fleet/cmd/fleet
Tim Lee 1aef647195
Backend: Auto rotate recovery lock passwords (#42084)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #41670 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.

## Testing

- [X] Added/updated automated tests

- [ ] QA'd all new/changed functionality manually

## Database migrations

- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.



<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Automatic recovery lock password rotation for Mac devices—passwords
now rotate 1 hour after being viewed or accessed via the API, enhancing
security.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-26 12:12:41 -06:00
..
config_dump.go Add v4 suffix in go.mod (#1224) 2021-06-25 21:46:51 -07:00
cron.go Backend: Auto rotate recovery lock passwords (#42084) 2026-03-26 12:12:41 -06:00
cron_test.go Throttle CA access through MDM (#42114) 2026-03-23 09:04:55 -05:00
main.go slog migration: initLogger + serve.go + cron + schedule (#40699) 2026-02-27 14:29:27 -06:00
prepare.go Only allow FLEET_DEV_* env vars when --dev is passed, allow overriding configs one at a time in dev (#38652) 2026-01-27 14:32:56 -06:00
serve.go Backend: Auto rotate recovery lock passwords (#42084) 2026-03-26 12:12:41 -06:00
serve_test.go Add statistics for Entra conditional access (#41998) 2026-03-19 10:32:08 -03:00
version.go Move external dependency fleetdm/kolide-kit to monorepo (#15861) 2024-01-02 18:22:52 -03:00
vuln_process.go slog migration: initLogger + serve.go + cron + schedule (#40699) 2026-02-27 14:29:27 -06:00