Closes: https://github.com/fleetdm/confidential/issues/6999
Changes:
- reduced the padding between the page hero and the testimonials on
landing pages
- Added a top margin to the testimonial videos on landing pages
Closes: https://github.com/fleetdm/fleet/issues/19809
Changes:
- Updated styles for examples and links on `/tables` pages to prevent
content from overflowing outside of the page's container.
Closes: https://github.com/fleetdm/confidential/issues/6069
Changes:
- Added a new route going to the create-vanta-authorization-request
action: `/api/v1/create-external-vanta-authorization-request`
- Added a new input to the create-vanta-authorization-request action:
`sharedSecret` - A secret that must match
`sails.config.custom.sharedSecretForExternalVantaRequests` when an
external request is made to the
`/api/v1/create-external-vanta-authorization-request` endpoint
- Updated the authorization URL returned by the
create-vanta-authorization-request endpoint
- Updated the redirect in the view-vanta-authorization endpoint (if a
redirect URL is provided) to not use res.redirect() (it causes 500
errors) when redirecting users.
Addresses #19300
- [x] Changes file added for user-visible changes in `changes/`,
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
* /api/latest/fleet/hosts now returns `critical_vulnerabilities_count`
for premium users. This data is held in the new `host_issues` table. The
failing policies total is updated in real-time, while the critical
vulnerabilities total is updated every hour after vulnerabilities job.
* /api/latest/fleet/hosts can be sorted by total_issues_count by
specifying `order_key=issues` query parameter.
#18115
Video commentary:
https://www.loom.com/share/ff4425e217db43d6b3ba4aa075374808
@getvictor TODO: Replacing `disable_failing_policies` with
`disable_issues` will be done in a separate PR.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
#19545
`/api/latest/fleet/hosts/:id/lock` returns `unlock_pin` for Apple hosts
when query parameter `view_pin=true` is set
The lock host activity now has a `view_pin` parameter. Frontend change
is needed to reflect this in the UI.
# Checklist for submitter
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
> Related issue: #19612
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
`go-kit/kit/log` was deprecated and generating warnings
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Manual QA for all new/changed functionality
Related to: https://github.com/fleetdm/confidential/issues/5573
Changes:
- Deleted /explore-data pages and related files
- Added redirects for removed pages.
- Removed all explore data related website configuration in the
build-static-content script.
- Removed the explore data section of the custom configuration.
Closes: #19679
Changes:
- Added a custom error handler to the HTTP middleware that returns a
416: Range Not Satisfiable if the serve-static middleware throws a
'Range Not Satisfiable' error.
for #19453
I don't know how to test this in the server without a significant
refactor.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Added/updated tests
- [x] Manual QA for all new/changed functionality
Main changes:
1. Add step to ensure KPIs are consistent with HRIS portal (sometimes
hours get logged later on Friday if teammates work after hours are
approved)
2. Slightly later deadline for collecting hours so there are less
discrepancies on Monday
3. Slight reformatting for clarity
for #18977
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
relates to #19378
This adds better error messaging in fleetctl for a 504 response (Gateway
timeout) when we run a script synchronously.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [ ] Added/updated tests
- [x] Manual QA for all new/changed functionality
