melindafekete
7f3e0d0eb9
remove unnecessary slugs
2025-11-24 18:08:35 +01:00
melindafekete
59e9fb0ea0
Merge branch 'main' into docs/audit-urls
2025-11-24 17:36:30 +01:00
melindafekete
bf8110c49b
update language-specific guides
2025-11-24 17:34:10 +01:00
Thomas Heartman
712cecf38d
feat: allow 'instanceInfo' to be added to the version checker hook ( #11018 )
...
Allows the `checkLatestVersion` function in the `VersionService` to
accept an optional `instanceInfo` parameter. If provided, and if the
promise returns a value that is truthy, then it will add `instanceInfo`
to the versionPayload.
The license key may not contain a plan or a customer name, and while it
definitely won't contain a client id, it has been requested that we
report `self-hosted` as the client ID (will be handled in enterprise).
Adding a second, optional parameter seemed to be the most backwards
compatible way of doing this rather than changing the established method
/ callback types.
2025-11-24 15:52:59 +01:00
melindafekete
8283443523
Move use case guides
2025-11-24 15:16:41 +01:00
melindafekete
528f31f886
update get started
2025-11-24 14:12:50 +01:00
Mateusz Kwasniewski
bbad97a9e4
fix: prevent duplicate lifecycle timing ( #11017 )
2025-11-24 12:43:14 +01:00
Nuno Góis
e455426b3c
chore: use license address instead of sales ( #11016 )
...
https://linear.app/unleash/issue/2-4042/use-licensegetunleashio-instead-of-salesgetunleashio
Prefer `license@getunleash.io` over `sales@getunleash.io` for reach
outs.
2025-11-24 11:39:06 +00:00
melindafekete
3b8e72bd3b
Update contributing and support
2025-11-24 12:31:09 +01:00
melindafekete
d43c620a3a
Remove unused images
2025-11-24 11:47:43 +01:00
melindafekete
9edf35dd57
Move privary and compliance pages
2025-11-24 11:21:43 +01:00
Jaanus Sellin
123ca034ee
feat: split milestone paused with progression paused ( #11015 )
2025-11-24 12:15:31 +02:00
melindafekete
49e19f22d6
Merge branch 'main' into docs/audit-urls
2025-11-24 10:33:22 +01:00
Jaanus Sellin
d6af401dd2
feat: remove milestone progression adding when paused ( #11012 )
2025-11-24 11:01:38 +02:00
Mateusz Kwasniewski
97a20b0929
refactor: simplify safeguard form management ( #11013 )
2025-11-21 16:00:45 +01:00
Mateusz Kwasniewski
63e969821c
feat: safeguard border dynamic line ( #11011 )
2025-11-21 11:39:22 +01:00
Gastón Fournier
e977689571
fix: invalid metrics should not crash ( #11010 )
...
## About the changes
Properly awaits all submitted promises, preventing the node's main
process from seeing rejected & unawaited promises.
What's going on?
- The bulk metrics handler pushes `registerBackendClient` promises into
promises.
- The next step (`clientMetricsEnvBulkSchema.validateAsync`) throws for
invalid metrics (e.g., `appName: null`), so we jump to catch and return
400.
- Because the code never reaches `Promise.all(...)`, the previously
spawned promises are never awaited. Node later detects the rejected
`registerBackendClient` promise as an **unhandled rejection** and
crashes the process. If that promise hadn’t been rejected, there’d be no
crash, but with invalid input, it does reject.
- **Fix:** always await the spawned tasks (using `Promise.allSettled`)
so every rejection is observed, even when validation later throws.
2025-11-21 10:27:00 +01:00
Nuno Góis
3bca150cd8
chore: show connected edges for pro customers ( #11009 )
...
https://linear.app/unleash/issue/2-4040/show-connected-edges-for-pro-customers
Show connected Edges for Pro customers.
This was previously filtered to Enterprise only instances.
2025-11-20 17:38:08 +00:00
Mateusz Kwasniewski
87e901256b
feat: safeguard UI tweaks ( #11008 )
2025-11-20 16:47:51 +01:00
Melinda Fekete
302c6a3e54
docs: impact metrics ( #11001 )
2025-11-20 15:42:55 +01:00
Thomas Heartman
c29983d810
fix: handle invalid permissions in role creation ( #11003 )
...
The `create` and `update` role methods used to blindly accept any
incoming permissions, but if the permissions don't exist in the
database, then the database would throw, yielding a 500 error to the
user.
To fix this, we can validate that all the permissions exist before we
try to add the incoming permissions.
The http error only manifests in enterprise, but the fix requires
modifying the access service. Therefore, I've added the tests to the
access service too, such that if you break something, then you don't
need to wait for it to propagate to enterprise.
---------
Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2025-11-20 12:32:49 +00:00
Mateusz Kwasniewski
636a964cca
feat: improve safeguard form styling ( #11007 )
2025-11-20 13:03:09 +01:00
Jaanus Sellin
9ac45511b7
feat: now safeguard impact metrics are not editable or deletable ( #11006 )
2025-11-20 13:22:57 +02:00
David Leek
93ea192f8c
feat: frontend for pkce ( #11005 )
2025-11-20 10:59:48 +01:00
melindafekete
d29f3b3d6b
update deploy, how-to, and single sign-on
2025-11-19 18:21:10 +01:00
Mateusz Kwasniewski
4890b16b49
feat: improve safeguard threshold field ( #11004 )
2025-11-19 17:13:03 +01:00
melindafekete
9a99e2e445
Move how-to guides to guides
2025-11-19 16:09:53 +01:00
Jaanus Sellin
415978d965
feat: extend milestone status ( #11000 )
2025-11-19 16:19:53 +02:00
Mateusz Kwasniewski
00166f4875
refactor: milestone progression methods ( #11002 )
2025-11-19 14:57:53 +01:00
Mateusz Kwasniewski
7ea14b8d22
feat: resume milestone progressions ( #10999 )
2025-11-19 12:47:47 +01:00
Nuno Góis
416bd27859
chore: show hosting in connected edges ( #10995 )
...
https://linear.app/unleash/issue/2-4037/show-hosting-in-connected-edges-edge-observability
Show "hosting" in Connected Edges.
