(deployments) Invalid Location header when returning 201 Created (cfccf2a) by @alfrunes
The location strips the /api path prefix and returns the remaining
absolute path as relative. Instead, always return the absolute path.
(deployments) Validate configuration on updates (MEN-8287) (ccad883) by @kjaskiewiczz
With this commit, when doing configuration update using internal endpoint, we validate the configuration.
(gui) Fixed an issue that would prevent showing unassigned static group devices (ME-519) (cf7f15d) by @mineralsfree
(gui) Fixed an issue that would add device filter automatically (MEN-8309) (8d0233c) by @mineralsfree
(gui) Fixed an issue with a filter input not reset after save (MEN-8309) (ed6b9f9) by @mineralsfree
(gui) Fixed an issue with 'true' value being set after selecting 'exists' operator (MEN-8309) (b8c8d8a) by @mineralsfree
(gui) Ensured selection filter is reset when attribute or value input are emptied (MEN-8309) (9cb2ff3) by @mineralsfree
(gui) Restored global settings layout after general input layout adjustments (f83c94e) by @mzedel
(gui) Fixed an issue that prevented showing deployment calendar entries (a7d386f) by @mzedel
(useradm) RBAC - fix permissions related to inventory filters (ME-510) (c38ab7f) by @kjaskiewiczz
Users without access to all devices should not be able to delete inventory filers.
(useradm) Fix permissions for assigning users to tenants (ME-507) (0efc65e) by @kjaskiewiczz
User with multiple roles, where one of the roles is Admin role, should be able to assign users to tenants.
Check if deployment was found when updating device deployment status (MEN-7749) (6b15227) by @bahaa-ghazal
Ensure email is always encoded in lowercase when stored (MEN-8328) (d80c818) by @alfrunes
Added a bson codec for model.Email that will ensure that emails are always encoded in lowercase in the database to ensure case insensitive queries.
(deployments) Fix API specification (QA-990) (4f8d069) by @kjaskiewiczz
Remove type properties from fields where value is not strictly defined.
(inventory) Migrate API specs to OpenAPI v3.0.1 (QA-886) (e7ce7e5) by @kjaskiewiczz
Fix API specifications to be compliant with OpenAPI 3 format (QA-990) (26e9fd2) by @kjaskiewiczz
Covert enterprise API docs to OpenAPI v3 (QA-886) (f44166c) by @alfrunes
(deviceauth) Rate limit authenticated devices API (MEN-7744) (8c80280) by @alfrunes
Added adaptive ratelimiting for devices APIs based on the max_devices
limit. Two new configuration options are exposed:
ratelimits.interval - duration until the quota resetsratelimits.quotas - mapping plan names to quota weights. The final
burst limit is computed as ratelimits.quotas[plan] * max_devicesThe rate limiting counter is independent for each API path (independent of method and version).
(deviceauth) Rate limit device requests (MEN-7744) (9c3041f) by @alfrunes
Added adaptive ratelimiting for devices APIs based on the max_devices
limit. Two new configuration options are exposed:
ratelimits.devices.enable - enable device level rate limitratelimits.devices.interval - duration until the quota resetsratelimits.devices.quota_plan - mapping plan names to quota
weights. The final burst limit is computed as
ratelimits.quotas[plan] * max_devicesratelimits.devices.quota_default - rate limit fallback for plans
with undefined limits.The rate limiting counter is independent for each API path (independent of method and version).
(generate-delta-worker) Update mender-artifact to latest v4.1.0
(MEN-8337) (294c6dd) by @lluiscampos
Modifying also the integration to build the tool from source instead or repurposing the upstream Debian package. This has the main advantage that we can compile it statically (by disabling a feature that we don't use) and that we have control of the compatibility aspects of the binary.
Add caching for device limits (MEN-7760) (5466c62) by @alfrunes
Delta generation job details view API support (MEN-8289) (00fb186) by @merlin-northern
Implemented content type checker middleware for gin framework (MEN-8327) (9016554) by @bahaa-ghazal
Gin utility for applying middleware to routes (9f5c79c) by @alfrunes
The func does not implement what it is intended to do and instead applies the middleware to all routes in the group.
