v2.84.5

Merge commit from fork

* ghsa-5qrq-9645-g5g2

* Example commit.

* Remove test code.

* Remove errant update.

* chore: trigger PR refresh

---------

Co-authored-by: Thomas Van Dort <tvand@Mac.fios-router.home>
Co-authored-by: Dave Quinlan <83430497+daveqnet@users.noreply.github.com>

v2.84.3

Full Changelog: 2.84.2...2.84.3

Release Pull Request

#8112

What's Changed

• Added the ability to disable Celery heartbeat, mingle and gossip through the config by @johnewart #8077

v2.82.2

Release Pull Request

#8044

What's Changed

• Reduce redundant System fetches per row in /system/upsert from four to one, and add per-axis change-detection logging in the system audit path by @adamsachs in #8080
• Fixed excessive memory usage in DSR cancel path by using column projection instead of loading full RequestTask ORM objects with large encrypted blobs by @erosselli in #8062
• Fixed N+1 query performance issue in system upsert endpoint where privacy declaration label validation issued individual database queries per label instead of batching them by @erosselli in #8009

Full Changelog: 2.82.1...2.82.2

v2.84.2

Release Pull Request

#8073

What's Changed

• Add configurable soft time limit for privacy request tasks, fix connector engine leak, and improve consent pipeline logging by @galvana in #8064

