For #25144.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
## #24653
- This bug was more generally that live query runs from the Edit query
form did not include the `query_id` in the `run` API call.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
relates to #25067, #25061
includes two fixes for the scoped software via labels feature:
1. update the delete label modal copy
2. don't show the confirm changes modal if only the self service value
has changed.
- [x] Manual QA for all new/changed functionality
Related to: #24688
Changes:
- Added two new dependencies: `jsonwebtoken` and `@azure/msal-node`
- Added a new hook: `entra-sso`. A hook that replaces the default
authentication mechanism with Microsoft Entra SSO.
- Added a new action: signup-sso-user-or-redirect. This action finds or
creates user records for authenticated SSO users and attaches the user
record to the user's session.
- updated the is-logged-in policy to check if an SSO user's token is
still valid.
- Added a link to the account page to the app's header navigation.
relates to #24120
adds the `software_title_id` to the `added_app_store_activity`
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
Noticed this hole in #25068. Fingers crossed the wording here matches
what folks will search when they need to bump the cap.
Also added query data discard config instructions for the UI, and moved
how-to-disable instructions to the bottom of the "View a query report"
section since users won't need those disclaimers until they have a few
queries set up.
Finally, dropped the mention of where an old UI was 25+ minor releases
ago.
h/t https://github.com/binref/refinery/issues/72, for #24720. No changes
file as this is an unreleased bug.
Also added output for version in the custom package parser tool.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
See failed workflow run
[here](https://github.com/fleetdm/fleet/actions/runs/12555703803)
- Fix the powershell script that was broken by `.yml` auto-format
- Exclude github workflow `.yml` files from prettier autoformating,
since they often contain non-yaml code as part of job definitions
- [ ] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Also updates said constant via this script to include 5.15.0. Idea for
this is that including pre-releases as they're published ensures that by
the time the corresponding Fleet release ships we have a current list,
without having to cherry-pick these updates.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
For #24720. Used
https://github.com/ChaelChu/msi-props-reader/blob/master/src/msiPropsReader.ts
as inspiration. Not sure why the shift is 17 bits rather than 16 here
but confirmed that 17 works and 16 doesn't.
Tested against both existing GDrive MSIs for regression testing, plus
the one mentioned in the ticket.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
Fixing unreleased secret variables bug where DDM and Windows profiles
were not transitioning to Verified.
#23238
# Checklist for submitter
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- [x] Manual QA for all new/changed functionality
For #23541
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
#24900
This PR includes and depends on PR #25012, which should be
reviewed/merged before this one.
Windows profiles are not included in this PR due to issue #25030
This PR adds the following functionality: Apple config/DDM profile is
resent to the device when the profile contains secret variables, and the
values of those variables have changed. For example.
- Upload secret variables
- Upload profile
- Device gets profile
- Upload the same profile
- Nothing happens
- Upload a different secret variable value
- Upload the same profile
- Device gets updated profile
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Manual QA for all new/changed functionality
## Follow up for #23315
Since the `results` endpoint that the "Install details" tab for this
modal currently doesn't support device authentication (see below), only
show that tab on the host details page. Since the [original
request](https://github.com/fleetdm/fleet/issues/23252) for this feature
is for the "end user to be able to see the file path at which vulnerable
software is installed", delivering this work without the "Install
details" tab will still provide immediate value.
Once product weighs in on wether or not to include the Install details
tab here as well (requires opening up the `results` endpoint for device
authenticated requests), can add that functionality in a future
iteration. Figma for this ticket did not include the tab, so this PR is
assuming that's the intended funcitonality.
**Broken install details on My device page:**
<img width="966" alt="Screenshot 2024-12-27 at 12 13 11 PM"
src="https://github.com/user-attachments/assets/918ccd61-c792-4196-b348-749fc2839a66"
/>
**Same view with Install details removed:**
<img width="966" alt="Screenshot 2024-12-27 at 12 14 19 PM"
src="https://github.com/user-attachments/assets/2507d2df-21cb-4cd0-aaa1-53ad1b113135"
/>
**Confirmed "Install details" tab still available on host details
page:**
<img width="1224" alt="Screenshot 2024-12-27 at 12 21 40 PM"
src="https://github.com/user-attachments/assets/1d4631b9-9a61-42ba-8153-f390890b206a"
/>
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Added ability to upload profiles with secret variables using the
/configuration_profiles endpoint.
#25011
# Checklist for submitter
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
> Related issue: #24555
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Manual QA for all new/changed functionality
