cloudflare · KianNH · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025 · Feb 20, 2025
@@ -0,0 +1,40 @@
+---
+import { getChangelogs, type GetChangelogsOptions } from "~/util/changelog";
+import { reference } from "astro:content";
+import { z } from "astro:schema";
+import { getCollection } from "astro:content";
+
+const props = z.object({
+	products: z.array(reference("products")),
+}).or(z.object({
+	area: z.string()
+}));
+
+const input = await props.parseAsync(Astro.props);
+
+let filter: GetChangelogsOptions["filter"];
+
+if ("products" in input) {
+	filter = (e) => {
+		return e.data.products.some((x) => input.products.some((y) => x.id === y.id))
+	}
+} else {
+	const products = await getCollection("products", (e) => {
+		return e.data.product.group === input.area;
+	});
+
+	filter = (e) => {
+		return e.data.products.some((x) => products.some((y) => x.id === y.id))
+	}
+}
+
+const changelogs = await getChangelogs({ filter });
+---
+
+{
+	changelogs.map((entry) => (
+		<h3>{entry.data.date.toISOString().slice(0, 10)}</h3>
+		<h4>{entry.data.description}</h4>
+		<p>For more information, refer to the <a href={`/changelog/${entry.id}`}>dedicated changelog post</a>.</p>
+	))
+}
@@ -38,8 +38,9 @@ export { default as PagesBuildPresetsTable } from "./PagesBuildPresetsTable.astr
 export { default as PagesLanguageSupport } from "./PagesLanguageSupport.astro";
 export { default as Plan } from "./Plan.astro";
 export { default as PlanInfo } from "./PlanInfo.astro";
-export { default as ProductReleaseNotes } from "./ProductReleaseNotes.astro";
+export { default as ProductChangelog } from "./ProductChangelog.astro";
 export { default as ProductFeatures } from "./ProductFeatures.astro";
+export { default as ProductReleaseNotes } from "./ProductReleaseNotes.astro";
 export { default as ProductsByTag } from "./ProductsByTag.astro";
 export { default as PublicStats } from "./PublicStats.astro";
 export { default as RelatedProduct } from "./RelatedProduct.astro";

diff --git a/...tent/changelog/access/2023-06-23-custom-block-pages-for-access-applications.mdx b/...tent/changelog/access/2023-06-23-custom-block-pages-for-access-applications.mdx
@@ -0,0 +1,9 @@
+---
+title: Custom block pages for Access applications
+description: Custom block pages for Access applications
+date: 2023-06-23T00:00:00.000Z
+products:
+- access
+---
+
+Allow Access admins to customize the block pages presented by Access to end users.
diff --git a/src/content/changelog/access/2023-08-02-azure-ad-authentication-contexts.mdx b/src/content/changelog/access/2023-08-02-azure-ad-authentication-contexts.mdx
@@ -0,0 +1,9 @@
+---
+title: Azure AD authentication contexts
+description: Azure AD authentication contexts
+date: 2023-08-02T00:00:00.000Z
+products:
+- access
+---
+
+Support Azure AD authentication contexts directly in Access policies.
diff --git a/src/content/changelog/access/2023-09-08-custom-oidc-claims-for-named-idps.mdx b/src/content/changelog/access/2023-09-08-custom-oidc-claims-for-named-idps.mdx
@@ -0,0 +1,9 @@
+---
+title: Custom OIDC claims for named IdPs
+description: Custom OIDC claims for named IdPs
+date: 2023-09-08T00:00:00.000Z
+products:
+- access
+---
+
+Access admins can now add custom claims to the existing named IdP providers. Previously this was locked to the generic OIDC provider.
diff --git a/src/content/changelog/access/2023-09-15-app-launcher-customization.mdx b/src/content/changelog/access/2023-09-15-app-launcher-customization.mdx
@@ -0,0 +1,9 @@
+---
+title: App launcher customization
+description: App launcher customization
+date: 2023-09-15T00:00:00.000Z
+products:
+- access
+---
+
+Allow Access admins to configure the App Launcher page within Zero Trust.