Full Changelog: 2.84.1...2.84.2

v2.84.1

Release Pull Request

#8060

Full Changelog: 2.84.0...2.84.1

v2.84.0

Release Pull Request

#8011

What's Changed

• ENG-2246: Add regex search toggle to monitor fields UI by @adamsachs in #7855
• fix: datastore filter responsiveness by @speaker-ender in #7870
• Migrate domains/CORS config form to Ant Design by @gilluminate in #7853
• Migrate custom reports forms to Ant Design by @gilluminate in #7865
• ENG-3359: Fix SaaS connector datasets bypassing property-based DAG filtering by @JadeCara in #7868
• ENG-3364: Fix Request Manager list alignment by @jpople in #7874
• Use global reusable workflow for Claude Code Review by @JadeCara in #7873
• Revert: Use global reusable workflow for Claude Code Review by @JadeCara in #7876
• chore: update staged resource types by @speaker-ender in #7871
• Add codegraph integration to Claude Code Review workflow by @JadeCara in #7878
• Add codegraph canary to Claude Code Review by @JadeCara in #7879
• Fix codegraph MCP connection in Claude Code Review by @JadeCara in #7883
• ENG-3370: Fix incorrect error message on login with bad credentials by @gilluminate in #7882
• ENG-3179: Migrate properties form to Ant Design by @gilluminate in #7880
• ENG-2986: Controls model, migration, seed data, and FE updates by @thabofletcher in #7833
• ENG-3169: Migrate organization settings form to Ant Design by @jpople in #7872
• Promote alphaJiraIntegration flag to beta as jiraIntegration by @jpople in #7886
• ENG-3267: Fix bulk promote failing for long URNs by @nrxsmith in #7881
• Bump aiohttp to 3.13.4 (ENG-3360) by @erosselli in #7891
• Update generated types and fix all issues by @lucanovera in #7757
• refactor: filter linked progress [ENG-3259, ENG-2794] by @speaker-ender in #7846
• ENG-3198: Upgrade Node.js from 20 to 24 and bump CI actions by @gilluminate in #7885
• Fix duplicated authentication description on Okta integration page by @dsill-ethyca in #7899
• Update heading tag semantics for privacy assessments by @lucanovera in #7892
• ENG-3365: Add new env var to hide all consent-related ui by @eastandwestwind in #7890
• fix: widget issues by @speaker-ender in #7894
• ENG-3368: Add composite (created_at, id) index for privacy_preferences pagination by @erosselli in #7897
• ENG-3171: Migrate config-wizard forms from Formik/Yup to Ant Design Form by @gilluminate in #7896
• ENG-3172: Migrate privacy request forms from Chakra/Formik to Ant Design by @gilluminate in #7903
• ENG-3173: Migrate connection manager and integration forms to Ant Design by @gilluminate in #7898
• ENG-3298: Add parent_id column to Comment model for threading by @JadeCara in #7864
• ENG-3353 Homepage dashboard UI polish by @eastandwestwind in #7904
• [1 of 2] ENG-3157: Platform identity resolution — OSS type changes for PBAC by @galvana in #7807
• ENG-3298: Fix DetachedInstanceError on Comment.delete() replies access by @JadeCara in #7906
• ENG-3413: Fix property form 422 on create — paths field dropped after antd migration by @jpople in #7908
• ENG-3388: use correct confidence bucket query parameter by @tvandort in #7895
• ENG-3416: Hide redundant 'across 1 monitor' on single-monitor Action Center view by @dsill-ethyca in #7911
• ENG-3419: Update ruff target-version from py39 to py313 by @erosselli in #7915
• Eng 567 pr 3 version history UI by @Vagoasdf in #7828
• ENG-3287: Regroup assessment list by processing activity by @galvana in #7887
• Replace alphaRbac feature flag with backend-driven RBAC config by @thabofletcher in #7877
• ENG-3398: Fix column reorder drop target in Datamap report modal by @gilluminate in #7905
• Update type generation command to use heyapi by @lucanovera in #7920
• ENG-3177: Migrate datamap SystemInfo from Formik/Chakra to antd Form by @gilluminate in #7921
• ENG-3437: Change account dropdown to click-only trigger by @gilluminate in #7923
• ENG-3430: make privacy center actions optional by @nreyes-dev in #7919
• Update changelog release 2.83.1 by @nreyes-dev in #7929
• ENG-3393: Add Jira OAuth app credentials to connection secrets schema by @JadeCara in #7901
• ENG-3443: Fix selectUser selector memoization by @gilluminate in #7927
• ENG-2987: Upgrade Admin UI Next.js from 14 to 16 by @gilluminate in #7907
• ENG-3440: Fix TypeError when closing Data Catalog drawer by @gilluminate in #7925
• fix: initial steward values [ENG-3411] by @speaker-ender in #7914
• ENG-3270: Add target_system_steward_ids column to StagedResource by @dsill-ethyca in #7912
• ENG-3435: Clean up antd v6 deprecated prop warnings by @gilluminate in #7936
• Access policies controls UI + new description field by @lucanovera in #7918
• ENG-3328: Add property picker to integration forms by @jpople in #7909
• ENG-3461: migrate admin-ui to RouterLink and remove legacyBehavior by @gilluminate in #7942
• Reword "click here" links for accessibility by @gilluminate in #7937
• fix: datastore integration text taxonomy [ENG-3209] by @speaker-ender in #7943
• ENG-3451: Fix Manage integration modal reporting dirty on mount by @gilluminate in #7934
• [ENG-3281] Add all pools to database healthcheck, add extended pool status data by @johnewart in #7856
• ENG-3461: add unstyled mode to RouterLink, replace all remaining NextLink usages by @gilluminate in #7946
• Bump next from 15.5.10 to 15.5.15 in /clients/privacy-center in the npm_and_yarn group across 1 directory by @dependabot[bot] in #7940
• Add reduce motion check on animated counts by @gilluminate in #7924
• ENG-3180: Migrate messaging template forms to Ant Design by @gilluminate in #7939
• ENG-3174: Migrate privacy notice forms to Ant Design by @gilluminate in #7950
• Remove plans directory by @galvana in #7951
• Add password-reset-at to JWE token for stateless validation by @thabofletcher in #7692
• ENG-3329: Add property info to privacy request details panel by @jpople in #7930
• ENG-3466: Add username character validation on user creation by @erosselli in #7953
• Replace palette JS imports with CSS variables in Admin UI by @gilluminate in #7954
• ENG-3084: Add Go PBAC policy engine library and fides pbac CLI by @thabofletcher in #7926
• chore: only trigger code review on /code-review comment by @adamsachs in #7958
• ENG-3417: Fix browser nav for action center ignored assets by @eastandwestwind in #7961
• ENG-3406: fix stale sidebar data in action center by @nreyes-dev in #7960
• ENG-3001: Add OAuth API clients list page by @tvandort in #7747
• ENG-3455: Add username validation to new user form by @gilluminate in #7957
• Update Changelog for 2.83.2 release by @erosselli in #7948
• ENG-3462: Fix console warnings and errors in Admin UI by @gilluminate in #7959
• fix: storybook build by @speaker-ender in #7955
• Fix 3459 rate limit by @Vagoasdf in #7938
• Fix sample app builds after Next upgrade by @gilluminate in #7966
• Fix user invite email test assertion after HTML escaping update by @JadeCara in #7973
• Fix PyPI upload by pinning version from tag by @erosselli in https://github.com/ethyc...

v2.83.3

Release Pull Request

#7994

What's Changed

• Add Control model and join table for associating regulatory frameworks with access policies by @thabofletcher in #7833
• Added composite (created_at, id) index to privacy_preferences to improve pagination performance on large tables by @erosselli in #7897
• Expanded database healthcheck to report per-pool health details and readonly async prewarming metrics. Top-level migration state (database may be needs migration) and database_revision continue to come from Alembic; optional pools are reported as skipped when not configured by @johnewart in #7856
• Scope check_object_exists in post-upgrade background index creation to the current PostgreSQL schema, preventing false positives on shared-database staging environments by @erosselli in #7990
• Fixed Ticket setup tab appearing on non-Jira integrations by @jpople in #7987
• Bumped aiohttp to 3.13.4 to fix 10 CVEs including CVE-2026-34516, CVE-2026-22815, CVE-2026-34520 by @erosselli in #7891

Full Changelog: 2.83.2...2.83.3

v2.83.2

Release Pull Request

#7982

What's changed

• Security Restored identity verification path for privacy requests classified as duplicates to prevent denial of service [GHSA-qx5f-ghc2-7g5c] by @JadeCara in #7971
• Security Added identity verification check before administrator approval of duplicate privacy requests [GHSA-qx5f-ghc2-7g5c] by @JadeCara in #7972

