2.35.0 🌈
·
880 commits
to refs/heads/master
since this release
Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.
Changes since 2.34.0
- fix(Qualys parser): wrong handling enable_weakness @kiblik (#10105)
- fix(docker): Bump versions (python 3.11, debian bookworm) @kiblik (#10286)
- Rebased PR for Vulnerability Ids @hblankenship (#10301)
- fix NoneType exception in case of simple risk acceptance @lme-nca (#10309)
- Calm the deduplication of MsDefender @manuel-sommer (#10293)
- RedHatSatellite module_streams field is dict within list @manuel-sommer (#10291)
- Sonarqube flow field contains dict @manuel-sommer (#10290)
- fix(docker): Bump versions (python 3.11, alpine 3.20) @kiblik (#10280)
- fix: fix severity lookup in Qualys parser @nv-pipo (#10205)
- feat(django): preload django app @sebglon (#10138)
- Optimize nginx configs for performance by default @testaccount90009 (#10151)
- Update views.py to fix #10162 @devsecopsale (#10173)
- 🐛 severity mapping, ✨ defender performance improvement @manuel-sommer (#10185)
- Import History: Adding a few tests @Maffooch (#10235)
- fix(docs): Broken images in source-code-repositories.md @kiblik (#10261)
- msdefender: migrate cve to unsaved_vulnerability_ids @manuel-sommer (#10109)
- fix(integrity check): update hash + handle collectstatic @kiblik (#10241)
- Nosey Parker description fixes @tpat13 (#9856)
- Added with best practice for file open @hblankenship (#10115)
- 🐛 fix SARIF, issue #10191 @manuel-sommer (#10200)
- 🐛 reset description in progpilot after each finding @manuel-sommer (#10210)
- 🐛 fix severity in sonarqube scan detailed @manuel-sommer (#10157)
- Fix(api-sq): Doc: typo in multi branch scanning @kiblik (#10186)
- 💄 remove unnecessary content from sonarqube findings @manuel-sommer (#10133)
- 💄 remove unnecessary content from redhatsatellite findings @manuel-sommer (#10134)
- Setting status code on 400/500 errors @cneill (#10164)
- Product Metrics Bugfixes @blakeaowens (#10163)
- remove cve field from docs @manuel-sommer (#10110)
- Fix Report generation issue (pic_token template tag) @dogboat (#10153)
🚩 Changes to settings.dist.py / local_settings.py
- Introduce coverity scan parser @tschaepe-secuvera (#10097)
- feat(settings): Add integrity checker @kiblik (#10212)
- Consolidation of notification creation @kiblik (#8824)
- advance vulnerability urls @manuel-sommer (#10136)
🚩 Database migration
- Optionally Enforce SLA Remediation Days @blakeaowens (#10179)
🚀 API features and enhancements
- Risk Acceptance: Make API set/unset risk acceptance status @Maffooch (#10320)
- Importers: migrate to options class @Maffooch (#10254)
- feat(user): Show date of user creation @kiblik (#10119)
- Optionally Enforce SLA Remediation Days @blakeaowens (#10179)
- Object File Uploads: Add validations and download functionality @Maffooch (#10183)
🐛 Bug Fixes
- Risk Acceptance: Make API set/unset risk acceptance status @Maffooch (#10320)
- Test_Import: Correct exception for multiple findings in the same object @Maffooch (#10226)
- Object File Uploads: Add validations and download functionality @Maffooch (#10183)
🖌 Updates in UI
- Bugfix -> Dev: 2.35.0 @Maffooch (#10322)
- Make social login buttons fully clickable @WojTecH94 (#10304)
- numerical ordering for multiple pages @manuel-sommer (#9636)
- Importers: migrate to options class @Maffooch (#10254)
- Make endpoint names visible in reports @dogboat (#10230)
- Improving date of discovery filter @hblankenship (#10204)
- feat(user): Show date of user creation @kiblik (#10119)
- Optionally Enforce SLA Remediation Days @blakeaowens (#10179)
- Importers: Small corrections @Maffooch (#10182)
- Object File Uploads: Add validations and download functionality @Maffooch (#10183)
- fix(notifications-email): Use a for urls @kiblik (#10193)
🧰 Maintenance
- Bump netaddr from 1.2.1 to 1.3.0 @dependabot (#10318)
