* feat: add FAQ for distinguishing between fleetctl vs the REST API vs Fleet UI
* Update FAQ.md
Edits recorded by line:
189 changed "vs" to "vs."
191 replaced "useful" with "helpful"
193 added "," after "fleetctl"; deleted "make" and "of"
195 replaced "nice to look at" with "visually appealing"; deleted "is" and "meant to"; added "s" to "make"; replaced "wider" with "broader"
Co-authored-by: Desmi-Dizney <99777687+Desmi-Dizney@users.noreply.github.com>
* GitHub webhook: Add support for '*' DRI rule
This allows any fleetie to edit the handbook landing page (e.g. in the event pages need to get moved around)
* invert how DRI rules for website are expressed
* lint fix + add support for array syntax
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Adding Growth handbook page
* Add context to team description
@timmy-k Added the change you requested. No need to submit a new PR!
* Update growth.md
All edits are recorded by line:
30 replaced “has been” with “is”; deleted “it needs to be“ before “deliver”; replaced “delivered’ with “deliver”; added “it” after “deliver”
41 deleted “please” before “ensure”; replaced “has been” with “is”
50 replaced “can” with “is”; deleted “be” before “used”; added “and” before “software”; replace “,” with “.” after software; replaced and with “It can”; added “monitor” before “EDR”
Co-authored-by: Desmi-Dizney <99777687+Desmi-Dizney@users.noreply.github.com>
* Adding permissions to docs.yml and integration.yml
* Update codeql-analysis.yml
Adding top level read permissions to codeql workflow
* Update codeql-analysis.yml
Adding manual dispatch to codeql - to be able to test it easier
* Update deploy-fleet-website.yml
Adding top level read permission + write in the job so it can push the website
* Update test-website.yml
test-website should only need read permissions on content.
* Update fleet-and-orbit.yml
Testing Fleet and Orbit should be fine with top level read access
* Update fleetctl-preview.yml
fleetctl-preview should be fine with just read access at top level
* Update push-osquery-perf-to-ecr.yml
ECR is out of github so read permissions should be enough
* Update semgrep-analysis.yml
semgrep should only need read
* Update test-packaging.yml
Should only need read permission - setting on top
* Update test.yml
Should not need any write access - setting to READ on top.
* Update deploy-fleet-website.yml
Removing git write permission - since this pushes to Heroku not GitHub
* Tweaked as per Zach's comments
Removed some useless restrictions (contents none on a public repo for example)
* Removed meaningless permissions
contents: none - this does not have any security advantage on a public repo
- Update CHANGELOG
- Bump versioning
- Tweak documentation
- Default `session_duration` to `5d`
- Add extra `#` to "Team policies" section so it doesn't show up in top level nav for docs
* Upgrade and replace kolide/osquery-go with osquery/osquery-go
* Upgrade macadmins/osquery-extension to v0.0.7
* Upgrade kolide/launcher to latest
* go mod tidy
* Update README.md
Github security link was not pointing to the right place in the security page
* Update README.md
Extra hyphen removed
* Update README.md
Adding file extension BACK. How many commits will I need to fix a link??
* Adding GitHub security guide
* Update security.md
All edits are recorded by line:
273-275 reworded for clarity.
299 reworded to “Selecting Write provides the perfect balance!”
312 deleted “,” after “discussions”
313 deleted “want to“
317 replaced “into to” with “in too”; deleted “,” after “places”; added hyphen to “security-related”
322 deleted “,” after “configure”
340 replaced “had a need for” with “needed”
345 added “,” after “workflows”
* ccccccujudggihredvcugfctdteubbiteignjjjrfndh
* removedyubisneeze
* Update security.md
I removed the hyphen’s from “open source” in this section. Though the hyphen is correct Mike T. told me it’s a Mike McNeil preference.
All edits are recorded by line:
258 deleted “,” after ”running”
265 replace “as” with “so”; replaced “device” with device's OS “device's OS”
269 replaced “We need to host and collaborate on code as a company making open-source software!” with “Since Fleet makes open source software, we need to host and collaborate on code.”
273 deleted “-“ from “open source’
287 replaced “was” with “were”
290 deleted “:” after “enable”; added italics to “Require two-factor authentication”
293 removed”-“ from “open source”; added “If you can imagine,”
309 added italics to “Write”
326 deleted”,” after “discussions”
* Update security.md
Added a link in the macOS section to point to a blog post on the topic, and finished GitHub security section draft.
* Update security.md
Fixed broken italic
* Update security.md
All edits are recorded by line:
261 deleted “,” after “default”; added “the” before “performance”
262 added “from having”
* Update security.md
All edits are recorded by line:
270 replaced “,” with “;”
274 added “,” after “source”
311 deleted “.” after “creation”; added “,” after “eventually”
313 replaced “be sure” with “ensure”; added “,” after “handbook”
321 added “,” after “example”
327 replaced “it” with “them”
346 added “a pull request”
348 added “a” before “linear”
351 replaced “We have need this” with “We do not have a need this”
377 deleted”,” after “actions”
378 added “,” after “privileges”
384 added “,” after “repositories”
* Update security.md
Made Dependabot explanation clearer
* Update security.md
Removed an extra `that`
* Update security.md
It's dependa*b*ot not dependaot!
Co-authored-by: Desmi-Dizney <99777687+Desmi-Dizney@users.noreply.github.com>
* WIP
* WIP2
* Fix orbit and fleetctl tests
* Amend macos-app default
* Add some fixes
* Use fleetctl updates roots command
* Add more fixes to Updater
* Fixes to app publishing and downloading
* Add more changes to support fleetctl cross generation
* Amend comment
* Add pkg generation to ease testing
* Make more fixes
* Add changes entry
* Add legacy targets (until our TUF system exposes the new app)
* Fix fleetctl preview
* Fix bool flag
* Fix orbit logic for disabled-updates and dev-mode
* Fix TestPreview
* Remove constant and fix zip-slip attack (codeql)
* Return unknown error
* Fix updater's checkExec
* Add support for executable signing in init_tuf.sh
* Try only signing orbit
* Fix init_tuf.sh targets, macos-app only for osqueryd
* Specify GOARCH to support M1s
* Add workflow to generate osqueryd.app.tar.gz
* Use 5.2.2 on init_tuf.sh
* Add unit test for tar.gz target
* Use artifacts instead of releases
* Remove copy paste residue
* Fleet Desktop Packaging WIP
* Ignore gosec warning
* Trigger on PR too
* Install Go in workflow
* Pass url parameter to desktop app
* Fix fleetctl package
* Final set of changes for v1 of Fleet Desktop
* Add changes
* PR fixes
* Fix CI build
* add larger menu bar icon
* Add transparency item
* Delete host_device_auth entry on host deletion
* Add SetTargetChannel
* Update white logo and add desktop to update runner
* Add fleet-desktop monitoring to orbit
* Define fleet-desktop app exec name
* Fix update runner creation
* Add API test before enabling the My device menu item
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