Full Changelog: 2.83.1...2.83.2

v2.83.1

Release Pull Request

#7928

Full Changelog: 2.83.0...2.83.1

v2.83.0

Release Pull Request

#7863

What's Changed

• ENG-2489: Improve error messages for misconfigured dynamic erasure email connectors by @JadeCara in #7779
• fix: always running fe checks by @speaker-ender in #7813
• ENG-3245: Speed up CI: shard slow tests + decouple startup check (28m → 9m) by @galvana in #7790
• Add case_sensitive column to identity_definition by @erosselli in #7814
• ENG-3088 - Add feature flag, ConnectionType, connector, and DB migration by @vcruces in #7805
• feat: add monitor_aggregate_statistics table [ENG-2780] by @adamsachs in #7808
• ENG-3077: fix manual tasks pagination bug by @nreyes-dev in #7809
• ENG-706: Migrate datamap report table to Ant Design by @gilluminate in #7780
• ENG-3009: Fix Edit SSO Provider Save button always disabled by @wadesdev in #7739
• ENG-3167: Replace Chakra form components with antd on login page by @gilluminate in #7819
• ENG-3194 - Ensure Redis connection URL is correct when configured to use a cluster + SSL by @johnewart in #7811
• [ENG-2759] DSR integration with new cache manager by @johnewart in #7708
• ENG-182: Migrate Chakra Spinners to Ant Design Spin by @jpople in #7791
• ENG-3083: AccessPolicy + AccessPolicyVersion models and migration by @thabofletcher in #7773
• Extract shared OnePasswordClient; seed profile UI updates by @adamsachs in #7698
• Eng 567 pr2 saas config version by @Vagoasdf in #7688
• ENG-3083: Change access policy update from PUT to PATCH by @thabofletcher in #7822
• ENG-3237: Add FIDES__DATABASE__MIGRATION_ROLE to SET ROLE before migrations by @JadeCara in #7815
• Re-invite Expired Users by @RobertKeyser in #6904
• fix: use isolated event loop in OnePasswordClient sync wrappers by @adamsachs in #7827
• ENG-3233: Optimize Cypress CI with shared build and better sharding by @gilluminate in #7792
• ENG-3203: Add support for custom identities as manual task conditions by @lucanovera in #7784
• ENG-3135: Add ticket preview to Jira config wizard by @jpople in #7829
• ci: add .mcp.json for codegraph MCP server by @JadeCara in #7821
• ENG-2745: Add ConfirmCloseModal and useConfirmDirtyClose hook (1/5) by @jpople in #7836
• fix: disable CSS animations in Cypress to prevent flaky antd tests by @gilluminate in #7841
• ENG-3196: nosemgrep annotations for security rule baseline by @JadeCara in #7816
• Add pre-approval webhook statuses, audit logs, and management UI by @galvana in #7399
• ENG-2858: Add KeyProvider ABC with LocalKeyProvider by @erosselli in #7810
• ENG-3110: add noindex meta tag on fidesadmin and privacy center by @nreyes-dev in #7798
• ENG-2931: Self-service Password Email Reset Flow ("Forgot your password?" feature) by @nreyes-dev in #7830
• fix attribution positioning by @gilluminate in #7806
• ENG-3193: Add utm params to brand links by @eastandwestwind in #7781
• Add brand fonts by @kruulik in #7768
• Quieter Prettier by @gilluminate in #7834
• Access policies list page by @lucanovera in #7817
• Replace Chakra/Formik with antd Form in user management by @gilluminate in #7843
• ENG-3089 - Create cloud_infra_staged_resource db table by @vcruces in #7823
• ENG-3118: Add user_assigned_description column to StagedResource by @dsill-ethyca in #7847
• Migrate Privacy Experience forms over to Ant Design by @gilluminate in #7835
• Replace Chakra/Formik with antd Form in dataset forms by @gilluminate in #7852
• ENG-3288 Add onupdate to PrivacyPreferences.updated_at column by @erosselli in #7851
• ENG-2745: Dirty-close guard for Formik inline modals (2/5) by @jpople in #7837
• Bump requests to >=2.33.0 (CVE-2026-25645) by @eastandwestwind in #7854
• ENG-699: Migrate privacy experiences table to Ant Design by @jpople in #7789
• ENG-3140: Onboarding flow for PBAC by @kruulik in #7831
• Fix race condition in useCustomFields that wiped form values on system configure page by @nrxsmith in #7859
• ENG-3262: add privacy center config schema validation by @nreyes-dev in #7845
• ENG-3090 - Add build_aws_client method by @vcruces in #7860
• ENG-3141: Add Astralis Agent Activity panel to home dashboard by @kruulik in #7861
• ENG-3116: Add template variable autocomplete to experience translation form by @jpople in #7844
• refactor: datastore filter responsiveness [ENG-2887] by @speaker-ender in #7752
• Updated CHANGELOG.md for release 2.83.0 by @Kelsey-Ethyca in #7862
• ENG-3142: Add activity feed card to home dashboard by @kruulik in #7842

Full Changelog: 2.82.1...2.83.0