Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 30
fleet/server/datastore/mysql
History
Jordan Montgomery 227e94de5b
Some checks are pending
Build binaries / build-binaries (push) Waiting to run
Details
Check automated documentation is up-to-date / check-doc-gen (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
Deploy Fleet website / build (20.x) (push) Waiting to run
Details
Apply latest configuration to dogfood with GitOps / fleet-gitops (push) Waiting to run
Details
Test latest changes in fleetctl preview / test-preview (ubuntu-latest) (push) Waiting to run
Details
golangci-lint / lint (push) Waiting to run
Details
golangci-lint / lint-incremental (push) Waiting to run
Details
Docker publish / publish (push) Waiting to run
Details
Ingest maintained apps / build (push) Waiting to run
Details
OSSF Scorecard / Validate Gradle wrapper (push) Waiting to run
Details
OSSF Scorecard / Scorecard analysis (push) Waiting to run
Details
Sync Maintained Apps Outputs to R2 / sync-to-r2 (push) Waiting to run
Details
Test DB Changes / test-db-changes (push) Waiting to run
Details
Run fleetd-chrome tests / test-fleetd-chrome (ubuntu-latest) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, integration-mdm) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, main) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, mysql) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, service) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, vuln) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, fleetctl) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, integration-core) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, integration-enterprise) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, integration-mdm) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, main) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, mysql) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, service) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.4.8, vuln) (push) Waiting to run
Details
Go Tests / test-go-nanomdm (push) Waiting to run
Details
Go Tests / test-go-no-db (fast) (push) Waiting to run
Details
Go Tests / test-go-no-db (scripts) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, fleetctl) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, fleetctl) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, integration-core) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, integration-enterprise) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, integration-mdm) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, integration-core) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, main) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, mysql) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, service) (push) Waiting to run
Details
Go Tests / test-go (mysql:8.0.44, vuln) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, fleetctl) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, integration-core) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, integration-enterprise) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, integration-mdm) (push) Waiting to run
Details
Go Tests / test-go-extended-mysql (mysql:8.0.42, integration-enterprise) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, main) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, mysql) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, service) (push) Waiting to run
Details
Go Tests / test-go (mysql:9.5.0, vuln) (push) Waiting to run
Details
Go Tests / upload-coverage (push) Blocked by required conditions
Details
Go Tests / aggregate-result (push) Blocked by required conditions
Details
JavaScript Tests / test-js (ubuntu-latest) (push) Waiting to run
Details
JavaScript Tests / lint-js (ubuntu-latest) (push) Waiting to run
Details
Test Mock Changes / test-mock-changes (push) Waiting to run
Details
Test native tooling packaging / test-packaging (local, ubuntu-latest) (push) Waiting to run
Details
Test native tooling packaging / test-packaging (remote, ubuntu-latest) (push) Waiting to run
Details
Test Puppet / test-puppet (push) Waiting to run
Details
🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #44723

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [ ] QA'd all new/changed functionality manually


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Strengthened validation of sorting/order parameters across many list
and cursor-based endpoints — unsupported sort keys now return explicit
errors and prevent unsafe queries.
* Labels listing: label-list pagination query name changed; ordering by
host_count is rejected when host counts are disabled (validated at
request parsing).

* **Tests**
* Added/expanded tests covering allowed order keys, rejection of unknown
keys, and pagination behavior for multiple listing APIs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2026-05-05 10:26:47 -04:00
..
migrations Optimize data collection: add index and batch deletes (#44692) 2026-05-05 08:29:47 -05:00
rdsauth slog migration: platform/mysql and related logic (#40072) 2026-02-19 08:27:24 -06:00
testdata Fixed dead rows accumulating in software host counts tables (#40288) 2026-02-24 15:35:02 -06:00
activities.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
activities_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
aggregated_stats.go
aggregated_stats_test.go
android.go Fixed Android pubsub panic when host was deleted (#43788) 2026-04-21 16:01:51 -05:00
