP/p1771343829171799?thread_ts=1771342741.687709&cid=D0AFA3M07AP)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)

---------

Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Co-authored-by: Marko Lisica <markol.lisica@gmail.com>
Co-authored-by: Jordan Montgomery <elijah.jordan.montgomery@gmail.com>
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
2026-02-19 13:24:58 +00:00
Gabriel Hernandez
b957188b84
create UI global activity for adding/removing Microsoft Entra tenant (#39919)
**Related issue:** Resolves #39266

# Checklist for submitter

created UI global activities for adding and removing Microsoft Entra
tenant

- [x] QA'd all new/changed functionality manually
2026-02-19 13:20:01 +00:00
Gabriel Hernandez
a5add0b82f
add UI for adding and removing multiple microsoft entra tenant ids (#39910)
**Related issue:** Resolves #39266

> NOTE: activities is in another PR
[here](https://github.com/fleetdm/fleet/pull/39919)

# Checklist for submitter


This adds/updates the UI to enable users to add multiple Microsoft Entra
tenant ids. This also updates the mdm page microsoft entra section.

**New Microsoft Entra card states on mdm page:**

<img width="757" height="107" alt="image"
src="https://github.com/user-attachments/assets/b1c58268-ed75-4055-8192-d74cc7be67f6"
/>

<img width="770" height="131" alt="image"
src="https://github.com/user-attachments/assets/149e08a2-acfc-4f3f-948f-bffce5a27f8a"
/>

<img width="768" height="110" alt="image"
src="https://github.com/user-attachments/assets/74d7bc58-dd64-496e-a36a-44de44aa6b0b"
/>


**New Microsoft Entra page to add/remove multiple tenant ids:**

<img width="792" height="713" alt="image"
src="https://github.com/user-attachments/assets/c34baab8-19ad-4d28-87ea-51955e28f428"
/>

**new add and delete tenant id modals**

<img width="664" height="319" alt="image"
src="https://github.com/user-attachments/assets/d3ccc177-a780-4ec4-a2c0-747edad40ae1"
/>

<img width="664" height="267" alt="image"
src="https://github.com/user-attachments/assets/c08b7992-c440-4c57-9d4e-4b20ae0f5cf2"
/>

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-02-19 13:19:52 +00:00
Allen Houchins
cb6cc266c6
Add BetterDisplay as a macOS FMA (#40087)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40043
2026-02-18 21:05:50 -06:00
Scott Gress
93c75cf1b2
Fix software group dropdown w/ fleet_id (#40079)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40077 

# Details

Fixes an unreleased bug where rewriting the location with `fleet_id` in
the string would not properly set the current team in the useTeamParam
hook. This is because we haven't fully switched over to `fleet_id`
internally yet, so we still need to check for `team_id` until we do.

Also updated a few lingering instances of "team" in the user-facing
text.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, unreleased bug

## Testing

- [ ] Added/updated automated tests
no tests to speak of
- [X] QA'd all new/changed functionality manually
On main branch, was able to reproduce the issue where selecting an
option from the "All software" dropdown on the Software page caused the
selected fleet to be reset. On this branch, the selected fleet was
maintained after making a selection.

For unreleased bug fixes in a release candidate, one of:

- [X] Confirmed that the fix is not expected to adversely impact load
test results
2026-02-18 17:53:00 -06:00
RachelElysia
c0a5ba32ce
Fleet Desktop: Wire transparency URL to end user (#39869) 2026-02-18 17:18:12 -05:00
RachelElysia
0c931ba9b0
Fleet UI: Add length error to label forms (#39992) 2026-02-18 17:17:40 -05:00
Nico
5136d40e27
Fix: Policy automations revert to old value in UI after saving (#40012)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38948 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.


## Testing

- [x] QA'd all new/changed functionality manually

Ran Fleet with **make db-replica-run**, previously set up the writer and
reader DBs with **make db-replica-setup**.

#### Before



https://github.com/user-attachments/assets/13b1fb80-5a68-4780-825b-c6afb978f0e6



#### After



https://github.com/user-attachments/assets/1f70d016-a0b8-49e6-8690-4a9f077d5c99
2026-02-18 18:16:56 -03:00
Scott Gress
c9e7a7a13a
Fix enroll secrets UI (#40004)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39260

# Details

Fixes the banner displayed when a team has no enroll secrets to match
similar, non-dismissible warning banners, and corrects the padding
between text and button in the "Add enroll secret" modal empty state.

