version latest by KelvinTegelaar · Pull Request #2016 · KelvinTegelaar/CIPP-API

KelvinTegelaar · 2026-04-24T15:13:17Z

No description provided.

commit 9059e14 Merge: ba53083 c39d061 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 11:36:42 2026 +0000 Merge pull request #74 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit c39d061 Merge: 1606bf1 c9ca4f0 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:09:04 2026 +0200 Fix: Add support for group assigned admin roles to 'disable exo' standard (KelvinTegelaar#2024) Adds group lookup when checking for user accounts that are assigned admin roles. commit 1606bf1 Merge: 4727715 10ddece Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:08:11 2026 +0200 feat: enrich Intune policy setting details (KelvinTegelaar#2031) - Add optional Settings Catalog definition enrichment to the Intune policy details endpoint. - Fetch setting definitions in Graph batch requests so the frontend can show Microsoft descriptions without bloating list responses. - frontend PR: KelvinTegelaar/CIPP#5936 commit 10ddece Merge: d15734d 4727715 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:08:04 2026 +0200 Merge branch 'dev' into settings-tooltips commit 4727715 Merge: 8bbefe1 307db51 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:07:13 2026 +0200 feat: show full MDE connector details (KelvinTegelaar#2026) ## Summary - Cache writer and live endpoint now return the full `mobileThreatDefenseConnectors` Graph object instead of only `partnerState`. - Failed Graph calls still write a `partnerState=unavailable` row so AllTenants keeps the tenant. > Frontend counterpart: KelvinTegelaar/CIPP#5929. commit 8bbefe1 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 17:31:25 2026 +0800 Update version_latest.txt commit 3fc9675 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:57:19 2026 +0800 tweaks for webhook table lookups commit 70642a2 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:09:14 2026 +0800 Surface errors correctly for secret reset commit ba53083 Merge: 0154ca2 d9f630e Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 05:36:30 2026 +0000 Merge pull request #72 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit d9f630e Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:52:34 2026 +0800 offset some activities to help spread the load commit d6e0c01 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:41:10 2026 +0800 tweak ninja sync interval commit 66e7da5 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:09:05 2026 +0800 Bring in tenant deviations into calculation and expose confirmed deviations commit 0154ca2 Merge: 2151844 2161569 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 23:36:36 2026 +0000 Merge pull request #71 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit d15734d Merge: 2161569 0e3413c Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 23:46:07 2026 +0200 Merge branch 'settings-tooltips' of https://github.com/kris6673/CIPP-API into settings-tooltips commit 2161569 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:31:19 2026 -0400 chore: bump version to 10.4.2 commit e2f71c2 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:30:26 2026 -0400 fix: group types in edit user commit 0e3413c Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 23:22:32 2026 +0200 feat: enrich Intune policy setting details commit 3ff08f0 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 22:53:09 2026 +0200 feat: update intuneCollection with new properties commit 658acea Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 16:21:35 2026 -0400 fix: add caching to sharepoint/onedrive site listings commit 8c0ca04 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 14:16:43 2026 -0400 fix: disable transitive failures error logging for now commit 2151844 Merge: f5f0939 ae39bce Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 17:36:37 2026 +0000 Merge pull request #69 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit ae39bce Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 12:02:54 2026 -0400 fix: version locations commit 217416d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:55:19 2026 +0800 add back to root :( commit 7b61a9d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:41:42 2026 +0800 Fix standard to only apply to users and shared accounts if enabled, else shared only commit f896701 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:38:40 2026 +0800 Ensure only HTML fragments are generated commit a1bed60 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:27:59 2026 +0800 Clear drift remediation tasks if reoccurring ones were created commit 7687325 Merge: 33ee646 f652a1a Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 15:33:43 2026 +0200 fix: correct version_latest.txt path in remote API version check (KelvinTegelaar#2029) The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit f652a1a Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 28 08:29:20 2026 -0500 fix: correct version_latest.txt path in remote API version check The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit 33ee646 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 20:08:25 2026 +0800 typo commit f5f0939 Merge: e97acf1 4c70122 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 11:36:36 2026 +0000 Merge pull request #68 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 4c70122 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:46 2026 +0800 Don't use cache for app permissions, causes issues if stale or missing commit f5ecbb0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:05 2026 +0800 Fix GDAP requests to use more than 300 results commit ea6cc64 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:34:21 2026 +0800 Handle midterm license changes and enrich response to contain started date commit 61b172b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:05:51 2026 +0800 Update CippEntrypoints.psm1 commit e7a9d88 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:55:41 2026 +0800 Add SP/Exchange standards Three new standards: Invoke-CIPPStandardDisableEWS (disable Exchange Web Services org-wide), Invoke-CIPPStandardSPDisableCustomScripts (disable custom scripts on SharePoint/OneDrive), and Invoke-CIPPStandardSPDisableStoreAccess (disable SharePoint Store access). commit 7b17a58 Merge: dd73a6f e30eaa5 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 10:45:43 2026 +0200 fix: Update docs links that 404 (KelvinTegelaar#2025) Resolves KelvinTegelaar/CIPP#5917 commit dd73a6f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:37:29 2026 +0800 fix standards logging issues commit e97acf1 Merge: e8f2431 4255573 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 05:36:31 2026 +0000 Merge pull request #67 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 4255573 Merge: 1141713 12d93fe Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:14 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 1141713 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:12 2026 +0800 Add Add-CIPPTestResult as an allowed custom test command commit e8f2431 Merge: 8feb8eb 12d93fe Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Apr 27 23:36:31 2026 +0000 Merge pull request #66 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 12d93fe Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 16:47:49 2026 -0400 refactor: enhance IP validation and result handling in Invoke-ExecApiClient Co-authored-by: Copilot <copilot@github.com> commit 16d2ff4 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:44:06 2026 -0400 fix: correct path to version_latest.txt in version.json creation step commit 25a06e3 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:40:34 2026 -0400 fix: update restricted tables for superadmin backup restoration commit 8feb8eb Merge: 6052f9f 9b24f33 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Apr 27 17:36:36 2026 +0000 Merge pull request #65 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 9b24f33 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 13:25:45 2026 -0400 refactor: Vacation group filter url encoding Co-authored-by: Copilot <copilot@github.com> commit 307db51 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 27 18:21:31 2026 +0200 fix: handle case when no tenants found for MDE report commit 6f4c32c Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 27 18:14:28 2026 +0200 feat(mde-onboarding): cache full connector properties Stores the entire MDE mobileThreatDefenseConnector object (heartbeat, per-platform enable/MAM/block flags, MDE attach, iOS metadata flags) in the reporting DB instead of only partnerState. Live HTTP endpoint mirrors the same shape so cached and live responses are interchangeable. Failed Graph calls still write a partnerState=unavailable row so AllTenants reports retain the tenant. commit e30eaa5 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 27 10:58:05 2026 -0500 fix: Update docs links that 404 commit c9ca4f0 Merge: 1e06116 e07e70b Author: James Tarran <jtarran@techary.com> Date: Mon Apr 27 07:48:04 2026 +0100 Merge branch 'KelvinTegelaar:master' into fix-add-support-for-group-assigned-admin-roles-to-disable-EXO-standard commit 6052f9f Merge: 4afc490 85e3a88 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sun Apr 26 11:36:28 2026 +0000 Merge pull request #64 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 85e3a88 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:08:03 2026 +0800 Update Start-CIPPOrchestrator.ps1 commit 10012b4 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:03:43 2026 +0800 more audit log error handling commit 9ece8de Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:00:01 2026 +0800 harden orc start and audit log error message commit 42e980b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:09:43 2026 +0800 move more files to make root cleaner commit 1249d1b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:02:59 2026 +0800 more shuffles commit 4afc490 Merge: b8b4d6e f796dea Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 23:36:27 2026 +0000 Merge pull request #63 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit f796dea Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 03:14:13 2026 +0800 Token update locking commit b8b4d6e Merge: dc0dc83 07a3bae Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 17:36:28 2026 +0000 Merge pull request #62 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 07a3bae Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 00:58:10 2026 +0800 shuffle commit dc0dc83 Merge: 0bfc8c7 24fcd6b Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 05:36:28 2026 +0000 Merge pull request #61 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 24fcd6b Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 22:02:40 2026 -0400 fix: Fallback to legacy REST when CIPP client missing commit 0bfc8c7 Merge: f874ef3 40cb7fc Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 23:36:35 2026 +0000 Merge pull request #60 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 40cb7fc Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 19:12:03 2026 -0400 chore: Block Az Function app setting cmdlets commit 870b94d Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:44:21 2026 -0400 fix: getversion api role commit 821b92e Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:40:25 2026 -0400 fix: base role permissions commit 0ff7d1e Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:06:42 2026 -0400 Update Invoke-ExecTestRefresh.ps1 commit 956c732 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:59:42 2026 -0400 fix: save test result commit 83cf867 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:43:03 2026 -0400 fix: copilot license checks commit 0e2f601 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:22:12 2026 -0400 feat: Add Invoke-ExecTestRefresh HTTP entrypoint Add a new HTTP entrypoint function Invoke-ExecTestRefresh which reads tenantFilter and testName from the request (query or body), constructs and invokes a corresponding test function (Invoke-CippTest{testName}) from the CIPPTests module, and returns HTTP responses. Includes debug logging of API access, returns 200 with a success message on invocation, 404 if the target test function is missing, and 400 on errors. commit 66596cf Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 15:56:18 2026 -0400 fix: copilot license matching test commit e07e70b Merge: f77ffa6 c2195e4 Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:48:33 2026 -0400 dev to hotfix (KelvinTegelaar#2018) commit c2195e4 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 13:44:36 2026 -0400 fix: dnshealth commit f874ef3 Merge: e152f12 2a361a8 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 17:36:39 2026 +0000 Merge pull request #58 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit f77ffa6 Merge: 61b43b9 2a361a8 Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:05:44 2026 -0400 Dev to hotfix (KelvinTegelaar#2017) commit 2a361a8 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 01:01:05 2026 +0800 hotfix commit b721e0e Merge: e9017f6 07ae216 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:24 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit e9017f6 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:11 2026 +0800 Fixes manual pagination commit 07ae216 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 12:54:10 2026 -0400 fix: update workflow files to include modulebuilder commit 61b43b9 Merge: 56d33cc f57e286 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:13:25 2026 +0200 version latest (KelvinTegelaar#2016) commit 56d33cc Merge: 33d1b99 20f94fc Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:12:53 2026 +0200 Dev to release (KelvinTegelaar#2015) commit f57e286 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:11:59 2026 +0200 version latest commit 20f94fc Merge: 323ecca f0331a0 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:43 2026 -0400 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 323ecca Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:35 2026 -0400 chore: update DNSHealth to 1.1.5 commit f0331a0 Merge: 0ed14fb fff3440 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:05:33 2026 +0200 feat: move ap devices and status page to generic graph request endpoint (KelvinTegelaar#1987) frontend PR: KelvinTegelaar/CIPP#5807 commit 0ed14fb Merge: 28bc747 1ee6169 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:04:00 2026 +0200 fix: multi-tenant support for Scripted CIPP Alerts (KelvinTegelaar#1992) - Add a alert entrypoint `Invoke-AddScriptedAlert.ps1` that handles multi-tenant and tenant group selections for Scripted CIPP Alerts - Expands any tenant groups via `Expand-CIPPTenantGroups` and merges them with individually selected tenants into a target domain list - Resolves KelvinTegelaar/CIPP#5833 commit 28bc747 Merge: 3cabc5e fb38e72 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:03:04 2026 +0200 Fix: alert notification pipeline (KelvinTegelaar#2006) commit 3cabc5e Merge: 0b2f2bd 2e2e721 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:59:11 2026 +0200 feat: Allow custom paths for OneDrive shortcuts (KelvinTegelaar#2010) Enhance the `New-CIPPOneDriveShortCut` function to support custom URLs that point to specific document libraries and subfolders in SharePoint. This update allows users to create shortcuts not just for top-level sites but also for specific libraries and folders. Fixes KelvinTegelaar/CIPP#5892 commit 0b2f2bd Merge: e71eb10 4889191 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:58:51 2026 +0200 Fix log severity levels from 'Warn' to 'Warning' (KelvinTegelaar#2014) Incorrect severity labels placed on logbook entries have been causing them not to send when configured on the Notifications tab commit e71eb10 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:48:31 2026 +0800 Update CIPPTimers.json commit 6f2c0a0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:44:47 2026 +0800 Update profile.ps1 commit e152f12 Merge: 0104a08 c79cf7b Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 11:36:32 2026 +0000 Merge pull request #56 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit c79cf7b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 19:17:03 2026 +0800 Use reporting db for oauth app list and all tenants support commit 0e8df7b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:29:46 2026 +0800 update permissions with Domain.ReadWrite.All commit 6c36cd7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:13:07 2026 +0800 fix: incorrect next link parsing commit cc41963 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 17:35:12 2026 +0800 Don't backup offloaded configuration commit 396c000 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:32 2026 +0800 Update Start-UserTasksOrchestrator.ps1 commit 1d440d9 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:26 2026 +0800 Update Invoke-ListGraphRequest.ps1 commit 8371be0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 14:57:43 2026 +0800 Better tenant alignment info commit d7c6230 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 13:54:11 2026 +0800 fix: Return value for bultin repo indicating it can not be deleted commit 0104a08 Merge: 7d21e73 a96f209 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 23:36:30 2026 +0000 Merge pull request #55 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit a96f209 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:33:36 2026 +0200 Check Alert commit 97bafbe Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:16:11 2026 +0200 Add "Drop" method commit 117c0ef Author: John Duprey <jwd@johnwduprey.com> Date: Thu Apr 23 16:14:19 2026 -0400 chore: add more stats commit fb38e72 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Wed Apr 15 08:10:08 2026 -0500 fix: also include CustomSubject in $Configuration projection (followup to 7f7e071) The c40194b + 7f7e071 fix pair was still incomplete because Test-CIPPAuditLogRules has TWO nested projections of the WebhookRules row, not one, and both must include CustomSubject for the value to reach the downstream tagging: 1. Upstream projection at lines 151-158 — builds $Configuration from the raw Get-CIPPAzDataTableEntity result, projecting $ConfigEntry into a pruned [pscustomobject] with only 6 fields (Tenants, Excluded, Conditions, Actions, LogType, AlertComment). This is the layer I missed in the first two fix attempts. 