android_device_test.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
android_enterprise_test.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
android_enterprises.go Moved common_mysql package to server/platform/mysql (#38017) 2026-01-08 13:17:19 -06:00
android_hosts.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
android_mysql.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
android_test.go Fixed a race where a host could silently revert to its previous team (#44074) 2026-04-24 14:34:37 -05:00
app_configs.go redirect to correct URL, and allow both URLs for MDM SSO SAML validation if set (#44156) 2026-04-29 08:43:58 -06:00
app_configs_test.go Use lighter Team call when it's obviously safe to do so, comment potential areas for further improvement (#35587) 2025-11-17 17:25:45 -06:00
apple_mdm.go Revert "Fix SCEP autorenew failing for offline hosts (#44250)" (#44535) 2026-05-04 13:33:42 -06:00
apple_mdm_ddm_test.go Fix various DDM stuck remove/pending issues (#43382) 2026-04-22 13:05:09 -06:00
apple_mdm_test.go Revert "Fix SCEP autorenew failing for offline hosts (#44250)" (#44535) 2026-05-04 13:33:42 -06:00
ca_config_assets.go
ca_config_assets_test.go
calendar_events.go
calendar_events_test.go
campaigns.go
campaigns_test.go
carves.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
carves_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
certificate_authorities.go Fixed GitOps failing to delete a certificate authority (#41693) 2026-03-16 15:51:28 -05:00
certificate_authorities_test.go Fixed GitOps failing to delete a certificate authority (#41693) 2026-03-16 15:51:28 -05:00
certificate_templates.go Reset verified certificates to pending during Android host re-enrollment (#43443) 2026-04-15 07:36:45 -05:00
certificate_templates_test.go Fixed a race where a host could silently revert to its previous team (#44074) 2026-04-24 14:34:37 -05:00
challenges.go Fixed Android certificate enrollment failures caused by SCEP challenge expiration when devices were offline. (#38753) 2026-01-28 10:33:37 -06:00
conditional_access_bypass.go Rework conditional access policy bypass conditions to use critical column (#40736) 2026-03-05 17:05:03 -05:00
conditional_access_bypass_test.go Removed duplicate FlippingPoliciesForHost DB calls (#42845) 2026-04-06 10:11:07 -05:00
conditional_access_microsoft.go Changes to set compliance status on Entra on Windows hosts when processing policy results (#41903) 2026-03-18 12:57:49 -03:00
conditional_access_microsoft_test.go Changes to set compliance status on Entra on Windows hosts when processing policy results (#41903) 2026-03-18 12:57:49 -03:00
conditional_access_scep.go Okta IdP factor (#35143) 2025-11-07 16:19:25 -06:00
conditional_access_scep_test.go Okta IdP factor (#35143) 2025-11-07 16:19:25 -06:00
config.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
cron_stats.go Trigger vuln processing when it runs on a separate server (#39612) 2026-02-17 09:18:03 -06:00
cron_stats_test.go Fix issue with vuln jobs running in parallel. (#39806) 2026-02-16 13:59:40 -06:00
delete.go
delete_test.go
disk_encryption.go Finishing mysql package migration to slog (#40350) 2026-02-24 16:52:36 -06:00
disk_encryption_test.go
email_changes.go
email_changes_test.go
errors.go Fix software installer error team -> fleet (#41070) 2026-03-05 17:28:52 -06:00
errors_test.go Fix software installer error team -> fleet (#41070) 2026-03-05 17:28:52 -06:00
fulltext.go
fulltext_test.go
host_certificate_templates.go Reset verified certificates to pending during Android host re-enrollment (#43443) 2026-04-15 07:36:45 -05:00
host_certificate_templates_test.go Fixed a race where a host could silently revert to its previous team (#44074) 2026-04-24 14:34:37 -05:00
host_certificates.go Revert "Fix SCEP autorenew failing for offline hosts (#44250)" (#44535) 2026-05-04 13:33:42 -06:00
host_certificates_test.go DCSW: Allow Windows profiles to hit SCEP Proxy (#35041) 2025-11-06 11:14:49 -03:00
host_identity_scep.go ACME MDM -> main (#42926) 2026-04-02 15:56:31 -05:00
host_identity_scep_test.go Make orbit and Fleet Desktop not depend on server/service/ packages (#42231) 2026-03-26 10:59:42 -03:00
hosts.go produce failed enrollment renewal activity (#44511) 2026-05-01 11:38:08 -06:00
hosts_test.go Fixed a race where a host could silently revert to its previous team (#44074) 2026-04-24 14:34:37 -05:00
in_house_apps.go Check for duplicate linux software installers (#44234) 2026-04-27 17:14:47 -04:00
in_house_apps_test.go Move PostJSONWithTimeout to platform/http package and activity cleanup (#40561) 2026-02-26 17:39:10 -06:00
invites.go Order By Vulnerability (#40143) 2026-02-23 09:42:36 -07:00
invites_test.go
jobs.go
jobs_test.go
labels.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
labels_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
linux_mdm.go
linux_mdm_test.go
locks.go
locks_test.go
maintained_apps.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
maintained_apps_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
managed_local_account.go 43885: MLAPR migration + UUID capture (#44244) 2026-04-29 11:14:50 -04:00
managed_local_account_test.go 43885: MLAPR migration + UUID capture (#44244) 2026-04-29 11:14:50 -04:00
mdm.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
mdm_idp_accounts_test.go Add support for fully-managed android devices (#39388) 2026-02-06 10:46:25 -05:00
mdm_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
microsoft_mdm.go Periodic background job to cleanup Windows MDM command queue (#44458) 2026-05-04 11:32:45 -05:00
