<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#37241
Test changes only. Updated `archtest` to be more ergonomic. See README
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced archtest package with new API methods for more granular
dependency filtering: `IgnoreRecursively()`, `IgnoreDeps()`,
`WithTests()`, and `WithTestsRecursively()`.
* Added `Check()` method to finalize dependency verification.
* **Documentation**
* Added comprehensive README for archtest package with usage examples
and fluent API method reference.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34414
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
**Related issue:** Resolves#37335
This adds pagination metadata to the `GET /mdm/commands` endpoint.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#36689
Changed certificate template placeholder to:
```
CN=$FLEET_VAR_HOST_END_USER_IDP_USERNAME, O=Your Organization
```
---------
Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#36684
Fix issue where sometimes backend doesn't send all certs to Android app.
Specifically, if a cert was previously sent (but was not installed by
Android), we will not resend it if a new one came in. This is fixed. Now
we always send all type=install certs.
# Checklist for submitter
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
This version shows the notification every five minutes, has a custom
title, runs in the user context, and has a more detailed message since
we no longer have the 255 character limit.
---------
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
- Bump helm chart version to v6.7.4
- Add `metadata.namespace` to the ingress template to ensure that
ingress is deployed in the same namespace as all other resources
- Add `spec.revisionHistoryLimit` to the deployment template
(`.Values.revisionHistoryLimit`)
Signed-off-by: t0x01 <T0x01@protonmail.ch>
**Related issue:** Resolves#37168
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [x] QA'd all new/changed functionality manually
## Database migrations
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
This pull request updates the `SOFTWARE_NAME_TO_ICON_MAP` in
`frontend/pages/SoftwarePage/components/icons/index.ts` to improve the
mapping between software names and their corresponding icons. The main
goal is to add support for additional variations and aliases of software
names, ensuring that icons are displayed correctly regardless of the
naming convention used.
The most important changes include:
**Expanded software name aliases for icon mapping:**
* Added alternative spellings and aliases for several software titles,
such as `"7-zip"`, `"aws client vpn"`, `"cleanmymac"`, and `"gpg
suite"`, to ensure their icons are correctly displayed.
[[1]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR235)
[[2]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR260)
[[3]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR278)
[[4]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR325)
* Included additional variants for DBeaver editions (e.g., `dbeaver`,
`dbeaveree`, `dbeaverlite`, `dbeaverultimate`) and `"pgadmin4"` to
improve icon resolution for these products.
[[1]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR295-R301)
[[2]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR387)
* Added support for alternative spellings of Microsoft and Wacom
products, such as `"microsoft auto update"` and `"wacom tablet"`.
[[1]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR337)
[[2]](diffhunk://#diff-628095892e1d16090be1db6cc1a5c9cebc65248c32a8b1312385394818f2907bR447)
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#36683
# Checklist for submitter
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
---------
Co-authored-by: Victor Lyuboslavsky <2685025+getvictor@users.noreply.github.com>
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves #
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [ ] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
## Database migrations
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
## New Fleet configuration settings
- [ ] Setting(s) is/are explicitly excluded from GitOps
If you didn't check the box above, follow this checklist for
GitOps-enabled settings:
- [ ] Verified that the setting is exported via `fleetctl
generate-gitops`
- [ ] Verified the setting is documented in a separate PR to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [ ] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [ ] Verified that any relevant UI is disabled when GitOps mode is
enabled
## fleetd/orbit/Fleet Desktop
- [ ] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [ ] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [ ] Verified that fleetd runs on macOS, Linux and Windows
- [ ] Verified auto-update works from the released version of component
to the new version (see [tools/tuf/test](../tools/tuf/test/README.md))
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves #
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [ ] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
## Database migrations
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
## New Fleet configuration settings
- [ ] Setting(s) is/are explicitly excluded from GitOps
If you didn't check the box above, follow this checklist for
GitOps-enabled settings:
- [ ] Verified that the setting is exported via `fleetctl
generate-gitops`
- [ ] Verified the setting is documented in a separate PR to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [ ] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [ ] Verified that any relevant UI is disabled when GitOps mode is
enabled
## fleetd/orbit/Fleet Desktop
- [ ] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [ ] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [ ] Verified that fleetd runs on macOS, Linux and Windows
- [ ] Verified auto-update works from the released version of component
to the new version (see [tools/tuf/test](../tools/tuf/test/README.md))
**Related issue:** Resolves#36701
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added activity tracking for Android certificate template edits and
deletions via GitOps.