2. Downstream projection at lines 583-590 — builds $clause from $Configuration, projecting $Config into a per-clause object with 6 fields. The 7f7e071 commit added CustomSubject here. Commit c40194b added the tagging line at 650 reading $clause.CustomSubject. Commit 7f7e071 added the downstream projection line at 588. But the upstream projection at 157 was still dropping CustomSubject from $Config before the downstream projection could read it. AlertComment worked through both projections because it's explicitly listed in both layers (line 157 and line 587). The symmetric fix is to add CustomSubject to line 151-158 too. Production validation sequence that revealed this: - 2026-04-15 02:30:05 UTC: first test with c40194b only. CIPPCustomSubject came through as null. Root cause appeared to be missing downstream projection at lines 583-590. - 2026-04-15 13:00:03 UTC: second test with c40194b + 7f7e071. CIPPCustomSubject STILL came through as null. Diagnostic read of the WebhookRules row confirmed the row stores CustomSubject correctly. Diagnostic read of the file in the running container confirmed both previous fix lines are on disk. Diagnostic of $Configuration construction revealed the second nested projection that was missed. Lesson: when propagating a new field through a pipeline, trace the variable end-to-end from the original table read, not just from the consumption site. The "assume the projection is a complete copy" pattern bit this fix twice in a row. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit de762a5 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 21:36:08 2026 -0500 fix: include CustomSubject in webhook rule clause projection (followup to c40194b) Commit c40194b added CIPPCustomSubject record-tagging in Test-CIPPAuditLogRules so the audit log rule's CustomSubject value would propagate to Invoke-CIPPWebhookProcessing for use in the JSON template title. The tagging line read $clause.CustomSubject: $item | Add-Member -NotePropertyName 'CIPPCustomSubject' \ -NotePropertyValue $clause.CustomSubject -Force \ -ErrorAction SilentlyContinue But the [PSCustomObject] projection upstream that builds $clause from $Config (the WebhookRules row) did not include CustomSubject in its field list — only AlertComment was projected from $Config. So $clause.CustomSubject was always $null, the tagging propagated null, and the webhook payload showed CIPPCustomSubject: null with the title falling through to the default operation-based generated title. Empirically observed in production at 2026-04-15 02:30:05 UTC after the c40194b deploy: an audit log rule with CustomSubject configured fired, AlertComment correctly appeared in the payload (the AlertComment projection was already present from before this work), but CIPPCustomSubject came through as null and the title was the default "<tenant> - New Rule Detected for <user>" instead of the configured "[TEST-BUG4-CS] Inbox Rule Detection". Fix: add `CustomSubject = $Config.CustomSubject` to the projection at lines 583-590 alongside the existing AlertComment line. One-line change. The downstream tagging from c40194b and the template parameter wiring at Invoke-CIPPWebhookProcessing.ps1:83 are both correct; this just completes the missing producer-side projection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 978097d Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:36:07 2026 -0500 fix: honor CustomSubject on scheduled task alert titles Commit 0d1f744 ("refactor: streamline user offboarding and improve task scheduling logic...", 2026-03-17) added a CustomSubject field to the ScheduledTasks row schema in Add-CIPPScheduledTask.ps1:203: CustomSubject = [string]$task.CustomSubject But the downstream consumer — Send-CIPPScheduledTaskAlert, invoked by Push-ExecScheduledCommand after an alert-type scheduled task runs — never reads it. Grep for CustomSubject in Send-CIPPScheduledTaskAlert returns zero matches. The title is built at line 125 with a hard-coded format: $title = "$TaskType - $TenantFilter - $($TaskInfo.Name)" Users who configured CustomSubject on scheduled tasks (including the hidden tasks that back scheduled alert functions) saw no effect on any delivery channel — email, webhook, and PSA all consume the same $title variable built here. Fix: check $TaskInfo.CustomSubject at title-build time and use it if set, falling back to the default format. No parameter plumbing needed since $TaskInfo is the full ScheduledTasks row, which now has the CustomSubject column thanks to 0d1f744. The Reference suffix logic is preserved and applied regardless of which title format is chosen. This is the sibling fix to c40194b which addresses the Path C-audit CustomSubject wiring. Together they complete the feature John Duprey staged in mid-March 2026 across two commits. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 2d71a22 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:35:33 2026 -0500 fix: restore AlertComment on webhook template and complete CustomSubject wiring for audit log alerts Commit 94c0157 ("feat: Enhance security and functionality across multiple modules", 2026-03-19) introduced a CustomSubject lookup block in Invoke-CIPPWebhookProcessing with two compounding defects: 1. The lookup filters WebhookRules with PartitionKey='WebhookRule' (singular), but Invoke-AddAlert writes rules with PartitionKey='Webhookv2'. No writer anywhere populates the queried partition key, so the lookup always returns nothing. 2. The guard `if ($Data.CIPPRuleId)` depends on a field that is never set on matched records by Test-CIPPAuditLogRules. The if body never executes, so $WebhookRule is always $null. The same commit also changed the JSON template call from `-AlertComment $AlertComment` (working — parameter bound from the Test-CIPPAuditLogRules splat via $AuditLog.CIPPAlertComment) to `-AlertComment $WebhookRule.AlertComment`, which silently regressed AlertComment on webhook deliveries for the ~4 weeks since the commit landed. Email and PSA deliveries were unaffected because the HTML template call at line 116 still reads the correct $AlertComment function parameter. Fix: route CustomSubject through the same record-tagging mechanism that AlertComment uses. Test-CIPPAuditLogRules now tags each matched record with $item.CIPPCustomSubject = $clause.CustomSubject alongside the existing CIPPAction / CIPPClause / CIPPAlertComment tagging. The dead `if ($Data.CIPPRuleId)` lookup block in Invoke-CIPPWebhookProcessing is removed entirely. The JSON template call now reads AlertComment from the function parameter (reverting the regression) and CustomSubject from $Data.CIPPCustomSubject (the newly tagged field). No change to the HTML template call at line 116 — email and PSA continue to honor AlertComment via the function parameter as they did before, and CustomSubject on email/PSA is out of scope for this fix. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 20b55c4 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 13 22:17:43 2026 -0500 fix: pass 'AllTenants' tenant filter for tenant-agnostic alert notifications Push-SchedulerCIPPNotifications aggregates CippLogs and CippStandardsAlerts across tenants into three dispatcher branches (email non-onePerTenant, webhook logbook, webhook standards) and passed `-TenantFilter $tenant` or `$Tenant` at each call site — but none of those branches has an enclosing `foreach ($tenant in ...)` loop, so the variable was undefined and bound to an empty string. On the webhook branches, the empty string crashed at New-CIPPStandardizedWebhookSchema's mandatory parameter binding whenever UseStandardizedSchema was enabled, producing hourly "Could not send alerts to webhook ...: Cannot bind argument to parameter 'TenantFilter' because it is an empty string." errors in CippLogs. On the email non-onePerTenant branch, the empty string propagated into Get-CIPPTextReplacement -> Get-Tenants, which returns the full tenant list when passed an empty filter, producing corrupted %var% placeholder substitutions in customized templates. Fix: pass the 'AllTenants' sentinel at all three call sites. Matches CIPP's existing convention for tenant-agnostic operations and is semantically correct for a cross-tenant aggregated notification. Affected lines: - Line 69 (email non-onePerTenant) - Line 113 (webhook logbook notification) - Line 123 (webhook standards notification) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 4889191 Merge: 7f13d53 62da948 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:40:28 2026 -0500 Merge branch 'dev' into fix/severity-warn-to-warning commit 7f13d53 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:28:08 2026 -0500 Fix log severity levels from 'Warn' to 'Warning' commit 7d21e73 Merge: 4d26df0 62da948 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 17:36:34 2026 +0000 Merge pull request #54 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 62da948 Merge: c0e8427 dcfe667 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 01:19:39 2026 +0800 Fix: Fix syntax error in PowerShell script (KelvinTegelaar#2013) Remove an extra closing parenthesis commit dcfe667 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Thu Apr 23 19:16:06 2026 +0200 fix: remove the extra added ")" for better flavor commit c0e8427 Merge: 0115569 fa1620f Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 17:55:30 2026 +0200 Fix : Last Sync Attempt Time & Last Sync Success fields blank in ActiveSync Devices #5860 (KelvinTegelaar#2000) Outlook for iOS/Android devices always show empty values for: lastSyncAttemptTime lastSuccessSync This is expected Exchange behavior, but: - The UI provides no explanation - Empty strings are indistinguishable from missing or broken data - Sorting and exporting these fields behaves inconsistently This PR : - Normalizes missing sync timestamps to null instead of empty strings. - Add a new informational field, syncInfoNote, for Outlook mobile devices explaining why ActiveSync sync times are not reported. - Detection is based on existing device properties (DeviceModel, DeviceType, ClientType) and does not introduce new protocol assumptions. Resolves - KelvinTegelaar/CIPP#5860 commit 4d26df0 Merge: af47439 0115569 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 11:36:33 2026 +0000 Merge pull request #53 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 0115569 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:23:04 2026 +0800 Update Add-CIPPDbItem.ps1 commit d09601d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:14:15 2026 +0800 Fix: JIT Admin template support for groups and fix selected user commit 9bdb79b Merge: 002b867 ed63529 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:42:11 2026 +0200 feat: Add AdminSSPR standard (KelvinTegelaar#2009) Frontend PR: KelvinTegelaar/CIPP#5902 commit 002b867 Merge: 7fc61f5 dd535af Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:41:35 2026 +0200 Fix: Fix notification contact removal during tenant offboarding (KelvinTegelaar#2011) commit 7fc61f5 Merge: 9517ffb dffc2e5 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:29 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 9517ffb Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:27 2026 +0800 fix: Use bulk skip pagination for detectedApps cache detectedApps endpoint ignores $top and returns max 50 items per page with $skip-based nextLinks, causing sequential pagination that could exceed the 10-minute function timeout on large tenants. Pre-calculate all skip offsets from @odata.count and fire as batched bulk requests instead of chasing nextLinks sequentially. commit af47439 Merge: e10085b dffc2e5 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 23:36:29 2026 +0000 Merge pull request #52 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit dffc2e5 Author: John Duprey <jwd@johnwduprey.com> Date: Wed Apr 22 17:47:43 2026 -0400 Delete AzBobbyTables.PS.dll commit 194c980 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 22 23:01:36 2026 +0200 prevent logging stuff commit dd535af Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:44:57 2026 +0200 fix: notification contact removal in tenant offboarding commit e10085b Merge: 664f415 d59b361 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 17:36:34 2026 +0000 Merge pull request #51 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 2e2e721 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:02:39 2026 +0200 feat(onedrive-shortcut): support custom library and subfolder paths Extends New-CIPPOneDriveShortCut to accept URLs pointing at specific document libraries and subfolders, not just site roots. Fixes KelvinTegelaar/CIPP#5892 - Unwrap SharePoint browser URLs (AllItems.aspx?id=..., onedrive.aspx?id=...) by reading the `id` query parameter and reconstructing a server-relative URL. - Resolve the target site via longest-prefix match so subsites are picked over their parent site. - When a path segment remains after the site URL, resolve it to a drive (library) + driveItem and POST a shortcut using `remoteItem.id` + `parentReference.driveId` instead of `sharepointIds`. - Preserve the original site-root behaviour when no path segment is present. - Use the drive's display name for library-root shortcuts (Graph returns `name='root'` on `/drives/{id}/root`, which previously surfaced as "SiteName / root" in the shortcut and logs). - Fix "Onedrive" casing in the error message. commit d59b361 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 00:09:45 2026 +0800 Update Invoke-ExecCAExclusion.ps1 commit e0cbf6e Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 23:30:45 2026 +0800 Better error handling around CA exclusion groups and better error messages commit 454f273 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:31:01 2026 +0800 Update Get-CIPPTestData.ps1 commit c5bbb4b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:17:13 2026 +0800 Rename to CIPPSharp, introduce cached testdb calls commit ed63529 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 13:55:47 2026 +0200 feat: add AdminSSPR standard commit 664f415 Merge: e068708 2907acc Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 11:36:33 2026 +0000 Merge pull request #50 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 2907acc Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 19:29:48 2026 +0800 Reduce table write ops for tests by doing bulk writes commit c220738 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:11:21 2026 +0800 Introduce re-batching bulk requests when batches return next links and table write batching commit 4721da0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:09:18 2026 +0800 introduce stable id for cache and greatly improve exo permission cache speed commit f60611a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:07:04 2026 +0800 Remove duplicate EXO cache calls commit aa98c9e Merge: 9972f08 cb4833d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 16:05:26 2026 +0800 Merged into dev commit 1e06116 Author: James Tarran <jtarran@techary.com> Date: Wed Apr 22 08:55:00 2026 +0100 Collect admin UPNs from role groups and users Previously only direct role-assigned user principals were considered when excluding admins from the PowerShell disable check. This change fetches roleAssignments, separates user and group principals, queries group members (transitive user members) via a bulk Graph v1.0 request, and merges unique userPrincipalNames from both sources. This ensures members of admin groups are treated as admins and aren't incorrectly targeted for Remote PowerShell disablement. commit 9972f08 Merge: 29aadfc d4fe3d7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:46 2026 +0800 Merged into Dev commit 29aadfc Merge: 747ab0c c2588ee Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:02 2026 +0800 Merged into Dev commit 747ab0c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:13:29 2026 +0800 Fix: Better batching for EXO caching Greatly reduces EXO calls to stop function timeouts and reduce TCP connection use commit c2588ee Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 22:45:09 2026 +0200 fix: Could not get token: Unable to find type [CIPP.CIPPRestClient]. when running Initialize-DevEnvironment commit d4fe3d7 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 17:50:42 2026 +0200 docs: update CIPP standards agents and instructions file commit cb4833d Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 20 13:23:00 2026 +0200 fix: update boolean conversion for query parameters Refactor the conversion of query parameters to boolean values using System.Convert::ToBoolean to solve issues with 'false' strings ending up as $true. commit fa1620f Author: fit-jv <192130596+fit-jv@users.noreply.github.com> Date: Mon Apr 20 09:39:19 2026 +0100 "syncInfoNote": "Outlook for iOS and Android uses modern authentication and does not report ActiveSync sync times." UI now has a clear explanation available for empty sync fields API responses are easier to reason about (null vs empty string) Reduces confusion around Outlook mobile ActiveSync reporting No functional changes to device allow/block/delete operations Signed-off-by: fit-jv <Jaco.Venter@FocusedIT.co.uk> commit 1ee6169 Author: Luis Mengel <luis.mengel@united-gameserver.de> Date: Tue Apr 14 01:02:02 2026 +0200 add multi-tenant support for Scripted CIPP Alerts commit 33d1b99 Merge: e0d0230 074a969 Author: John Duprey <john@cyberdrain.com> Date: Mon Apr 13 16:31:48 2026 -0400 Dev to hotfix (KelvinTegelaar#1995) commit e0d0230 Merge: 951d2db 65a0899 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 10 15:49:39 2026 +0200 Dev to release (KelvinTegelaar#1990) commit fff3440 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 7 19:06:55 2026 +0200 feat: move ap devices and status page to generic graph request endpoint

