diff --git a/public/__redirects b/public/__redirects
index c13fd061fcdb588..1d2248d691955c1 100644
--- a/public/__redirects
+++ b/public/__redirects
@@ -11,6 +11,16 @@
/changelog/rss.xml /changelog/rss/index.xml 301
/api-shield/changelog/index.xml /changelog/rss/api-shield.xml 301
/cache/changelog/index.xml /changelog/rss/cache.xml 301
+/cloudflare-one/changelog/index.xml changelog/rss/cloudflare-one.xml 301
+/cloudflare-one/changelog/access/index.xml /changelog/rss/access.xml 301
+/cloudflare-one/changelog/browser-isolation/index.xml /changelog/rss/browser-isolation.xml 301
+/cloudflare-one/changelog/casb/index.xml /changelog/rss/casb.xml 301
+/cloudflare-one/changelog/dex/index.xml /changelog/rss/dex.xml 301
+/cloudflare-one/changelog/dlp/index.xml /changelog/rss/dlp.xml 301
+/cloudflare-one/changelog/email-security/index.xml /changelog/rss/email-security.xml 301
+/cloudflare-one/changelog/gateway/index.xml /changelog/rss/gateway.xml 301
+/cloudflare-one/changelog/risk-score/index.xml /changelog/rss/risk-score.xml 301
+/cloudflare-one/changelog/tunnel/index.xml /changelog/rss/cloudflare-tunnel.xml 301
/dns/changelog/index.xml /changelog/rss/dns.xml 301
/fundamentals/changelog/index.xml /changelog/rss/fundamentals.xml 301
/logs/changelog/index.xml /changelog/rss/logs.xml 301
diff --git a/src/components/ProductChangelog.astro b/src/components/ProductChangelog.astro
index 831edc253a527cd..454bfa248b4e5dd 100644
--- a/src/components/ProductChangelog.astro
+++ b/src/components/ProductChangelog.astro
@@ -4,9 +4,12 @@ import { reference } from "astro:content";
import { z } from "astro:schema";
import { getCollection, render } from "astro:content";
import { slug } from "github-slugger";
+import { format } from "date-fns";
+
import RSSButton from "~/components/RSSButton.astro";
import AnchorHeading from "~/components/AnchorHeading.astro";
-import { format } from "date-fns";
+import ProductPills from "~/components/changelog/ProductPills.astro";
+
const props = z
.object({
product: reference("products"),
@@ -17,32 +20,38 @@ const props = z
}),
)
.and(
- z.object({
- hideEntry: z.string().optional(),
- }),
- );;
+ z.object({
+ hideEntry: z.string().optional(),
+ }),
+ );
+
const input = await props.parseAsync(Astro.props);
+
let filter: GetChangelogsOptions["filter"];
let rss: string;
+
if ("product" in input) {
rss = `/changelog/rss/${input.product.id}.xml`;
+
filter = (e) => {
return (
- !e.data.hidden &&
- e.data.products.some(({ id }) => id === input.product.id) &&
- input.hideEntry !== e.id
- );
+ !e.data.hidden &&
+ e.data.products.some(({ id }) => id === input.product.id) &&
+ input.hideEntry !== e.id
+ );
};
} else {
rss = `/changelog/rss/${slug(input.area)}.xml`;
+
const products = await getCollection("products", (e) => {
- return e.data.product.group === input.area &&
- input.hideEntry !== e.id;
+ return e.data.product.group === input.area && input.hideEntry !== e.id;
});
+
filter = (e) => {
return e.data.products.some((x) => products.some((y) => x.id === y.id));
};
}
+
const changelogs = await getChangelogs({ filter });
---
@@ -50,15 +59,20 @@ const changelogs = await getChangelogs({ filter });
{
changelogs.map(async (entry) => {
-
-
const { Content } = await render(entry);
+
return (
-
-
- {entry.data.title}
-
-
+ <>
+
+ {"area" in input && }
+
+ {entry.data.title}
+
+
+
);
})
-}
\ No newline at end of file
+}
diff --git a/src/content/changelog/casb/2024-11-22-cloud-data-extraction-aws.mdx b/src/content/changelog/casb/2024-11-22-cloud-data-extraction-aws.mdx
index c2116fe11d919d6..343310e6e4ebb74 100644
