From 6079047899b8b0b93f6cfc116a02723bdb4801cf Mon Sep 17 00:00:00 2001 From: Luke Heath Date: Tue, 4 Feb 2025 14:27:11 -0600 Subject: [PATCH] Adding changes for Fleet v4.64.0 --- CHANGELOG.md | 112 ++++++++++++++++++ changes/16865-increase-statistics-frequency | 1 - changes/22353-abm-hosts-upcoming-activities | 1 - .../22464-list-hosts-populate-users-labels | 1 - changes/22544-move-linux-lock-wipe | 1 - changes/22919-semver-util | 1 - changes/23096-fma-errors | 1 - changes/23116-fma-dl-url | 1 - changes/23241-lock-api-response | 1 - changes/23312-update-policies-empty-state | 1 - .../23465-query-reports-support-event-format | 1 - changes/23770-fleetctl-linux-arm | 1 - changes/23924-handle-long-team-names | 1 - changes/24035-team-agent-options-ui-resets | 1 - changes/24341-improve-ux-of-script-list-items | 1 - changes/24470-bash | 1 - changes/24486-error-for-invalid-invites | 1 - changes/24544-target-labels-vpp | 3 - changes/24601-editable-scripts-frontend | 1 - changes/24602-editable-scripts | 1 - changes/24732-gzip | 1 - changes/24754-require-pw-for-pw-auth | 4 - changes/24766-clickable-row-behavior | 1 - changes/24790-admx-policies | 1 - changes/24876-dashboard-cards | 1 - changes/24886-fix-pagination-on-policies-page | 1 - changes/24948-display-api-errors-in-user-form | 2 - changes/24958-gitops-webhooks-disable | 1 - changes/25015-user-page-responsive | 1 - changes/25130-iterm-false-neg | 1 - .../25160-optimize-software-during-enrollment | 2 - changes/25191-disk-encryption-sentence-case | 1 - changes/25201-unknown-installer-version | 1 - changes/25235-software-titles-uniqueness | 1 - changes/25241-smtp-helo-domain | 1 - changes/25251-url-fleet-app-response | 1 - changes/25257-dropdown-improvements | 1 - ...25261-identical-hostnames-label-membership | 2 - changes/25273-hde-windows-verifying | 2 - changes/25305-update-add-hosts-help-text | 1 - changes/25306-add-windows-linux-hosts-radios | 2 - changes/25307-fleetctl-package-link | 1 - .../25318-update-sso-settings-error-states | 1 - .../25346-fix-manage-automations-link-on-dash | 1 - .../25366-manage-automation-dropdown-styling | 1 - ...7-allow-excluding-fma-from-software-titles | 1 - changes/25553-update-compatibility-tooltip | 2 - changes/25555-batch-hostnames-on-new-label | 1 - changes/25567-renew-vpp | 1 - changes/25581-session-id | 1 - changes/25590-node | 1 - changes/25597-false-positives | 1 - changes/25609-archive-encryption-keys | 1 - changes/25615-windows-mdm-profiles | 1 - changes/25640-fix-idp-source | 1 - ...e-fleetctl-from-fleetdm-fleet-docker-image | 1 - changes/25759-illegal-argument-errors | 1 - changes/25812-ddm-profiles-stuck | 1 - changes/25956-fix-buggy-efa-editing | 1 - ...-21691-windows-disk-encryption-dont-resend | 2 - changes/issue-23912-ui-for-activities | 1 - .../issue-24824-tooltip-verified-verifying | 1 - changes/issue-24901-fixes-error-cutoff | 1 - .../issue-24992-padding-fixes-around-lists | 1 - changes/issue-25159-update-deadline-tooltip | 2 - .../issue-25507-upgrade-github-cache-action | 1 - ...sue-25735-fix-500-vulnerable-host-software | 1 - charts/fleet/Chart.yaml | 4 +- charts/fleet/values.yaml | 2 +- .../dogfood/terraform/aws/variables.tf | 2 +- .../dogfood/terraform/gcp/variables.tf | 2 +- terraform/addons/vuln-processing/variables.tf | 4 +- terraform/byo-vpc/byo-db/byo-ecs/variables.tf | 4 +- terraform/byo-vpc/byo-db/variables.tf | 4 +- terraform/byo-vpc/variables.tf | 4 +- terraform/variables.tf | 4 +- tools/fleetctl-npm/package.json | 4 +- 77 files changed, 129 insertions(+), 96 deletions(-) delete mode 100644 changes/16865-increase-statistics-frequency delete mode 100644 changes/22353-abm-hosts-upcoming-activities delete mode 100644 changes/22464-list-hosts-populate-users-labels delete mode 100644 changes/22544-move-linux-lock-wipe delete mode 100644 changes/22919-semver-util delete mode 100644 changes/23096-fma-errors delete mode 100644 changes/23116-fma-dl-url delete mode 100644 changes/23241-lock-api-response delete mode 100644 changes/23312-update-policies-empty-state delete mode 100644 changes/23465-query-reports-support-event-format delete mode 100644 changes/23770-fleetctl-linux-arm delete mode 100644 changes/23924-handle-long-team-names delete mode 100644 changes/24035-team-agent-options-ui-resets delete mode 100644 changes/24341-improve-ux-of-script-list-items delete mode 100644 changes/24470-bash delete mode 100644 changes/24486-error-for-invalid-invites delete mode 100644 changes/24544-target-labels-vpp delete mode 100644 changes/24601-editable-scripts-frontend delete mode 100644 changes/24602-editable-scripts delete mode 100644 changes/24732-gzip delete mode 100644 changes/24754-require-pw-for-pw-auth delete mode 100644 changes/24766-clickable-row-behavior delete mode 100644 changes/24790-admx-policies delete mode 100644 changes/24876-dashboard-cards delete mode 100644 changes/24886-fix-pagination-on-policies-page delete mode 100644 changes/24948-display-api-errors-in-user-form delete mode 100644 changes/24958-gitops-webhooks-disable delete mode 100644 changes/25015-user-page-responsive delete mode 100644 changes/25130-iterm-false-neg delete mode 100644 changes/25160-optimize-software-during-enrollment delete mode 100644 changes/25191-disk-encryption-sentence-case delete mode 100644 changes/25201-unknown-installer-version delete mode 100644 changes/25235-software-titles-uniqueness delete mode 100644 changes/25241-smtp-helo-domain delete mode 100644 changes/25251-url-fleet-app-response delete mode 100644 changes/25257-dropdown-improvements