commit cadf8157e7db25926fa3ee8c9373e23b5bc144c9 Merge: 68ddd9caa e0eb3fd Author: James Tarran <jtarran@techary.com> Date: Wed Apr 29 18:17:42 2026 +0100 Merge branch 'master' of https://github.com/TecharyJames/CIPP-API commit e0eb3fd Merge: c4aa05b 5a13af0 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 11:36:35 2026 +0000 Merge pull request #73 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 5a13af0 Merge: ee4a2cf 8bbefe1 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 11:55:17 2026 +0200 Dev to hf (KelvinTegelaar#2033) commit 8bbefe1 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 17:31:25 2026 +0800 Update version_latest.txt commit 3fc9675 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:57:19 2026 +0800 tweaks for webhook table lookups commit 70642a2 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:09:14 2026 +0800 Surface errors correctly for secret reset commit d9f630e Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:52:34 2026 +0800 offset some activities to help spread the load commit d6e0c01 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:41:10 2026 +0800 tweak ninja sync interval commit 66e7da5 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:09:05 2026 +0800 Bring in tenant deviations into calculation and expose confirmed deviations commit c4aa05b Merge: a9d4eb2 ee4a2cf Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 23:36:30 2026 +0000 Merge pull request #70 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit ee4a2cf Merge: e07e70b 2161569 Author: John Duprey <john@cyberdrain.com> Date: Tue Apr 28 17:46:28 2026 -0400 Dev to hotfix (KelvinTegelaar#2032) commit 2161569 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:31:19 2026 -0400 chore: bump version to 10.4.2 commit e2f71c2 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:30:26 2026 -0400 fix: group types in edit user commit 658acea Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 16:21:35 2026 -0400 fix: add caching to sharepoint/onedrive site listings commit 8c0ca04 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 14:16:43 2026 -0400 fix: disable transitive failures error logging for now commit ae39bce Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 12:02:54 2026 -0400 fix: version locations commit 217416d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:55:19 2026 +0800 add back to root :( commit 7b61a9d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:41:42 2026 +0800 Fix standard to only apply to users and shared accounts if enabled, else shared only commit f896701 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:38:40 2026 +0800 Ensure only HTML fragments are generated commit a1bed60 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:27:59 2026 +0800 Clear drift remediation tasks if reoccurring ones were created commit 7687325 Merge: 33ee646 f652a1a Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 15:33:43 2026 +0200 fix: correct version_latest.txt path in remote API version check (KelvinTegelaar#2029) The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit f652a1a Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 28 08:29:20 2026 -0500 fix: correct version_latest.txt path in remote API version check The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit 33ee646 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 20:08:25 2026 +0800 typo commit 4c70122 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:46 2026 +0800 Don't use cache for app permissions, causes issues if stale or missing commit f5ecbb0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:05 2026 +0800 Fix GDAP requests to use more than 300 results commit ea6cc64 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:34:21 2026 +0800 Handle midterm license changes and enrich response to contain started date commit 61b172b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:05:51 2026 +0800 Update CippEntrypoints.psm1 commit e7a9d88 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:55:41 2026 +0800 Add SP/Exchange standards Three new standards: Invoke-CIPPStandardDisableEWS (disable Exchange Web Services org-wide), Invoke-CIPPStandardSPDisableCustomScripts (disable custom scripts on SharePoint/OneDrive), and Invoke-CIPPStandardSPDisableStoreAccess (disable SharePoint Store access). commit 7b17a58 Merge: dd73a6f e30eaa5 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 10:45:43 2026 +0200 fix: Update docs links that 404 (KelvinTegelaar#2025) Resolves KelvinTegelaar/CIPP#5917 commit dd73a6f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:37:29 2026 +0800 fix standards logging issues commit 4255573 Merge: 1141713 12d93fe Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:14 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 1141713 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:12 2026 +0800 Add Add-CIPPTestResult as an allowed custom test command commit 12d93fe Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 16:47:49 2026 -0400 refactor: enhance IP validation and result handling in Invoke-ExecApiClient Co-authored-by: Copilot <copilot@github.com> commit 16d2ff4 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:44:06 2026 -0400 fix: correct path to version_latest.txt in version.json creation step commit 25a06e3 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:40:34 2026 -0400 fix: update restricted tables for superadmin backup restoration commit 9b24f33 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 13:25:45 2026 -0400 refactor: Vacation group filter url encoding Co-authored-by: Copilot <copilot@github.com> commit e30eaa5 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 27 10:58:05 2026 -0500 fix: Update docs links that 404 commit 85e3a88 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:08:03 2026 +0800 Update Start-CIPPOrchestrator.ps1 commit 10012b4 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:03:43 2026 +0800 more audit log error handling commit 9ece8de Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:00:01 2026 +0800 harden orc start and audit log error message commit 42e980b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:09:43 2026 +0800 move more files to make root cleaner commit 1249d1b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:02:59 2026 +0800 more shuffles commit f796dea Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 03:14:13 2026 +0800 Token update locking commit 07a3bae Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 00:58:10 2026 +0800 shuffle commit 24fcd6b Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 22:02:40 2026 -0400 fix: Fallback to legacy REST when CIPP client missing commit a9d4eb2 Merge: 278041b e07e70b Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 23:36:29 2026 +0000 Merge pull request #59 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 40cb7fc Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 19:12:03 2026 -0400 chore: Block Az Function app setting cmdlets commit 870b94d Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:44:21 2026 -0400 fix: getversion api role commit 821b92e Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:40:25 2026 -0400 fix: base role permissions commit 0ff7d1e Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:06:42 2026 -0400 Update Invoke-ExecTestRefresh.ps1 commit 956c732 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:59:42 2026 -0400 fix: save test result commit 83cf867 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:43:03 2026 -0400 fix: copilot license checks commit 0e2f601 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:22:12 2026 -0400 feat: Add Invoke-ExecTestRefresh HTTP entrypoint Add a new HTTP entrypoint function Invoke-ExecTestRefresh which reads tenantFilter and testName from the request (query or body), constructs and invokes a corresponding test function (Invoke-CippTest{testName}) from the CIPPTests module, and returns HTTP responses. Includes debug logging of API access, returns 200 with a success message on invocation, 404 if the target test function is missing, and 400 on errors. commit 66596cf Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 15:56:18 2026 -0400 fix: copilot license matching test commit e07e70b Merge: f77ffa6 c2195e4 Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:48:33 2026 -0400 dev to hotfix (KelvinTegelaar#2018) commit c2195e4 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 13:44:36 2026 -0400 fix: dnshealth commit 278041b Merge: ce31aa8 f77ffa6 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 17:36:33 2026 +0000 Merge pull request #57 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit f77ffa6 Merge: 61b43b9 2a361a8 Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:05:44 2026 -0400 Dev to hotfix (KelvinTegelaar#2017) commit 2a361a8 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 01:01:05 2026 +0800 hotfix commit b721e0e Merge: e9017f6 07ae216 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:24 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit e9017f6 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:11 2026 +0800 Fixes manual pagination commit 07ae216 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 12:54:10 2026 -0400 fix: update workflow files to include modulebuilder commit 61b43b9 Merge: 56d33cc f57e286 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:13:25 2026 +0200 version latest (KelvinTegelaar#2016) commit 56d33cc Merge: 33d1b99 20f94fc Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:12:53 2026 +0200 Dev to release (KelvinTegelaar#2015) commit f57e286 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:11:59 2026 +0200 version latest commit 20f94fc Merge: 323ecca f0331a0 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:43 2026 -0400 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 323ecca Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:35 2026 -0400 chore: update DNSHealth to 1.1.5 commit f0331a0 Merge: 0ed14fb fff3440 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:05:33 2026 +0200 feat: move ap devices and status page to generic graph request endpoint (KelvinTegelaar#1987) frontend PR: KelvinTegelaar/CIPP#5807 commit 0ed14fb Merge: 28bc747 1ee6169 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:04:00 2026 +0200 fix: multi-tenant support for Scripted CIPP Alerts (KelvinTegelaar#1992) - Add a alert entrypoint `Invoke-AddScriptedAlert.ps1` that handles multi-tenant and tenant group selections for Scripted CIPP Alerts - Expands any tenant groups via `Expand-CIPPTenantGroups` and merges them with individually selected tenants into a target domain list - Resolves KelvinTegelaar/CIPP#5833 commit 28bc747 Merge: 3cabc5e fb38e72 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:03:04 2026 +0200 Fix: alert notification pipeline (KelvinTegelaar#2006) commit 3cabc5e Merge: 0b2f2bd 2e2e721 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:59:11 2026 +0200 feat: Allow custom paths for OneDrive shortcuts (KelvinTegelaar#2010) Enhance the `New-CIPPOneDriveShortCut` function to support custom URLs that point to specific document libraries and subfolders in SharePoint. This update allows users to create shortcuts not just for top-level sites but also for specific libraries and folders. Fixes KelvinTegelaar/CIPP#5892 commit 0b2f2bd Merge: e71eb10 4889191 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:58:51 2026 +0200 Fix log severity levels from 'Warn' to 'Warning' (KelvinTegelaar#2014) Incorrect severity labels placed on logbook entries have been causing them not to send when configured on the Notifications tab commit e71eb10 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:48:31 2026 +0800 Update CIPPTimers.json commit 6f2c0a0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:44:47 2026 +0800 Update profile.ps1 commit c79cf7b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 19:17:03 2026 +0800 Use reporting db for oauth app list and all tenants support commit 0e8df7b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:29:46 2026 +0800 update permissions with Domain.ReadWrite.All commit 6c36cd7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:13:07 2026 +0800 fix: incorrect next link parsing commit cc41963 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 17:35:12 2026 +0800 Don't backup offloaded configuration commit 396c000 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:32 2026 +0800 Update Start-UserTasksOrchestrator.ps1 commit 1d440d9 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:26 2026 +0800 Update Invoke-ListGraphRequest.ps1 commit 8371be0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 14:57:43 2026 +0800 Better tenant alignment info commit d7c6230 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 13:54:11 2026 +0800 fix: Return value for bultin repo indicating it can not be deleted commit a96f209 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:33:36 2026 +0200 Check Alert commit 97bafbe Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:16:11 2026 +0200 Add "Drop" method commit 117c0ef Author: John Duprey <jwd@johnwduprey.com> Date: Thu Apr 23 16:14:19 2026 -0400 chore: add more stats commit fb38e72 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Wed Apr 15 08:10:08 2026 -0500 fix: also include CustomSubject in $Configuration projection (followup to 7f7e071) The c40194b + 7f7e071 fix pair was still incomplete because Test-CIPPAuditLogRules has TWO nested projections of the WebhookRules row, not one, and both must include CustomSubject for the value to reach the downstream tagging: 1. Upstream projection at lines 151-158 — builds $Configuration from the raw Get-CIPPAzDataTableEntity result, projecting $ConfigEntry into a pruned [pscustomobject] with only 6 fields (Tenants, Excluded, Conditions, Actions, LogType, AlertComment). This is the layer I missed in the first two fix attempts. 2. Downstream projection at lines 583-590 — builds $clause from $Configuration, projecting $Config into a per-clause object with 6 fields. The 7f7e071 commit added CustomSubject here. Commit c40194b added the tagging line at 650 reading $clause.CustomSubject. Commit 7f7e071 added the downstream projection line at 588. But the upstream projection at 157 was still dropping CustomSubject from $Config before the downstream projection could read it. AlertComment worked through both projections because it's explicitly listed in both layers (line 157 and line 587). The symmetric fix is to add CustomSubject to line 151-158 too. Production validation sequence that revealed this: - 2026-04-15 02:30:05 UTC: first test with c40194b only. CIPPCustomSubject came through as null. Root cause appeared to be missing downstream projection at lines 583-590. - 2026-04-15 13:00:03 UTC: second test with c40194b + 7f7e071. CIPPCustomSubject STILL came through as null. Diagnostic read of the WebhookRules row confirmed the row stores CustomSubject correctly. Diagnostic read of the file in the running container confirmed both previous fix lines are on disk. Diagnostic of $Configuration construction revealed the second nested projection that was missed. Lesson: when propagating a new field through a pipeline, trace the variable end-to-end from the original table read, not just from the consumption site. The "assume the projection is a complete copy" pattern bit this fix twice in a row. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit de762a5 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 21:36:08 2026 -0500 fix: include CustomSubject in webhook rule clause projection (followup to c40194b) Commit c40194b added CIPPCustomSubject record-tagging in Test-CIPPAuditLogRules so the audit log rule's CustomSubject value would propagate to Invoke-CIPPWebhookProcessing for use in the JSON template title. The tagging line read $clause.CustomSubject: $item | Add-Member -NotePropertyName 'CIPPCustomSubject' \ -NotePropertyValue $clause.CustomSubject -Force \ -ErrorAction SilentlyContinue But the [PSCustomObject] projection upstream that builds $clause from $Config (the WebhookRules row) did not include CustomSubject in its field list — only AlertComment was projected from $Config. So $clause.CustomSubject was always $null, the tagging propagated null, and the webhook payload showed CIPPCustomSubject: null with the title falling through to the default operation-based generated title. Empirically observed in production at 2026-04-15 02:30:05 UTC after the c40194b deploy: an audit log rule with CustomSubject configured fired, AlertComment correctly appeared in the payload (the AlertComment projection was already present from before this work), but CIPPCustomSubject came through as null and the title was the default "<tenant> - New Rule Detected for <user>" instead of the configured "[TEST-BUG4-CS] Inbox Rule Detection". Fix: add `CustomSubject = $Config.CustomSubject` to the projection at lines 583-590 alongside the existing AlertComment line. One-line change. The downstream tagging from c40194b and the template parameter wiring at Invoke-CIPPWebhookProcessing.ps1:83 are both correct; this just completes the missing producer-side projection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 978097d Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:36:07 2026 -0500 fix: honor CustomSubject on scheduled task alert titles Commit 0d1f744 ("refactor: streamline user offboarding and improve task scheduling logic...", 2026-03-17) added a CustomSubject field to the ScheduledTasks row schema in Add-CIPPScheduledTask.ps1:203: CustomSubject = [string]$task.CustomSubject But the downstream consumer — Send-CIPPScheduledTaskAlert, invoked by Push-ExecScheduledCommand after an alert-type scheduled task runs — never reads it. Grep for CustomSubject in Send-CIPPScheduledTaskAlert returns zero matches. The title is built at line 125 with a hard-coded format: $title = "$TaskType - $TenantFilter - $($TaskInfo.Name)" Users who configured CustomSubject on scheduled tasks (including the hidden tasks that back scheduled alert functions) saw no effect on any delivery channel — email, webhook, and PSA all consume the same $title variable built here. Fix: check $TaskInfo.CustomSubject at title-build time and use it if set, falling back to the default format. No parameter plumbing needed since $TaskInfo is the full ScheduledTasks row, which now has the CustomSubject column thanks to 0d1f744. The Reference suffix logic is preserved and applied regardless of which title format is chosen. This is the sibling fix to c40194b which addresses the Path C-audit CustomSubject wiring. Together they complete the feature John Duprey staged in mid-March 2026 across two commits. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 2d71a22 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:35:33 2026 -0500 fix: restore AlertComment on webhook template and complete CustomSubject wiring for audit log alerts Commit 94c0157 ("feat: Enhance security and functionality across multiple modules", 2026-03-19) introduced a CustomSubject lookup block in Invoke-CIPPWebhookProcessing with two compounding defects: 1. The lookup filters WebhookRules with PartitionKey='WebhookRule' (singular), but Invoke-AddAlert writes rules with PartitionKey='Webhookv2'. No writer anywhere populates the queried partition key, so the lookup always returns nothing. 2. The guard `if ($Data.CIPPRuleId)` depends on a field that is never set on matched records by Test-CIPPAuditLogRules. The if body never executes, so $WebhookRule is always $null. The same commit also changed the JSON template call from `-AlertComment $AlertComment` (working — parameter bound from the Test-CIPPAuditLogRules splat via $AuditLog.CIPPAlertComment) to `-AlertComment $WebhookRule.AlertComment`, which silently regressed AlertComment on webhook deliveries for the ~4 weeks since the commit landed. Email and PSA deliveries were unaffected because the HTML template call at line 116 still reads the correct $AlertComment function parameter. Fix: route CustomSubject through the same record-tagging mechanism that AlertComment uses. Test-CIPPAuditLogRules now tags each matched record with $item.CIPPCustomSubject = $clause.CustomSubject alongside the existing CIPPAction / CIPPClause / CIPPAlertComment tagging. The dead `if ($Data.CIPPRuleId)` lookup block in Invoke-CIPPWebhookProcessing is removed entirely. The JSON template call now reads AlertComment from the function parameter (reverting the regression) and CustomSubject from $Data.CIPPCustomSubject (the newly tagged field). No change to the HTML template call at line 116 — email and PSA continue to honor AlertComment via the function parameter as they did before, and CustomSubject on email/PSA is out of scope for this fix. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 20b55c4 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 13 22:17:43 2026 -0500 fix: pass 'AllTenants' tenant filter for tenant-agnostic alert notifications Push-SchedulerCIPPNotifications aggregates CippLogs and CippStandardsAlerts across tenants into three dispatcher branches (email non-onePerTenant, webhook logbook, webhook standards) and passed `-TenantFilter $tenant` or `$Tenant` at each call site — but none of those branches has an enclosing `foreach ($tenant in ...)` loop, so the variable was undefined and bound to an empty string. On the webhook branches, the empty string crashed at New-CIPPStandardizedWebhookSchema's mandatory parameter binding whenever UseStandardizedSchema was enabled, producing hourly "Could not send alerts to webhook ...: Cannot bind argument to parameter 'TenantFilter' because it is an empty string." errors in CippLogs. On the email non-onePerTenant branch, the empty string propagated into Get-CIPPTextReplacement -> Get-Tenants, which returns the full tenant list when passed an empty filter, producing corrupted %var% placeholder substitutions in customized templates. Fix: pass the 'AllTenants' sentinel at all three call sites. Matches CIPP's existing convention for tenant-agnostic operations and is semantically correct for a cross-tenant aggregated notification. Affected lines: - Line 69 (email non-onePerTenant) - Line 113 (webhook logbook notification) - Line 123 (webhook standards notification) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 4889191 Merge: 7f13d53 62da948 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:40:28 2026 -0500 Merge branch 'dev' into fix/severity-warn-to-warning commit 7f13d53 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:28:08 2026 -0500 Fix log severity levels from 'Warn' to 'Warning' commit 62da948 Merge: c0e8427 dcfe667 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 01:19:39 2026 +0800 Fix: Fix syntax error in PowerShell script (KelvinTegelaar#2013) Remove an extra closing parenthesis commit dcfe667 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Thu Apr 23 19:16:06 2026 +0200 fix: remove the extra added ")" for better flavor commit c0e8427 Merge: 0115569 fa1620f Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 17:55:30 2026 +0200 Fix : Last Sync Attempt Time & Last Sync Success fields blank in ActiveSync Devices #5860 (KelvinTegelaar#2000) Outlook for iOS/Android devices always show empty values for: lastSyncAttemptTime lastSuccessSync This is expected Exchange behavior, but: - The UI provides no explanation - Empty strings are indistinguishable from missing or broken data - Sorting and exporting these fields behaves inconsistently This PR : - Normalizes missing sync timestamps to null instead of empty strings. - Add a new informational field, syncInfoNote, for Outlook mobile devices explaining why ActiveSync sync times are not reported. - Detection is based on existing device properties (DeviceModel, DeviceType, ClientType) and does not introduce new protocol assumptions. Resolves - KelvinTegelaar/CIPP#5860 commit 0115569 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:23:04 2026 +0800 Update Add-CIPPDbItem.ps1 commit d09601d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:14:15 2026 +0800 Fix: JIT Admin template support for groups and fix selected user commit 9bdb79b Merge: 002b867 ed63529 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:42:11 2026 +0200 feat: Add AdminSSPR standard (KelvinTegelaar#2009) Frontend PR: KelvinTegelaar/CIPP#5902 commit 002b867 Merge: 7fc61f5 dd535af Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:41:35 2026 +0200 Fix: Fix notification contact removal during tenant offboarding (KelvinTegelaar#2011) commit 7fc61f5 Merge: 9517ffb dffc2e5 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:29 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 9517ffb Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:27 2026 +0800 fix: Use bulk skip pagination for detectedApps cache detectedApps endpoint ignores $top and returns max 50 items per page with $skip-based nextLinks, causing sequential pagination that could exceed the 10-minute function timeout on large tenants. Pre-calculate all skip offsets from @odata.count and fire as batched bulk requests instead of chasing nextLinks sequentially. commit dffc2e5 Author: John Duprey <jwd@johnwduprey.com> Date: Wed Apr 22 17:47:43 2026 -0400 Delete AzBobbyTables.PS.dll commit 194c980 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 22 23:01:36 2026 +0200 prevent logging stuff commit dd535af Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:44:57 2026 +0200 fix: notification contact removal in tenant offboarding commit 2e2e721 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:02:39 2026 +0200 feat(onedrive-shortcut): support custom library and subfolder paths Extends New-CIPPOneDriveShortCut to accept URLs pointing at specific document libraries and subfolders, not just site roots. Fixes KelvinTegelaar/CIPP#5892 - Unwrap SharePoint browser URLs (AllItems.aspx?id=..., onedrive.aspx?id=...) by reading the `id` query parameter and reconstructing a server-relative URL. - Resolve the target site via longest-prefix match so subsites are picked over their parent site. - When a path segment remains after the site URL, resolve it to a drive (library) + driveItem and POST a shortcut using `remoteItem.id` + `parentReference.driveId` instead of `sharepointIds`. - Preserve the original site-root behaviour when no path segment is present. - Use the drive's display name for library-root shortcuts (Graph returns `name='root'` on `/drives/{id}/root`, which previously surfaced as "SiteName / root" in the shortcut and logs). - Fix "Onedrive" casing in the error message. commit d59b361 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 00:09:45 2026 +0800 Update Invoke-ExecCAExclusion.ps1 commit e0cbf6e Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 23:30:45 2026 +0800 Better error handling around CA exclusion groups and better error messages commit 454f273 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:31:01 2026 +0800 Update Get-CIPPTestData.ps1 commit c5bbb4b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:17:13 2026 +0800 Rename to CIPPSharp, introduce cached testdb calls commit ed63529 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 13:55:47 2026 +0200 feat: add AdminSSPR standard commit 2907acc Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 19:29:48 2026 +0800 Reduce table write ops for tests by doing bulk writes commit c220738 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:11:21 2026 +0800 Introduce re-batching bulk requests when batches return next links and table write batching commit 4721da0 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:09:18 2026 +0800 introduce stable id for cache and greatly improve exo permission cache speed commit f60611a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:07:04 2026 +0800 Remove duplicate EXO cache calls commit aa98c9e Merge: 9972f08 cb4833d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 16:05:26 2026 +0800 Merged into dev commit 9972f08 Merge: 29aadfc d4fe3d7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:46 2026 +0800 Merged into Dev commit 29aadfc Merge: 747ab0c c2588ee Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:02 2026 +0800 Merged into Dev commit 747ab0c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:13:29 2026 +0800 Fix: Better batching for EXO caching Greatly reduces EXO calls to stop function timeouts and reduce TCP connection use commit c2588ee Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 22:45:09 2026 +0200 fix: Could not get token: Unable to find type [CIPP.CIPPRestClient]. when running Initialize-DevEnvironment commit d4fe3d7 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 17:50:42 2026 +0200 docs: update CIPP standards agents and instructions file commit cb4833d Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 20 13:23:00 2026 +0200 fix: update boolean conversion for query parameters Refactor the conversion of query parameters to boolean values using System.Convert::ToBoolean to solve issues with 'false' strings ending up as $true. commit fa1620f Author: fit-jv <192130596+fit-jv@users.noreply.github.com> Date: Mon Apr 20 09:39:19 2026 +0100 "syncInfoNote": "Outlook for iOS and Android uses modern authentication and does not report ActiveSync sync times." UI now has a clear explanation available for empty sync fields API responses are easier to reason about (null vs empty string) Reduces confusion around Outlook mobile ActiveSync reporting No functional changes to device allow/block/delete operations Signed-off-by: fit-jv <Jaco.Venter@FocusedIT.co.uk> commit 1ee6169 Author: Luis Mengel <luis.mengel@united-gameserver.de> Date: Tue Apr 14 01:02:02 2026 +0200 add multi-tenant support for Scripted CIPP Alerts commit 68ddd9caa2c7e3d094a08f93864a27a94ddfc777 Merge: f7907db61 ce31aa8 Author: James Tarran <jtarran@techary.com> Date: Fri Apr 17 15:36:53 2026 +0100 Merge branch 'master' of https://github.com/TecharyJames/CIPP-API commit ce31aa8 Merge: e0de355 33d1b99 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Apr 13 23:36:30 2026 +0000 Merge pull request #30 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 33d1b99 Merge: e0d0230 074a969 Author: John Duprey <john@cyberdrain.com> Date: Mon Apr 13 16:31:48 2026 -0400 Dev to hotfix (KelvinTegelaar#1995) commit e0de355 Merge: 38ed5ae e0d0230 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 10 17:36:33 2026 +0000 Merge pull request #25 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit e0d0230 Merge: 951d2db 65a0899 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 10 15:49:39 2026 +0200 Dev to release (KelvinTegelaar#1990) commit fff3440 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 7 19:06:55 2026 +0200 feat: move ap devices and status page to generic graph request endpoint commit 38ed5ae Author: James Tarran <jtarran@techary.com> Date: Fri Apr 3 16:09:12 2026 +0100 Change merge method for dev branch to merge commit f7907db61c0687ad8c9839491e9c27f1440c7b8d Merge: 8877bbd 9c6f3c8 Author: James Tarran <jtarran@techary.com> Date: Fri Mar 20 14:45:05 2026 +0000 Merge branch 'master' of https://github.com/TecharyJames/CIPP-API commit 9c6f3c8 Merge: 6309839 951d2db Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Mar 19 23:36:34 2026 +0000 Merge pull request #6 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 6309839 Merge: dbe3d09 3a00e51 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Mar 18 11:36:35 2026 +0000 Merge pull request #5 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit dbe3d09 Merge: 8cb1195 c0a9460 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Mar 17 23:36:32 2026 +0000 Merge pull request #4 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 8cb1195 Merge: 31c2350 cdeaa6d Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Mar 16 17:36:39 2026 +0000 Merge pull request #2 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 8877bbd Merge: d805511 31c2350 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Mar 13 01:57:31 2026 +0000 Merge pull request #6 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit d805511 Merge: 18c9f07 81a63ce Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Mar 10 19:57:37 2026 +0000 Merge pull request #5 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master commit 18c9f07 Merge: fa00351 e4a431e Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Mar 10 01:57:31 2026 +0000 Merge pull request #4 from KelvinTegelaar/master [pull] master from KelvinTegelaar:master