--- a/src/content/changelog/casb/2024-11-22-cloud-data-extraction-aws.mdx
+++ b/src/content/changelog/casb/2024-11-22-cloud-data-extraction-aws.mdx
@@ -2,8 +2,6 @@
title: Find security misconfigurations in your AWS cloud environment
description: CASB and DLP with Cloud Data Extraction for AWS cloud environments
date: 2024-11-22T11:00:00Z
-products:
- - dlp
---
import { Render } from "~/components";
diff --git a/src/content/changelog/dlp/2025-01-03-source-code-confidence-level.mdx b/src/content/changelog/dlp/2025-01-03-source-code-confidence-level.mdx
index dfd830916bd59d6..73a42cae2d01e22 100644
--- a/src/content/changelog/dlp/2025-01-03-source-code-confidence-level.mdx
+++ b/src/content/changelog/dlp/2025-01-03-source-code-confidence-level.mdx
@@ -1,7 +1,7 @@
---
title: Detect source code leaks with Data Loss Prevention
description: Added source code confidence levels to Data Loss Prevention
-date: 2025-01-03T11:00:00Z
+date: 2025-01-20T11:00:00Z
---
import { Render } from "~/components";
@@ -13,4 +13,6 @@ You can now detect source code leaks with Data Loss Prevention (DLP) with predef
product="cloudflare-one"
/>
+DLP also supports confidence level for [source code profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/predefined-profiles/#source-code).
+
For more details, refer to [DLP profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/).
diff --git a/src/content/docs/cloudflare-one/changelog/access.mdx b/src/content/docs/cloudflare-one/changelog/access.mdx
index df561e7692ecde8..716cca04fe1ea59 100644
--- a/src/content/docs/cloudflare-one/changelog/access.mdx
+++ b/src/content/docs/cloudflare-one/changelog/access.mdx
@@ -1,19 +1,134 @@
---
pcx_content_type: changelog
title: Access
-release_notes_file_name:
- - access
head:
- tag: title
content: Access Changelog
description: Review recent changes to Cloudflare Access.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Custom block pages for Access applications**
-
+Allow Access admins to customize the block pages presented by Access to end users.
diff --git a/src/content/docs/cloudflare-one/changelog/browser-isolation.mdx b/src/content/docs/cloudflare-one/changelog/browser-isolation.mdx
index 27dba316b4ea0ae..087a604626b2a08 100644
--- a/src/content/docs/cloudflare-one/changelog/browser-isolation.mdx
+++ b/src/content/docs/cloudflare-one/changelog/browser-isolation.mdx
@@ -1,19 +1,23 @@
---
pcx_content_type: changelog
title: Browser Isolation
-release_notes_file_name:
- - browser-isolation
head:
- tag: title
content: Browser Isolation Changelog
description: Review recent changes to Cloudflare Browser Isolation.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Removed third-party cookie dependencies**
-
+Removed dependency on third-party cookies in the isolated browser, fixing an issue that previously caused intermittent disruptions for users maintaining multi-site, cross-tab sessions in the isolated browser.
diff --git a/src/content/docs/cloudflare-one/changelog/casb.mdx b/src/content/docs/cloudflare-one/changelog/casb.mdx
index e0195059f32cfc7..63f006c4d60a30b 100644
--- a/src/content/docs/cloudflare-one/changelog/casb.mdx
+++ b/src/content/docs/cloudflare-one/changelog/casb.mdx
@@ -1,19 +1,32 @@
---
pcx_content_type: changelog
title: CASB
-release_notes_file_name:
- - casb
head:
- tag: title
content: CASB Changelog
description: Review recent changes to Cloudflare CASB.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Export CASB findings to CSV**
-
+You can now export all top-level CASB findings or every instance of your findings to CSV.
