Changes:
- Updated the "Try it now" button on the website's header navigation, it
will now open a signup/login modal on every page (excluding the
dedicated /register and /login pages)
- Updated the website to assign Fleet Premium instances hosted on Render
to eligible users. All other users will be given a 30-day Fleet Premium
trial license key to use with their deployment method of choice.
- Added a script that creates and manages a pool of Render instances.
- Added a new database model: `RenderProofOfValue`
- Added four new email templates
- Updated primary button colors to match the core product.
- Removed the organization requirement for new users signing up.
- Added a new component: `<signup-modal>`
- Added a new attribute to the User model: `fleetPremiumTrialType`
Introduces a new event type for GitHub contributions to the
fleetdm/fleet repository across webhook controller and Salesforce helper
modules. This enables tracking and handling of user contributions in
addition to existing GitHub events.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34299
Unreleased bug in Android Config profiles 4.75.0 feature. No changes
file as such. I'm not entirely sure how to cause this as I was unable to
repro it locally, there may be a timing issue or something, so I haven't
fully QA'd manually. QA was limited to verifying basic reconciler
functionality
Also updated Website endpoint to not throw a 5XX since we expect this to
occasionally happen
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [x] Confirmed that the fix is not expected to adversely impact load
test results
Added 'GitHub - Stared fleetdm/fleet' and 'GitHub - Forked
fleetdm/fleet' to the activity type arrays in webhook and Salesforce
helper modules to track new forms of user engagement.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#33848
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added support for the Security & Compliance project within the GitHub
integration, enabling tracking and visibility alongside existing
projects.
- Refactor
- Streamlined project mapping logic to improve consistency when
processing updates from GitHub; behavior for existing projects remains
unchanged.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Related to: https://github.com/fleetdm/fleet/issues/33266
Changes:
- Added a new helper
`sails.helpers.androidProxy.getIsEnterpriseManagedByFleet`. This helper
returns `true` if a provided Android Enterprise ID is present in the
list of all Android Enterprises managed by Fleet, or `false` if it is
not in the list.
- Updated `create-android-enrollment-token`,
`create-android-signup-url`, and `modify-android-policies` to return a
404 response to the requesting Fleet instance if their Android
Enterprise is not managed by Fleet.
Closes: #33548
Changes:
- Added a new configuration variable
`sails.config.custom.bannedEmailDomainsForContactFormSubmissions` that
contains a list of domains (currently a single domain) that cannot be
used to submit the contact form
- Updated the `bannedEmailDomainsForWebsiteSubmissions` list to include
`example.com`
- Updated the deliver-contact-form-message action to return an
`invalidEmailDomain` exit if the contact form is submitted with an email
domain in the `bannedEmailDomainsForContactFormSubmissions` list
Closes: #33548
Changes:
- Added `isEmail` validation to emailAddress inputs. The updated
endpoints will now return 400 responses if a user bypasses the frontend
validation.
Closes: #33454
Changes:
- Updated the receive-from-github webhook to log warnings that includes
information about the affected issue/pr if requests to the GitHub API
fail.
Changes:
- Updated the receive-from-clay webhook's inputs to have the same `isIn`
lists as the helpers the webhook uses.
- Removed the `invalidContactOrAccountCriteria` and
`invalidHistoricalEventCriteria` exits in the receive from clay webhook.
Related to: https://github.com/fleetdm/confidential/issues/11779
Changes:
- Updated the `deliver-talk-to-us-form-submission` to use information
returned by the getEnriched helper to determine the Calendly event users
are taken to when they submit the form.
Closes: https://github.com/fleetdm/confidential/issues/12218
Changes:
- Added a testimonial from David Bodmer
- Updated the device management testimonials shown on the MDM page,
homepage, and testimonials page
Related to: https://github.com/fleetdm/confidential/issues/10737
Changes:
- Added `docs/scripts.yml`, a YAML file that contains a list of scripts
- Added `docs/mdm-commands.yml`, a YAML file that contains Windows and
Apple MDM commands
- Added `/mdm-commands`, a page that contains a list of MDM commands for
Windows and Apple commands
- Added `/scripts`, a page that contains a list of scripts
- Updated the `<docs-nav-and-search>` component to have a link to the
controls library, and reordered the lists.
- Updated the build static content script to add the scripts and mdm
commands from scripts.yml and mdm-commands.yml to the website's
`builtStaticContent` configuration.
- Updated the layout of the os-settings page to match the latest
wireframes
Closes: https://github.com/fleetdm/fleet/issues/33148
Changes:
- Updated the receive-from-zoom webhook to return a `zoomApiError` exit
when Zoom returns a non-200 response when it sends an API request to get
information about a call.
Related to: https://github.com/fleetdm/confidential/issues/11892
Changes:
- Updated the update-or-create-contact-and-account helper to use the
prompt helper to get a global domain for a company, and to use that
global domain when searching for and creating new account records.
Related to https://github.com/fleetdm/confidential/issues/12052
Changes:
- updated the get-enriched helper to use the coresignal's new search API
endpoints
- Updated the `intercept()`s in the get-enriched helper to log warnings
if an error is returned by the coresignal API
Changes:
- Updated the `receive-redirect-from-microsoft` endpoint to redirect
users to their Fleet instance if an Entra admin did not consent to the
permissions requested by Fleet's compliance partner integration.
- Fixed a bug that prevented users from being redirected to their Fleet
instance if their Entra configuration is missing a required group
- Updated the `receive-redirect-from-microsoft` endpoint to require a
`state` input
Related to: #32228
Changes:
- Updated the `receive-redirect-from-microsoft` endpoint to assign the
created compliance policy to an Entra ID group named "Fleet conditional
access"
Fixes#30483
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new webhook endpoint to track GitHub Projects v2 item status
changes and record engineering metrics.
* Integrated with Google BigQuery for storing and analyzing issue status
transition data.
* **Chores**
* Introduced a new POST API route for receiving GitHub Projects v2 item
events.
* Added configuration options for GitHub webhook secrets and Google
Cloud service account keys (commented out for future use).
* Added a new dependency for Google BigQuery integration.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Related to: https://github.com/fleetdm/fleet/issues/31986
Changes:
- Updated Microsoft proxy endpoints to log API responses from Microsoft
when it runs for Fleet's dogfood integration.