<img width="773" height="221" alt="image"
src="https://github.com/user-attachments/assets/490f49f1-ccaa-47c7-8ba3-a7de2896d932"
/>

---

<img width="662" height="380" alt="image"
src="https://github.com/user-attachments/assets/0f73b9b8-d625-4f40-ac8d-edb71e9f2a22"
/>


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [ ] Added/updated automated tests
n/a, styling only
- [X] QA'd all new/changed functionality manually
See screenshots above
2026-02-18 08:11:33 -06:00
Gabriel Hernandez
0f38559203
fix whitespace wrapping on status table in mdm card on dashboard page (#39955)
**Related issue:** Resolves #38654

# Checklist for submitter

This fixes an issue where the status name was wrapping at smaller
viewport sizes on the mdm card of the dashboard page.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] QA'd all new/changed functionality manually
2026-02-18 12:00:17 +00:00
Scott Gress
54b51fce6c
Revert moving to fleet_id prematurely in API requests (#40005)
Until backend updates are merged, we can't send `fleet_id` as a query
parameter in API calls. This PR reverts the code that switched to
`fleet_id` so that the front end will continue to work while we finalize
back-end changes in https://github.com/fleetdm/fleet/pull/39873.

On current main branch, switching between fleets in the dropdown on the
Hosts page does nothing (always shows Unassigned hosts). With this fix
it switches between fleets as expected.
2026-02-18 00:25:23 -06:00
Scott Gress
cd18ced3e9
Rename teams and queries to fleets and reports in UI (#39572) 2026-02-17 15:19:33 -06:00
Juan Fernandez
aec1f1e304
Fixed bug with Host detail software tab page title (#39941)
Resolves #39613

Fixed an issue where the App component incorrectly reset the page title
when navigating to the Software tab on the Host detail page.
2026-02-17 13:20:24 -04:00
RachelElysia
d808fc88f5
Fleet UI: Update setup page styling (#39846) 2026-02-17 09:35:00 -05:00
jacobshandling
fc31741a19
Dynamically alphabetize vitals on the host details page (#39946)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39794 

Before –> After
<img width="2015" height="479" alt="Screenshot 2026-02-16 at 1 28 11 PM"
src="https://github.com/user-attachments/assets/5f54b3d0-94d4-4881-8364-d22398289f18"
/>


- [x] Changes file added for user-visible changes in `changes/
- [x] QA'd all new/changed functionality manually
2026-02-16 15:31:20 -08:00
Noah Talerman
a5e37582d5
Controls > OS settings > Disk encryption: Consistent padding/styles (#39802)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/39803
2026-02-16 15:21:05 -05:00
jacobshandling
beca67550b
Move copy UI for InputFields with type="textarea" in line with the label (#39885)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #35561 

<img width="647" height="655" alt="Screenshot 2026-02-13 at 4 24 57 PM"
src="https://github.com/user-attachments/assets/b191f8bb-e6b7-4f3d-8819-eccf23a408f8"
/>

- Spot checked all relevant instances of `InputField` (`type="textarea"
and `enableCopy`)


- [x] Changes file added for user-visible changes in `changes/`
-  [x] QA'd all new/changed functionality manually
2026-02-16 12:11:40 -08:00
jacobshandling
3bd6a93ada
Fix unreleased copy misalignment (#39882)
Before:
<img width="726" height="399" alt="Screenshot 2026-02-13 at 3 13 01 PM"
src="https://github.com/user-attachments/assets/8663541c-5308-42a1-888d-0ae255af8983"
/>

Now:
<img width="726" height="399" alt="Screenshot 2026-02-13 at 3 13 31 PM"
src="https://github.com/user-attachments/assets/37a09b63-a89e-4bea-92b9-82eebdd9de6f"
/>

- [x] Manual QA
2026-02-16 10:54:36 -08:00
RachelElysia
0a2e1bff46
Fleet UI: Update Android delete software message (#39359)
## Issue
Closes #38767 

## Description
- Update copy and basic test of copy
- To be merged along with @mna 's BE changes for #38766  

## Screenshot of change
<img width="1259" height="333" alt="Screenshot 2026-02-04 at 4 29 33 PM"
src="https://github.com/user-attachments/assets/04accd98-e57d-4ec6-a050-85bb3d8a8aef"
/>


## Testing

- [x] QA'd all new/changed functionality manually
2026-02-16 13:18:53 -05:00
Konstantin Sykulev
3f8875cbdf
Allow vulnerability webhook to fire for fleet free (#39810)
**Related issue:** Resolves #29076

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually



<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
  * Vulnerability webhooks are now available for free-tier users.