diff --git a/src/content/docs/cloudflare-one/changelog/dex.mdx b/src/content/docs/cloudflare-one/changelog/dex.mdx
index 2a7ca6dead501e2..34402c23128fcf9 100644
--- a/src/content/docs/cloudflare-one/changelog/dex.mdx
+++ b/src/content/docs/cloudflare-one/changelog/dex.mdx
@@ -1,19 +1,42 @@
---
pcx_content_type: changelog
title: Digital Experience Monitoring
-release_notes_file_name:
- - dex
head:
- tag: title
content: Digital Experience Monitoring Changelog
description: Review recent changes to Digital Experience Monitoring.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+Admins can now set [DEX alerts](/cloudflare-one/insights/dex/notifications/) using [Cloudflare Notifications](/notifications/). Three new DEX alert types:
-
+- Device connectivity anomaly
+- Test latency
+- Test low availability
diff --git a/src/content/docs/cloudflare-one/changelog/dlp.mdx b/src/content/docs/cloudflare-one/changelog/dlp.mdx
index e14da966779359c..fc115de561bebcb 100644
--- a/src/content/docs/cloudflare-one/changelog/dlp.mdx
+++ b/src/content/docs/cloudflare-one/changelog/dlp.mdx
@@ -1,19 +1,50 @@
---
pcx_content_type: changelog
title: Data Loss Prevention
-release_notes_file_name:
- - dlp
head:
- tag: title
content: DLP Changelog
description: Review recent changes to Cloudflare DLP.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Optical character recognition**
-
+DLP can now [detect sensitive data](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#optical-character-recognition-ocr) in jpeg, jpg, and png files. This helps companies prevent the leak of sensitive data in images, such as screenshots.
diff --git a/src/content/docs/cloudflare-one/changelog/email-security.mdx b/src/content/docs/cloudflare-one/changelog/email-security.mdx
index aec951c4f8b0d1c..dfe5624482d0748 100644
--- a/src/content/docs/cloudflare-one/changelog/email-security.mdx
+++ b/src/content/docs/cloudflare-one/changelog/email-security.mdx
@@ -1,15 +1,31 @@
---
pcx_content_type: changelog
title: Email Security
-release_notes_file_name:
- - email-security
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Microsoft Graph API deployment.**
-
\ No newline at end of file
+Customers using Microsoft Office 365 can set up Email Security via Microsoft Graph API.
diff --git a/src/content/docs/cloudflare-one/changelog/gateway.mdx b/src/content/docs/cloudflare-one/changelog/gateway.mdx
index 22fb8d899fa478c..dc90ae625b622bd 100644
--- a/src/content/docs/cloudflare-one/changelog/gateway.mdx
+++ b/src/content/docs/cloudflare-one/changelog/gateway.mdx
@@ -1,19 +1,86 @@
---
pcx_content_type: changelog
title: Gateway
-release_notes_file_name:
- - gateway
head:
- tag: title
content: Gateway Changelog
description: Review recent changes to Cloudflare Gateway.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**Gateway file type control improvements**
-
+Gateway now offers a more extensive, categorized [list of files](/cloudflare-one/policies/gateway/http-policies/#download-and-upload-file-types) to control uploads and downloads.
diff --git a/src/content/docs/cloudflare-one/changelog/index.mdx b/src/content/docs/cloudflare-one/changelog/index.mdx
index 4cc3506006f251b..8e66b66c057cac0 100644
--- a/src/content/docs/cloudflare-one/changelog/index.mdx
+++ b/src/content/docs/cloudflare-one/changelog/index.mdx
@@ -1,19 +1,14 @@
---
pcx_content_type: changelog
title: Changelog
-release_notes_name: Cloudflare One
-release_notes_product_area_name: Cloudflare One
sidebar:
order: 15
head: []
description: Review recent changes to Cloudflare One.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
-
-
+import { ProductChangelog } from "~/components";
-{/* */}
+{/* */}
+**SentinelOne signal ingestion**
-
+You can now configure a [predefined risk behavior](/cloudflare-one/insights/risk-score/#predefined-risk-behaviors) to evaluate user risk score using device posture attributes from the [SentinelOne integration](/cloudflare-one/identity/devices/service-providers/sentinelone/).
diff --git a/src/content/docs/cloudflare-one/changelog/tunnel.mdx b/src/content/docs/cloudflare-one/changelog/tunnel.mdx
index 157bcad58e488eb..85c6b2b83421bc8 100644
--- a/src/content/docs/cloudflare-one/changelog/tunnel.mdx
+++ b/src/content/docs/cloudflare-one/changelog/tunnel.mdx
@@ -1,19 +1,35 @@
---
pcx_content_type: changelog
title: Cloudflare Tunnel
-release_notes_file_name:
- - tunnel
head:
- tag: title
content: Cloudflare Tunnel Changelog
description: Review recent changes to Cloudflare Tunnel.