delete mode 100644 changes/25261-identical-hostnames-label-membership delete mode 100644 changes/25273-hde-windows-verifying delete mode 100644 changes/25305-update-add-hosts-help-text delete mode 100644 changes/25306-add-windows-linux-hosts-radios delete mode 100644 changes/25307-fleetctl-package-link delete mode 100644 changes/25318-update-sso-settings-error-states delete mode 100644 changes/25346-fix-manage-automations-link-on-dash delete mode 100644 changes/25366-manage-automation-dropdown-styling delete mode 100644 changes/25427-allow-excluding-fma-from-software-titles delete mode 100644 changes/25553-update-compatibility-tooltip delete mode 100644 changes/25555-batch-hostnames-on-new-label delete mode 100644 changes/25567-renew-vpp delete mode 100644 changes/25581-session-id delete mode 100644 changes/25590-node delete mode 100644 changes/25597-false-positives delete mode 100644 changes/25609-archive-encryption-keys delete mode 100644 changes/25615-windows-mdm-profiles delete mode 100644 changes/25640-fix-idp-source delete mode 100644 changes/25748-remove-fleetctl-from-fleetdm-fleet-docker-image delete mode 100644 changes/25759-illegal-argument-errors delete mode 100644 changes/25812-ddm-profiles-stuck delete mode 100644 changes/25956-fix-buggy-efa-editing delete mode 100644 changes/issue-21691-windows-disk-encryption-dont-resend delete mode 100644 changes/issue-23912-ui-for-activities delete mode 100644 changes/issue-24824-tooltip-verified-verifying delete mode 100644 changes/issue-24901-fixes-error-cutoff delete mode 100644 changes/issue-24992-padding-fixes-around-lists delete mode 100644 changes/issue-25159-update-deadline-tooltip delete mode 100644 changes/issue-25507-upgrade-github-cache-action delete mode 100644 changes/issue-25735-fix-500-vulnerable-host-software diff --git a/CHANGELOG.md b/CHANGELOG.md index de84732b1bdb..c579bd25092a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,115 @@ +## Fleet 4.64.0 (TBD) + +### Bug fixes and improvement + +- Fixed UI in window profiles error message being cut off in OS settings modal +- Fleet UI: Fixed user page responsiveness to not overflow horizontally +- Fleet UI: Clarified editing VPP teams will remove App Store apps available to team, not uninstalling apps from hosts +- Fleet UI: Added ability to target app store apps with include/exclude labels +- Fleet UI: Added ability to edit targets or self service option for app store apps +- Fleet UI: Added details modal for add, edit, and delete app store app global activities +- Fleet UI: Fixed two broken links in Setup experience +- Considered the results of a live query in calculating an existing query's performance impact if the user didn't change the query from the stored version +- Added clearer error states to metadata-related fields in SSO settings form +- Fixed case consistency for "Disk encryption" in host OS settings modal +- Implemented user-level settings and used them to persist a user's selection of which columns to display on the hosts table +- Fleet UI: Created consistency of on-click behavior of table rows: View all host link must be clicked directly, clicking on a row of a table directs the user to the details of that row +- Pushed correct paths to the URL on the my device page when self-service is not enabled for the host +- Removed duplicate Linux lock and wipe scripts from repository +- Fleet UI: Fixed styling for manage automation buttons and dropdown +- Included osquery pre-releases in daily UI constant update GitHub Actions job +- Displayed command line installation instructions when a package is generated +- Surfaced cleaner errors when adding Fleet-maintained apps +- Hosts that are restored from ABM no longer have old activities in their feed +- Allowed delivery of bootstrap packages and software installers using signed URLs from CloudFront CDN +- Displayed the correct path for agent options when a key is placed in the wrong object +- Added download url for fleet maintained apps as `url` property on `fleet/software/fleet_maintained_apps/:id` +- Fixed a bug where query reports were not being recorded for hosts configured with `--logger_snapshot_event_type=true` +- Added gzip compression for static CSS and JS assets to decrease bundle download times +- Fixed issue where the vulnerabilities cron was failing in large environments due to large SQL queries +- Added a fallback for extracting app name from .pkg installers that have default or incorrect title attributes in their distribution file +- Improved validation workflow on SMTP settings page +- Clarified text on the Policies page when no policies exist for the selected team (or All Teams) +- Fixed UI bug in "My device" page where the "Software" tab included filter elements that did not match the expected design +- Updated the help text for 3 tabs of the Add hosts modal +- Fixed reporting of software uninstall results after a host has been locked/unlocked +- Added util wrapper func around semver package to allow for custom preprocessing and upgraded semver library to version 3.3.1 +- Added "exclude_fleet_maintained_apps" option to `GET /api/v1/fleet/software/titles` +- Various UX improvements to the Scripts list +- Fleet UI: Improved the look and feel of dropdowns +- Fixed UI bug on the "Controls" page where incorrect timestamp information was displayed while the "Current versions" table was loading +- Checked the server for validity of any Fleet invites +- Added `fleetctl` on Linux ARM binary to releases +- Fixed incorrect source value in device mapping REST API