* **Improvements**
* Refined webhook payload display for free-tier users by removing
certain advanced vulnerability metrics.
* Updated UI text descriptions in automation management to reflect
free-tier vulnerability scanning behavior.
* Simplified permission requirements for accessing automation management
features.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-02-16 11:02:48 -06:00
RachelElysia
ed7216eb10
Fleet UI: Host details page includes team_id param in URL (#39801) 2026-02-13 16:42:17 -05:00
RachelElysia
c4196ed46c
Fleet UI: Add loading spinner to labels dropdown (#39852) 2026-02-13 16:41:54 -05:00
jacobshandling
7a5ae1fd0e
Remove stable scrollbar gutters from the UI (#39850)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
### **Related issue:** Resolves #34122 

#### When `classic` scrollbars are in effect, [desired tradeoff
](https://github.com/fleetdm/fleet/issues/34122#issuecomment-3898734128)is
present:
- Gutter no longer reserved when DOM content not scrollable:
<img width="786" height="1033" alt="Screenshot 2026-02-13 at 10 41
53 AM"
src="https://github.com/user-attachments/assets/9d840a5d-c37e-4d8e-9e80-a8781b60d60a"
/>
- Scrollbars remain visible when content is scrollable:
<img width="786" height="1033" alt="Screenshot 2026-02-13 at 10 42
41 AM"
src="https://github.com/user-attachments/assets/6f9ce83f-29cc-474f-939f-0b3d0730e39f"
/>

- [x] Changes file added for user-visible changes in `changes/`
- [x] QA'd all new/changed functionality manually
2026-02-13 13:34:02 -08:00
Nico
338bb64a64
Left align Critical checkbox in Save policy modal (#39786)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39423 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

### Before

<img width="693" height="808" alt="Screenshot 2026-02-12 at 4 53 53 PM"
src="https://github.com/user-attachments/assets/ba60d010-2e1b-4a10-86c3-b229bdd9eddc"
/>


### After

<img width="712" height="809" alt="Screenshot 2026-02-12 at 4 57 36 PM"
src="https://github.com/user-attachments/assets/d4271b5f-b721-4081-8cff-d48821a635e9"
/>

---------

Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
2026-02-13 16:42:09 -03:00
RachelElysia
0344f81366
Fleet UI: Show CTA to turn on Android MDM (#39763) 2026-02-13 09:20:56 -05:00
RachelElysia
e8085f7623
Fleet UI: Remove host_id from query report table (#39758) 2026-02-13 09:19:39 -05:00
Nico
87731cb865
Disable Calendar option in Policy > Manage automations for No team (#39784)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #30967 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually
<img width="884" height="475" alt="Screenshot 2026-02-12 at 4 17 42 PM"
src="https://github.com/user-attachments/assets/169f4046-567e-455d-a6a3-8c70c4628321"
/>

---------

Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
Co-authored-by: Jacob Shandling <jacob@shandling.dev>
2026-02-12 15:15:02 -08:00
Tim Lee
fb2ddde9bf
Scan goval-dict for rhel kernel vulnerabilities(#39749) 2026-02-12 15:21:59 -07:00
jacobshandling
ad8a6425a5
Clean up DUP naming and imports (#39591)
Housekeeping
2026-02-12 10:16:01 -08:00
jacobshandling
4fcc702137
Improve host software inventory table's handling of long "Type" values. (#39732)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #34748 

Added tooltip truncation behavior:
<img width="1695" height="784" alt="Screenshot 2026-02-11 at 4 11 46 PM"
src="https://github.com/user-attachments/assets/cc7b314f-510e-478a-b5f0-e0fd3d4a15b9"
/>
<img width="1695" height="784" alt="Screenshot 2026-02-11 at 4 13 19 PM"
src="https://github.com/user-attachments/assets/293616a5-faec-40de-9a12-0a76e87e8931"
/>


- [x] Changes file added for user-visible changes in `changes/`
- [x] QA'd all new/changed functionality manually
2026-02-12 10:15:26 -08:00
Ian Littman
e760b9081d
Upgrade JS deps (#39639)
Ran `yarn upgrade` to catch things up. Seeing if tests pass, then will
add other items on top.

---------

Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
2026-02-12 09:49:20 -06:00
Jordan Montgomery
ea23a8814d
Remove debugger breakpoint left from #39389 (#39754)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39389 (unreleased bug)

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

## Testing

- [ ] QA'd all new/changed functionality manually
2026-02-12 15:36:25 +00:00
RachelElysia
4b9fea67c0
Fleet UI: Still show Reinstall instead of Install after failed uninstall (#39708) 2026-02-12 09:51:06 -05:00
jacobshandling
97ad0c5afd
UI: Allow conditional access bypass per-policy (#39667)
**Related issue:** Resolves #39000 

<img width="1014" height="626" alt="Screenshot 2026-02-10 at 8 44 22 PM"
src="https://github.com/user-attachments/assets/9d66906f-732e-4376-83c7-24b4deda7665"
/>


- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually - TODO with [wip API
portion](https://github.com/fleetdm/fleet/issues/39004)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Fleet administrators can now control conditional access bypass on a
per-policy basis
  * Added toggles to enable or disable bypass for individual policies
* Enhanced UI with tooltips displaying conditional access provider
configuration details

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-02-11 18:55:59 -08:00
Noah Talerman
bf5d3426f8
UI success messages: Consistent tone (#39675)
- I think we want to move away from exclamation marks (!). They sound
too excited. I just saved a query...did that do something more?
2026-02-11 18:25:54 -05:00
Nico
ffe0f71c83
Technician role FE changes (#39494)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38630

## Testing

- [x] QA'd all new/changed functionality manually

Screenshots below were taken with a **Team Technician** user. Same
changes apply for a **Global Technician**.

#### Controls > OS settings > Disk encryption

- Shows table without controls below.
- Shows empty state (doesn't allow to turn it on).

<img width="1915" height="886" alt="Screenshot 2026-02-10 at 12 24
25 PM"
src="https://github.com/user-attachments/assets/3f44d338-e728-4eb2-ad93-e30844201b52"
/>
<img width="1913" height="907" alt="Screenshot 2026-02-10 at 12 31
38 PM"
src="https://github.com/user-attachments/assets/71706e9e-0540-4c25-b5c0-3f7ccff3ba5a"
/>

#### Controls > OS settings > Custom settings

- Changed description to say **View configuration profiles that apply
custom settings.** instead of **Create and upload configuration profiles
to apply custom settings.**.
- **Add profile** not shown within table header.
- Trash can icon not shown when hovering over a row within the table.
- **Add profile** card not shown on empty state. Instead, "No
configuration profiles have been added." is shown.

<img width="1911" height="729" alt="Screenshot 2026-02-10 at 12 24
39 PM"
src="https://github.com/user-attachments/assets/aa68cbaf-4772-402d-9288-b4be2ddd3250"
/>
<img width="1912" height="650" alt="Screenshot 2026-02-10 at 12 28
48 PM"
src="https://github.com/user-attachments/assets/6a186172-b01f-4314-bb50-4cb533e13bce"
/>

#### Controls > Scripts > Library

- **Add script** not shown within table header.
- No actions shown when hovering over a table row.
- Can view script by clicking on a table row.
- Removed **To run the script across multiple hosts, add a policy
automation on the Policies page** line below **To run this script on a
host, go to the Hosts page and select a host.**.
- Updated copy to `To run this script on a host, go to the Hosts page
and select a host. Then, click Actions > Run script.`

<img width="1912" height="772" alt="Screenshot 2026-02-10 at 12 25
46 PM"
src="https://github.com/user-attachments/assets/83fbc1ec-3a6e-4bb5-865e-b5e7faef1e37"
/>

<img width="1732" height="761" alt="Screenshot 2026-02-11 at 3 50 33 PM"
src="https://github.com/user-attachments/assets/6dda97d7-fde2-4bcd-94b3-fa7368c65528"
/>


#### Labels

Can add label and filter by label

<img width="160" height="247" alt="Screenshot 2026-02-10 at 12 51 24 PM"
src="https://github.com/user-attachments/assets/ed63b708-27f8-4363-9d4f-9a7b0bf82b21"
/>

<img width="1901" height="856" alt="Screenshot 2026-02-10 at 12 35
07 PM"
src="https://github.com/user-attachments/assets/c2ef5e21-03ab-4955-a22f-cd6ca32f3179"
/>

<img width="1903" height="937" alt="Screenshot 2026-02-10 at 12 36
11 PM"
src="https://github.com/user-attachments/assets/d9d9f3bc-4d71-4c4b-902a-455eec9e057c"
/>

Can edit/delete labels created by themselves.
NOTE: my technician user ID is 37 - note that the **x** label belongs to
a different user id, while the second label belongs to ID 37, therefore
it can be edited and deleted.

<img width="1915" height="1152" alt="Screenshot 2026-02-10 at 12 38
29 PM"
src="https://github.com/user-attachments/assets/21f44c11-4e2d-456b-8547-90936b5d7602"
/>
<img width="1911" height="1154" alt="Screenshot 2026-02-10 at 12 38
42 PM"
src="https://github.com/user-attachments/assets/f9f7ea30-11b2-4d2d-9d71-de7299e4b451"
/>

