v2.70.4

Release Pull Request

#6637

What's changed

• Fixed query to retrieve a PrivacyNotice's cookies by @erosselli in #6636

Full Changelog: 2.70.3...2.70.4

v2.70.3

Release Pull Request

#6630

What's Changed

• System integrations form: remove empty integer values on submission by @jpople in #6626

Full Changelog: 2.70.2...2.70.3

v2.70.1

Release Pull Request

#6617

What's Changed

• Fixing get system query params type by @galvana in #6624

Full Changelog: 2.70.0...2.70.1

v2.70.0

Release Pull Request

#6575

What's Changed

• ENG-1273: Resume from Finalization instead of email finalization by @tvandort in #6503
• ENG-1282: Update User API docstrings with scopes by @tvandort in #6511
• ENG-491: System drawer in datamap report by @tvandort in #6515
• Update connector template to include cached display_info properties by @lucanovera in #6509
• Fix login error from Security Advisory merge (causing lots of tests to fail) by @thabofletcher in #6519
• ENG-1288: Dsr finalization flow UI tweaks by @eastandwestwind in #6514
• fix: modal and form styling [ENG-1295] by @speaker-ender in #6521
• Revert ENG-681 - password reset session invalidation by @thabofletcher in #6523
• ENG-942 by @tvandort in #6504
• Fix failing smoke test by @lucanovera in #6522
• Further attempt to avoid false negatives by @gilluminate in #6525
• Notify Ethyca engineering slack if Cypress e2e fails on main by @nrxsmith in #6524
• Update add clients to params by @JadeCara in #6520
• Prevent new DSR 2.0 tasks by @galvana in #6458
• fix: custom identity fields [ENG-1226] by @speaker-ender in #6533
• Fix failing cypress tests on main by @eastandwestwind in #6534
• clean pylints by @thabofletcher in #6537
• ENG-681 Re implement pw reset session invalidation by @thabofletcher in #6526
• updating attachments in dsr builder etc by @JadeCara in #6536
• Privacy request redaction patterns by @galvana in #6487
• Update changelog for 2.69.1 release by @eastandwestwind in #6539
• ENG-1283 by @JadeCara in #6517
• fix: website monitor config exclude domains [ENG-1316] by @speaker-ender in #6544
• fix: location select mode and table display [ENG-1305] by @speaker-ender in #6545
• Adds safeguards when encountering rate limit errors upon instantiation by @eastandwestwind in #6546
• better tag width handling in tables by @gilluminate in #6496
• Decode S3 storage URLs when building object keys for streaming attachments into download packages by @NevilleS in #6541
• Update changelog for 2.69.2 release by @JadeCara in #6548
• System table migration and system group functionality by @jpople in #6453
• Fix failing e2e test by @jpople in #6549
• Fix search within language picker in admin-ui by @lucanovera in #6550
• Create table to store web monitor scan data by @erosselli in #6542
• Eng 571 async polling Proof of Concept by @Vagoasdf in #6473
• Update Cypress selectors to fix failing privacy center test by @jpople in #6553
• Prevent linking systems to Website integrations by @gilluminate in #6554
• Better handling of missing vendors for TCF experiences by @gilluminate in #6556
• Fix translations for TCF not loading correctly by @lucanovera in #6557
• ENG-1340: Remove 1px checkbox by @tvandort in #6555
• Run tests serially by @JadeCara in #6561
• rename tab "Recent activity" -> "Added" by @gilluminate in #6565
• ENG-1212 Add not_applicable to ConsentStatus by @erosselli in #6562
• Messaging config UI by @galvana in #6213
• Fixing downrev by @galvana in #6567
• Adding taxonomy event audits by @galvana in #6564
• Add consent webhook queue by @Linker44 in #6510
• Fix system form not populating when navigated to from the table by @jpople in #6558
• Taxonomy section for system groups by @galvana in #6465
• fix: notices privacy location overflow on firefox [ENG-1274] by @speaker-ender in #6559
• ENG-1334, ENG-1329, ENG-1328 by @tvandort in #6552
• Fix bug in oauth authorization success toast by @lucanovera in #6572
• Fix custom logos in external task portal by @lucanovera in #6573
• Updated CHANGELOG.md for release 2.70.0 by @Kelsey-Ethyca in #6574