-
---
-import { ProductReleaseNotes, Render } from "~/components"
+import { ProductChangelog } from "~/components";
+
+{/* */}
+**cloudflared builds available in GitHub for Apple silicon**
-
+macOS users can now download `cloudflared-arm64.pkg` directly from [GitHub](https://github.com/cloudflare/cloudflared/releases), in addition to being available via Homebrew.
diff --git a/src/content/release-notes/access.yaml b/src/content/release-notes/access.yaml
deleted file mode 100644
index 72c251e5dfa4722..000000000000000
--- a/src/content/release-notes/access.yaml
+++ /dev/null
@@ -1,87 +0,0 @@
----
-link: "/cloudflare-one/changelog/access/"
-productName: Access
-productLink: "/cloudflare-one/applications/configure-apps/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2025-02-12"
- title: Access policies support filtering
- description: |-
- You can now filter Access policies by their action, selectors, rule groups, and assigned applications.
- - publish_date: "2025-02-11"
- title: Private self-hosted applications and reusable policies GA
- description: |-
- [Private self-hosted applications](/cloudflare-one/applications/non-http/self-hosted-private-app/) and [reusable Access policies](/cloudflare-one/policies/access/policy-management/) are now generally available (GA) for all customers.
- - publish_date: "2025-01-21"
- title: Access Applications support private hostnames/IPs and reusable Access policies.
- description: |-
- Cloudflare Access self-hosted applications can now be defined by [private IPs](/cloudflare-one/applications/non-http/self-hosted-private-app/), [private hostnames](/cloudflare-one/applications/non-http/self-hosted-private-app/) (on port 443) and [public hostnames](/cloudflare-one/applications/configure-apps/self-hosted-public-app/). Additionally, we made Access policies into their own object which can be reused across multiple applications. These updates involved significant updates to the overall Access dashboard experience. The updates will be slowly rolled out to different customer cohorts. If you are an Enterprise customer and would like early access, reach out to your account team.
- - publish_date: "2025-01-15"
- title: Logpush for SSH command logs
- description: |-
- Enterprise customers can now use Logpush to export SSH command logs for Access for Infrastructure targets.
- - publish_date: "2024-12-04"
- title: SCIM GA for Okta and Microsoft Entra ID
- description: |-
- Cloudflare's SCIM integrations with [Okta](/cloudflare-one/identity/idp-integration/okta/#synchronize-users-and-groups) and [Microsoft Entra ID](//cloudflare-one/identity/idp-integration/entra-id/#synchronize-users-and-groups) (formerly AzureAD) are now out of beta and generally available (GA) for all customers. These integrations can be used for Access and Gateway policies and Zero Trust user management. Note: This GA release does not include [Dashboard SSO SCIM](/fundamentals/setup/account/account-security/scim-setup/) support.
- - publish_date: "2024-10-23"
- title: SSH with Access for Infrastructure
- description: |-
- Admins can now use [Access for Infrastructure](/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/) to manage privileged access to SSH servers. Access for Infrastructure provides improved control and visibility over who accessed what service and what they did during their SSH session. Access for Infrastructure also eliminates the risk and overhead associated with managing SSH keys by using short-lived SSH certificates to access SSH servers.
- - publish_date: "2024-08-26"
- title: Reduce automatic seat deprovisioning minimum to 1 month, down from 2 months.
- description: |-
- Admins can now configure Zero Trust seats to [automatically expire](/cloudflare-one/identity/users/seat-management/#enable-seat-expiration) after 1 month of user inactivity. The previous minimum was 2 months.
- - publish_date: "2024-06-06"
- title: Scalability improvements to the App Launcher
- description: |-
- Applications now load more quickly for customers with a large number of applications or complex policies.
- - publish_date: "2024-04-28"
- title: Add option to bypass CORS to origin server
- description: |-
- Access admins can [defer all CORS enforcement to their origin server](/cloudflare-one/identity/authorization-cookie/cors/#bypass-options-requests-to-origin) for specific Access applications.
- - publish_date: "2024-04-15"
- title: Zero Trust User identity audit logs
- description: |-
- All user identity changes via SCIM or Authentication events are logged against a user's registry identity.
- - publish_date: "2024-02-22"
- title: Access for SaaS OIDC Support
- description: |-
- Access for SaaS applications can be setup with OIDC as an authentication method. OIDC and SAML 2.0 are now both fully supported.
