Jordan Montgomery f1662e1da6 Mark dep assignments as failed on certain server errors (#31523) ... Putting this up for comments On certain errors(like a network error, perhaps even Apple ratelimiting) we previously would drop assignments during the DEP sync and leave the host_dep_assignments row null and the assignment unset on the Apple side. Because of how the sync works it is entirely possible when this happens that we would happily go along, update the cursor and never return to resync these devices unless and until the admin did something that forced a resync like changing something about the cloud config profile. Now any devices that for any reason don't get returned by the response get marked as failed so that our logic for retrying and processing cooldowns picks them up for later retry. Explanation here as far as what I think is going wrong: https://github.com/fleetdm/fleet/issues/31385#issuecomment-3145117080 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes ## Testing - [x] Added/updated automated tests - [x] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually		2025-08-06 13:15:43 -04:00
..
.keep	Issue 1009 calculate diff software (#1305)	2021-07-08 13:57:43 -03:00
21754-fleetctl-api-body-support	[fleetctl] api command: support request body, including file uploads (#30806)	2025-07-29 08:15:23 -05:00
21973-better-unmarshal-type-errors	Better gitops unmarshal type errors (#30647)	2025-07-24 13:49:17 -04:00
25587-pkg-name-extraction	Use install path on packageInfo XML if it's a .app before falling back to bundle ID for PKG name extraction (#30669)	2025-07-09 08:21:10 -05:00
26404-stale-false-positive	Switch vulns cron false positive clear to clear vulns based on when the vulns run started, rather than based on periodicity (#31364)	2025-07-29 10:14:14 -05:00
26618-software-vuln-detected-dates	fix issue with CVE showing wrong date (#30768)	2025-07-10 22:38:22 -04:00
27061-dedupe-cve	Revise OS vuln query to avoid duplicate entries (#30812)	2025-07-15 14:03:25 -05:00
27447-auto-install-queries-for-custom-msi-2	Use upgrade code if available to improve accuracy of auto-install policy (#30977)	2025-07-17 12:18:06 -04:00
27580-vuln-counts	Fix insufficient deduplication on vulnerabilities count query (#31021)	2025-07-17 17:40:21 -05:00
27758-msi-unnstall	Extract UpgradeCode from MSI custom packages, use for better uninstall script generation (#30969)	2025-07-17 10:33:23 -05:00
27919-fma-versions	Populate version for macOS Chrome FMA on import, use Chrome Enterprise PKG instead of DMG, add tooltip on "latest" version when adding FMA (#30926)	2025-07-24 16:14:01 -05:00
27983-update-software	Fleet UI: Add update details modal (#31250)	2025-07-25 09:28:25 -04:00
28342-linux-escrow-error-report	28342: Do not report error if host already escrowed (#30652)	2025-07-09 12:47:17 -04:00
28818-tpm-backed-http-signatures	Fleet server verifies HTTP signature (#30825)	2025-07-16 20:08:27 +02:00
28996-parse-cert-dn-with-slashes	Fix host certificate parsing with embedded slash (#30827)	2025-07-15 21:24:15 +02:00
29250-force-filevault-on-login-for-manual-enrollments	Enforce FileVault at login when manually enrolled (#31170)	2025-08-01 15:15:11 +02:00
29286-sort-package-ids	Sort package ids to ensure consistent uninstall script generation (#30968)	2025-07-16 20:44:30 -05:00
29315-manual-label-scoping	Manual labels no longer factor in created_at time for exclusions (#30745)	2025-07-11 12:18:34 -05:00
29451-fix-doubled-banners	Prevent double banner on host details page (#31001)	2025-07-23 14:38:11 -05:00
29769-windows-profiles-with-cdata-escape-fails-to-verify	fix windows configuration profile failing to verify if using CDATA escape (#31564)	2025-08-04 17:04:59 +02:00
29824-declarations-status-not-respected-with-remove-operations	Fix declaration status conditions not following profile status conditions (#30911)	2025-07-16 18:03:16 +02:00
29824-delete-installs-that-has-not-reached-hosts	Fix stale pending remove apple declarations if host was offline for add and remove declaration (#30981)	2025-07-22 11:22:04 +02:00
29833-do-not-log-error-for-missing-eula	Do not log error if missing EULA (#31598)	2025-08-05 16:39:49 +02:00
29848-tooltip-missing-webhook-url	Add missing webhook tooltip URL (#30603)	2025-07-09 14:37:54 -04:00
29849-filter-linux-installers	Filter out DEB/RPM installers in ListHostSoftware when they're incompatible with the target host's distro (#30852)	2025-07-15 15:41:42 -05:00
29994-use-comshim	For 29994: Use comshim for proper COM initialization (#30920)	2025-07-16 14:40:28 -04:00
30109-fix-sql-like-clause	Allow ESCAPE in LIKE clauses to be valid SQL (#31222)	2025-07-25 10:13:55 -05:00
