Changes:
- Removed the /meetups page, and added a redirect going to
/gitops-workshop
- Changed the route for the query generator back to /query-generator
(was /report-generator), and updated links going to that page.
Closes: https://github.com/fleetdm/confidential/issues/15631
Changes:
- Fixed a typo in the inputs on three microsoft proxy endpoints
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Corrected input validation to properly enforce required fields in
Microsoft proxy endpoints.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes: https://github.com/fleetdm/fleet/issues/44066
Changes:
- updated the `update-or-create-contact-and-account` helper to:
- Save potential duplicate contacts with placeholder name values (`?
?`).
- Use the firstName and lastName values returned by the get-enriched
helper if a name is not provided.
- Update contacts with placeholder name values if a name is provided.
- Removed a domain from the lists of banned email domains.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced Salesforce contact creation with automatic name derivation
from enrichment data.
* Improved duplicate detection allowing new contacts to be created with
flexible matching rules.
* Automatic replacement of placeholder names with verified data during
contact updates.
* **Chores**
* Updated email domain blocklists configuration.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Changes:
- Added new fields to forms that deliver emails
- Updated the actions called by those forms to return a success response
if the new input is provided
- removed two routes for unused actions
- Removed the button from the deal registration success state
Changes:
- Updated the input validation and added an invalidEmailDomain exit to
the deliver-deal-registration-submission and
deliver-partner-registration-submission actions
- Updated the input validation in the
deliver-whitepaper-download-request and deliver-webinar-access-request
actions
- Added error messages to the forms on the partners page for the added
exits
- Updated the `bannedEmailDomainsForCSRSigning` and
`bannedEmailDomainsForWebsiteSubmissions` config values
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Blocked submissions from restricted email domains with a clear error
response and a prompt to use a work email.
* **Bug Fixes**
* Strengthened email-format and required-field validation across
registration and request forms.
* Restricted partner registration type options to accepted values.
* **Chores**
* Added a domain to the denylist used for website submissions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Updating the contact source value for webinars and gated docs to match
the new sfdc values
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Corrected CRM contact-source classification so webinar access requests
and whitepaper downloads are categorized separately from general contact
form submissions.
* **Chores**
* Expanded accepted contact-source values in the CRM integration to
include distinct labels for webinars and gated documents.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes: https://github.com/fleetdm/fleet/issues/43578
Changes:
- Renamed the /query-library page to be /report-library, and added a
redirect
- Renamed the query-detail template page to report-details, and added
redirects for the query pages.
- Updated the docs nav to link to the "reports" page instead of queries
- Updated mentions of query/queries to be "report/reports"
- Renamed the query generator to be the report generator, and added a
redirect
- Updated the sitemap to use the new URLs for report-related pages
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added dedicated "Reports" library and details pages and client
bundles.
* **Refactor**
* Renamed "Queries" to "Reports" across UI, routes, page headings, and
labels (legacy redirects added).
* Updated generator branding from "Query robot" to "Report robot" and
updated tooltips/messages.
* **Chores**
* Updated sitemap and navigation to reference /reports and report detail
URLs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Changes:
- Added support for a new article category: `webinar`.
- Added a template page for webinar articles.
- Added an additional route for webinar articles that users are taken to
to watch the webinar recording.
- Added `deliver-webinar-access-request`, an action that updates CRM
records when users fill out the form on the webinar template page.
- Updated the accepted `intentSignal` values in the
create-historical-event helper.
- Added an article for the "Beyond the hype, practical AI for device
management" webinar.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Public webinar pages (/webinars/:slug and /watch) with optional
embedded video and a new page template, script, and styles.
* Sidebar signup form (first name, last name, work email) with prefill
for signed-in users and improved scroll behavior.
* POST API to request webinar access: validates email domain, records a
webinar-request event, triggers background CRM sync, and returns a watch
view on success.
* Static-site build now recognizes webinar articles and enforces
embedded-video URL validation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Related to: https://github.com/fleetdm/confidential/issues/15379
Changes:
- Added two exits to the VPP metadata proxy that are used when the Apple
API returns errors. `appleApiReturnedServerError` Is returned when the
Apple API returns a 500 error, and `appleApiReturnedForbiddenResponse`
is used when the Apple API returns a 403 response.