commit 1885ac28f644dd86223bba37fbdfca97e3548836 Merge: 3a095a8ea 1416a1431 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 30 11:36:33 2026 +0000 Merge pull request #77 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 1416a1431200d55dbf49daee1a255d12695384a3 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 30 16:40:33 2026 +0800 Simple is best commit 3a095a8ea878fb9e0b64c0f176c388def60c1c3f Merge: 0f97e2ddc 29e3006ee Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 30 05:36:31 2026 +0000 Merge pull request #76 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 29e3006ee29bc4cee6af68f617a5b556d79990a1 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 30 11:23:53 2026 +0800 Update Get-CIPPLicenseOverview.ps1 commit e0df4506e8c7121d2e7bd3b76d36777bb5f694cf Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 30 11:15:16 2026 +0800 account for trials commit 9700734049ec0e50177bdcbfef3e84688e5dec1a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 30 10:54:55 2026 +0800 Use ConvertTo-SafeArray for all EXO domain checks commit 0f97e2ddc80db93541a06257b39c1c728c4d033a Merge: 9059e1425 fe7b01316 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 17:36:36 2026 +0000 Merge pull request #75 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit fe7b01316b057cc79b9a0dea0f97eee9c142d550 Merge: 834b4c618 f2cd1532b Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 17:26:55 2026 +0200 Feat/Configure Encrypted Message Branding OME (#2023) This is a new standard that enables customization of encrypted emails sent from a client and received by users on non-Exchange email platforms. The logo field requires a URL but also supports custom variables, allowing you to configure a unique logo for each client. The same flexibility applies to colours and other branding elements. The standard is covered here: https://learn.microsoft.com/en-us/purview/add-your-organization-brand-to-encrypted-messages Relates also to https://github.com/KelvinTegelaar/CIPP/pull/5922 <img width="690" height="646" alt="image" src="https://github.com/user-attachments/assets/24091a36-dafd-4205-a7b5-5b6713c306ca" /> <img width="798" height="751" alt="image" src="https://github.com/user-attachments/assets/28be5166-bd6e-4a6e-bc88-67425849fa16" /> commit 834b4c618a9fdef1f25ab370add0a15fdb56bef5 Author: John Duprey <jwd@johnwduprey.com> Date: Wed Apr 29 10:48:14 2026 -0400 fix: calculated group type in listusergroups commit 9059e1425b4b1416aebfbec5ea94d1f839a4cd10 Merge: ba5308374 c39d061ae Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 11:36:42 2026 +0000 Merge pull request #74 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit c39d061aeedcb29245078ae5b2599535738334f9 Merge: 1606bf1de c9ca4f0b4 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:09:04 2026 +0200 Fix: Add support for group assigned admin roles to 'disable exo' standard (#2024) Adds group lookup when checking for user accounts that are assigned admin roles. commit 1606bf1de4255d6eeb49999bf6e9a4cf66b04f95 Merge: 47277154f 10ddece06 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:08:11 2026 +0200 feat: enrich Intune policy setting details (#2031) - Add optional Settings Catalog definition enrichment to the Intune policy details endpoint. - Fetch setting definitions in Graph batch requests so the frontend can show Microsoft descriptions without bloating list responses. - frontend PR: https://github.com/KelvinTegelaar/CIPP/pull/5936 commit 10ddece06742eeb969d5e21c6b5b595b4b55150f Merge: d15734d19 47277154f Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:08:04 2026 +0200 Merge branch 'dev' into settings-tooltips commit 47277154f098d042f32d6df547b820a4ee3058b4 Merge: 8bbefe197 307db51e9 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 29 12:07:13 2026 +0200 feat: show full MDE connector details (#2026) ## Summary - Cache writer and live endpoint now return the full `mobileThreatDefenseConnectors` Graph object instead of only `partnerState`. - Failed Graph calls still write a `partnerState=unavailable` row so AllTenants keeps the tenant. > Frontend counterpart: KelvinTegelaar/CIPP#5929. commit 8bbefe1971e2dfc6632a1552086adcee94db8f47 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 17:31:25 2026 +0800 Update version_latest.txt commit 3fc9675377ac6ebcb7dad1abc706317bcbc220be Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:57:19 2026 +0800 tweaks for webhook table lookups commit 70642a2ed575a31cc445523e0fecc31b23960eda Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 15:09:14 2026 +0800 Surface errors correctly for secret reset commit ba53083743b9f051bdc3b069a708ef6b55458403 Merge: 0154ca2f8 d9f630e95 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 29 05:36:30 2026 +0000 Merge pull request #72 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit d9f630e95c690feffc88b67e75cfab684686047a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:52:34 2026 +0800 offset some activities to help spread the load commit d6e0c0153cb7fe5c9c4d1b3e54ef5b80ddda1410 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:41:10 2026 +0800 tweak ninja sync interval commit 66e7da5077d90e832a887b867bc1d6adaf80ad64 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 29 12:09:05 2026 +0800 Bring in tenant deviations into calculation and expose confirmed deviations commit 0154ca2f8450998c3427a4a73873290411676cf7 Merge: 2151844c7 2161569ca Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 23:36:36 2026 +0000 Merge pull request #71 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit d15734d19d7cbd4338c4259e8fe3e1f3a961ed01 Merge: 2161569ca 0e3413cff Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 23:46:07 2026 +0200 Merge branch 'settings-tooltips' of https://github.com/kris6673/CIPP-API into settings-tooltips commit 2161569caeb7ddc7ecf6426335f2e0c126276da0 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:31:19 2026 -0400 chore: bump version to 10.4.2 commit e2f71c27fe19d4475c5db20bd9531ddb1a9c3180 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 17:30:26 2026 -0400 fix: group types in edit user commit 0e3413cff301ae68fb3c5308dbd0f355d36285f6 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 23:22:32 2026 +0200 feat: enrich Intune policy setting details commit 3ff08f008d17a513402a9ae462a0ee8a084f4057 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 28 22:53:09 2026 +0200 feat: update intuneCollection with new properties commit 658acead0da91469b5b38829a19994f6ba4dbdc0 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 16:21:35 2026 -0400 fix: add caching to sharepoint/onedrive site listings commit 8c0ca04079e125795754e0f517e537e1badcf5e4 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 14:16:43 2026 -0400 fix: disable transitive failures error logging for now commit 2151844c71d18f9f53cc634d94e00a3944857a48 Merge: f5f0939ef ae39bce6f Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 17:36:37 2026 +0000 Merge pull request #69 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit ae39bce6fe8e4bf7578c10b3a85719c2733d03b2 Author: John Duprey <jwd@johnwduprey.com> Date: Tue Apr 28 12:02:54 2026 -0400 fix: version locations commit 217416d6f2bc469a662e3edafe9ed17079667187 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:55:19 2026 +0800 add back to root :( commit 7b61a9dc1383e0d67a30e1c5d840528581760130 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:41:42 2026 +0800 Fix standard to only apply to users and shared accounts if enabled, else shared only commit f89670128b893250b9835508236bce08e6a9542f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:38:40 2026 +0800 Ensure only HTML fragments are generated commit a1bed605995709b4399e37085c72586eabe7382b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 23:27:59 2026 +0800 Clear drift remediation tasks if reoccurring ones were created commit 76873250e22c47855988c9c1787bdd2bfdfbc6b9 Merge: 33ee64657 f652a1a30 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 15:33:43 2026 +0200 fix: correct version_latest.txt path in remote API version check (#2029) The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit f652a1a30799c2645c16d453e60a1640f99e4491 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 28 08:29:20 2026 -0500 fix: correct version_latest.txt path in remote API version check The remote URL in Assert-CippVersion was pointing to a path that no longer exists on KelvinTegelaar/CIPP-API:master after the master branch was restructured. The file lives at the repo root on master, not under Config/. Returning a 404 from this endpoint causes Invoke-CIPPRestMethod to throw inside Assert-CippVersion, which exits before returning. The HTTP function returns no body and the frontend's Backend version field renders empty. Path change only — no logic changes. commit 33ee646575aebb7b6fc06c6bf5fd0454b1a2997b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 20:08:25 2026 +0800 typo commit f5f0939efb20979d117538c4f37fd8301fb1f53e Merge: e97acf1ca 4c70122af Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 11:36:36 2026 +0000 Merge pull request #68 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 4c70122afd82f07060ed3efbc24b38b47dffe6e9 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:46 2026 +0800 Don't use cache for app permissions, causes issues if stale or missing commit f5ecbb02314a579831800f79c672dbe96b60c107 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:56:05 2026 +0800 Fix GDAP requests to use more than 300 results commit ea6cc64bf70b6f3ca12e72e9f863a005478dd805 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:34:21 2026 +0800 Handle midterm license changes and enrich response to contain started date commit 61b172b31a6fa123744027d089bbd8f75316e9b3 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 17:05:51 2026 +0800 Update CippEntrypoints.psm1 commit e7a9d88e596c0cbb13f022bef1bc295ee088f62b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:55:41 2026 +0800 Add SP/Exchange standards Three new standards: Invoke-CIPPStandardDisableEWS (disable Exchange Web Services org-wide), Invoke-CIPPStandardSPDisableCustomScripts (disable custom scripts on SharePoint/OneDrive), and Invoke-CIPPStandardSPDisableStoreAccess (disable SharePoint Store access). commit 7b17a5876c63bae004711099f4b0a0fb7319df07 Merge: dd73a6f71 e30eaa523 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue Apr 28 10:45:43 2026 +0200 fix: Update docs links that 404 (#2025) Resolves KelvinTegelaar/CIPP#5917 commit dd73a6f713b8242d96a7981d9c720087a8ccdd8b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 16:37:29 2026 +0800 fix standards logging issues commit e97acf1ca6e3936d9fcd0a8019e7136965b6351a Merge: e8f2431de 425557370 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Tue Apr 28 05:36:31 2026 +0000 Merge pull request #67 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 42555737042ec593ed70c156b886bc326f097ad3 Merge: 114171322 12d93fe82 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:14 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 114171322fa61c8baa52867f196d29735accd822 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Tue Apr 28 13:08:12 2026 +0800 Add Add-CIPPTestResult as an allowed custom test command commit e8f2431de4da320f6c935d5521c138ddb8b107ae Merge: 8feb8eba0 12d93fe82 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Apr 27 23:36:31 2026 +0000 Merge pull request #66 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 