- - publish_date: "2024-02-22"
- title: WARP as an identity source for Access
- description: |-
- Allow users to log in to Access applications with their WARP session identity. Users need to reauthenticate based on default session durations. WARP authentication identity must be turned on in your device enrollment permissions and can be enabled on a per application basis.
- - publish_date: "2023-12-20"
- title: Unique Entity IDs in Access for SaaS
- description: |-
- All new Access for SaaS applications have unique Entity IDs. This allows for multiple integrations with the same SaaS provider if required. The unique Entity ID has the application audience tag appended. Existing apps are unchanged.
- - publish_date: "2023-12-15"
- title: Default relay state support in Access for SaaS
- description: |-
- Allows Access admins to set a default relay state on Access for SaaS apps.
- - publish_date: "2023-09-15"
- title: App launcher supports tags and filters
- description: |-
- Access admins can now tag applications and allow users to filter by those tags in the App Launcher.
- - publish_date: "2023-09-15"
- title: App launcher customization
- description: |-
- Allow Access admins to configure the App Launcher page within Zero Trust.
- - publish_date: "2023-09-15"
- title: View active Access user identities in the dashboard and API
- description: |-
- Access admins can now view the full contents of a user's identity and device information for all active application sessions.
- - publish_date: "2023-09-08"
- title: Custom OIDC claims for named IdPs
- description: |-
- Access admins can now add custom claims to the existing named IdP providers. Previously this was locked to the generic OIDC provider.
- - publish_date: "2023-08-02"
- title: Azure AD authentication contexts
- description: |-
- Support Azure AD authentication contexts directly in Access policies.
- - publish_date: "2023-06-23"
- title: Custom block pages for Access applications
- description: |-
- Allow Access admins to customize the block pages presented by Access to end users.
diff --git a/src/content/release-notes/browser-isolation.yaml b/src/content/release-notes/browser-isolation.yaml
deleted file mode 100644
index e2e139567ebb885..000000000000000
--- a/src/content/release-notes/browser-isolation.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-link: "/cloudflare-one/changelog/browser-isolation/"
-productName: Browser Isolation
-productLink: "/cloudflare-one/policies/browser-isolation/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2024-03-21"
- title: Removed third-party cookie dependencies
- description: |-
- Removed dependency on third-party cookies in the isolated browser, fixing an issue that previously caused intermittent disruptions for users maintaining multi-site, cross-tab sessions in the isolated browser.
diff --git a/src/content/release-notes/casb.yaml b/src/content/release-notes/casb.yaml
deleted file mode 100644
index e51707c9e3d9cf4..000000000000000
--- a/src/content/release-notes/casb.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-link: "/cloudflare-one/changelog/casb/"
-productName: CASB
-productLink: "/cloudflare-one/applications/casb/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2024-11-22"
- title: CASB and DLP with Cloud Data Extraction for AWS cloud environments
- description: |-
- You can now use CASB to find security misconfigurations in your AWS cloud environment. You can also [connect your AWS compute account](/cloudflare-one/applications/casb/casb-integrations/aws-s3/#compute-account) to extract and scan your S3 buckets for sensitive data while avoiding egress fees.
- - publish_date: "2024-06-03"
- title: Atlassian Bitbucket integration
- description: |-
- You can now scan your Bitbucket Cloud workspaces for a variety of contextualized security issues such as source code exposure, admin misconfigurations, and more.
- - publish_date: "2024-05-23"
- title: Data-at-rest DLP for Box and Dropbox
- description: |-
- You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
- - publish_date: "2024-04-16"
- title: Export CASB findings to CSV
- description: |-
- You can now export all top-level CASB findings or every instance of your findings to CSV.
diff --git a/src/content/release-notes/dex.yaml b/src/content/release-notes/dex.yaml
deleted file mode 100644
index 7d6feff3c3c4e0f..000000000000000
--- a/src/content/release-notes/dex.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
----
-link: "/cloudflare-one/changelog/dex/"
-productName: Digital Experience Monitoring
-productLink: "/cloudflare-one/insights/dex/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2025-01-24"
- title: IP visibility
- description: |-
- [IP visibility](/cloudflare-one/insights/dex/ip-visibility/) enables admins to inspect the different IP addresses associated with an end-user device. IP types available for review on the Cloudflare dashboard include: the device's private IP, the public IP assigned to the device by the ISP, and the router's (that the device is connected to) private IP.
