For #25735
This is a fix for the 500 page appearing when filtering for vulnerable
software on the host details page.
Also adds some missing docs for vulnerable query param filter on `GET
hosts/:id/software` endpoint
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
## For #24486
- Check invite validity before rendering form, error if invalid
- Use data returned from validity check to pre-populate form
- Remove dependence of flow on URL params other than token
- Remove other URL params from link generated in invite confirmation
email
- Refactor form from JS to TS
- Refactor form from class to functional components
- Cleanup unused logic
- Improve error handling
**Invalid invite**
**Valid invite**
- [x] Changes file added for user-visible changes in `changes/`
- [x] Updated tests
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
For #25201.
<img width="435" alt="image"
src="https://github.com/user-attachments/assets/c499902b-d461-4621-b2fc-7cb845ce71c4"
/>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
For #25349
This updates storybook and its addons to 8.4.7. This is done to remove
the transitive dependency on path-to-regexp,
which is no longer used in this version of storybook.
This will fix the original vulnerability issue for `path-to-regexp`
For #23912
new UI for activities on the global, past, and upcoming feeds. These are
the same changes in [this
PR](https://github.com/fleetdm/fleet/pull/25329), except we are
reverting the changes around fleet initiated activities as that is not
in the current activities API.
We are doing this so that the new activities can go out in a release
while the backend is still being built and will be ready later.
> NOTE: this does contain the code for cancel activity functionality but
it hidden from the user.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
_Merge only _after_ https://github.com/fleetdm/fleet/pull/25322_
## For #25319
- Team admin can access SSO and 2FA options in user form when they are
enabled (see api response to right):
<img width="1799" alt="Screenshot 2025-01-10 at 1 36 10 PM"
src="https://github.com/user-attachments/assets/66bd5eea-dc1d-4e5b-85fc-b377520f337a"
/>
- [x] Changes file added for user-visible changes in `changes/`,
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
## For #25032
<img width="1792" alt="Screenshot 2025-01-07 at 6 50 39 PM"
src="https://github.com/user-attachments/assets/17a63b3d-a983-433a-a3c4-6c66dbb08fce"
/>
- Add new `include_ui_settings` query param to `GET` `/me` calls
- Use new `settings` in response to set settings into UI context
- On hosts page, use that context, if present, to set which columns are
hidden. Fallback to a default set of hidden columns.
- When updating visible columns, persist preference via `PATCH` to
`/users/:id` with a new `settings` payload
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
relates to #25067, #25061
includes two fixes for the scoped software via labels feature:
1. update the delete label modal copy
2. don't show the confirm changes modal if only the self service value
has changed.
- [x] Manual QA for all new/changed functionality
## #25038
Refactor to TooltipWrapper and add offset to the tooltips on hover of
the profile aggregate status indicators.
<img width="1345" alt="Screenshot 2024-12-29 at 9 00 38 PM"
src="https://github.com/user-attachments/assets/3bf5cf3c-e9fc-47dc-aa07-9cef42edcae0"
/>
- [x] Changes file added for user-visible changes in `changes/`,
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
relates to #24828, #24792
This updates the UI activities software including a new software details
show details modal:
<img width="825" alt="image"
src="https://github.com/user-attachments/assets/3dd3019b-c94c-427b-9c52-d678a311c4bc"
/>
It also includes tests and api integration work for the creating and
reading of scoped software via labels.
> NOTE: still need to do the editing which we can do in another PR when
the API is ready.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
## Addresses #21855 and all of its subtasks
**Frontend:**
- Update list queries API call to include pagination and filter-related
query params, including new `platform` param for filtering queries by
platforms they've been set to target
- Convert all filtering, sorting, and pagination functionality of the
Manage queries page from client-side to server-side
- Remove unneeded variable declarations / logic
- Various typing and naming improvements
**Server:**
- Add new `platform` `ListQueryOption`
- Update service and datastore level list queries logic to handle
filtering queries by targeted platform
- Update service and datastore level list queries logic to include
`meta` and `count` fields in addition to filtered/paginated queries
- [x] Changes file added for user-visible changes in `changes/`, `
- [x] Added/updated tests
- [x] update DB, integration
- [x] add integration (pagination)
- [x] add integration (platform filter)
- [x] add DB (pagination)
- [x] add DB (platform filter)
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
