Skip to content

[pull] dev from KelvinTegelaar:dev#140

Open
pull[bot] wants to merge 3670 commits into
BNWEIN:devfrom
KelvinTegelaar:dev
Open

[pull] dev from KelvinTegelaar:dev#140
pull[bot] wants to merge 3670 commits into
BNWEIN:devfrom
KelvinTegelaar:dev

Conversation

@pull

@pull pull Bot commented Jun 27, 2025

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.2)

Can you help keep this open source service alive? 💖 Please sponsor : )

@pull pull Bot locked and limited conversation to collaborators Jun 27, 2025
@pull pull Bot added the ⤵️ pull label Jun 27, 2025
Zacgoose and others added 28 commits June 22, 2026 21:17
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
Add grantMobileThreatDefensePartnerRole to the Mobile Threat Defense
connector payload in both the deployment handler and the
DefenderCompliancePolicy standard, so the new Intune option is deployable
and enforceable.

Fix the crossed iOS connector mappings: AppSync now drives
allowPartnerToCollectIOSApplicationMetadata and ConnectIosCompliance drives
iosMobileApplicationManagementEnabled (MAM), and add the personal
app-inventory property. This corrects the property each toggle controls,
so existing iOS configs change behaviour. Sync Config/standards.json.
Introduce the grantMobileThreatDefensePartnerRole to the Mobile Threat
Defense connector payload, ensuring it is deployable and enforceable.
Correct iOS connector mappings to align with intended functionality. It
was mapped to the wrong property.

Frontend PR: KelvinTegelaar/CIPP#6231
[pull] dev from KelvinTegelaar:dev
Add severity and resolvingComment to the incident PATCH so users can
reprioritise and document why an incident was resolved. Build the body
as a hashtable/JSON so free-text comments with quotes are escaped, and
gate assignee changes behind an explicit AssignToSelf flag so status
and severity and status edits no longer clobber the existing owner.
KelvinTegelaar and others added 30 commits July 9, 2026 18:40
Set SetFromProfile earlier to prevent re-entrancy when Update-CIPPSAMCertificate calls Get-GraphToken. Add logic to provision a missing SAM certificate during authentication initialization, with improved error handling and logging. The weekly token update will retry if provisioning fails.
Extend `Invoke-ExecSetSharePointMember` to handle communication/classic SharePoint sites by using SharePoint REST (`ensureuser`, add/remove in associated member group) with certificate auth, while preserving group-connected behavior via M365 group membership. The change also improves request field reuse, adds endpoint logging for success/failure, normalizes exception handling with `Get-CippException`, and returns clearer error messages and status codes.
Refines SharePoint member management to be role-aware across Owners, Members, and Visitors, with smarter routing between Graph-backed M365 group updates and SharePoint role-group REST calls. Removals now honor the selected member type/source so directly added users are removed from the correct role group, and messaging/error text is more specific.

Updates site member listing to return actual role-group membership from SharePoint REST, expand M365 group claims into real users on group-connected sites, include site collection admins, and fall back to the User Information List via Graph when REST access is unavailable.
…ite retrieval

feat: Extend Set-CIPPSPOSite to support Int64 property types
feat: Implement Invoke-ExecSetSiteProperties for updating site properties via API
feat: Create Invoke-ListSiteProperties to retrieve site properties with friendly enum names
- deleted site restoration
- bulk removal of sharing links for a site
- site recycle bin management (new cipp permission)
- full user removal from all groups in site
- guest user detection in list site members
- Implements KelvinTegelaar/CIPP#6248
- Group Templates for Distribution Lists and mail enabled security
groups can now define **email aliases with variables** and **hide from
GAL** option
Signed-off-by: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com>
Add SAMCertProvisionAttempted guard to break recursion when Update-CIPPSAMCertificate calls Get-GraphToken, which re-enters Get-CIPPAuthentication before the cert env var is set.

Also short-circuit Key Vault retry loop on 404 responses since the secret is definitively absent and retrying with backoff only adds latency.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

10 participants