Releases: minvws/nl-kat-coordination
Releases · minvws/nl-kat-coordination
v1.17.0
https://docs.openkat.nl/release_notes/1.17.html
What's Changed
- Bump docker/build-push-action from 5 to 6 by @dependabot in #3164
- Fix/sonarcloud https redirect dockerfiles by @underdarknl in #3185
- Remove non standard header findings and add deprecated headers findings by @noamblitz in #3127
- Update 1.16 release notes by @dekkers in #3195
- Better default list of world writable domains in CSP checker by @underdarknl in #3165
- Update Dockerfile, fix Sonarcloud issue by @underdarknl in #3180
- Update to Django 5.0 by @dekkers in #2939
- Add pluginToggler.js to Aggregate Report by @madelondohmen in #3202
- Updated
certifi
by @ammar92 in #3209 - Feature/boefje normalizer config models by @Donnype in #3118
- Updated
zipp
by @ammar92 in #3215 - Updated Django by @ammar92 in #3217
- Use more concise regexes by @underdarknl in #3181
- Recalculate bit when a config object changes by @originalsouth in #3206
- cve-2024-6387 from RickGeex by @noamblitz in #3194
- Add observation data to observation table in OOI detail page by @underdarknl in #3186
- Gather BIT metrics [implementation] by @originalsouth in #3122
- Implement
structlog
by @ammar92 in #3175 - Fix filtering on plugin_id for normalizers by @jpbruinsslot in #3226
- Refactor Task List and filters with error handlers for Scheduler by @Rieven in #1957
- RPKI Improvements by @noamblitz in #2759
- Hotfix: boefje config migration should check the SQLAlchemy session by @Donnype in #3227
- Remove action buttons on example boefjes at onboarding by @Rieven in #3236
- Implement logging format configuration by @ammar92 in #3216
- Feature/create dialog modal component by @TwistMeister in #3022
- Upgrade packages by @ammar92 in #3259
- Update mixins.py, unroll loops, dont re-init bytes/katalogus client by @underdarknl in #3229
- Fix: add related objects crash by @Rieven in #3268
- RFC3161HashRepository accepts rfc3161_provider only as a string and Pydantic URLs are not strings anymore by @Donnype in #3281
- Add XTDB list and rename method in origin tool by @originalsouth in #3234
- Fix rocky logging by @dekkers in #3288
- Bump sphinx from 7.4.6 to 7.4.7 by @dependabot in #3265
- feat: Updated color scheme by @HeleenSG in #3241
- Fix broken token auth when 2FA is enabled by @dekkers in #3260
- Raise Timeout Exception when only timeouts from DNS server by @underdarknl in #3264
- Refactor/ooi details by @underdarknl in #3275
- Workaround setuptools 72 removing test command by @dekkers in #3304
- Feat/human readable dates by @underdarknl in #3231
- Record the user who last changed the Scan Profile by @originalsouth in #3296
- Catch valid DNSSEC signed SERVFAIL answers by @underdarknl in #3271
- Give report a name by @madelondohmen in #3258
- Fix CSRF error in API with token auth by @dekkers in #3313
- Restructure scheduler storage module by @jpbruinsslot in #3294
- Translations update from Hosted Weblate by @weblate in #3179
- Add user id to OOI by @originalsouth in #3305
- fix: Button height by @HeleenSG in #3316
- Add audit logging to CRUD actions using Django signals by @dekkers in #3314
- Fix new boefjes issue for scheduler by @jpbruinsslot in #3297
- Restructure scheduler server module by @jpbruinsslot in #3295
- Change report flow to POST requests by @Rieven in #3174
- Restructure scheduler development scripts by @jpbruinsslot in #3293
- Updated
Django
andopentelemetry
packages by @ammar92 in #3324 - Fix Garbage collection and disappearing ports issue by @Donnype in #3214
- Raw upload with Scan OOIS by @noamblitz in #3169
- Basic audit trails via logging by @ammar92 in #3317
- Limit the number of Celery workers that Octopoes can start #3232 by @ammar92 in #3337
- Allow MuteFindings to expire by a user specified datetime by @originalsouth in #3343
- Add geo OOI type and Maxmind geoip boefje by @noamblitz in #3238