- Bump requests from 2.32.2 to 2.32.3 @dependabot (#10319)
- Bump boto3 from 1.34.116 to 1.34.117 @dependabot (#10317)
- Bump nginx from 1.26.0-alpine to 1.27.0-alpine @dependabot (#10316)
- chore(deps): update dependency ruff from 0.4.6 to v0.4.7 (requirements-lint.txt) @renovate (#10310)
- Bump python-gitlab from 4.5.0 to 4.6.0 @dependabot (#10306)
- Bump openpyxl from 3.1.2 to 3.1.3 @dependabot (#10307)
- Bump boto3 from 1.34.115 to 1.34.116 @dependabot (#10308)
- Bump boto3 from 1.34.111 to 1.34.115 @dependabot (#10302)
- chore(deps): update redis:7.2.5-alpine docker digest from 7.2.5 to 7.2.5-alpine (docker-compose.yml) @renovate (#10267)
- chore(deps): update helm release redis from 19.4.0 to ~19.5.0 (helm/defectdojo/chart.yaml) @renovate (#10265)
- Bump asteval from 0.9.32 to 0.9.33 @dependabot (#10269)
- chore(deps): update nginx/nginx-prometheus-exporter docker tag from 1.1.0 to v1.2.0 (helm/defectdojo/values.yaml) @renovate (#10300)
- chore(deps): update helm release postgresql from 15.4.2 to ~15.5.0 (helm/defectdojo/chart.yaml) @renovate (#10294)
- Bump coverage from 7.5.1 to 7.5.3 @dependabot (#10298)
- Update dependency ruff from 0.4.5 to v0.4.6 (requirements-lint.txt) @renovate (#10287)
- chore(deps): update postgres:16.3-alpine docker digest from 16.3 to 16.3-alpine (docker-compose.yml) @renovate (#10257)
- chore(deps): update dependency ruff from 0.4.4 to v0.4.5 (requirements-lint.txt) @renovate (#10258)
- Bump boto3 from 1.34.110 to 1.34.111 @dependabot (#10262)
- chore(deps): update helm release rabbitmq from 14.1.5 to ~14.3.0 (helm/defectdojo/chart.yaml) @renovate (#10245)
- Update Helm release postgresql from 15.3.5 to ~15.4.0 (helm/defectdojo/Chart.yaml) @renovate (#10244)
- Bump requests from 2.31.0 to 2.32.2 @dependabot (#10250)
- chore(deps): update helm release redis from 19.3.4 to ~19.4.0 (helm/defectdojo/chart.yaml) @renovate (#10246)
- chore(deps): update redis docker tag from 7.2.4 to v7.2.5 (docker-compose.yml) @renovate (#10234)
- Bump boto3 from 1.34.108 to 1.34.110 @dependabot (#10251)
- chore(deps): update redis:7.2.4-alpine docker digest from 7.2.4 to 7.2.4-alpine (docker-compose.yml) @renovate (#10225)
- Bump openapitools/openapi-generator-cli from v7.5.0 to v7.6.0 @dependabot (#10228)
- Bump boto3 from 1.34.107 to 1.34.108 @dependabot (#10229)
- Bump vulners from 2.1.5 to 2.1.7 @dependabot (#10220)
- Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.35.2 to v1.35.3 (helm/defectdojo/values.yaml) @renovate (#10218)
- Bump boto3 from 1.34.106 to 1.34.107 @dependabot (#10221)
- Bump python-gitlab from 4.4.0 to 4.5.0 @dependabot (#10209)
- Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.35.1 to v1.35.2 (helm/defectdojo/values.yaml) @renovate (#10216)
- Bump boto3 from 1.34.103 to 1.34.106 @dependabot (#10217)
- Update Helm release postgresql from 15.2.13 to ~15.3.0 (helm/defectdojo/Chart.yaml) @renovate (#10187)
- Bump boto3 from 1.34.102 to 1.34.103 @dependabot (#10189)
- Bump lxml from 5.2.1 to 5.2.2 @dependabot (#10190)
- Bump nginx from
ca16009toef587d1@dependabot (#10192) - Update postgres Docker tag from 16.2 to v16.3 (docker-compose.yml) @renovate (#10177)
- Bump ruff from 0.4.3 to 0.4.4 @dependabot (#10181)
- Bump boto3 from 1.34.101 to 1.34.102 @dependabot (#10180)
- Update manusa/actions-setup-minikube action from v2.10.0 to v2.11.0 (.github/workflows/k8s-tests.yml) @renovate (#10174)
- Update Helm release redis from 19.2.0 to ~19.3.0 (helm/defectdojo/Chart.yaml) @renovate (#10170)
- Bump boto3 from 1.34.100 to 1.34.101 @dependabot (#10172)
- Update Helm release redis from 19.1.5 to ~19.2.0 (helm/defectdojo/Chart.yaml) @renovate (#10139)
- Bump boto3 from 1.34.98 to 1.34.100 @dependabot (#10158)
- Bump cryptography from 42.0.5 to 42.0.7 @dependabot (#10145)
- Bump djangosaml2 from 1.9.2 to 1.9.3 @dependabot (#10142)
Contributors
cneill, renovate, and 15 other contributors