12d93fe825187cd2f8e08345282b2f3ad35bf7d8 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 16:47:49 2026 -0400 refactor: enhance IP validation and result handling in Invoke-ExecApiClient Co-authored-by: Copilot <copilot@github.com> commit 16d2ff437c9ea3dc2c13871b2f9501b60e3ec20d Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:44:06 2026 -0400 fix: correct path to version_latest.txt in version.json creation step commit 25a06e35e3cb9525b3f454bbe19c9ace8be84db0 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 14:40:34 2026 -0400 fix: update restricted tables for superadmin backup restoration commit 8feb8eba069fad2489b89c0c1356118bc481598e Merge: 6052f9fde 9b24f330d Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Mon Apr 27 17:36:36 2026 +0000 Merge pull request #65 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 9b24f330d50d68e7461c3784a07f418092a15767 Author: John Duprey <jwd@johnwduprey.com> Date: Mon Apr 27 13:25:45 2026 -0400 refactor: Vacation group filter url encoding Co-authored-by: Copilot <copilot@github.com> commit 307db51e954f2cf3580ecfbadeb1b7bc0139391d Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 27 18:21:31 2026 +0200 fix: handle case when no tenants found for MDE report commit 6f4c32c5fb49722a702f36d50d9b23ec10e7abe8 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 27 18:14:28 2026 +0200 feat(mde-onboarding): cache full connector properties Stores the entire MDE mobileThreatDefenseConnector object (heartbeat, per-platform enable/MAM/block flags, MDE attach, iOS metadata flags) in the reporting DB instead of only partnerState. Live HTTP endpoint mirrors the same shape so cached and live responses are interchangeable. Failed Graph calls still write a partnerState=unavailable row so AllTenants reports retain the tenant. commit e30eaa5239342dde05e479108f9f112270c61043 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 27 10:58:05 2026 -0500 fix: Update docs links that 404 commit c9ca4f0b439dc64a72a4ee8d7b2195a12ca8328a Merge: 1e06116d3 e07e70b0e Author: James Tarran <jtarran@techary.com> Date: Mon Apr 27 07:48:04 2026 +0100 Merge branch 'KelvinTegelaar:master' into fix-add-support-for-group-assigned-admin-roles-to-disable-EXO-standard commit f2cd1532b2df93d65e2c0861c37c9de3a2276741 Author: Chris Dewey <142454021+chris-dewey-1991@users.noreply.github.com> Date: Sun Apr 26 18:39:25 2026 +0100 Creation of OME Encrypted Message Branding Standard Added 10x configurable fields (background colour, logo URL, introduction text, read button text, email text, privacy statement URL, disclaimer text, portal text, OTP enabled, social ID sign-in) and a helpText link to the Microsoft Purview branding documentation. Signed-off-by: Chris Dewey <142454021+chris-dewey-1991@users.noreply.github.com> commit ef2fff0f59bb7bf93874dac7092963b73c96175f Merge: 85e3a88ec e07e70b0e Author: Chris Dewey <142454021+chris-dewey-1991@users.noreply.github.com> Date: Sun Apr 26 18:36:23 2026 +0100 Merge branch 'KelvinTegelaar:master' into feat/-Configure-Encrypted-Message-Branding_OME commit 6052f9fde6d45ebee26f7946ec51fc1c477f61ca Merge: 4afc49074 85e3a88ec Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sun Apr 26 11:36:28 2026 +0000 Merge pull request #64 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 85e3a88ecbb87907c672ad8e576586fbfe973334 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:08:03 2026 +0800 Update Start-CIPPOrchestrator.ps1 commit 10012b4acc530bd63d1b16b1ae6a837b587e3b85 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:03:43 2026 +0800 more audit log error handling commit 9ece8de78174463de8eca9bd12203b32bf7beabf Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 17:00:01 2026 +0800 harden orc start and audit log error message commit 42e980b1240aecfb3f2f4509113c49b01d663d3c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:09:43 2026 +0800 move more files to make root cleaner commit 1249d1b84177c9eae8b51db2074c00355084b244 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 16:02:59 2026 +0800 more shuffles commit 4afc49074964fca4dc5710e654eac0c6969268ed Merge: b8b4d6e14 f796deab9 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 23:36:27 2026 +0000 Merge pull request #63 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit f796deab9f58eb518226e54bb170adc4495de9ca Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 03:14:13 2026 +0800 Token update locking commit b8b4d6e14dc529930ab19e0f6ca4e2c772cedce0 Merge: dc0dc8353 07a3baede Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 17:36:28 2026 +0000 Merge pull request #62 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 07a3baede9947dc8eaf9c5c9d24beee87190618a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sun Apr 26 00:58:10 2026 +0800 shuffle commit dc0dc83531f9f593104d111457299c65d5d80700 Merge: 0bfc8c776 24fcd6ba7 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Sat Apr 25 05:36:28 2026 +0000 Merge pull request #61 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 24fcd6ba7c3e1ea7509a034a9731dac1b64cb9e0 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 22:02:40 2026 -0400 fix: Fallback to legacy REST when CIPP client missing commit 0bfc8c7762c99408eb32bfbc85494dae2ec1bd61 Merge: f874ef329 40cb7fc0f Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 23:36:35 2026 +0000 Merge pull request #60 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 40cb7fc0f5dac41801dc36c49606277441a137f1 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 19:12:03 2026 -0400 chore: Block Az Function app setting cmdlets commit 870b94d12909b66297ed7b118db2da84558c8711 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:44:21 2026 -0400 fix: getversion api role commit 821b92e880733335ac1a2d54ddb0dff6bb1ac596 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:40:25 2026 -0400 fix: base role permissions commit 0ff7d1e62baa001e552f3f4a3a349b6aff758e3b Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 17:06:42 2026 -0400 Update Invoke-ExecTestRefresh.ps1 commit 956c732f240a644e6efb991bddbbceb574e0521c Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:59:42 2026 -0400 fix: save test result commit 83cf867554dfc61a1237c7977522161ee80420c3 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:43:03 2026 -0400 fix: copilot license checks commit 0e2f6015a99f2b30280ee20e8f502aeb9c8d90ef Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 16:22:12 2026 -0400 feat: Add Invoke-ExecTestRefresh HTTP entrypoint Add a new HTTP entrypoint function Invoke-ExecTestRefresh which reads tenantFilter and testName from the request (query or body), constructs and invokes a corresponding test function (Invoke-CippTest{testName}) from the CIPPTests module, and returns HTTP responses. Includes debug logging of API access, returns 200 with a success message on invocation, 404 if the target test function is missing, and 400 on errors. commit 66596cfc21e2526671303c58fa68fec5624b91d3 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 15:56:18 2026 -0400 fix: copilot license matching test commit e07e70b0e06d07381c330819177f62fe868e0138 Merge: f77ffa635 c2195e420 Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:48:33 2026 -0400 dev to hotfix (#2018) commit c2195e420cc8831b5c37a85e174f51c9c4bdbc25 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 13:44:36 2026 -0400 fix: dnshealth commit f874ef329aa6e85b88ec3f20b3e39870fa2c4b41 Merge: e152f12e1 2a361a84d Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 17:36:39 2026 +0000 Merge pull request #58 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit f77ffa635ece34cbed9d507dc1dceba6af80588c Merge: 61b43b955 2a361a84d Author: John Duprey <john@cyberdrain.com> Date: Fri Apr 24 13:05:44 2026 -0400 Dev to hotfix (#2017) commit 2a361a84da88d287223e1ed0c81cc2196fe8282a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 01:01:05 2026 +0800 hotfix commit b721e0e01e796a3c3a86d1411e56a78720827db6 Merge: e9017f605 07ae2168f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:24 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit e9017f605b677d8bc0fc5b0d1439e04276f2b17a Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Sat Apr 25 00:58:11 2026 +0800 Fixes manual pagination commit 07ae2168f6aec7c403f4c9943dbe86f2751fd1fe Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 12:54:10 2026 -0400 fix: update workflow files to include modulebuilder commit 61b43b955bd45c40af039deec41b43f2eae29ec4 Merge: 56d33cced f57e28613 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:13:25 2026 +0200 version latest (#2016) commit 56d33ccedc5368bdc95323903e5e3dfe0edf64e1 Merge: 33d1b9902 20f94fc08 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:12:53 2026 +0200 Dev to release (#2015) commit f57e28613a97d131a3f3d3ca140990e8eb9a0288 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:11:59 2026 +0200 version latest commit 20f94fc084e63feb36e5929572e0d006d5910dd8 Merge: 323eccab3 f0331a07e Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:43 2026 -0400 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 323eccab3985ed87e7f95bc6298e9c799f9c6066 Author: John Duprey <jwd@johnwduprey.com> Date: Fri Apr 24 11:05:35 2026 -0400 chore: update DNSHealth to 1.1.5 commit f0331a07e051a9ad4e1708f8d3fad783dc665427 Merge: 0ed14fb71 fff344013 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:05:33 2026 +0200 feat: move ap devices and status page to generic graph request endpoint (#1987) frontend PR: https://github.com/KelvinTegelaar/CIPP/pull/5807 commit 0ed14fb711499e5248d1b99bee259972afa4dc97 Merge: 28bc747e2 1ee61695c Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:04:00 2026 +0200 fix: multi-tenant support for Scripted CIPP Alerts (#1992) - Add a alert entrypoint `Invoke-AddScriptedAlert.ps1` that handles multi-tenant and tenant group selections for Scripted CIPP Alerts - Expands any tenant groups via `Expand-CIPPTenantGroups` and merges them with individually selected tenants into a target domain list - Resolves KelvinTegelaar/CIPP#5833 commit 28bc747e2959b7ecbb109605c06610d2c5035e95 Merge: 3cabc5e7a fb38e72d7 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 17:03:04 2026 +0200 Fix: alert notification pipeline (#2006) commit 3cabc5e7a48a7bfdae60b81019d9739b0cb88d34 Merge: 0b2f2bdad 2e2e721f0 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:59:11 2026 +0200 feat: Allow custom paths for OneDrive shortcuts (#2010) Enhance the `New-CIPPOneDriveShortCut` function to support custom URLs that point to specific document libraries and subfolders in SharePoint. This update allows users to create shortcuts not just for top-level sites but also for specific libraries and folders. Fixes KelvinTegelaar/CIPP#5892 commit 0b2f2bdad2a23329a144432f66ed22f337c3d18f Merge: e71eb10c7 488919182 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 16:58:51 2026 +0200 Fix log severity levels from 'Warn' to 'Warning' (#2014) Incorrect severity labels placed on logbook entries have been causing them not to send when configured on the Notifications tab commit e71eb10c7cafd03082b4a17413a301c425f458be Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:48:31 2026 +0800 Update CIPPTimers.json commit 6f2c0a0f0b98e18e8d76970c8b99d422f13990d9 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 22:44:47 2026 +0800 Update profile.ps1 commit e152f12e10d1656e91bf72b6578f18d3d13020a9 Merge: 0104a08bd c79cf7b2d Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Fri