- - publish_date: "2024-12-19"
- title: Remote captures
- description: |-
- Admins can now collect packet captures (PCAPs) and WARP diagnostic logs from end-user devices. For more information, refer to [Remote captures](/cloudflare-one/insights/dex/remote-captures/).
- - publish_date: "2024-05-20"
- title: Last seen ISP
- description: |-
- Admins can view the last ISP seen for a device by going to **My Team** > **Devices**. Requires setting up a [traceroute test](/cloudflare-one/insights/dex/tests/traceroute/).
- - publish_date: "2024-05-13"
- title: DEX alerts
- description: |-
- Admins can now set [DEX alerts](/cloudflare-one/insights/dex/notifications/) using [Cloudflare Notifications](/notifications/). Three new DEX alert types:
- - Device connectivity anomaly
- - Test latency
- - Test low availability
diff --git a/src/content/release-notes/dlp.yaml b/src/content/release-notes/dlp.yaml
deleted file mode 100644
index 5c227bb3c756174..000000000000000
--- a/src/content/release-notes/dlp.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-link: "/cloudflare-one/changelog/dlp/"
-productName: DLP
-productLink: "/cloudflare-one/policies/data-loss-prevention/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2025-01-23"
- title: Source code confidence levels
- description: |-
- DLP now supports setting a confidence level for [source code profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/predefined-profiles/#source-code).
- - publish_date: "2025-01-15"
- title: Payload log match visibility
- description: |-
- When viewing decrypted payload log matches, DLP now provides more context by listing multiple DLP matches and the matching DLP profile.
- - publish_date: "2024-11-25"
- title: Profile confidence levels
- description: |-
- DLP profiles now support setting a [confidence level](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#confidence-levels) to choose how tolerant its detections are to false positives based on the context of the detection. The higher a profile's confidence level is, the less false positives will be allowed. Confidence levels include Low, Medium, or High. DLP profile confidence levels supersede [context analysis](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#context-analysis).
- - publish_date: "2024-11-01"
- title: Send entire HTTP requests to a Logpush destination
- description: |-
- In addition to [logging the payload](/cloudflare-one/policies/data-loss-prevention/dlp-policies/logging-options/#log-the-payload-of-matched-rules) from HTTP requests that matched a DLP policy in Cloudflare Logs, Enterprise users can now configure a [Logpush job](/cloudflare-one/policies/data-loss-prevention/dlp-policies/logging-options/#send-http-requests-to-logpush-destination) to send the entire HTTP request that triggered a DLP match to a storage destination. This allows long-term storage of full requests for use in forensic investigation.
- - publish_date: "2024-09-03"
- title: Exact Data Match multi-entry upload support
- description: |-
- You can now upload files with [multiple columns of data](/cloudflare-one/policies/data-loss-prevention/datasets/#upload-a-new-dataset) as Exact Data Match datasets. DLP can use each column as a separate existing detection entry.
- - publish_date: "2024-05-23"
- title: Data-at-rest DLP for Box and Dropbox
- description: |-
- You can now scan your [Box](/cloudflare-one/applications/casb/casb-integrations/box/#data-loss-prevention-optional) and [Dropbox](/cloudflare-one/applications/casb/casb-integrations/dropbox/#data-loss-prevention-optional) files for DLP matches.
- - publish_date: "2024-04-16"
- title: Optical character recognition
- description: |-
- DLP can now [detect sensitive data](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings/#optical-character-recognition-ocr) in jpeg, jpg, and png files. This helps companies prevent the leak of sensitive data in images, such as screenshots.
diff --git a/src/content/release-notes/email-security.yaml b/src/content/release-notes/email-security.yaml
deleted file mode 100644
index b60fd91c10758f4..000000000000000
--- a/src/content/release-notes/email-security.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-link: "/cloudflare-one/changelog/email-security/"
-productName: Email Security
-productLink: "/cloudflare-one/email-security/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2024-08-06"
- title: Email Security is live
- description: |-
- Email Security is now live under Zero Trust.
- - publish_date: "2024-08-06"
- title: Microsoft Graph API deployment.
- description: |-
- Customers using Microsoft Office 365 can set up Email Security via Microsoft Graph API.
- - publish_date: "2024-12-19"
- title: Email Security reclassification tab
- description: |-
- Customers can now have more transparency about their team and user submissions. The new Reclassification tab in the Zero Trust dashboard will allow customers to have a full understanding of what submissions they have made and what the outcomes of those submissions are.