(gui) Fixed an issue where admin existence sometimes wasn't taken into account on tenant creation (330ac67) by @mzedel
(gui) Fixed an issue that prevented properly paginating deployments (MEN-8212) (a20db14) by @mzedel
(gui) Fixed an issue on tenant creation that prevented some email addresses from becoming tenant admins (ME-470) (20b32f9) by @mzedel
(gui) Fixed an issue that would retain passwords on tenant creation across different admins (a5e2132) by @mzedel
(gui) Fixed layout issue on tenant list + aligned styling with remainder of codebase (cc41aee) by @mzedel
(gui) Fixed an issue propagating password validation errors (d1d8827) by @mzedel
(gui) Ensured errormessages get propagated in forms (b19f8b3) by @mzedel
(gui) Fixed an issue that could hinder pagination in very frequently created deployments (34ca4ea) by @mzedel
(useradm) Added missing permission scope option to allow generating correct types (e956965) by @mzedel
(useradm) Added missing permission information in API specs (1f534d1) by @mzedel
(deployments) Use the read preference in FindOldestActiveDeviceDeployment (10f8b55) by @merlin-northern
(deployments) GET delta/jobs endpoint API docs (MEN-8199) (8bec3b5) by @merlin-northern
(deviceauth) Enhance description of the /devices/count endpoint (MEN-8255) (c9e3633) by @kjaskiewiczz
(deployments) Get the list of delta generation jobs (MEN-8199) (a0ed3b0) by @merlin-northern
(gui) Made subtenant creation a bit more comfortable in case of errors (ME-469) (e01171f) by @mzedel
(gui) Added more user visible context on tenant creation failures (c027064) by @mzedel
(gui) Made login form less reactive when entering login info (MEN-8221) (00b4d7b) by @mzedel
(gui) Added sentry integration (0fe2ad0) by @mzedel
(gui) Enhanced debugging info to help track down user issues (c559467) by @mzedel
(gui) Allowed enabling fine grained state debug information to be sent (298059d) by @mzedel
(gui) Split signup in separate forms to ease handling validation mode differences (620592b) by @mzedel
(gui) Rely on externally gzipping build files to use sourcemaps in sentry (24bdd2f) by @mzedel
(deployment) Ignore false errors when deleting data that does not exist (MEN-8213) (532d95a) by @bahaa-ghazal
(gui) Removed border on active tab in left nav bar (MEN-8113) (a5d5df4) by @mineralsfree
(gui) Fixed time filter in past deployments (MEN-7989) (25cdee0) by @mineralsfree
(gui) Fixed location not being changed on device status filter change (MEN-8118) (36eb469) by @mineralsfree
(gui) Restored rspack to license generator compatible version (1280dc7) by @mzedel
(gui) Fixed default roles being shown before loading ones from backend (MEN-8095) (d934020) by @mineralsfree
(gui) Fixed an issue that would prevent new signups from using the onboarding (fbaa329) by @mzedel
(gui) Default to eu in eu.hosted domain during signup (MEN-7925) (0512d24) by @mineralsfree
(gui) Fixed webhook configuration checks by subscription (6b5989d) by @mzedel
(gui) Ensured form validation is applied during validation phase only (b6b870c) by @mzedel
(gui) Fixed permission extension issue in roles form (MEN-8108) (0a41d0d) by @mineralsfree
(gui) Fixed an issue that prevented phased deployments when reusing phase definitions (MEN-8192) (f9b735f) by @mzedel
(gui) Fixed an issue that could clear search queries (c308b2b) by @mzedel
(gui) Provide more context on failed 2fa enabled login (dfcb767) by @mzedel
(gui) Fixed an issue that would prevent some info messages from showing (e1277bd) by @mzedel
(gui) Restored group creation notification (3bdb3f3) by @mzedel
(iot-manager) Do not store events if there are no integrations (MEN-7868) (0c0ee9d) by @merlin-northern
(iot-manager) Creating new integration creates a new ID (MEN-7801) (c52491e) by @merlin-northern
(tenantadm) Emit structured logs on request panic (6c67dc3) by @alfrunes
The former request middleware handling Go panics would emit the panic
stack trace in an unstructured format. This commit lets the accesslog
handle it and emit it in the trace log context key.