- Updated the error handler in the VPP metadata proxy to return the body
of the logged error.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved Apple App Store API error handling: forbidden (403) and
server (500) responses are now distinguished and mapped to specific
error outcomes.
* Other API errors now return the API response body (not the internal
error object), and error logging text was clarified for better
diagnostics.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Changes:
- Updated when Stripe customers are created for users who sign up on the
website. A Stripe customer will be created for new users if they
purchase a self-service Fleet Premium license.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Stripe customer accounts are now created during checkout instead of at
signup, deferring billing setup until needed.
* Signup no longer creates a Stripe customer record as part of user
registration.
* Checkout now enforces billing feature availability and includes
improved handling when creating customer billing records.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes: https://github.com/fleetdm/fleet/issues/42049
Changes:
- Added four attributes to the HistoricalUsageSnapshot model:
`oktaConditionalAccessConfigured`, `conditionalAccessEnabled`,
`conditionalAccessBypassDisabled`, and
`entraConditionalAccessConfigured`
- Added the new usage statistics as inputs to the
receive-usage-analytics webhook
> Note: Before this PR can be merged, the website's database needs to be
migrated to add the new columns.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added tracking for conditional access configuration states across Okta
and Entra platforms, including bypass and enablement status.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes: https://github.com/fleetdm/confidential/issues/14516
Changes:
- Updated update-or-create-contact-and-account to set the number of
hosts on account records if it is provided.
- Updated the create-quote action to send details about the number of
hosts to the update-or-create-contact-and-account helper
Changes:
- Updated the comments in the partners page script,
deliver-deal-registration-submission, and
deliver-partner-registration-submission.
- Removed unused @input functions on the partners page.
Changes:
- Added a new action `deliver-partner-registration-submission`
- Added a new page: `/partners` A page where users can submit a form to
register as a partner (reseller or integrations) or register a deal
- Updated `deliver-deal-registration-submission` to work with the new
form.
- Removed the route for the `/deals` page, and added a redirect to the
/partners page.
- Added a new email template `email-partner-registration`
- Added fake template data to the email tempalte preview tool's view
action for the new/updated email templates.
---------
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Closes: https://github.com/fleetdm/fleet/issues/42829
Changes:
- Updated the trial licenses generated for users in
view-fleet-premium-trial-or-redirect and view-fleetctl-preview to use
"Fleet Premium trial" as the organization if a user does not have an
organization set (older accounts created for Fleet sandbox)
Closes: https://github.com/fleetdm/fleet/issues/42043
Changes:
- Updated the customers page to only show 12 case study links by
default, and to include a "Load more" button that shows 12 more case
study card links when clicked.
- Renamed the files for the customers page (testimonials » customers)
Changes:
- Moved documentation pages into the docs/ folder
- Updated routes, poicies, and importer.less
- Renamed the "scripts" page to "script-library" to be consistent with
the other landing pages for YAML documentation
- removed a stray console.log() in the new-licence page script
Closes: https://github.com/fleetdm/confidential/issues/14516
Changes:
- Added inputs for individual platforms to the license form on
/new-license
- Updated contact descriptions set by the receive-from-stripe webhook
- Updated supported intentSignal values in the createHistoricalEvent
helper
- Updated the create-quote action to update contact descriptions and
create a historical event
## Summary
- Adds a new testimonial from Adam Anklewicz (Manager of IT Endpoint
Engineering, Thumbtack) to the Fleet customers page
- Quote highlights Fleet's responsive Slack-based support as a key
selling point
- Testimonial is positioned prominently (2nd in sort order) on the
customers page
- Uses existing Thumbtack logo image (`thumbtack-logo-197x40@2x.png`)
for the testimonial card
### Changes
- `handbook/company/testimonials.yml` — Added new testimonial entry with
all required fields
- `website/api/controllers/view-testimonials.js` — Added Adam Anklewicz
to the sort order (2nd position)
-
`website/assets/images/testimonial-author-adam-anklewicz-100x100@2x.png`
— Placeholder profile image (to be replaced with actual LinkedIn photo)
> **Note:** The profile image
(`testimonial-author-adam-anklewicz-100x100@2x.png`) is currently a
placeholder. It should be replaced with Adam's actual profile photo from
LinkedIn before merging.