- Flexible scheduling by @jpbruinsslot in #2786
- Fix async code calling blocking sync code by @dekkers in #3342
- Fix rocky/tests/objects/test_objects_add.py by @originalsouth in #3360
- Feature/3310 update description for external database boefje by @originalsouth in #3359
- Add mention of other http client to docs by @stephanie0x00 in #3365
- Set timezone to UTC in SQLAlchemy when connecting to PostgreSQL by @dekkers in #3363
- Remove workaround for setuptools bug by @dekkers in #3371
- feat: Dropdownlist options by @HeleenSG in #3340
- Package Updates by @ammar92 in #3374
- Small flexible scheduling fixups by @dekkers in #3354
- Fix generate findings report from ooi detail by @Rieven in #3369
- feat: 🔨 Add indemnification level from external DB by @zcrt in #3311
- Add more handling of external services responses in scheduler by @jpbruinsslot in #3372
- Fix no certificate bug by @noamblitz in #3382
- Support setting a custom JSON schema for copied boefjes by @Donnype in #3344
- Implement boefje details modal in report config flow by @TwistMeister in #3348
- Add create schedule functionality to scheduler api by @jpbruinsslot in #3353
- Search and sorting OOIs by @noamblitz in #3262
- Generic Finding normalizer by @noamblitz in #3383
- feat: 📈 default katalogus view to boefje by @zcrt in #3394
- 📌 add subfinder settings by @zcrt in #3385
- Implement subreport rename form in table and remove it from dialog by @TwistMeister in #3338
- Styling fixes within filters, hierarchy fix on organisation members b… by @HeleenSG in #3322
- Use better paginator for finding list by @noamblitz in #3407
- Generic tasks view refactor by @zcrt in #3389
- feat: 📝 improve pagination by @zcrt in #3393
- Bump myst-parser from 3.0.1 to 4.0.0 by @dependabot in #3346
...
v1.17.0rc1
https://docs.openkat.nl/release_notes/1.17.html
What's Changed
- Bump docker/build-push-action from 5 to 6 by @dependabot in #3164
- Fix/sonarcloud https redirect dockerfiles by @underdarknl in #3185
- Remove non standard header findings and add deprecated headers findings by @noamblitz in #3127
- Update 1.16 release notes by @dekkers in #3195
- Better default list of world writable domains in CSP checker by @underdarknl in #3165
- Update Dockerfile, fix Sonarcloud issue by @underdarknl in #3180
- Update to Django 5.0 by @dekkers in #2939
- Add pluginToggler.js to Aggregate Report by @madelondohmen in #3202
- Updated
certifi
by @ammar92 in #3209 - Feature/boefje normalizer config models by @Donnype in #3118
- Updated
zipp
by @ammar92 in #3215 - Updated Django by @ammar92 in #3217
- Use more concise regexes by @underdarknl in #3181
- Recalculate bit when a config object changes by @originalsouth in #3206
- cve-2024-6387 from RickGeex by @noamblitz in #3194
- Add observation data to observation table in OOI detail page by @underdarknl in #3186
- Gather BIT metrics [implementation] by @originalsouth in #3122
- Implement
structlog
by @ammar92 in #3175 - Fix filtering on plugin_id for normalizers by @jpbruinsslot in #3226
- Refactor Task List and filters with error handlers for Scheduler by @Rieven in #1957
- RPKI Improvements by @noamblitz in #2759
- Hotfix: boefje config migration should check the SQLAlchemy session by @Donnype in #3227
- Remove action buttons on example boefjes at onboarding by @Rieven in #3236
- Implement logging format configuration by @ammar92 in #3216
- Feature/create dialog modal component by @TwistMeister in #3022
- Upgrade packages by @ammar92 in #3259
- Update mixins.py, unroll loops, dont re-init bytes/katalogus client by @underdarknl in #3229
- Fix: add related objects crash by @Rieven in #3268
- RFC3161HashRepository accepts rfc3161_provider only as a string and Pydantic URLs are not strings anymore by @Donnype in #3281
- Add XTDB list and rename method in origin tool by @originalsouth in #3234
- Fix rocky logging by @dekkers in #3288
