What's Changed
- improvement(global-approvals): basic UI improvements by @x032205 in #5009
- improvement(pam): add AWS IAM resource documentation and form enhancements by @victorvhs017 in #5001
- improvement: project identity page UI improvements + v3 component progress by @scott-ray-wilson in #4979
- fix: group rotated secrets under rotation row on the UI dashboard by @carlosmonastyrski in #4890
- feature: add k8s for PAM by @fangpenlin in #4981
- misc: addressed missing property by @sheensantoscapadngan in #5013
- misc: add doc reference for k8 pam in platform by @sheensantoscapadngan in #5014
- fix: decline card modal not closing on the billing page by @carlosmonastyrski in #5012
- improvement: pam findByPath function by @x032205 in #5005
- fix(frontend): fix tw lint error by @scott-ray-wilson in #5018
- improvement(frontend): refine and expand secret sync overwrite destination initial sync behavior warnings by @scott-ray-wilson in #5015
- feature: add skip dns ownership validation option for acme cert profile by @fangpenlin in #5021
- fix(native-integrations): rollback native integration tab by @victorvhs017 in #5030
- improvement(pam): cards for flat account view by @x032205 in #5016
- improvement(api): add acme audit logs by @fangpenlin in #5011
- docs: add acme skip dns validation option doc by @fangpenlin in #5031
- fix: credentials hash calculation in external kms by @gupta-piyush19 in #5036
- improvement(frontend): update and refactor user project membership page components and add details section by @scott-ray-wilson in #5020
- feature(docs): add redirect for deleted Native Integrations docs by @victorvhs017 in #5032
- improvement: auto focus first input on create identity forms by @scott-ray-wilson in #5039
- fix(frontend): remove requester email on access grant from url by @scott-ray-wilson in #5041
- feature: update UI references and urls to match cert-manager by @carlosmonastyrski in #5033
- improvement(api): issue cert from acme in a background queue by @fangpenlin in #5003
- fix(style): fix blank screen after admin account signup by @victorvhs017 in #5038
- feature: add certificate agent documentation and fix issuance endpoint reference by @carlosmonastyrski in #5029
- chore: corrected prod yaml and automated provisioning docs by @sheensantoscapadngan in #5047
- chore: add breathing room for expired token cleanup by @sheensantoscapadngan in #5048
- docs: add guides for requesting certificate via agent, api, and acme by @dangtony98 in #4965
- feature: machine identity groups [ENG-4237] by @gupta-piyush19 in #4995
- feature(cdn): add optional CDN URL configuration for static assets in Vite by @victorvhs017 in #5037
- feature(pam): auto request access to accounts by @x032205 in #5050
- docs: adding Centralized vs. Self-Service Governance guide by @0xArshdeep in #5049
- improvement(api): fix misleading error message for validation host by @fangpenlin in #5054
- feature(scim): expose and rename external group mappings endpoint + api docs by @scott-ray-wilson in #5053
- fix: removed k8s operator from main repo by @varonix0 in #5059
- improvement(cdn): enhance Content Security Policy by injecting CDN host into directives by @victorvhs017 in #5060
- fix(global-approvals): make canAccess path normalized by @x032205 in #5065
- fix(cdn): add index option to serve-ui configuration to fix index.html caching by @victorvhs017 in #5063
- docs: custom agent injector agent image by @varonix0 in #5068
- feature(api): add dns challenge for acme by @fangpenlin in #5043
- feature: octopus deploy app-connection + secret-sync [ENG-4267] by @gupta-piyush19 in #5019
- feature: add PKI links to docs by @carlosmonastyrski in #5058
- feature: allow SSO bypass to be enabled before enabling SSO enforcement by @carlosmonastyrski in #5062
- docs: operator metrics by @varonix0 in #5055
- fix(encryption-key): add a new .env.dev.example file to be used by contributors by @victorvhs017 in #4919
- fix(global-approvals): return grant statuses as expired when expiredAt is reached by @x032205 in #5067
- improvement: removed unnecessary secret reminder deletion by @sheensantoscapadngan in #5061
- feat(audit-logs): audit logs for dynamic secrets and leases by @varonix0 in #5069
- feature: add certificate request tab, general backend improvements on requests, and add filtering by @carlosmonastyrski in #5057
- fix(pam): make aggregateTerminalEvents return proper timestamps by @x032205 in #5017
- docs: add icons to overview page cards by @scott-ray-wilson in #5073
- feat: sql rotation query option and password policy enforcement by @akhilmhdh in #5071
- feat: agentic manager by @sheensantoscapadngan in #4988
- fix: show duplicate accounts with no org attached and fix duplicate invited accounts by @carlosmonastyrski in #5077
- feature(pam): certificate based auth for ssh by @x032205 in #5042
- fix: github overwhelming the relay when fetching too many repositories by @carlosmonastyrski in #5076
- fix: fix project MI pagination, search and org identity name search regex by @scott-ray-wilson in #5079
- feature(docs): add docs for Redis with SSL by @x032205 in #5078
- chore: removed HTTPS port mapping for nginx service in development compose by @akhilmhdh in #5086
- docs(ansible-python-sdk): add dynamic secrets documentation for Ansible and Python SDK by @victorvhs017 in #5083
- chore: remove usages of pkiAcme feature flag by @carlosmonastyrski in #5080
- improvement(kubernetes-auth): k8s auth validation and errors by @victorvhs017 in #5002
- improvement(oidc): update params to include prompt for login by @victorvhs017 in #5084
Full Changelog: v0.154.6...v0.155.0