Conversation
* Flag rotation script uploads with is_script for owner-only server enforcement * Undo ssl changes
… Windows services.
… return consistent folder JSON by name vs UID (#2178) * Fix nsf-mkdir to reject UID path segments and get to return consistent folder JSON by name vs UID * KC-1335, KC-1336: Fix nsf-mkdir parent UID path resolution and get folder JSON consistency nsf-mkdir now resolves existing parent folder UIDs in paths instead of treating them as literal folder names. get --format json returns the same folder schema whether the folder is looked up by name or UID. * Align get folder detail output with JSON schema --------- Co-authored-by: amangalampalli-ks <amangalampalli@keepersecurity.com>
* Fix KEEPER_SSL_CERT_FILE ignored for HTTP SSL verification for REST, PAM, tunnel HTTP, and DAG (#2172) * Add KEEPER_SSL_CERT_FILE test; Replace ssl_aware_get with requests.get(..., verify=params.ssl_verify) * Revert vendored keeper_dag SSL changes; land in keeper-dag PR GraphSync connection SSL wiring belongs in the keeper-dag repo and will sync into Commander via copy_to_commander.py after both PRs merge. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
Support dom_user_match in pam project import and --domain-user-match on pam config new/edit, mapping to text:userMatch on pamDomainConfiguration. Co-authored-by: Cursor <cursoragent@cursor.com>
Use config_edit to distinguish new vs edit: edit honors empty strings to unset text fields and merges partial pamHostname updates with existing host/port values. Co-authored-by: Cursor <cursoragent@cursor.com>
…admin missing when admin and launch are the same pamUser Co-authored-by: Cursor <cursoragent@cursor.com>
Honor --schedule-config across rotation profiles, add a dedicated scripts_only path with correct noop DAG linking and rotation revision handling, and sync vault before --schedule-config so PAM config defaultRotationSchedule is current. Co-authored-by: Cursor <cursoragent@cursor.com>
Expose Web Vault default-schedule state by comparing stored rotation schedule JSON to the PAM configuration defaultRotationSchedule field. Co-authored-by: Cursor <cursoragent@cursor.com>
Sync rotation revision after IAM link permission-check so the schedule-bearing set_record_rotation call uses the server revision instead of 0. Co-authored-by: Cursor <cursoragent@cursor.com>
Add --ignore-server-cert and --security-mode to pam connection edit, fix Kubernetes cert field mapping for launch, and add unit tests. Co-authored-by: Cursor <cursoragent@cursor.com>
Read SSH, telnet, database, and kubernetes settings from pamSettings.connection using Web Vault record field names and wire missing guacd params. Co-authored-by: Cursor <cursoragent@cursor.com>
idimov-keeper
approved these changes
Jul 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.