microsoft_mdm_eager_test.go Improved the performance of Windows MDM profile reconciliation (#44075) 2026-04-28 15:37:43 -05:00
microsoft_mdm_property_test.go Improved the performance of Windows MDM profile reconciliation (#44075) 2026-04-28 15:37:43 -05:00
microsoft_mdm_test.go Periodic background job to cleanup Windows MDM command queue (#44458) 2026-05-04 11:32:45 -05:00
migrations_test.go Moved common_mysql package to server/platform/mysql (#38017) 2026-01-08 13:17:19 -06:00
mysql.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
mysql_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
nanomdm_storage.go Set recovery lock password - mdm commands (#41217) 2026-03-12 06:06:56 -06:00
nanomdm_storage_test.go don't clear bootstrap token when doing MDM cert renewals (#43098) 2026-04-13 14:37:05 -06:00
operating_system_vulnerabilities.go Use swap table pattern and batch delete to improve DB access patterns for vuln cron (#41729) 2026-03-17 10:34:52 -05:00
operating_system_vulnerabilities_batch_test.go os_versions endpoint performance improvements (#34897) 2025-11-03 13:07:44 -06:00
operating_system_vulnerabilities_test.go Use swap table pattern and batch delete to improve DB access patterns for vuln cron (#41729) 2026-03-17 10:34:52 -05:00
operating_systems.go Differentiate between Windows Server Core and full desktop installations (#42034) 2026-03-21 10:03:57 -05:00
operating_systems_test.go
packs.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
packs_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
password_reset.go
password_reset_test.go
policies.go Add include_all label scope to policies and reports (#44305) 2026-04-30 11:28:30 -04:00
policies_test.go Add include_all label scope to policies and reports (#44305) 2026-04-30 11:28:30 -04:00
queries.go Add include_all label scope to policies and reports (#44305) 2026-04-30 11:28:30 -04:00
queries_test.go Add include_all label scope to policies and reports (#44305) 2026-04-30 11:28:30 -04:00
query_results.go Performance improvements for Host Reports (41540) 2026-03-26 07:04:18 -04:00
query_results_test.go Performance improvements for Host Reports (41540) 2026-03-26 07:04:18 -04:00
scep.go ACME MDM -> main (#42926) 2026-04-02 15:56:31 -05:00
scep_test.go
scheduled_queries.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
scheduled_queries_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
schema.sql Optimize data collection: add index and batch deletes (#44692) 2026-05-05 08:29:47 -05:00
scim.go DDMV: Support Fleet variables in DDM (#43222) 2026-04-20 09:14:52 -04:00
scim_test.go Resend Windows profiles on IDP variables change (#37032) 2025-12-10 15:08:01 -04:00
scripts.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
scripts_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
secret_variables.go Bugfix: escape characters not supported in JSON when resolving variables (#43955) 2026-04-23 10:34:12 -06:00
secret_variables_test.go Bugfix: escape characters not supported in JSON when resolving variables (#43955) 2026-04-23 10:34:12 -06:00
sessions.go slog migration: initLogger + serve.go + cron + schedule (#40699) 2026-02-27 14:29:27 -06:00
sessions_test.go
setup_experience.go 🤖 Fix GitOps leaving duplicate software installer rows (#43903) 2026-04-22 13:48:56 -04:00
setup_experience_test.go 🤖 Fix GitOps leaving duplicate software installer rows (#43903) 2026-04-22 13:48:56 -04:00
software.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
software_installers.go Wipe host cancels all upcoming activities (#44323) 2026-05-01 14:01:46 -06:00
software_installers_test.go Bound orbit retries on missing installer details to 5 mins (#44284) 2026-04-28 12:58:10 -04:00
software_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
software_title_display_names.go Bugfix: use custom software title icon and display name in setup experience UI (#39223) 2026-02-03 14:56:16 -05:00
software_title_icons.go Prevent silent corruption of software title icons (#44540) 2026-05-01 14:19:48 -04:00
software_title_icons_test.go merge main 2026-03-18 14:49:08 -04:00
software_titles.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
software_titles_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
software_upgrade_code_test.go Dismiss gosec G602 and G115 in test code (#40960) 2026-03-04 13:34:35 -05:00
statistics.go Adding gitOpsModeEnabled and gitOpsModeExceptions to anonymous statistics payload (#44161) 2026-04-27 08:28:49 -03:00
statistics_test.go Adding gitOpsModeEnabled and gitOpsModeExceptions to anonymous statistics payload (#44161) 2026-04-27 08:28:49 -03:00
targets.go
targets_test.go API + auth + UI changes for team labels (#37208) 2025-12-29 21:28:45 -06:00
teams.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
teams_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
testing_utils.go SyncML <Delete> Windows profiles (#42206) 2026-03-26 18:25:54 -05:00
unicode_test.go
users.go Allow the creation of API-only users (#43440) 2026-04-16 11:11:39 -04:00
users_test.go Update backend error messages (#40364) 2026-02-25 13:54:45 -06:00
vpp.go Immediately reject duplicate Android web-clips (#42704) 2026-03-31 09:34:12 -04:00
vpp_test.go Wipe host cancels all upcoming activities (#44323) 2026-05-01 14:01:46 -06:00
vulnerabilities.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
vulnerabilities_test.go 🤖 Chore: remove deprecated appendListOptionsWithCursorToSQL (#44385) 2026-05-05 10:26:47 -04:00
wstep.go
wstep_test.go