30157-enable_software_inventory-default-true	Set enable_software_inventory to default true in gitops (#30744)	2025-07-10 16:38:56 -04:00
30197-automatic-install-policies	Automatic install policies in ListHostSoftware (#31469)	2025-08-01 10:22:14 -05:00
30240-show-appropriate-status-actions	Fleet UI: Add update details modal (#31250)	2025-07-25 09:28:25 -04:00
30248-custom-cvss-scores	Fleet UI: Add custom CVSS scores input fields (#31456)	2025-08-05 16:29:55 -04:00
30311-fix-race-cond-test	30311: Fix race condition in test (#30903)	2025-07-17 10:20:49 -04:00
30359-mdm-eula-url-extra-slash	Remove additional / from MDM EULA urls (#30985)	2025-07-18 13:30:32 +01:00
30390-cert-country	Fixed issue ingesting certs with long country codes. (#31443)	2025-07-31 23:06:36 +02:00
30409-list-mdm-commands-sql	Potential datastore optimizations for concurrent use of list mdm command API to poll results by host identifier (#30804)	2025-07-17 15:25:31 -05:00
30435-hash-for-policy-in-software-path	Fix handling of software policy automations when a hash is specified inside a software file (#30814)	2025-07-15 13:24:24 -05:00
30455-errorstore-panic	Fixed potential panic in error handler when Redis is down. (#31643)	2025-08-06 17:14:31 +02:00
30461-fleetd-generate-tpm-key	Rename flags and types for TPM work (#31176)	2025-07-23 14:30:44 -03:00
30481-gitops-manual-label-no-hosts	Allow manual label with empty host list in gitops (#30756)	2025-07-18 11:07:19 -04:00
30565-cron-errors	Skip software installers for which we can't, or don't need to, parse package IDs/create uninstall scripts (#31347)	2025-07-28 13:58:19 -05:00
30636-apple-account-driven-user-enrollment	Managed Apple account user enrollment - integrate PoC changes (#30755)	2025-07-15 15:02:11 -04:00
30746-remove-unintended-broken-sort	Fleet UI: Remove unintended broken sort on type column (#31264)	2025-07-28 09:08:34 -04:00
30749-primo-mode-expansion	Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)	2025-07-17 15:53:31 -07:00
30797-argparse	Add changes file for #30797 (#30798)	2025-07-11 14:41:00 -05:00
30853-fail-unknown-declaration-type-ddm-errors	Fail DDM profiles if response is UnknownDeclarationType (#31606)	2025-08-06 14:38:25 +02:00
30853-gitops-secrets-validation	Removed fleet secret validation during gitops dry runs (#31402)	2025-07-30 13:12:39 -05:00
30857-pending-script-unlock-cancellation-not-respected	Fix pending unlock not going away after canceling unlock script (#31644)	2025-08-06 14:38:50 +02:00
30860-software-modal-updates	UI: Make consistent and update the Install and Uninstall detail modals for VPP and non-VPP apps across the Fleet UI (#31420)	2025-08-01 12:45:09 -07:00
31077-msi-uninstall	Add waits + norestart to MSI uninstall scripts (#31078)	2025-07-23 09:27:59 -05:00
31123-dcv-viewer-fix	Add software sanitation on ingest back, use it to fix DCV Viewer versions (#31251)	2025-07-25 08:45:39 -05:00
31143-hosts-gets-configured-before-profiles-are-sent	Wait for expected profiles to be sent before releasing device (#31381)	2025-07-31 17:50:57 +02:00
31193-turn-on-ability-to-set-tpm-pin	Ability to set TPM PIN protector policy on host. (#31484)	2025-08-01 13:32:19 -04:00
31286-package-upgrade-fix	Move 31286 changes file. (#31327)	2025-07-30 07:24:43 +02:00
31372-host-identity-cert-renewal	Host identity cert renewal (#31372)	2025-07-30 16:46:36 +02:00
31385-dep-sync-url-incorrect	Mark dep assignments as failed on certain server errors (#31523)	2025-08-06 13:15:43 -04:00
31444-strict-sql-mode	Updated SQL modes in tests to match production. (#31445)	2025-08-03 08:18:13 +02:00
31459-null-last-install	Retain vpp apps last install information after inventoried by osquery (#31520)	2025-08-01 13:39:51 -05:00
31591-mdm-batch-timeouts	Increase timeouts for mdm profiles batch (#31588)	2025-08-05 15:17:39 -04:00
add-fmas	Add FMA icons and icon tool (#30933)	2025-07-18 13:58:45 -06:00
fleetd-extensions-support-arm64	Add arm64 support for fleetd extensions and fixes on test scripts (#31084)	2025-07-21 15:47:59 -03:00
issue-25367-os-updates-page-permissions	dont show os updates page for users who are not global admin or the team admin (#31410)	2025-07-31 12:04:06 +01:00
issue-29410-turn-on-mdm-styles	change button styles for turn on mdm info banner (#31374)	2025-08-01 15:36:03 +01:00
issue-30782-updates-to-UI-for-personally-enrolled-devices	Updates across UI to support personal devices enrolled in MDM (#30830)	2025-07-21 12:07:03 +01:00
issue-31057-service-discovery-endpoint	Add service discovery API endpoint (#31089)	2025-07-23 12:11:32 +01:00
update-go-1.24.5	Update Go to 1.24.5 (#30770)	2025-07-15 10:59:17 -07:00