* **Chores**
* Updated certificate template batch operations to track which teams
were affected by changes.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Related issue:** Resolves#36867
This updates the UI to show the mdm commands for the past and upcoming
tabs in the activity card on the host details page.
# Checklist for submitter
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#37307
# Checklist for submitter
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Improvements**
* Enhanced Android Mobile Device Management status reporting to
consolidate and accurately reflect both profile and certificate template
statuses in aggregated summaries.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#32777
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [x] QA'd all new/changed functionality manually
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#33350
This is solely a docs change, since I've verified it works by escaping
instead of using CDATA.
Could also solve/close: https://github.com/fleetdm/fleet/issues/33731
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
This pull request adds support for managing the Inkscape application on
Windows. It introduces new configuration files and updates existing
outputs to include Inkscape as a managed app, complete with installation
and uninstallation scripts.
**Addition of Inkscape for Windows:**
* Added a new input configuration for Inkscape in `winget`, specifying
installer details and default categories in `inkscape.json`.
* Created a new output file `inkscape/windows.json` with version
information, download URL, SHA256 hash, install/uninstall scripts, and
upgrade code for Inkscape 1.4.2.
**Updates to application listings:**
* Updated `apps.json` to include Inkscape for Windows as a managed app,
with its platform, slug, unique identifier, and description.
This pull request adds support for managing Steam as a maintained
application on both macOS (darwin) and Windows platforms. It introduces
new metadata, installation, and uninstallation scripts, and updates the
aggregated app catalog to include Steam for both platforms.
**Steam app integration:**
- Added metadata and configuration files for Steam on macOS and Windows,
including installation details, unique identifiers, and categorization.
[[1]](diffhunk://#diff-c281dce9b3fb0c07ee0240f023b10f04f90d714ede790faa62a0e6f140db35b2R1-R8)
[[2]](diffhunk://#diff-2f3d984248d056735d116afea075ebb59e8e209b4a35ecc35bc82c21f760ed7aR1-R12)
- Updated the main `apps.json` catalog to include Steam entries for both
platforms, complete with descriptions and platform-specific slugs.
**Installer and uninstaller scripts:**
- Added a PowerShell installation script for Windows that installs Steam
silently using the `/S` flag.
- Added a PowerShell uninstallation script for Windows that locates the
Steam uninstaller and removes it silently, handling both 32-bit and
64-bit registry locations.
- Added macOS shell scripts (referenced in the output) for installing
and uninstalling Steam, including logic to quit running processes and
clean up associated files.
**App version outputs:**
- Created output files for both `steam/darwin.json` and
`steam/windows.json`, specifying version information, detection queries,
installer URLs, script references, and default categories.
[[1]](diffhunk://#diff-12ddb40a8998c18e5806cefa53ded63d64144a101d2cab1dfbbe78093e8cddeaR1-R21)
[[2]](diffhunk://#diff-6a83a89e114cb2281eb5ee80b6f574a374304c1baa60b927c7e1096044814a55R1-R21)
I removed the feature image since it adds little value and pushes the
content further down the page.
Articles and guides do not require a feature image. Social sharing
thumbnails can be optionally defined in the metadata, but are not
required. The default thumbnail will be used if the article image is not
defined in the metadata.
I removed the feature image since it adds little value and pushes the
content further down the page.
Articles and guides do not require a feature image. Social sharing
thumbnails can be optionally defined in the metadata, but are not
required. The default thumbnail will be used if the article image is not
defined in the metadata.
This pull request updates the configuration for the Google Chrome
maintained app on Windows to bypass hash checking for the installer.
This change ensures that installations will proceed even if the
installer hash changes, which can help avoid issues with frequent
upstream updates.
Configuration changes for hash checking:
* Added `"ignore_hash": true` to the `winget/google-chrome.json` input
file to instruct the system to skip hash verification during
installation.
* Set `"sha256": "no_check"` in the `outputs/google-chrome/windows.json`
output file to explicitly indicate that the installer hash should not be
checked.
This pull request updates the Google Chrome package definition for
Windows to use the latest available version.
- Dependency update:
* Updated the `version` field for Google Chrome from `143.0.7499.110` to
`143.0.7499.147` in `windows.json`, and updated the corresponding
`sha256` checksum to match the new installer.