documentation +- Fleet UI: Changed look and feel of dashboard host count cards including hiding platforms with 0 count +- Stopped VPP apps from being removed from teams whenever the VPP token team assignment is updated +- For batch upload of Apple DDM profiles with `fleetctl gitops`, fixed issue where activity feed was showing a change when profiles didn't actually change +- Improved software installation for failed policies: Added platform-specific filtering in the software dropdown, ensuring only compatible software are displayed based on each policy's targeted platforms +- Added VPP app to automatic installation dropdown for failed policies and auto install information on VPP app details page +- Fixed a bug in Fleet's handling of VPP token renewal requests +- Fixed mail being sent with the incorrect SMTP Domain +- Fleet UI: Fixed software name overflow in various modals +- Clarified expected behavior of policy host counts, dashboard controls software count, and controls os updates versions count +- Fixed when trying to filter by vulnerable software for iOS or iPad host +- Added modal to edit script contents +- Updated the UI to a new activities design +- Fixed issue where some Windows MDM profiles were not being sent to hosts when hosts came back online +- Added ability to install VPP apps on policy failure +- Allowed filtering titles by "any of these platforms" in `GET /api/v1/fleet/software/titles` +- Fixed form validation behavior on the SSO settings form +- Added bash interpreter support for script execution +- Downgraded expected/common "BootstrapPackage not found" server error to a debug message +- Added link to information about installing fleetd when packages are generated +- Archived disk encryption keys when they are created or updated +- Fixed a bug where adding or removing a host with an identical name to/from a label caused the same action to be performed on other host(s) with the same name as well +- Fixed MSI parsing for packages including long interned strings +- Included current host status and pending action in lock, unlock, and wipe API calls +- Resolved false-positives for the `pass` Homebrew package and `jira` Python package via a vulnerability feed update +- Fleet UI: Fix software actions dropdown styling bug +- Rendered the default empty value when a host has no UUID +- Fixed Windows MDM issue where SessionID of 0 was not allowed +- Fixed a bug with paginating team policies +- Bump Node.js version to 20.18.1 +- Normalised padding spacing for list headers, lists, and help text across various modals +- Removed the resend button for failed Windows disk encryption profiles and added messaging that tells the user that Fleet will automatically retry this profile again +- Fixed a false negative vulnerability reporting for iTerm2 +- Optimized software ingestion queries to use existing DB indexes in the software titles table and fixed a bug "software not found for checksum" in software ingestion transaction retries +- Included a host's team-level queries when the user is selecting a query to target for a specific host via the host details page +- Fleet UI: Added timestamp for software, OS, and vulnerability detail pages for host count last update time +- Updated user form validation to require a password be present when switching a user from SSO to password authentication, refactor upstream error logic to allow disabling submit button when form errors are present, and add similar check for password presence on server +- Improved verified and verifying tooltips on the Profile Status on OS settings page +- Maintained user's updates to the team agent options form when they navigate away and back again +- Fixed issue when identical MDM commands are sent twice to the same device when replica DB is being used +- Added API endpoint for updating script contents +- Fleet UI: Fixed redirect when clicking on any column in the Fleet Maintained Apps table +- Bumped github cache action to 4.2.0 +- Fixed issue where Windows disk encryption status updates were sometimes stuck in the "Verifying" state +- Fixed a bug where server errors returned from the API were not successfully being incorporated into the user form error states +- Used an email logo compatible with dark modes +- Removed arrow icon from MDM solution table on dashboard page +- Logged illegal argument errors at the DEBUG level instead of the ERROR level +- Fixed issue where deleted Apple config profiles were installing on devices because devices were offline when the profile was added +- Removed `fleetctl` binary from the `fleetdm/fleet` docker image +- Revised software installer package validation to mark installers with no version as "unknown" for version rather than rejecting them +- Added server debug logging for unexpected Apple DDM configuration status +- Fixed a bug where team admins are unable to enable or disable MFA for a user +- Updated the way new manual labels are created to better support adding large numbers of hosts at one time +- Replaced "Include Fleet desktop" with host type radio selection buttons when adding Windows or Linux hosts +- Fleet UI: Surfaced download URL for Fleet-maintained app when adding the software to Fleet +- Disabled webhooks if not present in gitops +- Removed erroneous "manage automations" link on dashboard for maintainers +- Fixed CVE-2024-10327 false positive on Fleet-supported platforms +- Added option to populate users and labels on list hosts endpoint +- Improved the teams dropdown so that it gracefully hides overflow from long team