I got [nerd sniped](https://en.wikipedia.org/wiki/Nerd_sniping) while
adding the QA process for the website and did some long overdue
housekeeping of the brand section of the handbook. There's still more to
do, but this is a good start.
## Changes
- Updated the `maintainedby` meta tag on `commonly-used-terms.md`
- Added a line break that I spotted on `content-style-guide.md`
- Moved the docs handbook content to its own page and linked to it from
the marketing page of the handbook to reduce the excessive scroll.
- Consolidated the Markdown instructions from the docs handbook section
into `markdown-guide.md` and linked to it from the relevant section of
the docs handbook page.
- Moved the website handbook content to its own handbook page and linked
to it from the marketing page of the handbook to reduce the excessive
scroll.
- Added quality assurance process to the website handbook page.
- Re-ordered the brand section of the handbook to show brand resources
and content style guide first.
## QA
- [x] Manual QA for all new/changed functionality
Proposed changes:
- I spotted a typo
- I updated references to previous staff members while reading.
- I spelled out "Executive Assistant" in the first couple of instances
and included "(EA)." It may seem an obvious acronym, but I'm a dumbo,
and the first time I heard EA mentioned, I thought we were talking about
Electronic Arts, the software developer. That is not entirely true, but
you get my point 😉
There are also two more references to @mentioning Charlie in Slack on
lines 148 and 150 that I don't know who to update to, so I have left
them untouched for the time being.
Closes#11965
Changes:
- Updated the pricing table on the pricing page to be rendered by the
server.
- Updated the pricing page's view action to create another version of
the pricing table that does not have the "Device management" category
and that has security features sorted to the top of the table.
- Moved two features from the "Device management" category to "Security
and compliance" in `pricing-features-table.yml`.
Closes: https://github.com/fleetdm/confidential/issues/2964
Changes:
- Updated the `receive-from-customer-fleet-instance` webhook to send a
request to a Workspace One OAuth URL to get the authorization token used
to send requests to a Workspace one instance.
Before this is merged, we will need to:
- [ ] remove the `sails.custom.config.customerWorkspaceOneTenantId` and
`customerWorkspaceOneAuthorizationToken` config variables.
- [ ] Add two new config variables:
`sails.config.custom.customerWorkspaceOneOauthSecret` and
`sails.config.custom.customerWorkspaceOneOauthId`
.
A few minor things going on:
1. Adjusted the Puppet module to send the profiles base64 encoded
2. Enabled FileVault by default on teams created using the `/match`
endpoint.
3. Remove profiles when a team is removed. We can't do a foreign key
because the global team.id is NULL. I also included a migration to
cleanup orphaned profiles.
## Addresses
[confidential/2940](https://github.com/fleetdm/confidential/issues/2940)
Patched a potential security issue in UI
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Fixed typo in the heading for the osquery management land page.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Manual QA
This relates to #11312
`18.9.17.6`: Fixing the issue with policy pointing to a different GPO
and Registry value
`18.9.47.4.2`: Adding COLLATE NOCASE to avoid case sensitive issue with
SpynetReporting value
Changes:
- Updated the old (now invalid) osquery slack invitation link to go to
fleetdm.com/slack (which redirects to a valid osquery slack invitation)
#11266
PS: I first attempted a serialization trick by introducing a new
`appConfigResponse` and implementing `json.Marshal` to exclude these
fields but it was too hacky and hard to maintain moving forward, so I'm
bitting the bullet now. Happy to hear other ideas.
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