Can delete manual label from host



https://github.com/user-attachments/assets/b64ba6dd-3f54-4dcd-9c57-7bede65122da

#### Host details

Can run scripts and view their results

<img width="1908" height="472" alt="Screenshot 2026-02-10 at 12 52
33 PM"
src="https://github.com/user-attachments/assets/d1e40339-ec52-47ff-bc53-c311498ffe80"
/>
<img width="1882" height="716" alt="Screenshot 2026-02-10 at 12 52
40 PM"
src="https://github.com/user-attachments/assets/dd0c2ec3-8cb8-4835-9c6d-f731a7434637"
/>
<img width="1915" height="718" alt="Screenshot 2026-02-10 at 12 52
48 PM"
src="https://github.com/user-attachments/assets/5e7a73e0-ac5b-4d38-b635-770f53dea9e3"
/>
<img width="1914" height="718" alt="Screenshot 2026-02-10 at 12 52
55 PM"
src="https://github.com/user-attachments/assets/b199c796-66b1-46bc-b2b5-fd35e8aa7a7c"
/>

Can run query associated to host as a live query




https://github.com/user-attachments/assets/7aea6f63-e443-4fa0-87dc-48bef84efa2f

#### Software

Doesn't show trash can icon on software installer card, just the
download one.

<img width="1423" height="838" alt="Screenshot 2026-02-10 at 1 33 53 PM"
src="https://github.com/user-attachments/assets/3a55c226-0bba-43ac-8594-7b5ac0a3684a"
/>

Can install/uninstall software on a host. Note that **Add software**
button is hidden (technicians can't add software).

<img width="1378" height="277" alt="Screenshot 2026-02-10 at 3 08 55 PM"
src="https://github.com/user-attachments/assets/bf413467-2071-48b6-b62b-f3a721b6057c"
/>



#### Queries

- Can run inherited queries on all hosts


https://github.com/user-attachments/assets/09f07e6b-a8c1-453e-81fd-4deb16005836

- Can run team queries on all hosts


https://github.com/user-attachments/assets/18b62dea-e159-40ea-b0ed-1d96b6bd40e7

- Can't manage automations or add queries (buttons are not shown at the
top-right corner)

#### Policies

Same as Queries



https://github.com/user-attachments/assets/2c24514a-2ae0-47a6-b631-6f9e48fc7b9c

#### Protected routes

Tested that I can't access routes that have restricted functionality for
this role, such as:

- **/controls/os-updates**, **/controls/setup-experience** and
**/controls/os-settings/certificates** => redirects to
**/controls/os-settings** 
- **/controls/scripts/progress** => redirects to
**/controls/scripts/library** 
- **/queries/new** and **/software/add/*** => renders access denied page


---------

Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2026-02-11 18:38:41 -03:00
RachelElysia
1867e13e07
Fleet UI: Tarballs and script packages skip recent updates UI statuses (#39437) 2026-02-11 14:07:11 -05:00
Lucas Manuel Rodriguez
59786c8c0e
Add new Technician role (#39564)
Resolves #38621, #38627, and #38623.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] Added/updated automated tests
- [X] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Added a new premium-tier Technician role with read/write permissions
across teams, hosts, policies, queries, and configurations.
* License validation now prevents assigning premium roles on Fleet Free
editions.

* **Bug Fixes**
* Updated role-based access controls across team management pages to
properly restrict technician access.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-02-11 15:00:10 -03:00
Noah Talerman
2f3d4172b2
Users > Add/edit user: Only page scroll (#39441)
For the following quick win:

- https://github.com/fleetdm/fleet/issues/39440
2026-02-11 12:28:46 -05:00
RachelElysia
6bbac7cd83
Fleet UI: Script-only package support for macOS (#39626) 2026-02-11 12:18:32 -05:00
RachelElysia
e3871a4bdf
Fleet UI: Disable save of form that cannot save (#39628) 2026-02-11 11:49:38 -05:00
Gabriel Hernandez
7ccf47ca44
update enroll page to include QR codes for enrolling various devices (#39389)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38880, #38881

This adds the UI updates to the enroll page to so that verious devices
can enroll after scanning the QR code.

> NOTE: still a small piece is needed to integrate with the API changes
and to ensure android devices can actually enroll with the new QR code.

# Checklist for submitter


- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] QA'd all new/changed functionality manually
2026-02-11 09:57:36 +00:00
Nico
65a877a067
Show Manage Automations disabled button with tooltip on Policies page (#39392)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39304 (part of #25080)

Implemented similar approach to
https://github.com/fleetdm/fleet/pull/39302, with the difference that
the list policies endpoint does not include a count, and there is a
separate endpoint. I extended the count policies endpoint to include an
`inherited_policy_count`.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests

- [x] QA'd all new/changed functionality manually
2026-02-09 15:41:31 -03:00
Nico
e5849ee720
Show Manage Automations disabled button with tooltip on Queries page (#39302)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39303 (child of #25080).