names +- Improved readability of success message on email update by never including the sender address +- Fixed missing capabilities in the UI for team admins creating or editing a user +- Updated the OS settings Target form deadline input tooltip to make it more correct for how the deadline works for hosts +- Updated Fleet-maintained app install scripts for non-PKG-based installers to allow the apps to be installed over an existing installation +- Raised the frequency of sending anonymous statistics from every 24 hours to every 1 hour +- Fixed issue verifying Windows CSP profiles that contain ADMX policies +- Updated language in query compatibility tooltip to clarify that compatibility is based only on tables + + ## Fleet 4.63.0 (Feb 03, 2025) ## Device management (MDM) diff --git a/changes/16865-increase-statistics-frequency b/changes/16865-increase-statistics-frequency deleted file mode 100644 index 36b323d1e4a1..000000000000 --- a/changes/16865-increase-statistics-frequency +++ /dev/null @@ -1 +0,0 @@ -* Raised the frequency of sending anonymous statistics from every 24 hours to every 1 hour. (This is a fairly small packet and should have no impact on network traffic) diff --git a/changes/22353-abm-hosts-upcoming-activities b/changes/22353-abm-hosts-upcoming-activities deleted file mode 100644 index ee74914b6d44..000000000000 --- a/changes/22353-abm-hosts-upcoming-activities +++ /dev/null @@ -1 +0,0 @@ -- Hosts that are restored from ABM no longer have old activities in their feed diff --git a/changes/22464-list-hosts-populate-users-labels b/changes/22464-list-hosts-populate-users-labels deleted file mode 100644 index 8f7cdc48fd12..000000000000 --- a/changes/22464-list-hosts-populate-users-labels +++ /dev/null @@ -1 +0,0 @@ -- Added option to populate users and labels on list hosts endpoint diff --git a/changes/22544-move-linux-lock-wipe b/changes/22544-move-linux-lock-wipe deleted file mode 100644 index 44207ca71dec..000000000000 --- a/changes/22544-move-linux-lock-wipe +++ /dev/null @@ -1 +0,0 @@ -- Removed duplicate Linux lock and wipe scripts from repository diff --git a/changes/22919-semver-util b/changes/22919-semver-util deleted file mode 100644 index 26beef7b9067..000000000000 --- a/changes/22919-semver-util +++ /dev/null @@ -1 +0,0 @@ -* Added util wrapper func around semver package to allow for custom preprocessing. Upgraded semver library to 3.3.1 and usage everywhere to version 3. \ No newline at end of file diff --git a/changes/23096-fma-errors b/changes/23096-fma-errors deleted file mode 100644 index 43fb96194638..000000000000 --- a/changes/23096-fma-errors +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Surfaced cleaner errors when adding Fleet-maintained apps diff --git a/changes/23116-fma-dl-url b/changes/23116-fma-dl-url deleted file mode 100644 index 4314a262ac16..000000000000 --- a/changes/23116-fma-dl-url +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Surfaced download URL for Fleet-maintained app when adding the software to Fleet diff --git a/changes/23241-lock-api-response b/changes/23241-lock-api-response deleted file mode 100644 index 069b8633edb1..000000000000 --- a/changes/23241-lock-api-response +++ /dev/null @@ -1 +0,0 @@ -* Included current host status and pending action in lock, unlock, and wipe API calls diff --git a/changes/23312-update-policies-empty-state b/changes/23312-update-policies-empty-state deleted file mode 100644 index 3adbff0e333b..000000000000 --- a/changes/23312-update-policies-empty-state +++ /dev/null @@ -1 +0,0 @@ -- Clarified text on the Policies and Queries pages when no policies/queries exist for the selected team (or All Teams) diff --git a/changes/23465-query-reports-support-event-format b/changes/23465-query-reports-support-event-format deleted file mode 100644 index 934cfa5f5304..000000000000 --- a/changes/23465-query-reports-support-event-format +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug where query reports where not being recorded for hosts configured with `--logger_snapshot_event_type=true`. diff --git a/changes/23770-fleetctl-linux-arm b/changes/23770-fleetctl-linux-arm deleted file mode 100644 index 657bb3ef5acc..000000000000 --- a/changes/23770-fleetctl-linux-arm +++ /dev/null @@ -1 +0,0 @@ -- Added `fleetctl` on Linux ARM binary to releases. diff --git a/changes/23924-handle-long-team-names b/changes/23924-handle-long-team-names deleted file mode 100644 index 1c12f3dd8277..000000000000 --- a/changes/23924-handle-long-team-names +++ /dev/null @@ -1 +0,0 @@ -* Improve the teams dropdown so that it gracefully hides overflow from long team names diff --git a/changes/24035-team-agent-options-ui-resets b/changes/24035-team-agent-options-ui-resets deleted file mode 100644 index f4bb9bcba5c6..000000000000 --- a/changes/24035-team-agent-options-ui-resets +++ /dev/null @@ -1 +0,0 @@ -* Maintain user's updates to the team agent options form when they navigate away and back again. \ No newline at end of file diff --git a/changes/24341-improve-ux-of-script-list-items b/changes/24341-improve-ux-of-script-list-items deleted file mode 100644 index 2ab900a4f29c..000000000000 --- a/changes/24341-improve-ux-of-script-list-items +++ /dev/null @@ -1 +0,0 @@ -* Various UX improvements to the Scripts list \ No newline at end of file diff --git a/changes/24470-bash b/changes/24470-bash deleted file mode 100644 index 7f856b78a8d4..000000000000 --- a/changes/24470-bash +++ /dev/null @@ -1 +0,0 @@ -* Added bash interpreter support for script execution diff --git