- - publish_date: "2024-12-19"
- title: Email Security expanded folder scanning
- description: |-
- Microsoft 365 customers can now choose to scan all folders or just the inbox when deploying via the Graph API.
diff --git a/src/content/release-notes/gateway.yaml b/src/content/release-notes/gateway.yaml
deleted file mode 100644
index 75d87abde31e795..000000000000000
--- a/src/content/release-notes/gateway.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
----
-link: "/cloudflare-one/changelog/gateway/"
-productName: Gateway
-productLink: "/cloudflare-one/policies/gateway/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2025-02-13"
- title: Unscannable files for Download and Upload File Types selectors
- description: |-
- Gateway and DLP users can now match [unscannable files](/cloudflare-one/policies/gateway/http-policies/#download-and-upload-file-types) with the Download and Upload File Types traffic selectors for HTTP policies. This update allows users to block files that are password-protected, compressed, or otherwise unscannable.
- - publish_date: "2025-02-12"
- title: Upload/Download File Size selectors for HTTP policies
- description: |-
- Gateway and DLP users can now create HTTP policies with the [Download and Upload File Size (MiB)](/cloudflare-one/policies/gateway/http-policies/#download-and-upload-file-size) traffic selectors. This update allows users to block uploads or downloads based on file size.
- - publish_date: "2025-02-02"
- title: The default global Cloudflare root certificate expired on 2025-02-02 at 16:05 UTC
- description: |-
- If you installed the default Cloudflare certificate before 2024-10-17, you must generate a new certificate and activate it for your Zero Trust organization to avoid inspection errors. Refer to [Troubleshooting](/cloudflare-one/faq/troubleshooting/#as-of-february-2-2025-my-end-user-devices-browser-is-returning-a-your-connection-is-not-private-warning) for instructions and troubleshooting steps.
- - publish_date: "2025-01-08"
- title: Bring your own resolver IP (BYOIP) for DNS locations
- description: |-
- Enterprise users can now [provide an IP address](/cloudflare-one/connections/connect-devices/agentless/dns/locations/dns-resolver-ips/#bring-your-own-dns-resolver-ip) for a private DNS resolver to use with [DNS locations](/cloudflare-one/connections/connect-devices/agentless/dns/locations/). Gateway supports bringing your own IPv4 and IPv6 addresses.
- - publish_date: "2024-11-20"
- title: Category filtering in the network policy builder
- description: |-
- Gateway users can now create network policies with the [Content Categories](/cloudflare-one/policies/gateway/network-policies/#content-categories) and [Security Risks](/cloudflare-one/policies/gateway/network-policies/#security-risks) traffic selectors. This update simplifies malicious traffic blocking and streamlines network monitoring for improved security management.
- - publish_date: "2024-10-17"
- title: Per-account Cloudflare root certificate
- description: |-
- Gateway users can now generate [unique root CAs](/cloudflare-one/connections/connect-devices/user-side-certificates/) for their Zero Trust account. Both generated certificate and custom certificate users must [activate a root certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/#activate-a-root-certificate) to use it for inspection. Per-account certificates replace the default Cloudflare certificate, which is set to expire on 2025-02-02.
- - publish_date: "2024-10-10"
- title: Time-based policy duration
- description: |-
- Gateway now offers [time-based DNS policy duration](/cloudflare-one/policies/gateway/dns-policies/timed-policies/#time-based-policy-duration). With policy duration, you can configure a duration of time for a policy to turn on or set an exact date and time to turn a policy off.
- - publish_date: "2024-10-04"
- title: Expanded Gateway log fields
- description: |-
- Gateway now offers new fields in [activity logs](/cloudflare-one/insights/logs/gateway-logs/) for DNS, network, and HTTP policies to provide greater insight into your users' traffic routed through Gateway.
- - publish_date: "2024-09-30"
- title: File sandboxing
- description: |-
- Gateway users on Enterprise plans can create HTTP policies with [file sandboxing](/cloudflare-one/policies/gateway/http-policies/file-sandboxing/) to quarantine previously unseen files downloaded by your users and scan them for malware.