Built for [Michael
Thomas](https://fleetdm.slack.com/archives/D0AL6RD36GL/p1774252288344369)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)
---------
Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
## Summary
Fixes all errors and warnings reported by the [W3C Feed Validation
Service](https://validator.w3.org/feed/check.cgi?url=https%3A%2F%2Ffleetdm.com%2Frss%2Farticles)
for the `/rss/articles` endpoint (and all other `/rss/:categoryName`
endpoints).
## Changes
Only one file modified: `website/api/controllers/download-rss-feed.js`
### Errors fixed
- **`lastBuildDate` not RFC-822 format**: Changed from `new
Date(Date.now())` (which produces JS `toString()` format like `Thu Mar
19 2026 14:45:30 GMT+0000 (Coordinated Universal Time)`) to `new
Date().toUTCString()` (which produces RFC-822 format like `Thu, 19 Mar
2026 14:45:30 GMT`)
- **`pubDate` not RFC-822 format** (431 occurrences): Changed from
`.toJSON()` (ISO 8601) to `.toUTCString()` (RFC-822)
- **Missing channel `<link>` element**: Added `<link>` element at the
channel level pointing to the category page
### Warnings fixed
- **Missing `guid` on items** (431 occurrences): Added `<guid
isPermaLink="true">` to each item using the article's permalink URL
- **Missing `atom:link` with `rel="self"`**: Added `xmlns:atom`
namespace to the `<rss>` element and an `<atom:link href="..."
rel="self" type="application/rss+xml"/>` element in the channel
### Additional fix
- Fixed a minor bug where the image `<link>` URL was missing a `/`
separator between the domain and category name (`fleetdm.comarticles` →
`fleetdm.com/articles`)
### Not addressed
- The "Invalid HTML: Named entity expected" warning about `'`
entities in descriptions. This is produced by Lodash's `_.escape()`
which correctly escapes apostrophes for XML content. The `'` entity
is valid XML — the validator flags it only in an HTML parsing context,
and it does not affect feed validity or reader interoperability.
---
Built for [Brock
Walters](https://fleetdm.slack.com/archives/C097P4TAPRR/p1773932018039599)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)
---------
Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
Closes: https://github.com/fleetdm/fleet/issues/41799
Changes:
- Added support for a new required meta tag for anonymous case study
articles: `cardTitleForCustomersPage`. The value of this meta tag is
used as the title of the automatically generated card link for the
article on the /customers page.
- Added support for a new meta tag for anonymous case study articles:
`cardBodyForCustomersPage`. If provided, the card link for the article
will use this value for the body text, if not provided, the card link
will display the `articleTitle` meta tag value.
- Updated the /customers page to automatically create card links for
case study articles that have `useBasicArticleTemplate` and
`cardTitleForCustomersPage` meta tags.
Closes: https://github.com/fleetdm/fleet/issues/41797
Changes:
- Updated the `updateOrCreateContactAndAccount` helper to include a date
timestamp (YYYY-MM-DD) and prepend updates to contact descriptions to
the existing description value.
Changes:
- Updated the GitOps workshop page's view action to omit events without
a venue set. (Note: this is a quick fix to resolve 500 errors on that
page, and I will create a follow up PR to display events without a venue
set)
## Summary
- Adds `'Registered for a conference'` to the `intentSignal` `isIn`
array in three files:
- `website/api/helpers/salesforce/create-historical-event.js` — between
`'Signed up for Fleet event'` and `'Engaged with Fleetie at event'`
- `website/api/controllers/webhooks/receive-from-clay.js` — between
`'Signed up for Fleet event'` and `'Engaged with Fleetie at event'`
-
`website/api/helpers/salesforce/update-or-create-contact-and-account.js`
— added to the `isIn` array
- This replaces the incorrect approach in PR #41918, which added the
signal to the handbook markdown table instead of the code where intent
signals are validated.