- Added `inherited_query_count` to `ListQueriesResponse` (thought of
adding a brand new endpoint just for counting, but felt like extending
the current one was good enough). In the parent task, [it was
suggested](https://github.com/fleetdm/fleet/issues/25080#issuecomment-3326071574)
to `"Depend on team list entity endpoint's count field / team entity
count endpoint for whether or not to disable the manage automations
button"`, which Rachael approved, so I went for this approach.
- The `ManageQueryAutomationsModal` now fetches its own data with
`merge_inherited = false` (meaning it only fetches non-inherited queries
only). Previously, queries were passed down as props to it, which would
not show the queries available to automate if the first page of queries
were all inherited and the second page contained queries for that team
(the user would have to navigate to the second page for the button to be
enabled).


^ The fact that the modal fetches its own data is similar behavior to
what is currently done in `Policies`. For queries, I noticed that we
would need to add pagination within the `Manage Automations` modal, but
that can be a follow-up.

<img width="2480" height="1309" alt="Screenshot 2026-02-04 at 11 48
42 AM"
src="https://github.com/user-attachments/assets/ebac79a5-a793-4708-9313-d9a697dfd7de"
/>


# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually



https://github.com/user-attachments/assets/119f03b9-dde1-4bb9-9fee-6204b1a58879
2026-02-09 15:16:28 -03:00
Noah Talerman
5ac8deeccf
Activity: Typo for macOS OS updates (#39469)
For the following bug:
- https://github.com/fleetdm/fleet/issues/39438
2026-02-09 09:41:01 -05:00
Juan Fernandez
4657a6979e
Add activity for modified enroll secrets (#39292)
Resolves #36755 

When an user edits (add, updates or deletes) an enroll secret, then a
global activity should be generated.
2026-02-07 09:21:10 -04:00
Gabriel Hernandez
15d123db50
update add host modal to handle fully managed android enrollment (#39468)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38881

This adds the UI to the add host modal that allows for android fully
managed devices.

<img width="800" height="405" alt="image"
src="https://github.com/user-attachments/assets/2f86d417-ee14-456b-a06f-32c292c5e7a3"
/>

It also includes a small copy change for delete host modal

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [ ] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2026-02-06 17:08:35 +00:00
Rachael Shaw
b6117ae6db
Fix label button hover state (#39425)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39273

### Before:
<img width="139" height="50" alt="Screenshot 2026-02-05 at 1 53 58 PM"
src="https://github.com/user-attachments/assets/70ada09e-2aeb-481a-9ebd-d7937e37f74f"
/>

### After:
<img width="144" height="59" alt="Screenshot 2026-02-05 at 1 52 26 PM"
src="https://github.com/user-attachments/assets/1eebb0a5-e46f-4c71-b4f3-0a66d5082b75"
/>


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [x] QA'd all new/changed functionality manually
2026-02-06 11:06:22 -06:00
RachelElysia
2600786d5b
Fleet UI (GitOps Mode): Disable edit software modal fields for FMAs, add GitOps tooltips on Save buttons (#39335) 2026-02-06 11:19:35 -05:00
RachelElysia
ebacf3d2ba
Fleet UI: fix unreleased disabled overlay sizing (#39305) 2026-02-06 10:14:30 -05:00
Noah Talerman
0a25e55f04
Windows wipe: Clarify that you'll have to do a Windows reinstall from a USB drive (#39395)
For the following quick win:
- https://github.com/fleetdm/fleet/issues/38942
2026-02-05 13:23:50 -05:00
Rachael Shaw
9cce21951c
Tiny copy fix (#39356)
Just added a `.`
2026-02-05 11:32:00 -06:00
Marko Lisica
e3002d409a
Add help text below InstallerStatusTable to explain the meanings of counts (#38994)
**Related issue:** Resolves #37219

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually
2026-02-05 17:11:09 +01:00
RachelElysia
657e8159a2
Fleet UI: Update label errors to be generic to prevent overflow (15 instances) (#39183) 2026-02-05 09:17:38 -05:00
Allen Houchins
72dfd1f414
Add Yubico Authenticator as a Windows FMA (#39351)
This pull request adds support for managing the Yubico Authenticator
application on Windows. The changes introduce the necessary metadata,
installation and uninstallation scripts, and update the application
catalog to include this new platform-specific entry.

**Addition of Yubico Authenticator for Windows:**

* Added a new input file with metadata for the Windows version of Yubico
Authenticator, specifying details like package identifier, architecture,
and default categories in `yubico-authenticator.json`.
* Created an output file containing version information, installation
and uninstallation scripts, installer URL, SHA256 hash, and upgrade code
for Yubico Authenticator on Windows in
`yubico-authenticator/windows.json`.
* Updated the main application catalog (`apps.json`) to include a
Windows-specific entry for Yubico Authenticator, with appropriate slug
and description.