(tenantadm) Waiting for workflow does not abort immediately when it is not yet scheduled (MEN-8165) (6dc0790) by @bahaa-ghazal
Race when provisioning and connecting a device (MEN-8164) (eae5bf2) by @alfrunes
If a device gets provisioned and submits a connection request while the device is getting provisioned, the device might end up in an inconsistent state where the connection status gets overwritten to "unknown". The issue was discovered in a test where the system was under load and the device was running on the same network (artificially low RTT).
Prevent demoting a service provider with children (MEN-7841) (b342ada) by @bahaa-ghazal
Clear auditlogs when promoting a tenant to SP
(MEN-7787) (5ab72dc) by @bahaa-ghazal
Stop deviceconnect's /connect endpoints from sending ping
(MEN-8061) (79a32a6) by @bahaa-ghazal
Generate delta worker aborting before artifact upload completes (MEN-8177) (4901878) by @alfrunes
The artifact generator aborts uploading an artifact prematurely once either of the input files are processed and returns exit code 0. This results in a very confusing error where the API reports a successfully generated artifact, but the artifact is never fully uploaded and available through the APIs.
Generate delta worker for custom S3 bucket (MEN-8202) (0ac2923) by @alfrunes
Skip IoT Core/IoT Hub integration if device is not yet provisioned (MEN-8230) (eeffe42) by @alfrunes
If a device has not previously been provisioned, it is not part of the integration and should be excluded from the sync.
(gui) Added year to timeframe picker (MEN-8136) (48a5e98) by @mineralsfree
(gui) Changed login form to a more stepwise approach in order to reduce confusion (MEN-7761) (543bf7a) by @mzedel
(gui) Made password forgotten flow more informative to reduce confusion (MEN-7761) (ed81bc6) by @mzedel
(iot-manager) Allowed disabling address verification during webhook configuration (e05997c) by @mzedel
(iot-manager) Added integration_id query parameter to API for getting events (MEN-7801) (bc0dae3) by @merlin-northern
Allows to:
Accept null to unset suspend and trial expiration date
(MEN-7727) (13046eb) by @bahaa-ghazal
(gui) Let read-only user no longer think they could act on selected releases (MEN-8110) (dd710a7) by @mzedel
also aligned component label + usage with reality
(gui) Fixed pagination for pending deployments (MEN-8140) (c3f406b) by @mzedel
(gui) Prevented a situation where one release upload could prevent another (MEN-8125) (84b24ec) by @mzedel
(gui) Made rbac limitations visible in release tagging too (c706020) by @mzedel
(gui) Ensured release tag creation is waited for before changing UI (MEN-8078) (9b0c722) by @mzedel
(gui) Fixed an issue with editing credit card when no billing address was provided (MEN-8154) (0fd9658) by @mineralsfree
(deployments) Fix spelling (f2a8379) by @vbpieter
Add missing breaking changes to enterprise changelog (794bd4d) by @alfrunes
Add missing breaking changes to changelog (799f42d) by @alfrunes
(gui) Split release deployment onboarding step in 2 steps (MEN-7882) (3fc2e9a) by @mineralsfree
(gui) Made ui improvements to the deployment onboarding flow (MEN-7882) (35d0f11) by @mineralsfree
(gui) Made onboard action tooltip rely on position of action item (MEN-7882) (dfeb0d6) by @mineralsfree
(gui) Made device issue selection on devices page available for more plans (MEN-8076) (d7d2f97) by @mzedel
(gui) Made device tag confirmation message align with change (3374b93) by @mzedel
(gui) Unified dialog backdrop and esc closing behaviour (MEN-7998) (8b78680) by @mineralsfree
Implementing internal Tenantadm api to remove parent reference from tenant
(MEN-8097) (63ac8bd) by @bahaa-ghazal
(gui) Fixed date parsing & formatting issues after dayjs migation (95dd540) by @mzedel
(gui) Fixed an issue that would prevent showing phased deployments (1e73ba7) by @mzedel
Fix(gui): ensured deployment phase information stays inside its boundaries (MEN-7995) (87fe82d) by @mzedel
Fix(gui): fixed an issue that prevented upload progress from being shown aligning upload progress tracking with updated payload structure after rtk migration (MEN-8074) (1b715c8) by @mzedel
(gui) Made user list tracking rely only on backend data instead of local store to prevent duplicate users listed (MEN-8049) (7d1b060) by @mzedel
(gui) Fixed an issue that would cause the ui to crash when creating phased deployments (9827ba9) by @mzedel