This can be one of:
- Cloud
- Self-hosted
- Unknown
<img width="326" height="691" alt="image"
src="https://github.com/user-attachments/assets/baba1fbb-6f22-46f5-8271-4f4a0c3fcc8a "
/>
2025-11-19 10:41:46 +00:00
Jaanus Sellin
35680f87eb
feat: hide milestone progression on paused state ( #10998 )
2025-11-19 12:41:18 +02:00
Mateusz Kwasniewski
d3981baf2c
fix: handle no app name impact metric ( #10997 )
2025-11-19 09:50:56 +01:00
Jaanus Sellin
ccbf375a13
feat: add safeguard events ( #10994 )
2025-11-19 10:10:44 +02:00
melindafekete
de3a18235a
Fix link in footer, add redirects
2025-11-18 16:07:44 +01:00
melindafekete
a40b97d068
Rename topics
2025-11-18 15:25:43 +01:00
melindafekete
67b4508cb1
Merge main
2025-11-18 14:30:38 +01:00
Mateusz Kwasniewski
b2eaff670c
feat: delete safeguard confirmation ( #10993 )
2025-11-17 16:47:04 +01:00
Mateusz Kwasniewski
29de419e20
refactor: delete safeguard api update ( #10992 )
2025-11-17 15:53:34 +01:00
Mateusz Kwasniewski
778328aa98
feat: release plan automations paused alert ( #10991 )
2025-11-17 15:39:05 +01:00
Nuno Góis
f06eabf7e6
chore: export default metrics register ( #10989 )
...
https://linear.app/unleash/issue/2-4035/avoid-prom-client-dependency-in-enterprise-cloud
This exports the default metrics register so consumers can tap into it
if needed.
2025-11-17 13:40:13 +00:00
David Leek
7fdc0df9f2
fix(frontend): use extendedUsageMetrics flag in metrics UI ( #10987 )
2025-11-17 13:32:45 +01:00
renovate[bot]
84e47c6d8f
chore(deps): update dependency js-yaml to v4.1.1 [security] ( #10986 )
...
This PR contains the following updates:
| Package | Change | Age | Confidence |
|---|---|---|---|
| [js-yaml](https://redirect.github.com/nodeca/js-yaml ) | [`4.1.0` ->
`4.1.1`](https://renovatebot.com/diffs/npm/js-yaml/4.1.0/4.1.1 ) |
[](https://docs.renovatebot.com/merge-confidence/ )
|
[](https://docs.renovatebot.com/merge-confidence/ )
|
### GitHub Vulnerability Alerts
####
[CVE-2025-64718](https://redirect.github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m )
### Impact
In js-yaml 4.1.0 and below, it's possible for an attacker to modify the
prototype of the result of a parsed yaml document via prototype
pollution (`__proto__`). All users who parse untrusted yaml documents
may be impacted.
### Patches
Problem is patched in js-yaml 4.1.1.
### Workarounds
You can protect against this kind of attack on the server by using `node
--disable-proto=delete` or `deno` (in Deno, pollution protection is on
by default).
### References
https://cheatsheetseries.owasp.org/cheatsheets/Prototype_Pollution_Prevention_Cheat_Sheet.html
---
### Release Notes
<details>
<summary>nodeca/js-yaml (js-yaml)</summary>
###
[`v4.1.1`](https://redirect.github.com/nodeca/js-yaml/blob/HEAD/CHANGELOG.md#411---2025-11-12 )
[Compare
Source](https://redirect.github.com/nodeca/js-yaml/compare/4.1.0...4.1.1 )
##### Security
- Fix prototype pollution issue in yaml merge (<<) operator.
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone Europe/Madrid,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/ ).
View the [repository job
log](https://developer.mend.io/github/Unleash/unleash ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNzMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE3My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-11-15 10:51:07 +00:00
Melinda Fekete
54a68f63f1
docs: add auto-generated MCP docs ( #10984 )
2025-11-14 16:47:13 +01:00
Jaanus Sellin
218f0fcdef
feat: add paused state to release plan milestone progression ( #10983 )
2025-11-14 16:18:15 +02:00
Jaanus Sellin
ca61906e3c
chore: generate orval ( #10980 )
2025-11-14 13:50:31 +02:00
Jaanus Sellin
8c6efeb48d
chore: fix safeguards schema ( #10982 )
2025-11-14 13:30:35 +02:00
Nuno Góis
3c392510f1
chore: unique project names validation on creation ( #10970 )
...
https://linear.app/unleash/issue/2-4024/we-should-validate-that-new-project-names-are-unique-ui-only
Validates that new project names must be unique.
Covers both:
- Creating a new project
- Editing an existing project
---------
Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2025-11-14 11:29:06 +00:00
Jaanus Sellin
ba25d7ada9
chore: fix transitionCondition ( #10981 )
2025-11-14 13:01:13 +02:00
Jaanus Sellin
25c4f6fa3b
chore: update schema to match reality ( #10979 )
2025-11-14 09:11:22 +00:00