**Frontend icon update:**

* Updated the image data for the Yubico Authenticator icon in the
frontend component to reflect the correct or updated icon asset.
2026-02-04 15:13:30 -06:00
jacobshandling
b19946a395
Fix priority of DUP banner rendering conditions (#39342)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39313 
Implements [this
prioritization](https://github.com/fleetdm/fleet/issues/39313#issuecomment-3849419330)

- [x] QA'd all new/changed functionality manually

For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
2026-02-04 12:46:50 -08:00
Rachael Shaw
fac6ca5f2a
Add ellipsis to cut-off placeholder text in search fields (#39112)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves
https://github.com/fleetdm/fleet/issues/39171

#### Before
<img width="324" height="174" alt="Screenshot 2026-01-30 at 5 35 46 PM"
src="https://github.com/user-attachments/assets/5969b815-ce94-4835-936e-f8ce27427caa"
/>

#### After
<img width="331" height="179" alt="Screenshot 2026-01-30 at 5 34 58 PM"
src="https://github.com/user-attachments/assets/18fcb458-acb9-4041-b347-1b1f5d18b2a2"
/>


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually
2026-02-04 13:28:00 -06:00
Harrison Ravazzolo
7d255556e3
FMA: Extensis Connect Fonts (#39315)
Co-authored-by: Allen Houchins <32207388+allenhouchins@users.noreply.github.com>
2026-02-04 11:12:02 -06:00
Noah Talerman
fa4b7426f1
End user /enroll page for macOS: Download button should have semi-bold font weight (#39301)
For the following quick win: 
- https://github.com/fleetdm/fleet/issues/39300
2026-02-04 11:51:47 -05:00
RachelElysia
277a7b35c3
FE: Fix test description (#39159) 2026-02-04 10:25:03 -05:00
RachelElysia
4fdea91a7a
Fleet UI: Add Software > FMA table - Add platform and status filter (#37805) 2026-02-04 09:16:11 -05:00
RachelElysia
b1d0a5c2da
End user UI: Update logo loading spinner styling (#39234) 2026-02-04 09:09:30 -05:00
Carlo
f84d800399
Add error message for decryption failures (#38919)
Fixes #37130
2026-02-03 17:08:44 -05:00
Nico
18e79d11ac
Fix: Show error reason when trying to edit a label that conflicts with a built-in label name (#39259)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #37146

Follow-up of https://github.com/fleetdm/fleet/pull/38828 which only
handled label creation. This PR adds the same behavior for edits.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

<img width="1070" height="647" alt="Screenshot 2026-02-03 at 4 45 45 PM"
src="https://github.com/user-attachments/assets/c4762929-df86-45f4-ae3d-d529db00890e"
/>


<img width="1071" height="648" alt="Screenshot 2026-02-03 at 4 39 28 PM"
src="https://github.com/user-attachments/assets/a5661043-3f6a-440c-abe1-7f9beec1469b"
/>
2026-02-03 17:24:28 -03:00
Martin Angers
838de3f428
Bugfix: use custom software title icon and display name in setup experience UI (#39223) 2026-02-03 14:56:16 -05:00
RachelElysia
6ed334c4c0
Fleet UI: Run script 400px truncation instead of 250px (QA followup) (#39243) 2026-02-03 13:53:57 -05:00
Allen Houchins
dfd44f5ba8
Change OS update deadline to 7PM local time (#38810)
Updated documentation, backend, frontend, and tests to set the OS update
enforcement deadline to 19:00 (7PM) local time instead of noon. This
ensures consistency across user-facing text, API docs, configuration
files, and the MDM payload.

<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38834

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Magnus Jensen <magnus@fleetdm.com>
2026-02-03 09:42:12 -05:00
Dante Catalfamo
7ca0d4a67d
Make sure the conditional access bypass only shows up for okta (#39169)
**Related issue:** Resolves #37276
2026-02-02 17:07:35 -05:00
Nico
2244edb7f1
Fix: Long text strings not appearing correctly in new host vitals (#39154)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #39125

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.


## Testing

- [x] QA'd all new/changed functionality manually

### Disk space

Renamed to `Disk space available` following [Scott's
suggestion](https://github.com/fleetdm/fleet/issues/39125#issuecomment-3836462342)
(we don't have to truncate at all since content will fit).

For linux hosts specifically, we already have a tooltip and show extra
information (see https://github.com/fleetdm/fleet/issues/31671)
<img width="208" height="95" alt="Screenshot 2026-02-02 at 2 10 52 PM"
src="https://github.com/user-attachments/assets/c9aa3391-1c6d-4591-a838-1b48bb37a269"
/>

Non-linux hosts:
<img width="169" height="63" alt="Screenshot 2026-02-02 at 2 11 05 PM"
src="https://github.com/user-attachments/assets/41addcbb-5a26-44c3-a16b-d13b3db2a642"
/>


### OS version

There was an existing tooltip when min version requirement is not met.
Decided to also show the version within it.