(gui) Fixed remaining device percentage not being displayed correctly on phased deployment creation (5600913) by @mzedel
Update outdated api endpoints in the inventory service
(MEN-7017) (73c7149) by @bahaa-ghazal
Limiting the size of metadata when uploading and generating artifacts (MEN-7166) (9e80728) by @bahaa-ghazal
(deployments) Clarifications for the GET /deployments version 2 endpoint. (MEN-8053) (0231b1b) by @merlin-northern
(inventory) Describe inventory webhook events. (MEN-8041) (66df3f5) by @merlin-northern
(gui) Clarified user creation capabilities for non-enterprise users (MEN-7883) (d2fd192) by @mzedel
(gui) Added automatic refresh to get webhook events (MEN-8045) (502e06a) by @mzedel
(gui) Ensured target directory is nonempty on artifact generation (MEN-8010) (5616722) by @mzedel
(gui) Fixed an issue that could prevent listing devices with their custom identity in a deployment report (f1fcf26) by @mzedel
(gui) Fixed an issue that would prevent navigating to devices from a software distribution chart (MEN-8038) (6516986) by @mzedel
(useradm) Resolve user ID to email on AssignUserToTenants. (MEN-8004) (b7229df) by @merlin-northern
Grant Read role premission to download audit log
(MEN-7869) (0aee905) by @bahaa-ghazal
(make) Add enterprise version build id (d115b84) by @alfrunes
Updates the linked version symbol to contain a suffix +enterprise.
(gui) Aligned webhook details behaviour w/ rest of UI (MEN-7955) (7860b5b) by @mzedel
(gui) Prevented sso config retrieval on plans that don't support this (fe6da5d) by @mzedel
(gui) Fixed an issue that would prevent deleting & tagging releases in the release overview (MEN-7960) (16b2628) by @mzedel
(gui) Let on-prem installations refer to the docs to prevent server-url misconfiguration following monorepo transition (MEN-7948) (e0dae51) by @mzedel
(gui) Fixed end date filters out today's entries in the Audit log, Deployments and Devices (3ee84f2) by @aleksandrychev
(iot-manager) Filter integrations by event scope (MEN-7956) (08f062d) by @kjaskiewiczz
Decommission and provision device events and device status change event should be sent to integrations containing deviceauth scope.
(tenantadm) It should not be possible to make tenant without device limit a Service Provider tenant (MEN-7954) (f144db6) by @kjaskiewiczz
Deviceauth healthcheck panics malformed inventory address (70d493a) by @alfrunes
Use internal URLs for storage backend when generating artifacts (MEN-7939) (3d72d5e) by @alfrunes
storage.proxy_uri and
aws.external_url configuration values and instead access the API using
the same URL as deployments service.When generating artifacts, the backend will use the direct access URL
instead of rewriting the URL using the configured storage.proxy_uri or
aws.external_url.
Use internal URLs for storage backend when generating delta artifacts (MEN-7939) (29eed8a) by @alfrunes
storage.proxy_uri
and aws.external_url configuration values and instead access the API
using the same URL as deployments service.When generating delta artifacts, the backend will use the direct access
URLs instead of rewriting the URL using the configured
storage.proxy_uri or aws.external_url.
Deployment device count should not exceed max devices (MEN-7847) (15e5fee) by @alfrunes
Added a condition to skip deployments when the device count reaches max devices.
Segmentation fault for create-org CLI timeouts
(6054f85) by @alfrunes
If the service times out waiting for a workflows to complete, the app can incorrectly return no error and a nil tenant object. This commit simplifies the polling loop and ensures that en error is always returned after timeouts.
Align the tenantadm API with the documentation (MEN-7986) (57a538c) by @alfrunes
The v1 APIs are retrieving undocumented attributes from other backend services (deployments and deviceauth). As a side effect, the internal user authentication middleware is fetching this data on every request to the management APIs only to discard the information.
(gui) Added feedback on file size limits to artifact upload dialog (MEN-7858) (d612334) by @mzedel
(gui) Aligned text input appearance with MUI updated guidelines (MEN-7838) (e5d5672) by @mzedel
Only count tenants when required (55e953b) by @alfrunes
In most instances the tenant count is discarded.
© 2025 Northern.tech AS