Apr 24 11:36:32 2026 +0000 Merge pull request #56 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit c79cf7b2d78973d6bf5b0a395d7966150b283e58 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 19:17:03 2026 +0800 Use reporting db for oauth app list and all tenants support commit 0e8df7b63e89650217766522a603f86f8481e491 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:29:46 2026 +0800 update permissions with Domain.ReadWrite.All commit 6c36cd7122eba6ef6e21d94dddaea670be441dbf Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 18:13:07 2026 +0800 fix: incorrect next link parsing commit cc41963eee10a8ed6ea807d5362a48afa0382e0c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 17:35:12 2026 +0800 Don't backup offloaded configuration commit 396c00017a4319afbc564ee50781149231bf9b7f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:32 2026 +0800 Update Start-UserTasksOrchestrator.ps1 commit 1d440d9b9057e66b70718a78af42a896615ef30c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 15:53:26 2026 +0800 Update Invoke-ListGraphRequest.ps1 commit 8371be048dfd6f399320ff2aef01f5d0d9d2d543 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 14:57:43 2026 +0800 Better tenant alignment info commit d7c6230f545bd31f32275f8bbf2aa8a8ad4cbf35 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 13:54:11 2026 +0800 fix: Return value for bultin repo indicating it can not be deleted commit 0104a08bdbbb724a8ce2e1a5041f153412794a3f Merge: 7d21e73e5 a96f20900 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 23:36:30 2026 +0000 Merge pull request #55 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit a96f209000a305b0733d2a6b34e46b6a0ca80cff Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:33:36 2026 +0200 Check Alert commit 97bafbe0536071558f52b56b1e846a9db14077ea Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 24 00:16:11 2026 +0200 Add "Drop" method commit 117c0ef8d109d159830e50b78fd23110fdd05321 Author: John Duprey <jwd@johnwduprey.com> Date: Thu Apr 23 16:14:19 2026 -0400 chore: add more stats commit fb38e72d77ed3e17256e511dd7e1dcef7366e382 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Wed Apr 15 08:10:08 2026 -0500 fix: also include CustomSubject in $Configuration projection (followup to 7f7e0711c) The c40194b22 + 7f7e0711c fix pair was still incomplete because Test-CIPPAuditLogRules has TWO nested projections of the WebhookRules row, not one, and both must include CustomSubject for the value to reach the downstream tagging: 1. Upstream projection at lines 151-158 — builds $Configuration from the raw Get-CIPPAzDataTableEntity result, projecting $ConfigEntry into a pruned [pscustomobject] with only 6 fields (Tenants, Excluded, Conditions, Actions, LogType, AlertComment). This is the layer I missed in the first two fix attempts. 2. Downstream projection at lines 583-590 — builds $clause from $Configuration, projecting $Config into a per-clause object with 6 fields. The 7f7e0711c commit added CustomSubject here. Commit c40194b22 added the tagging line at 650 reading $clause.CustomSubject. Commit 7f7e0711c added the downstream projection line at 588. But the upstream projection at 157 was still dropping CustomSubject from $Config before the downstream projection could read it. AlertComment worked through both projections because it's explicitly listed in both layers (line 157 and line 587). The symmetric fix is to add CustomSubject to line 151-158 too. Production validation sequence that revealed this: - 2026-04-15 02:30:05 UTC: first test with c40194b22 only. CIPPCustomSubject came through as null. Root cause appeared to be missing downstream projection at lines 583-590. - 2026-04-15 13:00:03 UTC: second test with c40194b22 + 7f7e0711c. CIPPCustomSubject STILL came through as null. Diagnostic read of the WebhookRules row confirmed the row stores CustomSubject correctly. Diagnostic read of the file in the running container confirmed both previous fix lines are on disk. Diagnostic of $Configuration construction revealed the second nested projection that was missed. Lesson: when propagating a new field through a pipeline, trace the variable end-to-end from the original table read, not just from the consumption site. The "assume the projection is a complete copy" pattern bit this fix twice in a row. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit de762a549d65b076105c7f628c5e4fa55efa5825 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 21:36:08 2026 -0500 fix: include CustomSubject in webhook rule clause projection (followup to c40194b22) Commit c40194b22 added CIPPCustomSubject record-tagging in Test-CIPPAuditLogRules so the audit log rule's CustomSubject value would propagate to Invoke-CIPPWebhookProcessing for use in the JSON template title. The tagging line read $clause.CustomSubject: $item | Add-Member -NotePropertyName 'CIPPCustomSubject' \ -NotePropertyValue $clause.CustomSubject -Force \ -ErrorAction SilentlyContinue But the [PSCustomObject] projection upstream that builds $clause from $Config (the WebhookRules row) did not include CustomSubject in its field list — only AlertComment was projected from $Config. So $clause.CustomSubject was always $null, the tagging propagated null, and the webhook payload showed CIPPCustomSubject: null with the title falling through to the default operation-based generated title. Empirically observed in production at 2026-04-15 02:30:05 UTC after the c40194b22 deploy: an audit log rule with CustomSubject configured fired, AlertComment correctly appeared in the payload (the AlertComment projection was already present from before this work), but CIPPCustomSubject came through as null and the title was the default "<tenant> - New Rule Detected for <user>" instead of the configured "[TEST-BUG4-CS] Inbox Rule Detection". Fix: add `CustomSubject = $Config.CustomSubject` to the projection at lines 583-590 alongside the existing AlertComment line. One-line change. The downstream tagging from c40194b22 and the template parameter wiring at Invoke-CIPPWebhookProcessing.ps1:83 are both correct; this just completes the missing producer-side projection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 978097dc03b9746a2a1613256773d0aed6bd7bd3 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:36:07 2026 -0500 fix: honor CustomSubject on scheduled task alert titles Commit 0d1f74475 ("refactor: streamline user offboarding and improve task scheduling logic...", 2026-03-17) added a CustomSubject field to the ScheduledTasks row schema in Add-CIPPScheduledTask.ps1:203: CustomSubject = [string]$task.CustomSubject But the downstream consumer — Send-CIPPScheduledTaskAlert, invoked by Push-ExecScheduledCommand after an alert-type scheduled task runs — never reads it. Grep for CustomSubject in Send-CIPPScheduledTaskAlert returns zero matches. The title is built at line 125 with a hard-coded format: $title = "$TaskType - $TenantFilter - $($TaskInfo.Name)" Users who configured CustomSubject on scheduled tasks (including the hidden tasks that back scheduled alert functions) saw no effect on any delivery channel — email, webhook, and PSA all consume the same $title variable built here. Fix: check $TaskInfo.CustomSubject at title-build time and use it if set, falling back to the default format. No parameter plumbing needed since $TaskInfo is the full ScheduledTasks row, which now has the CustomSubject column thanks to 0d1f74475. The Reference suffix logic is preserved and applied regardless of which title format is chosen. This is the sibling fix to c40194b22 which addresses the Path C-audit CustomSubject wiring. Together they complete the feature John Duprey staged in mid-March 2026 across two commits. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 2d71a22da8df958baa6a5e94fbd474e282ba03e8 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Tue Apr 14 18:35:33 2026 -0500 fix: restore AlertComment on webhook template and complete CustomSubject wiring for audit log alerts Commit 94c0157e1 ("feat: Enhance security and functionality across multiple modules", 2026-03-19) introduced a CustomSubject lookup block in Invoke-CIPPWebhookProcessing with two compounding defects: 1. The lookup filters WebhookRules with PartitionKey='WebhookRule' (singular), but Invoke-AddAlert writes rules with PartitionKey='Webhookv2'. No writer anywhere populates the queried partition key, so the lookup always returns nothing. 2. The guard `if ($Data.CIPPRuleId)` depends on a field that is never set on matched records by Test-CIPPAuditLogRules. The if body never executes, so $WebhookRule is always $null. The same commit also changed the JSON template call from `-AlertComment $AlertComment` (working — parameter bound from the Test-CIPPAuditLogRules splat via $AuditLog.CIPPAlertComment) to `-AlertComment $WebhookRule.AlertComment`, which silently regressed AlertComment on webhook deliveries for the ~4 weeks since the commit landed. Email and PSA deliveries were unaffected because the HTML template call at line 116 still reads the correct $AlertComment function parameter. Fix: route CustomSubject through the same record-tagging mechanism that AlertComment uses. Test-CIPPAuditLogRules now tags each matched record with $item.CIPPCustomSubject = $clause.CustomSubject alongside the existing CIPPAction / CIPPClause / CIPPAlertComment tagging. The dead `if ($Data.CIPPRuleId)` lookup block in Invoke-CIPPWebhookProcessing is removed entirely. The JSON template call now reads AlertComment from the function parameter (reverting the regression) and CustomSubject from $Data.CIPPCustomSubject (the newly tagged field). No change to the HTML template call at line 116 — email and PSA continue to honor AlertComment via the function parameter as they did before, and CustomSubject on email/PSA is out of scope for this fix. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 20b55c4304a2f9e45d98c60cb14c9b08432370db Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Mon Apr 13 22:17:43 2026 -0500 fix: pass 'AllTenants' tenant filter for tenant-agnostic alert notifications Push-SchedulerCIPPNotifications aggregates CippLogs and CippStandardsAlerts across tenants into three dispatcher branches (email non-onePerTenant, webhook logbook, webhook standards) and passed `-TenantFilter $tenant` or `$Tenant` at each call site — but none of those branches has an enclosing `foreach ($tenant in ...)