diff --git a/src/content/changelog/access/2023-09-15-app-launcher-supports-tags-and-filters.mdx b/src/content/changelog/access/2023-09-15-app-launcher-supports-tags-and-filters.mdx
@@ -0,0 +1,9 @@
+---
+title: App launcher supports tags and filters
+description: App launcher supports tags and filters
+date: 2023-09-15T00:00:00.000Z
+products:
+- access
+---
+
+Access admins can now tag applications and allow users to filter by those tags in the App Launcher.
diff --git a/...cess/2023-09-15-view-active-access-user-identities-in-the-dashboard-and-api.mdx b/...cess/2023-09-15-view-active-access-user-identities-in-the-dashboard-and-api.mdx
@@ -0,0 +1,9 @@
+---
+title: View active Access user identities in the dashboard and API
+description: View active Access user identities in the dashboard and API
+date: 2023-09-15T00:00:00.000Z
+products:
+- access
+---
+
+Access admins can now view the full contents of a user's identity and device information for all active application sessions.
diff --git a/.../changelog/access/2023-12-15-default-relay-state-support-in-access-for-saas.mdx b/.../changelog/access/2023-12-15-default-relay-state-support-in-access-for-saas.mdx
@@ -0,0 +1,9 @@
+---
+title: Default relay state support in Access for SaaS
+description: Default relay state support in Access for SaaS
+date: 2023-12-15T00:00:00.000Z
+products:
+- access
+---
+
+Allows Access admins to set a default relay state on Access for SaaS apps.
diff --git a/src/content/changelog/access/2023-12-20-unique-entity-ids-in-access-for-saas.mdx b/src/content/changelog/access/2023-12-20-unique-entity-ids-in-access-for-saas.mdx
@@ -0,0 +1,9 @@
+---
+title: Unique Entity IDs in Access for SaaS
+description: Unique Entity IDs in Access for SaaS
+date: 2023-12-20T00:00:00.000Z
+products:
+- access
+---
+
+All new Access for SaaS applications have unique Entity IDs. This allows for multiple integrations with the same SaaS provider if required. The unique Entity ID has the application audience tag appended. Existing apps are unchanged.
diff --git a/src/content/changelog/access/2024-02-22-access-for-saas-oidc-support.mdx b/src/content/changelog/access/2024-02-22-access-for-saas-oidc-support.mdx
@@ -0,0 +1,9 @@
+---
+title: Access for SaaS OIDC Support
+description: Access for SaaS OIDC Support
+date: 2024-02-22T00:00:00.000Z
+products:
+- access
+---
+
+Access for SaaS applications can be setup with OIDC as an authentication method. OIDC and SAML 2.0 are now both fully supported.
diff --git a/src/content/changelog/access/2024-02-22-warp-as-an-identity-source-for-access.mdx b/src/content/changelog/access/2024-02-22-warp-as-an-identity-source-for-access.mdx
@@ -0,0 +1,9 @@
+---
+title: WARP as an identity source for Access
+description: WARP as an identity source for Access
+date: 2024-02-22T00:00:00.000Z
+products:
+- access
+---
+
+Allow users to log in to Access applications with their WARP session identity. Users need to reauthenticate based on default session durations. WARP authentication identity must be turned on in your device enrollment permissions and can be enabled on a per application basis.
diff --git a/src/content/changelog/access/2024-04-15-zero-trust-user-identity-audit-logs.mdx b/src/content/changelog/access/2024-04-15-zero-trust-user-identity-audit-logs.mdx
@@ -0,0 +1,9 @@
+---
+title: Zero Trust User identity audit logs
+description: Zero Trust User identity audit logs
+date: 2024-04-15T00:00:00.000Z
+products:
+- access
+---
+
+All user identity changes via SCIM or Authentication events are logged against a user's registry identity.
diff --git a/...tent/changelog/access/2024-04-28-add-option-to-bypass-cors-to-origin-server.mdx b/...tent/changelog/access/2024-04-28-add-option-to-bypass-cors-to-origin-server.mdx
@@ -0,0 +1,9 @@
+---
+title: Add option to bypass CORS to origin server
+description: Add option to bypass CORS to origin server
+date: 2024-04-28T00:00:00.000Z
+products:
+- access
+---
+
+Access admins can [defer all CORS enforcement to their origin server](/cloudflare-one/identity/authorization-cookie/cors/#bypass-options-requests-to-origin) for specific Access applications.