---
Built for [Sam
Pfluger](https://fleetdm.slack.com/archives/D0AF8QFBVHB/p1773789580384389?thread_ts=1773788922.891409&cid=D0AF8QFBVHB)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)
---------
Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
Changes:
- Commented out the section of the GitHub webhook that handles "release"
webhook events. The Zapier automation triggered by the webhook has been
turned off.
For: https://github.com/fleetdm/fleet/issues/39489
Changes:
- Updated the `update-one-devices-compliance-status` Microsoft proxy
endpoint to support compliance status updates for Windows devices
enrolled in Entra.
---------
Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
## Summary
Closes#41466
- Adds Anthropic Claude API support to the `prompt.js` AI helper,
detecting `claude-*` model names and routing to the Anthropic Messages
API (`https://api.anthropic.com/v1/messages`) with proper authentication
headers
- Switches both LLM calls in the query generator
(`get-llm-generated-sql.js`) from OpenAI models
(`gpt-4o-mini-2024-07-18` for schema filtration, `o3-mini-2025-01-31`
for SQL generation) to `claude-sonnet-4-6-20260218`
- Adds `anthropicSecret` config placeholder in `custom.js` (set via
`sails_custom__anthropicSecret` env var in production)
- Updates the query generator UI to reference "Anthropic" instead of
"OpenAI"
### Changes
| File | What changed |
|------|-------------|
| `website/api/helpers/ai/prompt.js` | Added Anthropic API branch
alongside existing OpenAI logic; system prompts use Anthropic's
top-level `system` parameter |
| `website/api/controllers/query-generator/get-llm-generated-sql.js` |
Both model references changed to `claude-sonnet-4-6-20260218` |
| `website/config/custom.js` | Added `anthropicSecret` config
placeholder |
| `website/views/pages/admin/query-generator.ejs` | Updated copy from
"OpenAI" to "Anthropic" |
### Deployment notes
The `sails_custom__anthropicSecret` environment variable must be set
with an Anthropic API key before deploying this change.
---
Built for
[mikermcneil](https://fleetdm.slack.com/archives/D0AFASLRHNU/p1773278374183489?thread_ts=1773271495.702919&cid=D0AFASLRHNU)
by [Kilo for Slack](https://kilo.ai/features/slack-integration)
---------
Co-authored-by: kiloconnect[bot] <240665456+kiloconnect[bot]@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
Changes:
- Updated the create-vanta-authorization-request action to return a
`fleetInstanceNotResponding` response if requests fail with a 404 status
code.
Changes:
- Updated `build-static-content` to support a new article category:
`whitepaper`
- Added a new article template page: `basic-whitepaper.ejs`.
- Added `deliver-whitepaper-download-request`, an action that
creates/updates a contact and account in the CRM and creates a
historical event when a user submits a form to download a whitepaper.
- Updated the "News" link in the website's header navigation to be
"Resources / Blog", and changed the link to /articles
- Added a link to the whitepapers category page (/whitepapers) to the
side bar navigation on article category pages
- Added a whitepaper article: "Modern endpoint management: Managing
devices as code"
Closes: https://github.com/fleetdm/fleet/issues/39836
Changes:
- Added `fleetMaintainedAppsWindows` and `fleetMaintainedAppsMacOS`
attributes to the HistoricalUsageSnapshot model
- Added `fleetMaintainedAppsWindows` and `fleetMaintainedAppsMacOS` as
inputs to the receive-usage-analytics webhook
Note: This pull request requires database migrations and should only be
merged after the website's database is updated while it is in
maintenance mode.
Closes: https://github.com/fleetdm/confidential/issues/13312
Changes:
- Added /linux-management
- Updated the "Solutions" dropdown in the website's header navigation to
link to the new page.
---------
Co-authored-by: Ashish Kuthiala <53918208+akuthiala@users.noreply.github.com>