` loop, so the variable was undefined and bound to an empty string. On the webhook branches, the empty string crashed at New-CIPPStandardizedWebhookSchema's mandatory parameter binding whenever UseStandardizedSchema was enabled, producing hourly "Could not send alerts to webhook ...: Cannot bind argument to parameter 'TenantFilter' because it is an empty string." errors in CippLogs. On the email non-onePerTenant branch, the empty string propagated into Get-CIPPTextReplacement -> Get-Tenants, which returns the full tenant list when passed an empty filter, producing corrupted %var% placeholder substitutions in customized templates. Fix: pass the 'AllTenants' sentinel at all three call sites. Matches CIPP's existing convention for tenant-agnostic operations and is semantically correct for a cross-tenant aggregated notification. Affected lines: - Line 69 (email non-onePerTenant) - Line 113 (webhook logbook notification) - Line 123 (webhook standards notification) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> commit 4889191827b4595e27f750c98cdc55aaae1bb61d Merge: 7f13d53d7 62da94816 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:40:28 2026 -0500 Merge branch 'dev' into fix/severity-warn-to-warning commit 7f13d53d739307eb71d57c1fb15953b45e56b277 Author: Brian Simpson <50429915+bmsimp@users.noreply.github.com> Date: Thu Apr 23 14:28:08 2026 -0500 Fix log severity levels from 'Warn' to 'Warning' commit 7d21e73e5e8343034a725df81213153d38f6e5fc Merge: 4d26df0f0 62da94816 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 17:36:34 2026 +0000 Merge pull request #54 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 62da948160c72e38db021d07b6a86b7474ed1c15 Merge: c0e84277a dcfe667a1 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Fri Apr 24 01:19:39 2026 +0800 Fix: Fix syntax error in PowerShell script (#2013) Remove an extra closing parenthesis commit dcfe667a173ed0910d7a907fdab3e8fb4e2aea93 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Thu Apr 23 19:16:06 2026 +0200 fix: remove the extra added ")" for better flavor commit c0e84277ab020ea6524744424564ebc2337bc759 Merge: 011556972 fa1620f89 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 17:55:30 2026 +0200 Fix : Last Sync Attempt Time & Last Sync Success fields blank in ActiveSync Devices #5860 (#2000) Outlook for iOS/Android devices always show empty values for: lastSyncAttemptTime lastSuccessSync This is expected Exchange behavior, but: - The UI provides no explanation - Empty strings are indistinguishable from missing or broken data - Sorting and exporting these fields behaves inconsistently This PR : - Normalizes missing sync timestamps to null instead of empty strings. - Add a new informational field, syncInfoNote, for Outlook mobile devices explaining why ActiveSync sync times are not reported. - Detection is based on existing device properties (DeviceModel, DeviceType, ClientType) and does not introduce new protocol assumptions. Resolves - https://github.com/KelvinTegelaar/CIPP/issues/5860 commit 4d26df0f0e4a630ae35b5809de834cf770aea1d7 Merge: af47439f2 011556972 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Thu Apr 23 11:36:33 2026 +0000 Merge pull request #53 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 011556972f4e5d444a69866bbc9480e32d6294c5 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:23:04 2026 +0800 Update Add-CIPPDbItem.ps1 commit d09601d4716c5917b2392b6fc4643b79b0a0c056 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 17:14:15 2026 +0800 Fix: JIT Admin template support for groups and fix selected user commit 9bdb79bd75d6a423e6f614eb2f4a32af1f40a189 Merge: 002b86752 ed635291b Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:42:11 2026 +0200 feat: Add AdminSSPR standard (#2009) Frontend PR: https://github.com/KelvinTegelaar/CIPP/pull/5902 commit 002b867528d22583210e8f3e813b703b1dc9fd4e Merge: 7fc61f5fd dd535af7e Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu Apr 23 10:41:35 2026 +0200 Fix: Fix notification contact removal during tenant offboarding (#2011) commit 7fc61f5fd0fafcd9edcd9fa2e881e4e7dae441fd Merge: 9517ffbda dffc2e5e7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:29 2026 +0800 Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into dev commit 9517ffbda1a357b498506d15c1e951054e3a8edd Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 16:37:27 2026 +0800 fix: Use bulk skip pagination for detectedApps cache detectedApps endpoint ignores $top and returns max 50 items per page with $skip-based nextLinks, causing sequential pagination that could exceed the 10-minute function timeout on large tenants. Pre-calculate all skip offsets from @odata.count and fire as batched bulk requests instead of chasing nextLinks sequentially. commit af47439f22f0585eccb5e79950ef1a9eef16d908 Merge: e10085b1e dffc2e5e7 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 23:36:29 2026 +0000 Merge pull request #52 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit dffc2e5e774a7a0edd4e85b2b023f65a865a8e07 Author: John Duprey <jwd@johnwduprey.com> Date: Wed Apr 22 17:47:43 2026 -0400 Delete AzBobbyTables.PS.dll commit 194c98038b01701fead3f8ce131e4111c2278356 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed Apr 22 23:01:36 2026 +0200 prevent logging stuff commit dd535af7ecced5b8bdde122f69466ce3239870c2 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:44:57 2026 +0200 fix: notification contact removal in tenant offboarding commit e10085b1eb65119f19529ec69d1eb2facaf6a2c1 Merge: 664f415cd d59b3617b Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 17:36:34 2026 +0000 Merge pull request #51 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 2e2e721f07c1f7d587984123a96d3453232bb804 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 19:02:39 2026 +0200 feat(onedrive-shortcut): support custom library and subfolder paths Extends New-CIPPOneDriveShortCut to accept URLs pointing at specific document libraries and subfolders, not just site roots. Fixes KelvinTegelaar/CIPP#5892 - Unwrap SharePoint browser URLs (AllItems.aspx?id=..., onedrive.aspx?id=...) by reading the `id` query parameter and reconstructing a server-relative URL. - Resolve the target site via longest-prefix match so subsites are picked over their parent site. - When a path segment remains after the site URL, resolve it to a drive (library) + driveItem and POST a shortcut using `remoteItem.id` + `parentReference.driveId` instead of `sharepointIds`. - Preserve the original site-root behaviour when no path segment is present. - Use the drive's display name for library-root shortcuts (Graph returns `name='root'` on `/drives/{id}/root`, which previously surfaced as "SiteName / root" in the shortcut and logs). - Fix "Onedrive" casing in the error message. commit d59b3617bf29649d5b8b9c328fd8b71ed0399c0c Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Thu Apr 23 00:09:45 2026 +0800 Update Invoke-ExecCAExclusion.ps1 commit e0cbf6e914d86f892c70a7b5388864550ed288f2 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 23:30:45 2026 +0800 Better error handling around CA exclusion groups and better error messages commit 454f27356f88c5a11408c7e217039a1cb40f4d66 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:31:01 2026 +0800 Update Get-CIPPTestData.ps1 commit c5bbb4baf276144d9757fa2026df1a7859c5841f Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 22:17:13 2026 +0800 Rename to CIPPSharp, introduce cached testdb calls commit ed635291b639dbcc7037431a9dd17fc1d8ab763b Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Wed Apr 22 13:55:47 2026 +0200 feat: add AdminSSPR standard commit 664f415cdceec2afbae062c49fce039a6a0c71e7 Merge: e068708ba 2907accd8 Author: pull[bot] <39814207+pull[bot]@users.noreply.github.com> Date: Wed Apr 22 11:36:33 2026 +0000 Merge pull request #50 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev commit 2907accd8a2a41a55594996f523193dca91cb71b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 19:29:48 2026 +0800 Reduce table write ops for tests by doing bulk writes commit c2207380cd41c2151513a726a148a65cbdd81762 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:11:21 2026 +0800 Introduce re-batching bulk requests when batches return next links and table write batching commit 4721da0e50b3cba8756072e1deb8eb0d9bd2f0a6 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:09:18 2026 +0800 introduce stable id for cache and greatly improve exo permission cache speed commit f60611aad3a0b0efbf1fda824489300009ca8bc7 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 18:07:04 2026 +0800 Remove duplicate EXO cache calls commit aa98c9e37d2a985a464f51cc39e2074e44524fe4 Merge: 9972f08bb cb4833d4d Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 16:05:26 2026 +0800 Merged into dev commit 1e06116d37a08e99427d096ce5bffde6ccb22e43 Author: James Tarran <jtarran@techary.com> Date: Wed Apr 22 08:55:00 2026 +0100 Collect admin UPNs from role groups and users Previously only direct role-assigned user principals were considered when excluding admins from the PowerShell disable check. This change fetches roleAssignments, separates user and group principals, queries group members (transitive user members) via a bulk Graph v1.0 request, and merges unique userPrincipalNames from both sources. This ensures members of admin groups are treated as admins and aren't incorrectly targeted for Remote PowerShell disablement. commit 9972f08bb5f43a5565d57d33d41a665be14c72d6 Merge: 29aadfcd8 d4fe3d707 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:46 2026 +0800 Merged into Dev commit 29aadfcd8197df84b1cd396f8c39ada564b5c690 Merge: 747ab0c98 c2588ee20 Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:34:02 2026 +0800 Merged into Dev commit 747ab0c986cb85dfdf7ecccb578fd429d5d8ee7b Author: Zacgoose <107489668+Zacgoose@users.noreply.github.com> Date: Wed Apr 22 14:13:29 2026 +0800 Fix: Better batching for EXO caching Greatly reduces EXO calls to stop function timeouts and reduce TCP connection use commit c2588ee208e73c38ddb2725e6c199c08d23087ce Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 22:45:09 2026 +0200 fix: Could not get token: Unable to find type [CIPP.CIPPRestClient]. when running Initialize-DevEnvironment commit d4fe3d7070d2eec444cf8dc8bbce2695cb5228eb Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 21 17:50:42 2026 +0200 docs: update CIPP standards agents and instructions file commit cb4833d4d9a1c3d19d04fc2b5a35214a40dde9c1 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Mon Apr 20 13:23:00 2026 +0200 fix: update boolean conversion for query parameters Refactor the conversion of query parameters to boolean values using System.Convert::ToBoolean to solve issues with 'false' strings ending up as $true. commit fa1620f899d0241414670c018bce18dbdd23578a Author: fit-jv <192130596+fit-jv@users.noreply.github.com> Date: Mon Apr 20 09:39:19 2026 +0100 "syncInfoNote": "Outlook for iOS and Android uses modern authentication and does not report ActiveSync sync times." UI now has a clear explanation available for empty sync fields API responses are easier to reason about (null vs empty string) Reduces confusion around Outlook mobile ActiveSync reporting No functional changes to device allow/block/delete operations Signed-off-by: fit-jv <Jaco.Venter@FocusedIT.co.uk> commit 1ee61695c4730aa16b1c15a052d7643281e532ea Author: Luis Mengel <luis.mengel@united-gameserver.de> Date: Tue Apr 14 01:02:02 2026 +0200 add multi-tenant support for Scripted CIPP Alerts commit 33d1b9902b4e07c840abb376685076356ec6e1d6 Merge: e0d023000 074a9696b Author: John Duprey <john@cyberdrain.com> Date: Mon Apr 13 16:31:48 2026 -0400 Dev to hotfix (#1995) commit e0d0230004e3b9d1b200fdd95a28405e10d20ecc Merge: 951d2dbc9 65a089928 Author: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri Apr 10 15:49:39 2026 +0200 Dev to release (#1990) commit fff344013d7a9d90069e91bb6559316e5e823a34 Author: Bobby <31723128+kris6673@users.noreply.github.com> Date: Tue Apr 7 19:06:55 2026 +0200 feat: move ap devices and status page to generic graph request endpoint

version latest

f57e286

KelvinTegelaar merged commit 61b43b9 into master Apr 24, 2026
3 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

version latest#2016

version latest#2016
KelvinTegelaar merged 1 commit intomasterfrom
dev

KelvinTegelaar commented Apr 24, 2026

Uh oh!

Labels

1 participant

Conversation

KelvinTegelaar commented Apr 24, 2026

Uh oh!

Labels

1 participant