a/changes/24486-error-for-invalid-invites b/changes/24486-error-for-invalid-invites deleted file mode 100644 index c3517863a45c..000000000000 --- a/changes/24486-error-for-invalid-invites +++ /dev/null @@ -1 +0,0 @@ -- Check the server for validity of any Fleet invites diff --git a/changes/24544-target-labels-vpp b/changes/24544-target-labels-vpp deleted file mode 100644 index 3aaceb49c2b5..000000000000 --- a/changes/24544-target-labels-vpp +++ /dev/null @@ -1,3 +0,0 @@ -- Fleet UI: Added ability to target app store apps with include/exclude labels -- Fleet UI: Added ability to edit targets or self service option for app store apps -- Fleet UI: Added details modal for add, edit, and delete app store app global activities diff --git a/changes/24601-editable-scripts-frontend b/changes/24601-editable-scripts-frontend deleted file mode 100644 index a2f472378077..000000000000 --- a/changes/24601-editable-scripts-frontend +++ /dev/null @@ -1 +0,0 @@ -- Added modal to edit script contents diff --git a/changes/24602-editable-scripts b/changes/24602-editable-scripts deleted file mode 100644 index c6380edcbad0..000000000000 --- a/changes/24602-editable-scripts +++ /dev/null @@ -1 +0,0 @@ -- Added API endpoint for updating script contents diff --git a/changes/24732-gzip b/changes/24732-gzip deleted file mode 100644 index dc93fa6ec96c..000000000000 --- a/changes/24732-gzip +++ /dev/null @@ -1 +0,0 @@ -* Added gzip compression for static CSS and JS assets to decrease bundle download times diff --git a/changes/24754-require-pw-for-pw-auth b/changes/24754-require-pw-for-pw-auth deleted file mode 100644 index d6228caf8a62..000000000000 --- a/changes/24754-require-pw-for-pw-auth +++ /dev/null @@ -1,4 +0,0 @@ -- Update user form validation to require a password be present when switching a user from - SSO to password authentication -- Refactor upstream error logic to allow disabling submit button when form errors are present -- Add similar check for password presence on server, update integration test accordingly diff --git a/changes/24766-clickable-row-behavior b/changes/24766-clickable-row-behavior deleted file mode 100644 index 83bea785a2b1..000000000000 --- a/changes/24766-clickable-row-behavior +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Created consistency of on-click behavior of table rows: View all host link must be clicked directly, clicking on a row of a table directs the user to the details of that row diff --git a/changes/24790-admx-policies b/changes/24790-admx-policies deleted file mode 100644 index 515825cb48da..000000000000 --- a/changes/24790-admx-policies +++ /dev/null @@ -1 +0,0 @@ -Fixes issue verifying Windows CSP profiles that contain ADMX policies. diff --git a/changes/24876-dashboard-cards b/changes/24876-dashboard-cards deleted file mode 100644 index 429ec0215818..000000000000 --- a/changes/24876-dashboard-cards +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Changed look and feel of dashboard host count cards including hiding platforms with 0 count diff --git a/changes/24886-fix-pagination-on-policies-page b/changes/24886-fix-pagination-on-policies-page deleted file mode 100644 index 3ffb1bcf5d1a..000000000000 --- a/changes/24886-fix-pagination-on-policies-page +++ /dev/null @@ -1 +0,0 @@ -- Fix a bug with paginating team policies diff --git a/changes/24948-display-api-errors-in-user-form b/changes/24948-display-api-errors-in-user-form deleted file mode 100644 index b3ea58bd0ed3..000000000000 --- a/changes/24948-display-api-errors-in-user-form +++ /dev/null @@ -1,2 +0,0 @@ -- Fix a bug where server errors returned from the API were not successfully being incorporated into - the user form error states. diff --git a/changes/24958-gitops-webhooks-disable b/changes/24958-gitops-webhooks-disable deleted file mode 100644 index 64d22ac4fe60..000000000000 --- a/changes/24958-gitops-webhooks-disable +++ /dev/null @@ -1 +0,0 @@ -- Disable webhooks if not present in gitops diff --git a/changes/25015-user-page-responsive b/changes/25015-user-page-responsive deleted file mode 100644 index 2cfa9a2e8792..000000000000 --- a/changes/25015-user-page-responsive +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Fixed user page responsiveness to not overflow horizontally diff --git a/changes/25130-iterm-false-neg b/changes/25130-iterm-false-neg deleted file mode 100644 index f144429237bc..000000000000 --- a/changes/25130-iterm-false-neg +++ /dev/null @@ -1 +0,0 @@ -- Fixed a false negative vulnerability reporting for iTerm2 (available to all recent Fleet releases as of January 17th via a vulnerability feed update) \ No newline at end of file diff --git a/changes/25160-optimize-software-during-enrollment b/changes/25160-optimize-software-during-enrollment deleted file mode 100644 index 9d649162477b..000000000000 --- a/changes/25160-optimize-software-during-enrollment +++ /dev/null @@ -1,2 +0,0 @@ -* Optimized software ingestion queries to use existing DB indexes in the software titles table. -* Fixed a bug "software not found for checksum" in software ingestion transaction retries. diff --git a/changes/25191-disk-encryption-sentence-case b/changes/25191-disk-encryption-sentence-case deleted file mode 100644 index 38901732edb4..000000000000 --- a/changes/25191-disk-encryption-sentence-case +++ /dev/null @@ -1 +0,0 @@ -* Fixed case consistency for "Disk encryption" in host OS settings modal diff --git a/changes/25201-unknown-installer-version b/changes/25201-unknown-installer-version deleted file mode 100644 index 6b7ecc7c4938..000000000000 --- a/changes/25201-unknown-installer-version +++ /dev/null @@ -1 +0,0 @@ -* Revised software installer package validation to mark installers with no version as "unknown" for version rather than rejecting them diff --git a/changes/25235-software-titles-uniqueness b/changes/25235-software-titles-uniqueness deleted file mode 100644 index db9109455138..000000000000 --- a/changes/25235-software-titles-uniqueness +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug where only the first of multiple software titles with the same name and source but different bundle IDs would be successfully inserted into the database. \ No newline at end of file diff --git a/changes/25241-smtp-helo-domain b/changes/25241-smtp-helo-domain deleted file mode 100644 index 7c8cf30d9762..000000000000 --- a/changes/25241-smtp-helo-domain +++ /dev/null @@ -1 +0,0 @@ -- Fixed mail being sent with the incorrect SMTP Domain (thank you mccormickt) diff --git a/changes/25251-url-fleet-app-response b/changes/25251-url-fleet-app-response deleted file mode 100644 index ce3766ce139b..000000000000 --- a/changes/25251-url-fleet-app-response +++ /dev/null @@ -1 +0,0 @@ -* Added download url for fleet maintained apps as `url` property on `fleet/software/fleet_maintained_apps/:id` \ No newline at end of file diff --git a/changes/25257-dropdown-improvements b/changes/25257-dropdown-improvements deleted file mode 100644 index 86360f17b7d9..000000000000 --- a/changes/25257-dropdown-improvements +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Improved the look and feel of dropdowns \ No newline at end of file diff --git a/changes/25261-identical-hostnames-label-membership b/changes/25261-identical-hostnames-label-membership deleted file mode 100644 index ddd5f61d253e..000000000000 --- a/changes/25261-identical-hostnames-label-membership +++ /dev/null @@ -1,2 +0,0 @@ -- Fixed a bug where adding or removing a host with an identical name to/from a label caused the - same action to be performed on other host(s) with the same name as well. diff --git a/changes/25273-hde-windows-verifying b/changes/25273-hde-windows-verifying deleted file mode 100644 index c45ed02e8df1..000000000000 --- a/changes/25273-hde-windows-verifying +++ /dev/null @@ -1,2 +0,0 @@ -- Fixed issue where Windows disk encryption where status updates from "Verifying" to "Verified" were - sometimes stuck in the "Verifying" state. diff --git a/changes/25305-update-add-hosts-help-text b/changes/25305-update-add-hosts-help-text deleted file mode 100644 index 1227df1ebabd..000000000000 --- a/changes/25305-update-add-hosts-help-text +++ /dev/null @@ -1 +0,0 @@ -- Update the help text for 3 tabs of the Add hosts modal diff --git a/changes/25306-add-windows-linux-hosts-radios b/changes/25306-add-windows-linux-hosts-radios deleted file mode 100644 index 8354a181a46d..000000000000 --- a/changes/25306-add-windows-linux-hosts-radios +++ /dev/null @@ -1,2 +0,0 @@ -* Replace "Include Fleet desktop" with host type radio selection buttons when adding Windows or -Linux hosts. \ No newline at end of file diff --git a/changes/25307-fleetctl-package-link b/changes/25307-fleetctl-package-link deleted file mode 100644 index 8b3e96d3e571..000000000000 --- a/changes/25307-fleetctl-package-link +++ /dev/null @@ -1 +0,0 @@ -- Added link to information about installing fleetd when packages are generated diff --git a/changes/25318-update-sso-settings-error-states b/changes/25318-update-sso-settings-error-states deleted file mode 100644 index d1c840ca5a68..000000000000 --- a/changes/25318-update-sso-settings-error-states +++ /dev/null @@ -1 +0,0 @@ -* Add clearer error states to metadata-related fields in the SSO settings form diff --git a/changes/25346-fix-manage-automations-link-on-dash b/changes/25346-fix-manage-automations-link-on-dash deleted file mode 100644 index e00499bee31d..000000000000 --- a/changes/25346-fix-manage-automations-link-on-dash +++ /dev/null @@ -1 +0,0 @@ -- Removed erroneous "manage automations" link on dashboard for maintainers diff --git a/changes/25366-manage-automation-dropdown-styling b/changes/25366-manage-automation-dropdown-styling deleted file mode 100644 index ade66298db54..000000000000 --- a/changes/25366-manage-automation-dropdown-styling +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Fixed styling for manage automation buttons and dropdown diff --git a/changes/25427-allow-excluding-fma-from-software-titles b/changes/25427-allow-excluding-fma-from-software-titles deleted file mode 100644 index 5c4fac5d57d8..000000000000 --- a/changes/25427-allow-excluding-fma-from-software-titles +++ /dev/null @@ -1 +0,0 @@ -- Add "exclude_fleet_maintained_apps" option to `GET /api/v1/fleet/software/titles` diff --git a/changes/25553-update-compatibility-tooltip b/changes/25553-update-compatibility-tooltip deleted file mode 100644 index 5a6102341fdd..000000000000 --- a/changes/25553-update-compatibility-tooltip +++ /dev/null @@ -1,2 +0,0 @@ - -- Updates language in query comppatibility tooltip to clarify that comppatibility is based only on tables. \ No newline at end of file diff --git a/changes/25555-batch-hostnames-on-new-label b/changes/25555-batch-hostnames-on-new-label deleted file mode 100644 index 97c5056b8fd8..000000000000 --- a/changes/25555-batch-hostnames-on-new-label +++ /dev/null @@ -1 +0,0 @@ -- Updated the way new manual labels are created to better support adding large numbers of hosts at one time. diff --git a/changes/25567-renew-vpp b/changes/25567-renew-vpp deleted file mode 100644 index 57aaf6435492..000000000000 --- a/changes/25567-renew-vpp +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug in Fleet's handling of VPP token renewal requests diff --git a/changes/25581-session-id b/changes/25581-session-id deleted file mode 100644 index fed7ac6044ed..000000000000 --- a/changes/25581-session-id +++ /dev/null @@ -1 +0,0 @@ -Fix Windows MDM issue where SessionID of 0 was not allowed. diff --git a/changes/25590-node b/changes/25590-node deleted file mode 100644 index ab82059aaa27..000000000000 --- a/changes/25590-node +++ /dev/null @@ -1 +0,0 @@ -* Bump Node.js version to 20.18.1 diff --git a/changes/25597-false-positives b/changes/25597-false-positives deleted file mode 100644 index 54bb85396348..000000000000 --- a/changes/25597-false-positives +++ /dev/null @@ -1 +0,0 @@ -* Resolved false-positives for the `pass` Homebrew package and `jira` Python package via a vulnerability feed update available to all Fleet versions on 2025-01-22 diff --git a/changes/25609-archive-encryption-keys b/changes/25609-archive-encryption-keys deleted file mode 100644 index a3848afbd53a..000000000000 --- a/changes/25609-archive-encryption-keys +++ /dev/null @@ -1 +0,0 @@ -Disk encryption keys are now archived when they are created or updated. They are never fully deleted from the database. diff --git a/changes/25615-windows-mdm-profiles b/changes/25615-windows-mdm-profiles deleted file mode 100644 index 79e1239d1f2b..000000000000 --- a/changes/25615-windows-mdm-profiles +++ /dev/null @@ -1 +0,0 @@ -Fixed issue where some Windows MDM profiles were not being sent to hosts when hosts came back online. diff --git a/changes/25640-fix-idp-source b/changes/25640-fix-idp-source deleted file mode 100644 index 6bddefa0ee7b..000000000000 --- a/changes/25640-fix-idp-source +++ /dev/null @@ -1 +0,0 @@ -- Fixes incorrect source value in device mapping REST API documentation diff --git a/changes/25748-remove-fleetctl-from-fleetdm-fleet-docker-image b/changes/25748-remove-fleetctl-from-fleetdm-fleet-docker-image deleted file mode 100644 index e1e620e03eca..000000000000 --- a/changes/25748-remove-fleetctl-from-fleetdm-fleet-docker-image +++ /dev/null @@ -1 +0,0 @@ -* Removed `fleetctl` binary from the `fleetdm/fleet` docker image. diff --git a/changes/25759-illegal-argument-errors b/changes/25759-illegal-argument-errors deleted file mode 100644 index f9b6ca55ed95..000000000000 --- a/changes/25759-illegal-argument-errors +++ /dev/null @@ -1 +0,0 @@ -Illegal argument errors will no longer be logged at the ERROR level on the server. Since these are client errors, they will be logged at the DEBUG level instead. This will reduce the amount of noise in the server logs and help debugging other issues. diff --git a/changes/25812-ddm-profiles-stuck b/changes/25812-ddm-profiles-stuck deleted file mode 100644 index ca2a65454548..000000000000 --- a/changes/25812-ddm-profiles-stuck +++ /dev/null @@ -1 +0,0 @@ -Added server debug logging for unexpected Apple DDM configuration status. diff --git a/changes/25956-fix-buggy-efa-editing b/changes/25956-fix-buggy-efa-editing deleted file mode 100644 index c6202ad51e20..000000000000 --- a/changes/25956-fix-buggy-efa-editing +++ /dev/null @@ -1 +0,0 @@ -- Fix a bug where team admins are unable to enable or disable MFA for a user diff --git a/changes/issue-21691-windows-disk-encryption-dont-resend b/changes/issue-21691-windows-disk-encryption-dont-resend deleted file mode 100644 index b9d964677712..000000000000 --- a/changes/issue-21691-windows-disk-encryption-dont-resend +++ /dev/null @@ -1,2 +0,0 @@ -- remove the resend button for failed windows disk encryption profiles and add messaging that tells -the user that Fleet with automatically retry this profile again. diff --git a/changes/issue-23912-ui-for-activities b/changes/issue-23912-ui-for-activities deleted file mode 100644 index bd7f1a602ca4..000000000000 --- a/changes/issue-23912-ui-for-activities +++ /dev/null @@ -1 +0,0 @@ -- update the UI a new activities design diff --git a/changes/issue-24824-tooltip-verified-verifying b/changes/issue-24824-tooltip-verified-verifying deleted file mode 100644 index a2bea6a55fe5..000000000000 --- a/changes/issue-24824-tooltip-verified-verifying +++ /dev/null @@ -1 +0,0 @@ -- improve the verified and verifying tooltips on the Profile Status on OS settings page. diff --git a/changes/issue-24901-fixes-error-cutoff b/changes/issue-24901-fixes-error-cutoff deleted file mode 100644 index 8e22871a14d2..000000000000 --- a/changes/issue-24901-fixes-error-cutoff +++ /dev/null @@ -1 +0,0 @@ -- fix in UI for window profiles error message being cut off in the OS settings modal diff --git a/changes/issue-24992-padding-fixes-around-lists b/changes/issue-24992-padding-fixes-around-lists deleted file mode 100644 index 8fd3ae43e331..000000000000 --- a/changes/issue-24992-padding-fixes-around-lists +++ /dev/null @@ -1 +0,0 @@ -- normalise padding spacing for list headers, lists, and help text across various modals. diff --git a/changes/issue-25159-update-deadline-tooltip b/changes/issue-25159-update-deadline-tooltip deleted file mode 100644 index 086a4a571813..000000000000 --- a/changes/issue-25159-update-deadline-tooltip +++ /dev/null @@ -1,2 +0,0 @@ -- update the os settings Target form deadline input tooltip to make the it more correct for how the -deadline works for hosts diff --git a/changes/issue-25507-upgrade-github-cache-action b/changes/issue-25507-upgrade-github-cache-action deleted file mode 100644 index 2aa5033ea57d..000000000000 --- a/changes/issue-25507-upgrade-github-cache-action +++ /dev/null @@ -1 +0,0 @@ -- bump github cache action to 4.2.0 diff --git a/changes/issue-25735-fix-500-vulnerable-host-software b/changes/issue-25735-fix-500-vulnerable-host-software deleted file mode 100644 index 7115ab83dc19..000000000000 --- a/changes/issue-25735-fix-500-vulnerable-host-software +++ /dev/null @@ -1 +0,0 @@ -- fix when trying to filter by vulnerable software for ios or ipad host. diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml index 184a87fbe221..b3dcd8234ed3 100644 --- a/charts/fleet/Chart.yaml +++ b/charts/fleet/Chart.yaml @@ -4,11 +4,11 @@ name: fleet keywords: - fleet - osquery -version: v6.3.5 +version: v6.3.6 home: https://github.com/fleetdm/fleet sources: - https://github.com/fleetdm/fleet.git -appVersion: v4.63.0 +appVersion: v4.64.0 dependencies: - name: mysql condition: mysql.enabled diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml index 1b0f8d74983d..509c8caae61f 100644 --- a/charts/fleet/values.yaml +++ b/charts/fleet/values.yaml @@ -3,7 +3,7 @@ hostName: fleet.localhost replicas: 3 # The number of Fleet instances to deploy imageRepository: fleetdm/fleet -imageTag: v4.63.0 # Version of Fleet to deploy +imageTag: v4.64.0 # Version of Fleet to deploy podAnnotations: {} # Additional annotations to add to the Fleet pod serviceAnnotations: {} # Additional annotations to add to the Fleet service serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf index de092235df52..03a33eb1f8f9 100644 --- a/infrastructure/dogfood/terraform/aws/variables.tf +++ b/infrastructure/dogfood/terraform/aws/variables.tf @@ -56,7 +56,7 @@ variable "database_name" { variable "fleet_image" { description = "the name of the container image to run" - default = "fleetdm/fleet:v4.63.0" + default = "fleetdm/fleet:v4.64.0" variable "software_inventory" { description = "enable/disable software inventory (default is enabled)" diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf index 93b6de606a0d..aa643f05ff43 100644 --- a/infrastructure/dogfood/terraform/gcp/variables.tf +++ b/infrastructure/dogfood/terraform/gcp/variables.tf @@ -68,7 +68,7 @@ variable "redis_mem" { } variable "image" { - default = "fleetdm/fleet:v4.63.0" + default = "fleetdm/fleet:v4.64.0" } variable "software_installers_bucket_name" { diff --git a/terraform/addons/vuln-processing/variables.tf b/terraform/addons/vuln-processing/variables.tf index 4df0e007b047..2105b1177e9a 100644 --- a/terraform/addons/vuln-processing/variables.tf +++ b/terraform/addons/vuln-processing/variables.tf @@ -24,7 +24,7 @@ variable "fleet_config" { vuln_processing_cpu = optional(number, 2048) vuln_data_stream_mem = optional(number, 1024) vuln_data_stream_cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.63.0") + image = optional(string, "fleetdm/fleet:v4.64.0") family = optional(string, "fleet-vuln-processing") sidecars = optional(list(any), []) extra_environment_variables = optional(map(string), {}) @@ -82,7 +82,7 @@ variable "fleet_config" { vuln_processing_cpu = 2048 vuln_data_stream_mem = 1024 vuln_data_stream_cpu = 512 - image = "fleetdm/fleet:v4.63.0" + image = "fleetdm/fleet:v4.64.0" family = "fleet-vuln-processing" sidecars = [] extra_environment_variables = {} diff --git a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf index a9403a240699..727e7723304e 100644 --- a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf +++ b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf @@ -16,7 +16,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.63.0") + image = optional(string, "fleetdm/fleet:v4.64.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -119,7 +119,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.63.0" + image = "fleetdm/fleet:v4.64.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/byo-db/variables.tf b/terraform/byo-vpc/byo-db/variables.tf index a076dd350bed..a77360d1b4d9 100644 --- a/terraform/byo-vpc/byo-db/variables.tf +++ b/terraform/byo-vpc/byo-db/variables.tf @@ -77,7 +77,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.63.0") + image = optional(string, "fleetdm/fleet:v4.64.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -205,7 +205,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.63.0" + image = "fleetdm/fleet:v4.64.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf index 70d737252542..0c7e38b98391 100644 --- a/terraform/byo-vpc/variables.tf +++ b/terraform/byo-vpc/variables.tf @@ -170,7 +170,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.63.0") + image = optional(string, "fleetdm/fleet:v4.64.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -298,7 +298,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.63.0" + image = "fleetdm/fleet:v4.64.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/variables.tf b/terraform/variables.tf index 40bd6dbdad32..8c11c789145a 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -218,7 +218,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.63.0") + image = optional(string, "fleetdm/fleet:v4.64.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -346,7 +346,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.63.0" + image = "fleetdm/fleet:v4.64.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json index 032e46a9c50f..a997cc4011a5 100644 --- a/tools/fleetctl-npm/package.json +++ b/tools/fleetctl-npm/package.json @@ -1,6 +1,6 @@ { "name": "fleetctl", - "version": "v4.63.0", + "version": "v4.64.0", "description": "Installer for the fleetctl CLI tool", "bin": { "fleetctl": "./run.js" @@ -24,4 +24,4 @@ "osquery", "security" ] -} +} \ No newline at end of file