diff --git a/...nt/changelog/access/2024-06-06-scalability-improvements-to-the-app-launcher.mdx b/...nt/changelog/access/2024-06-06-scalability-improvements-to-the-app-launcher.mdx
@@ -0,0 +1,9 @@
+---
+title: Scalability improvements to the App Launcher
+description: Scalability improvements to the App Launcher
+date: 2024-06-06T00:00:00.000Z
+products:
+- access
+---
+
+Applications now load more quickly for customers with a large number of applications or complex policies.
diff --git a/...-reduce-automatic-seat-deprovisioning-minimum-to-1-month-down-from-2-months.mdx b/...-reduce-automatic-seat-deprovisioning-minimum-to-1-month-down-from-2-months.mdx
@@ -0,0 +1,9 @@
+---
+title: Reduce automatic seat deprovisioning minimum to 1 month, down from 2 months.
+description: Reduce automatic seat deprovisioning minimum to 1 month, down from 2 months.
+date: 2024-08-26T00:00:00.000Z
+products:
+- access
+---
+
+Admins can now configure Zero Trust seats to [automatically expire](/cloudflare-one/identity/users/seat-management/#enable-seat-expiration) after 1 month of user inactivity. The previous minimum was 2 months.
diff --git a/src/content/changelog/access/2024-10-23-ssh-with-access-for-infrastructure.mdx b/src/content/changelog/access/2024-10-23-ssh-with-access-for-infrastructure.mdx
@@ -0,0 +1,9 @@
+---
+title: SSH with Access for Infrastructure
+description: SSH with Access for Infrastructure
+date: 2024-10-23T00:00:00.000Z
+products:
+- access
+---
+
+Admins can now use [Access for Infrastructure](/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/) to manage privileged access to SSH servers. Access for Infrastructure provides improved control and visibility over who accessed what service and what they did during their SSH session. Access for Infrastructure also eliminates the risk and overhead associated with managing SSH keys by using short-lived SSH certificates to access SSH servers.
diff --git a/...content/changelog/access/2024-12-04-scim-ga-for-okta-and-microsoft-entra-id.mdx b/...content/changelog/access/2024-12-04-scim-ga-for-okta-and-microsoft-entra-id.mdx
@@ -0,0 +1,9 @@
+---
+title: SCIM GA for Okta and Microsoft Entra ID
+description: SCIM GA for Okta and Microsoft Entra ID
+date: 2024-12-04T00:00:00.000Z
+products:
+- access
+---
+
+Cloudflare's SCIM integrations with [Okta](/cloudflare-one/identity/idp-integration/okta/#synchronize-users-and-groups) and [Microsoft Entra ID](//cloudflare-one/identity/idp-integration/entra-id/#synchronize-users-and-groups) (formerly AzureAD) are now out of beta and generally available (GA) for all customers. These integrations can be used for Access and Gateway policies and Zero Trust user management. Note: This GA release does not include [Dashboard SSO SCIM](/fundamentals/setup/account/account-security/scim-setup/) support.
diff --git a/src/content/changelog/access/2025-01-15-logpush-for-ssh-command-logs.mdx b/src/content/changelog/access/2025-01-15-logpush-for-ssh-command-logs.mdx
@@ -0,0 +1,9 @@
+---
+title: Logpush for SSH command logs
+description: Logpush for SSH command logs
+date: 2025-01-15T00:00:00.000Z
+products:
+- access
+---
+
+Enterprise customers can now use Logpush to export SSH command logs for Access for Infrastructure targets.
diff --git a/...cess-applications-support-private-hostnamesips-and-reusable-access-policies.mdx b/...cess-applications-support-private-hostnamesips-and-reusable-access-policies.mdx
@@ -0,0 +1,9 @@
+---
+title: Access Applications support private hostnames/IPs and reusable Access policies.
