Release #1717
Merged
Release #1717
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Copy over `keeper-dag` and `discovery-common` to allow GraphSync to use protobuf and "new" PAM endpoint.
* PEDM ARAM: replace status numbers with text * Added `--node` flag in `action-report` command * Support to ensure and update config file permissions * Added support for setting default working directory * Added enhanced pattern matching and regex based filtering support to audit-report command * Hostname matching for SSH connection (#1651) * Add hostname matching for SSH connection * Resolve comments and code refactor * PEDM audit report: decrypt users and applications * Refactor API key management to use integrations instead of roles - Updated command-line arguments and help text to replace 'roles' with 'integrations'. - Modified API key generation and revocation commands to handle integrations. - Adjusted output formatting and test cases to reflect changes in integration handling. - Updated protocol buffer definitions to include integration requests. * Fix keeper login-status warning in python3.14+ * Added support to skip shared folders and it's records from delete-all execution * Refresh enterprise enforcement list * Commander | kc-981-one-time-share-enhancements Summary: - Enhanced one-time share functionality to support flexible expiration options for user onboarding - Implemented comprehensive email service supporting multiple providers (SMTP, SendGrid, AWS SES, Gmail OAuth, Microsoft OAuth) - Made --self-destruct optional when using --send-email in record-add and PAM rotation commands - Auto-creates 24-hour multi-use share links when --send-email is used without --self-destruct - With --self-destruct: creates single-use link that expires on first access or after duration - Without --self-destruct: creates time-based expiration link that can be accessed multiple times - Added email-config commands to manage email provider configurations stored as records - Built HTML email template system with customizable onboarding messages - Made email provider dependencies optional with provider-specific pip extras - Added early validation to fail fast with helpful error messages when dependencies are missing - All email providers work via pip extras; binary distributions include all providers when built with 'pip install .[email]' * Revert "Merge branch 'release' of https://github.com/Keeper-Security/Commander into release" This reverts commit c584651, reversing changes made to 35c9cf0. * Refactor API key management to enhance integration handling - Replaced 'roles' with 'integrations' in command-line arguments and help text. - Updated API key generation and revocation commands to utilize integrations. - Adjusted output formatting in the API key list to reflect integration details. - Enhanced unit tests to validate integration functionality and output consistency. - Updated protocol buffer definitions to support integration requests. * Commander | KC-981_email-share-feature Summary: - Enhanced one-time share functionality to support flexible expiration options for user onboarding - Implemented comprehensive email service supporting multiple providers (SMTP, SendGrid, AWS SES, Gmail OAuth, Microsoft OAuth) - Made --self-destruct optional when using --send-email in record-add and PAM rotation commands - Auto-creates 24-hour multi-use share links when --send-email is used without --self-destruct - With --self-destruct: creates single-use link that expires on first access or after duration - Without --self-destruct: creates time-based expiration link that can be accessed multiple times - Added email-config commands to manage email provider configurations stored as records - Built HTML email template system with customizable onboarding messages - Made email provider dependencies optional with provider-specific pip extras - Added early validation to fail fast with helpful error messages when dependencies are missing - All email providers work via pip extras; binary distributions include all providers when built with 'pip install .[email]' * Removed get_controller_cookie functionality * Restore missing changes * Support to ensure and update config file permissions * Added support for setting default working directory * Added enhanced pattern matching and regex based filtering support to audit-report command * Added support to skip shared folders and it's records from delete-all execution * Updated audit-report pattern filter implementation * Restore SSH and login fixes * Hostname matching for SSH connection (#1651) * Add hostname matching for SSH connection * Resolve comments and code refactor * Fix keeper login-status warning in python3.14+ * KC-990 Fix status code in Service Mode (#1671) * fix status code for unrecognized status code * Fix the status code * Enterprise security serializers for release branch (#1674). KC-982 * Release v17.1.15 * KC-648: Support to show all relevant data using --limit flag (#1683) * Commander | kc-1007-credprovision (#1684) Implements KC-1007: Automated credential provisioning for PAM Users Features: - YAML-based configuration for bulk user provisioning - Automatic PAM User record creation with password rotation - Email notifications with one-time share URLs - Dry-run mode for testing configurations * Add dedicated WebSocket architecture, and enhanced tunnel stop commands * KC-982 Risk management id mapping (#1681) KC-982 Risk management id mapping * PEDM audit report: decrypt users and applications * 'pedm apptoval view' command is added * Added PAMSetMaxInstancesCommand * Added pool displaying support for the pam gateway list command * Update pam.proto --------- Co-authored-by: Sergey Kolupaev <skolupaev@keepersecurity.com> Co-authored-by: pvagare-ks <pvagare@keepersecurity.com> Co-authored-by: sdubey-ks <sdubey@keepersecurity.com> Co-authored-by: amangalampalli-ks <amangalampalli@keepersecurity.com> Co-authored-by: Joao Paulo Oliveira Santos (JP) <jsantos@keepersecurity.com> Co-authored-by: tbjones-ks <tjones@keepersecurity.com> Co-authored-by: Sergey Kolupaev <sergey@keepersecurity.com> Co-authored-by: Micah Roberts <mroberts@keepersecurity.com> Co-authored-by: rvasilyev-blip <rvasilyev@keepersecurity.com>
maksimu
approved these changes
Dec 13, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.