Full Changelog: 2.69.2...2.70.0

v2.69.2

Release Pull Request

#6547

What's changed

• Decode S3 storage URLs when building object keys for streaming attachments into download packages by @JadeCara in #6541
• Enables the exclude domains field in the website monitor config. by @erosselli in #6544
• Region table value displayed correctly and Location select only allowing valid values by @erosselli in #6545
• Adds safeguards when encountering rate limit errors upon instantiation by @eastandwestwind in #6546

Full Changelog: 2.69.1...2.69.2

v2.69.1

What's Changed

• Added the ability to selectively redact dataset, collection, and field names in DSR packages by @galvana in #6487
• Changed session invalidation logic to end all sessions for a user when their password has been changed by @thabofletcher CVE-2025-57766
• Fixed OAuth scope privilege escalation vulnerability that allowed clients to create or update other OAuth clients with unauthorized scopes by @thabofletcher CVE-2025-57817
• Added stricter rate limiting to authentication endpoints to mitigate against brute force attacks by @thabofletcher CVE-2025-57815
• Adds Redis-driven rate limiting across all endpoints by @eastandwestwind CVE-2025-57816

Full Changelog: 2.69.0...2.69.1

v2.69.0

Release Pull Request

#6507

What's Changed

• ENG-1128 by @adamsachs in #6441
• ENG-1096 Add execution log when DSR enters awaiting_email_send status by @erosselli in #6462
• ENG-1111 Privacy Center location collection config by @thabofletcher in #6432
• ENG-1186 Fixing issue patching config with legacy values in the DB by @thabofletcher in #6464
• [ENG-983] Update Manual Task Graph with Conditional Evaluator by @JadeCara in #6440
• ENG-881: db engine and session improvements by @adamsachs in #6434
• Improve UI for manual tasks by @lucanovera in #6454
• Upgrade PostgreSQL from 12 to 16 and Redis from 6.2 to 8.0 in local dev & test environments (fides) by @daveqnet in #6456
• Update the fides.js banner to use H2 by @gilluminate in #6470
• ENG-1122 Show brand image and badge for test website monitors by @erosselli in #6476
• Updated the privacy request service to also check for awaitng input status by @JadeCara in #6471
• DB models for custom taxonomies by @galvana in #6421
• Eng 1061 async polling queue by @Vagoasdf in #6435
• Eng 1111 location config move by @thabofletcher in #6468
• Deep linking tables by @gilluminate in #6447
• ENG-1209 - Add logs to debug detection task by @vcruces in #6482
• Refactor Column Header Menu to use components prop instead of title by @gilluminate in #6481
• feat: location select [ENG-1152] by @speaker-ender in #6478
• Optional test + dev mode for AdminUI by @gilluminate in #6483
• [ENG-1200] by @JadeCara in #6474
• Apply new hooks to existing action center tables by @gilluminate in #6484
• handle missing GVL from full experience by @gilluminate in #6472
• Correct consent language for integrations by @Linker44 in #6486
• ENG-1112 and ENG-1109 Location on Privacy Requests by @thabofletcher in #6425
• Display saas integrations in the integrations page by @lucanovera in #6480
• Prevent edits on Ignored assets by @gilluminate in #6485
• Migrate popovers to ant by @gilluminate in #6488
• fix: privacy center identity field logic [ENG-1226] by @speaker-ender in #6492
• fix: web monitor locations select [ENG-1223] by @speaker-ender in #6491
• privacy center dsr redirect by @JadeCara in #6489
• Fix non-applicable notices being saved as "true" in the consent cookie by @jpople in #6490
• ENG-1273: Fix finalization by @tvandort in #6493
• UI for adding manual task creation conditions by @lucanovera in #6431
• ENG-782: Remove beta flags from orgs and SSO by @tvandort in #6494
• ENG-782: Update changelog by @tvandort in #6495
• update datamap lineage colors by @Kelsey-Ethyca in #6505
• Updated CHANGELOG.md for release 2.69.0 by @Kelsey-Ethyca in #6506