- - publish_date: "2024-07-30"
- title: UK NCSC indicator feed publicly available in Gateway
- description: |-
- Gateway users on any plan can now use the [PDNS threat intelligence feed](/security-center/indicator-feeds/#publicly-available-feeds) provided by the UK National Cyber Security Centre (NCSC) in DNS policies.
- - publish_date: "2024-07-14"
- title: Gateway DNS filter non-authenticated queries
- description: |-
- Gateway users can now select which endpoints to use for a given DNS location. Available endpoints include IPv4, IPv6, DNS over HTTPS (DoH), and DNS over TLS (DoT). Users can protect each configured endpoint by specifying allowed source networks. Additionally, for the DoH endpoint, users can filter traffic based on source networks and/or authenticate user identity tokens.
- - publish_date: "2024-06-25"
- title: Gateway DNS policy setting to ignore CNAME category matches
- description: |-
- Gateway now offers the ability to selectively ignore CNAME domain categories in DNS policies via the [**Ignore CNAME domain categories** setting](/cloudflare-one/policies/gateway/domain-categories/#ignore-cname-domain-categories) in the policy builder and the [`ignore_cname_category_matches` setting](/api/resources/zero_trust/subresources/gateway/subresources/rules/methods/create/) in the API.
- - publish_date: "2024-04-05"
- title: Gateway file type control improvements
- description: |-
- Gateway now offers a more extensive, categorized [list of files](/cloudflare-one/policies/gateway/http-policies/#download-and-upload-file-types) to control uploads and downloads.
diff --git a/src/content/release-notes/risk-score.yaml b/src/content/release-notes/risk-score.yaml
deleted file mode 100644
index 75db092e69dcc08..000000000000000
--- a/src/content/release-notes/risk-score.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-link: "/cloudflare-one/changelog/risk-score/"
-productName: Risk score
-productLink: "/cloudflare-one/insights/risk-score/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2024-06-17"
- title: Okta risk exchange
- description: |-
- You can now [exchange user risk scores](/cloudflare-one/insights/risk-score/#send-risk-score-to-okta) with Okta to inform SSO-level policies.
- - publish_date: "2024-06-14"
- title: SentinelOne signal ingestion
- description: |-
- You can now configure a [predefined risk behavior](/cloudflare-one/insights/risk-score/#predefined-risk-behaviors) to evaluate user risk score using device posture attributes from the [SentinelOne integration](/cloudflare-one/identity/devices/service-providers/sentinelone/).
diff --git a/src/content/release-notes/tunnel.yaml b/src/content/release-notes/tunnel.yaml
deleted file mode 100644
index ae9beae2a9e354a..000000000000000
--- a/src/content/release-notes/tunnel.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-link: "/cloudflare-one/changelog/tunnel/"
-productName: Cloudflare Tunnel
-productLink: "/cloudflare-one/connections/connect-networks/"
-productArea: Cloudflare One
-productAreaLink: /cloudflare-one/changelog/
-entries:
- - publish_date: "2024-12-19"
- title: Tunnel diagnostic logs
- description: |-
- The latest `cloudflared` build [2024.12.2](https://github.com/cloudflare/cloudflared/releases/tag/2024.12.2) introduces the ability to collect all the diagnostic logs needed to troubleshoot a `cloudflared` instance. For more information, refer to [Diagnostic logs](/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/diag-logs/).
- - publish_date: "2024-10-17"
- title: Simplifed WARP Connector deployment
- description: |-
- You can now deploy WARP Connector using a simplified, guided workflow similar to `cloudflared` connectors. For detailed instructions, refer to the [WARP Connector documentation](/cloudflare-one/connections/connect-networks/private-net/warp-connector/).
- - publish_date: "2024-10-10"
- title: Bugfix for --grace-period
- description: |-
- The new `cloudflared` build [2024.10.0](https://github.com/cloudflare/cloudflared/releases/tag/2024.10.0) has a bugfix related to the [--grace-period](/cloudflare-one/connections/connect-networks/configure-tunnels/cloudflared-parameters/run-parameters/#grace-period) tunnel run parameter. `cloudflared` connectors will now abide by the specified waiting period before forcefully closing connections to Cloudflare's network.
- - publish_date: "2024-08-06"
- title: cloudflared builds available in GitHub for Apple silicon
- description: |-
- macOS users can now download `cloudflared-arm64.pkg` directly from [GitHub](https://github.com/cloudflare/cloudflared/releases), in addition to being available via Homebrew.