<img width="282" height="117" alt="Screenshot 2026-02-02 at 1 50 01 PM"
src="https://github.com/user-attachments/assets/c136ff2d-56a3-46b5-80d5-090f85fed734"
/>

Similar as above, when the min version requirement is met.

<img width="282" height="103" alt="Screenshot 2026-02-02 at 1 50 25 PM"
src="https://github.com/user-attachments/assets/9afc75a9-334a-4ab8-b4ee-3a79130bfd39"
/>

When there's no version requirement, just show the version only when
it's cut off.

<img width="276" height="70" alt="Screenshot 2026-02-02 at 1 51 03 PM"
src="https://github.com/user-attachments/assets/1ef9c924-5a49-43d9-9c76-16fed9aaea0d"
/>

### Hardware model

<img width="183" height="50" alt="Screenshot 2026-02-02 at 1 59 01 PM"
src="https://github.com/user-attachments/assets/03a43d17-76ea-413f-bde0-ae0b82fd379b"
/>

<img width="229" height="60" alt="Screenshot 2026-02-02 at 1 59 04 PM"
src="https://github.com/user-attachments/assets/4745202c-114e-4264-a74f-51da1894fc5a"
/>



For unreleased bug fixes in a release candidate, one of:

- [x] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
2026-02-02 18:19:39 -03:00
Juan Fernandez
52b36991b7
Unfinished Entra integration setup breaks UI (#38847)
Resolves #38582 

* Updated front end to prevent entraPhase state to be overwritten over and over again by useQuery + useEffect.
* Refactored UI displayed when entraPhase is in confirming state.
2026-02-02 15:29:04 -04:00
RachelElysia
1ea93c38f3
Fleet UI: Fix FMA create editor fields (#39149) 2026-02-02 12:37:56 -05:00
RachelElysia
efeb90910d
Fleet UI: installed sw in inventory do not show failures (#38458) 2026-02-02 12:19:55 -05:00
Dante Catalfamo
40f6546de7
Add conditional access already bypassed check (#39037)
**Related issue:** Resolves #37281
2026-02-02 10:35:55 -05:00
RachelElysia
7df87c91b8
Fleet UI: Bold table column-headers (#39105) 2026-01-31 14:24:55 -05:00
Noah Talerman
c9d34e1199
iPhone end user enrollment page: Add missing "4." (#39091)
For the following issue:
- https://github.com/fleetdm/fleet/issues/39090
2026-01-30 15:36:46 -05:00
Scott Gress
62c47739a5
Remove inlined node-sql-parser dependency (#39076)
Now that we have a better upstream to use for node-sql-parser, we no
longer have to use the inlined dependency and can remove the dead code.
2026-01-30 12:47:38 -06:00
Ian Littman
75ade244f8
Bump react-markdown and remark-gfm packages to resolve transitive dep vulns (#38411)
# Checklist for submitter

## Testing

- [ ] Added/updated automated tests

- [ ] QA'd all new/changed functionality manually

---------

Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
2026-01-30 16:44:19 +00:00
RachelElysia
f5b91feba5
Fleet UI: Keep from rendering <strong> on new line (#39059) 2026-01-30 11:22:31 -05:00
Rachael Shaw
ad7d6d122b
#17972 Move Windows automatic enrollment configuration instructions out of Fleet UI (#38949)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #17972 

### Screenshots
#### `/settings/integrations/automatic-enrollment/windows`:
<img width="1624" height="1061" alt="Screenshot 2026-01-28 at 5 51
46 PM"
src="https://github.com/user-attachments/assets/e3407428-9f05-42f4-a639-5daa73995fff"
/>

#### Guide:
<img width="1624" height="1061" alt="Screenshot 2026-01-28 at 3 56
06 PM"
src="https://github.com/user-attachments/assets/6b7aaba6-f942-48b3-9eb8-eb96aecc68ef"
/>

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

---------

Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
2026-01-30 10:05:07 -06:00
RachelElysia
f8e5aa1314
Fleet UI: Fix unreleased bug between locking/locating (#39024) 2026-01-29 20:59:59 -05:00
RachelElysia
38e27970af
Fleet UI: Microsoft.CompanyPortal > Company Portal (#38958) 2026-01-29 20:59:27 -05:00
Dante Catalfamo
79fe1fa744
Conditional Access Bypass Device UI and backend change (#38939)
**Related issue:** Resolves #37281
2026-01-29 18:10:07 -05:00