Full Changelog: 2.68.0...2.69.0

v2.68.0

Release Pull Request

#6461

What's Changed

• Filtering and sorting for discovered assets in Action Center by @gilluminate in #6401
• Improved API call loading/failure handling by @gilluminate in #6387
• ENG-878 Privacy Request cancellation/retry limit by @thabofletcher in #6396
• ENG-856 memory manager by @thabofletcher in #6375
• Skipping missing tables for leaf-collections by @galvana in #6397
• ENG-1068 support unscheduling datahub syncs (fides) by @adamsachs in #6408
• [ENG-871] Part 2 by @JadeCara in #6390
• fix fides debugger errors in privacy center by @gilluminate in #6406
• Updating External Saas Tests by @Vagoasdf in #6363
• remove sorting from problematic columns by @gilluminate in #6413
• Adding missing non-KMS S3 test case by @galvana in #6412
• Adding missing table detection for erasures by @galvana in #6414
• Fixing requirment of Saas env token on all tests by @Vagoasdf in #6415
• Fix default tab not loading with Manual Task integrations by @lucanovera in #6417
• update changelog for 2-67.1 release by @lucanovera in #6423
• improve error logging for database query failures by @adamsachs in #6420
• Protect against multiple instantiations of FidesJS and GPP by @gilluminate in #6416
• fix changelog by @gilluminate in #6427
• Fix console error when creating new TCF experience by @gilluminate in #6428
• Fix small UI bugs in Manual Task config screen by @lucanovera in #6436
• [ENG-984] Add dependencies as scalar field references inputs into access and erasure manual graph tasks by @JadeCara in #6402
• fix logging test by @adamsachs in #6433
• [ENG-1114] Update CI to run all tests by @JadeCara in #6419
• ENG-738 - Performance improvements for data detection - bulk insert ancestor links by @vcruces in #6426
• [ENG-1133] Added privacy center settings to config by @JadeCara in #6439
• [ENG-982] Added type validation for operators by @JadeCara in #6429
• Dataset Generic Object Support by @Linker44 in #6424
• Configure role assumption in create client. by @tvandort in #6443
• update changelog 2.67.2 by @adamsachs in #6446
• ENG-738 - Update the ancestors and descendants functions to create a single SQL query by @vcruces in #6444
• Add nox -s dev -- workers-all and rename worker-other by @NevilleS in #6445
• Visual cue when updating layer 2 + live region update by @gilluminate in #6451
• Revert tables to use Ant filter icon by @gilluminate in #6450
• Improve responsive styles in privacy request detail page by @lucanovera in #6437
• Fix failing Cypress test by @gilluminate in #6455
• Fix bug with GPP API not initializing with invalid Fides string override by @jpople in #6452
• Fix params getting encoded by @gilluminate in #6449
• Updated CHANGELOG.md for release 2.68.0 by @Kelsey-Ethyca in #6460
• subtle dsr processing issue by @JadeCara in #6469

Full Changelog: 2.67.2...2.68.0

v2.67.2

Release Pull Request

#6448

What's changed

• Configured AWS S3 role assumption in client creation code so that all uses support role assumption by @tvandort in #6443

Full Changelog: 2.67.1...2.67.2

v2.67.1

Release Pull Request

#6422

What's changed

• Added protection against multiple FidesJS script loading on the same page with configurable override option by @gilluminate in #6416
• Fixed default tab not being set in the integration detail page for Manual Tasks integrations by @lucanovera in #6417

Full Changelog: 2.67.0...2.67.1