+description: Access Applications support private hostnames/IPs and reusable Access policies.
+date: 2025-01-21T00:00:00.000Z
+products:
+- access
+---
+
+Cloudflare Access self-hosted applications can now be defined by [private IPs](/cloudflare-one/applications/non-http/self-hosted-private-app/), [private hostnames](/cloudflare-one/applications/non-http/self-hosted-private-app/) (on port 443) and [public hostnames](/cloudflare-one/applications/configure-apps/self-hosted-public-app/). Additionally, we made Access policies into their own object which can be reused across multiple applications. These updates involved significant updates to the overall Access dashboard experience. The updates will be slowly rolled out to different customer cohorts. If you are an Enterprise customer and would like early access, reach out to your account team.
diff --git a/...access/2025-02-11-private-self-hosted-applications-and-reusable-policies-ga.mdx b/...access/2025-02-11-private-self-hosted-applications-and-reusable-policies-ga.mdx
@@ -0,0 +1,9 @@
+---
+title: Private self-hosted applications and reusable policies GA
+description: Private self-hosted applications and reusable policies GA
+date: 2025-02-11T00:00:00.000Z
+products:
+- access
+---
+
+[Private self-hosted applications](/cloudflare-one/applications/non-http/self-hosted-private-app/) and [reusable Access policies](/cloudflare-one/policies/access/policy-management/) are now generally available (GA) for all customers.
diff --git a/src/content/changelog/access/2025-02-12-access-policies-support-filtering.mdx b/src/content/changelog/access/2025-02-12-access-policies-support-filtering.mdx
@@ -0,0 +1,9 @@
+---
+title: Access policies support filtering
+description: Access policies support filtering
+date: 2025-02-12T00:00:00.000Z
+products:
+- access
+---
+
+You can now filter Access policies by their action, selectors, rule groups, and assigned applications.
diff --git a/...ngelog/browser-isolation/2024-03-21-removed-third-party-cookie-dependencies.mdx b/...ngelog/browser-isolation/2024-03-21-removed-third-party-cookie-dependencies.mdx
@@ -0,0 +1,9 @@
+---
+title: Removed third-party cookie dependencies
+description: Removed third-party cookie dependencies
+date: 2024-03-21T00:00:00.000Z
+products:
+- browser-isolation
+---
+
+Removed dependency on third-party cookies in the isolated browser, fixing an issue that previously caused intermittent disruptions for users maintaining multi-site, cross-tab sessions in the isolated browser.
diff --git a/src/content/changelog/casb/2024-04-16-export-casb-findings-to-csv.mdx b/src/content/changelog/casb/2024-04-16-export-casb-findings-to-csv.mdx
@@ -0,0 +1,9 @@
+---
+title: Export CASB findings to CSV
+description: Export CASB findings to CSV
+date: 2024-04-16T00:00:00.000Z
+products:
+- casb
+---
+
+You can now export all top-level CASB findings or every instance of your findings to CSV.
diff --git a/src/content/changelog/casb/2024-05-23-data-at-rest-dlp-for-box-and-dropbox.mdx b/src/content/changelog/casb/2024-05-23-data-at-rest-dlp-for-box-and-dropbox.mdx
@@ -0,0 +1,9 @@
+---
+title: Data-at-rest DLP for Box and Dropbox
+description: Data-at-rest DLP for Box and Dropbox
+date: 2024-05-23T00:00:00.000Z
+products:
+- casb
+---
+
+You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
diff --git a/src/content/changelog/casb/2024-06-03-atlassian-bitbucket-integration.mdx b/src/content/changelog/casb/2024-06-03-atlassian-bitbucket-integration.mdx
@@ -0,0 +1,9 @@
+---
+title: Atlassian Bitbucket integration
+description: Atlassian Bitbucket integration
+date: 2024-06-03T00:00:00.000Z
+products:
+- casb
+---
+
+You can now scan your Bitbucket Cloud workspaces for a variety of contextualized security issues such as source code exposure, admin misconfigurations, and more.
