Skip to content

[pull] master from KelvinTegelaar:master#59

Open
pull[bot] wants to merge 395 commits into
Techary:masterfrom
KelvinTegelaar:master
Open

[pull] master from KelvinTegelaar:master#59
pull[bot] wants to merge 395 commits into
Techary:masterfrom
KelvinTegelaar:master

Conversation

@pull

@pull pull Bot commented Jul 10, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

pull Bot and others added 30 commits June 10, 2026 11:36
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
[pull] dev from KelvinTegelaar:dev
KelvinTegelaar and others added 8 commits July 10, 2026 16:49
Signed-off-by: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com>
Add SAMCertProvisionAttempted guard to break recursion when Update-CIPPSAMCertificate calls Get-GraphToken, which re-enters Get-CIPPAuthentication before the cert env var is set.

Also short-circuit Key Vault retry loop on 404 responses since the secret is definitively absent and retrying with backoff only adds latency.
@pull pull Bot locked and limited conversation to collaborators Jul 10, 2026
@pull pull Bot added ⤵️ pull merge-conflict Resolve conflicts manually labels Jul 10, 2026
Zacgoose and others added 19 commits July 13, 2026 16:16
Parse app template config JSON with `-AsHashtable` before converting it back to a PSCustomObject so templates can carry both `applicationName` and `ApplicationName` without losing data. This avoids deployment issues caused by PowerShell's default case-insensitive JSON object handling.
Replace `Compare-Object` checks with sorted string equality for Teams federation allowed/blocked domain matching. This prevents parameter binding failures when one side is an empty array while preserving exact list-match behavior.
- Replace silent Write-Information bulk error messages with structured Write-LogMessage calls including normalized error details and batch counts
- Handle duplicate document templates gracefully by selecting the oldest instead of throwing
- Clear stale user/update cache entries from Azure Table Storage at sync start rather than reusing potentially stale data
- Remove debug Write-Host from document template creation
Update role permission filtering to compare normalized permission bases instead of exact strings. The code now strips `.Read`/`.ReadWrite` suffixes and uses a case-insensitive hash set of valid permissions, preventing legitimate role permissions from being incorrectly filtered out when access level suffixes differ.
Update NinjaOne tenant sync to resolve the SharePoint Admin URL via `Get-SharePointAdminLink` and gracefully fall back to a tenant-derived `https://<tenant>-admin.sharepoint.com` URL if lookup fails. The SharePoint management link now uses the resolved admin URL instead of the partner session redirect, improving reliability for tenant link mapping.
Update the NinjaOne tenant sync CVE upload path to call `New-VulnCsvBytes` with only the supported parameters. This aligns the invocation with the helper signature and avoids passing an unused `TenantFilter` argument during vulnerability CSV generation.
Added the `i` flag to the Conventional Commits regex so PR titles with uppercase type prefixes (e.g., `Fix:`, `FEAT:`) are also accepted.
Include Intune managed app protection policies in the policy listing endpoint and map them to the compare endpoint. The list output now classifies iOS, Android, and Windows app protection policies so they appear with clearer policy type names.
Tightens app role existence checks in `Add-CIPPApplicationPermission` to match both `appRoleId` and `resourceId` instead of only role ID. This prevents skipping valid role assignments when the same role ID appears across different service principals.
When AppCache.ApplicationId differs from the Key Vault-backed ApplicationID, Get-GraphToken now reloads auth and updates the AppCache marker to the KV value. This prevents repeated auth reloads on every token request when AppCache and KV are out of sync.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

⤵️ pull merge-conflict Resolve conflicts manually

Projects

None yet

Development

Successfully merging this pull request may close these issues.