diff --git a/CHANGELOG.md b/CHANGELOG.md index cb46e9d..2e1de7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,27 +6,38 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and this --- -## [2.0.0] — 2026-05-19 +## [2.0.0] — 2026-05-26 ### Breaking Changes - **PostgreSQL migration** — database engine switched from SQLite to PostgreSQL. Requires running `deploy-postgres.sh`, data migration, and `DATABASE_URL` env var. SQLite is no longer supported. - **Multi-BU tenancy** — data is now scoped per business unit with per-user team assignments. Replaces the previous binary scope toggle. +- **Raw Jira status display** — removed Open/In Progress/Closed status mapping; shows the actual Jira status field everywhere. ### Features -- **In-app notification system** — replaces Webex bot integration with native notifications -- **Screenshot uploads** in feedback modal, Webex bot DM on issue close +- **Jira integration overhaul** + - Flexible Jira ticket creation — CVE/Vendor fields optional, source context tracking + - Multi-item Jira ticket creation from Ivanti Queue (consolidation modal) + - Issue type dropdown and Save to Dashboard from Jira lookup + - Success toast after consolidated ticket creation + - Improved Jira lookup error messages - **CCP Metrics page** — multi-vertical VCL upload and cross-org compliance reporting + - Metric-first hierarchy restructure with Jira cross-project sync + - Per-metric forecast burndown chart + - Aggregated burndown forecast on overview page + - Sub-team drill-down with intermediate view and per-team breakdowns + - Non-Compliant stat clickable with metric breakdown buttons + - Compliant/total counts on metric summary cards + - Per-metric remediation plans + - VCL metric calculations guide +- **Exports page** — Jira Tickets, CCP Metrics, and Remediation Status export cards - **VCL compliance reporting** — exec report page, device metadata fields, bulk upload -- **Aggregated burndown forecast** on CCP Metrics overview page -- **Sub-team drill-down** — metric sub-team intermediate view with per-team breakdowns -- **Metric breakdown panel** — Non-Compliant stat clickable, reveals metric breakdown buttons, compact grid with top 8 and show-all toggle -- **Remediation plan and resolution date history tracking** - **Data management panel** — delete vertical, rollback upload, and reset all -- **VCL vertical metadata** — inline-editable team fields on compliance routes -- **Re-queue findings** from rejected FP submissions +- **In-app notification system** — replaces Webex bot integration with native notifications +- **Remediation plan and resolution date history tracking** - **FP submissions cleanup** — auto-clear approved, dismiss rejected, collapsible section +- **Re-queue findings** from rejected FP submissions - **DECOM workflow type** — auto-note/hide on decom, show CVEs on CARD queue items - **Interactive configuration wizard** for deployment setup - **Unified setup script** (`configure.js`) merging deploy + config wizard @@ -34,12 +45,23 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and this - **Multi-select BU picker** replacing binary scope toggle - **Configurable IVANTI_MANAGED_BUS** env var for multi-tenant drift classification - **Pipeline-to-issue traceability** via `after_script` comments in CI/CD -- **CI/CD pipeline** with feedback modal, Atlas `qualys_id` fallback, and health endpoint +- **CI/CD pipeline** with health endpoint and automated deploy stages - **Docker Compose** and `deploy-postgres.sh` for production cutover - **Systemd service scripts** for start/stop management +- **VCL vertical metadata** — inline-editable team fields on compliance routes ### Bug Fixes +- Fix Clear Completed button failing on queue items with Jira ticket links (FK violation) +- Fix status badge background making text invisible +- Fix calendar SLA dates not highlighting after Postgres migration +- Fix document View link using localhost instead of relative URL +- Validate library doc file types before sending to Ivanti API +- Improve FP workflow error messages — include Ivanti API response body +- Fix forecast chart bar order and snapshot month derivation +- Fix forecast deduplication for multi-vertical metrics +- Fix CCP Metrics page crash for non-Admin users +- Fix CCP Metrics crash when donut chart has zero non-compliant devices - Fix duplicate failing metrics on same asset across compliance endpoints - Fix duplicate chart entries on compliance page when multiple verticals share a report_date - Fix requeue inserting Postgres array literal instead of JSON into `cves_json` @@ -51,21 +73,21 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and this - Fix requeue: fallback to `finding_ids_json` when queue items are deleted or absent - Sync FP submission `lifecycle_status` from Ivanti `currentState` on fetch - Fix History tab crash: coerce Ivanti note fields to strings before rendering -- Fix archive bar chart: `fmtDate` now handles ISO datetime strings from PostgreSQL date columns -- Fix Ivanti panel bugs: Invalid Date, wrong workflow count, crash on archive click, BU scope filtering +- Fix archive bar chart: `fmtDate` now handles ISO datetime strings from PostgreSQL +- Fix Ivanti panel bugs: Invalid Date, wrong workflow count, crash on archive click - Fix BU drift checker: derive `EXPECTED_BUS` from `IVANTI_BU_FILTER` env var - Fix null `bu_teams` in postgres migration, add retry logic to deploy script - Fix missing `created_by` column in `archer_tickets` table - Fix FP workflow counts donut scoped by BU - Fix `dotenv` loading in `db.js` so `DATABASE_URL` is available on import -- Fix property test CI failure: mock db module before importing route ### Maintenance - Track `package-lock.json` files for deterministic CI installs -- Remove unused icon imports and unused imports to satisfy ESLint thresholds +- Remove unused imports to satisfy ESLint thresholds - CI pipeline fixes: dependency installation, lint thresholds, test isolation - Auto-run migrations in pipeline +- Strengthen migration registration hook - Documentation updates for PostgreSQL migration, systemd scripts, and reference manual ---