diff --git a/...24-11-22-casb-and-dlp-with-cloud-data-extraction-for-aws-cloud-environments.mdx b/...24-11-22-casb-and-dlp-with-cloud-data-extraction-for-aws-cloud-environments.mdx
@@ -0,0 +1,9 @@
+---
+title: CASB and DLP with Cloud Data Extraction for AWS cloud environments
+description: CASB and DLP with Cloud Data Extraction for AWS cloud environments
+date: 2024-11-22T00:00:00.000Z
+products:
+- casb
+---
+
+You can now use CASB to find security misconfigurations in your AWS cloud environment. You can also [connect your AWS compute account](/cloudflare-one/applications/casb/casb-integrations/aws-s3/#compute-account) to extract and scan your S3 buckets for sensitive data while avoiding egress fees.
diff --git a/src/content/changelog/dex/2024-05-13-dex-alerts.mdx b/src/content/changelog/dex/2024-05-13-dex-alerts.mdx
@@ -0,0 +1,12 @@
+---
+title: DEX alerts
+description: DEX alerts
+date: 2024-05-13T00:00:00.000Z
+products:
+- dex
+---
+
+Admins can now set [DEX alerts](/cloudflare-one/insights/dex/notifications/) using [Cloudflare Notifications](/notifications/). Three new DEX alert types:
+- Device connectivity anomaly
+- Test latency
+- Test low availability
diff --git a/src/content/changelog/dex/2024-05-20-last-seen-isp.mdx b/src/content/changelog/dex/2024-05-20-last-seen-isp.mdx
@@ -0,0 +1,9 @@
+---
+title: Last seen ISP
+description: Last seen ISP
+date: 2024-05-20T00:00:00.000Z
+products:
+- dex
+---
+
+Admins can view the last ISP seen for a device by going to **My Team** > **Devices**. Requires setting up a [traceroute test](/cloudflare-one/insights/dex/tests/traceroute/).
diff --git a/src/content/changelog/dex/2024-12-19-remote-captures.mdx b/src/content/changelog/dex/2024-12-19-remote-captures.mdx
@@ -0,0 +1,9 @@
+---
+title: Remote captures
+description: Remote captures
+date: 2024-12-19T00:00:00.000Z
+products:
+- dex
+---
+
+Admins can now collect packet captures (PCAPs) and WARP diagnostic logs from end-user devices. For more information, refer to [Remote captures](/cloudflare-one/insights/dex/remote-captures/).
diff --git a/src/content/changelog/dex/2025-01-24-ip-visibility.mdx b/src/content/changelog/dex/2025-01-24-ip-visibility.mdx
@@ -0,0 +1,9 @@
+---
+title: IP visibility
+description: IP visibility
+date: 2025-01-24T00:00:00.000Z
+products:
+- dex
+---
+
+[IP visibility](/cloudflare-one/insights/dex/ip-visibility/) enables admins to inspect the different IP addresses associated with an end-user device. IP types available for review on the Cloudflare dashboard include: the device's private IP, the public IP assigned to the device by the ISP, and the router's (that the device is connected to) private IP.
diff --git a/src/content/changelog/dlp/2024-04-16-optical-character-recognition.mdx b/src/content/changelog/dlp/2024-04-16-optical-character-recognition.mdx
@@ -0,0 +1,9 @@
+---
+title: Optical character recognition
+description: Optical character recognition
+date: 2024-04-16T00:00:00.000Z
+products:
+- dlp
+---
+
+DLP can now [detect sensitive data](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#optical-character-recognition-ocr) in jpeg, jpg, and png files. This helps companies prevent the leak of sensitive data in images, such as screenshots.
diff --git a/src/content/changelog/dlp/2024-05-23-data-at-rest-dlp-for-box-and-dropbox.mdx b/src/content/changelog/dlp/2024-05-23-data-at-rest-dlp-for-box-and-dropbox.mdx
@@ -0,0 +1,9 @@
+---
+title: Data-at-rest DLP for Box and Dropbox
+description: Data-at-rest DLP for Box and Dropbox
+date: 2024-05-23T00:00:00.000Z
+products:
+- dlp
+---
+
+You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.