- Bump sphinx from 7.4.6 to 7.4.7 by @dependabot in #3265
- feat: Updated color scheme by @HeleenSG in #3241
- Fix broken token auth when 2FA is enabled by @dekkers in #3260
- Raise Timeout Exception when only timeouts from DNS server by @underdarknl in #3264
- Refactor/ooi details by @underdarknl in #3275
- Workaround setuptools 72 removing test command by @dekkers in #3304
- Feat/human readable dates by @underdarknl in #3231
- Record the user who last changed the Scan Profile by @originalsouth in #3296
- Catch valid DNSSEC signed SERVFAIL answers by @underdarknl in #3271
- Give report a name by @madelondohmen in #3258
- Fix CSRF error in API with token auth by @dekkers in #3313
- Restructure scheduler storage module by @jpbruinsslot in #3294
- Translations update from Hosted Weblate by @weblate in #3179
- Add user id to OOI by @originalsouth in #3305
- fix: Button height by @HeleenSG in #3316
- Add audit logging to CRUD actions using Django signals by @dekkers in #3314
- Fix new boefjes issue for scheduler by @jpbruinsslot in #3297
- Restructure scheduler server module by @jpbruinsslot in #3295
- Change report flow to POST requests by @Rieven in #3174
- Restructure scheduler development scripts by @jpbruinsslot in #3293
- Updated
Django
andopentelemetry
packages by @ammar92 in #3324 - Fix Garbage collection and disappearing ports issue by @Donnype in #3214
- Raw upload with Scan OOIS by @noamblitz in #3169
- Basic audit trails via logging by @ammar92 in #3317
- Limit the number of Celery workers that Octopoes can start #3232 by @ammar92 in #3337
- Allow MuteFindings to expire by a user specified datetime by @originalsouth in #3343
- Add geo OOI type and Maxmind geoip boefje by @noamblitz in #3238
- Flexible scheduling by @jpbruinsslot in #2786
- Fix async code calling blocking sync code by @dekkers in #3342
- Fix rocky/tests/objects/test_objects_add.py by @originalsouth in #3360
- Feature/3310 update description for external database boefje by @originalsouth in #3359
- Add mention of other http client to docs by @stephanie0x00 in #3365
- Set timezone to UTC in SQLAlchemy when connecting to PostgreSQL by @dekkers in #3363
- Remove workaround for setuptools bug by @dekkers in #3371
- feat: Dropdownlist options by @HeleenSG in #3340
- Package Updates by @ammar92 in #3374
- Small flexible scheduling fixups by @dekkers in #3354
- Fix generate findings report from ooi detail by @Rieven in #3369
- feat: 🔨 Add indemnification level from external DB by @zcrt in #3311
- Add more handling of external services responses in scheduler by @jpbruinsslot in #3372
- Fix no certificate bug by @noamblitz in #3382
- Support setting a custom JSON schema for copied boefjes by @Donnype in #3344
- Implement boefje details modal in report config flow by @TwistMeister in #3348
- Add create schedule functionality to scheduler api by @jpbruinsslot in #3353
- Search and sorting OOIs by @noamblitz in #3262
- Generic Finding normalizer by @noamblitz in #3383
- feat: 📈 default katalogus view to boefje by @zcrt in #3394
- 📌 add subfinder settings by @zcrt in #3385
- Implement subreport rename form in table and remove it from dialog by @TwistMeister in #3338
- Styling fixes within filters, hierarchy fix on organisation members b… by @HeleenSG in #3322
- Use better paginator for finding list by @noamblitz in #3407
- Generic tasks view refactor by @zcrt in #3389
- feat: 📝 improve pagination by @zcrt in #3393
- Bump myst-parser from 3.0.1 to 4.0.0 by @dependabot in #3346
...
v1.16.0
https://docs.openkat.nl/release_notes/1.16.html
What's Changed
- Upgrade GitHub actions by @ammar92 in #2235
- Add note about Debian packages to 1.14 release notes by @dekkers in #2234
- Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
- Updated deploy-pages action by @ammar92 in #2251
- Fix environment page in docs by @ammar92 in #2257
- Fix export buttons report by @Rieven in #2259
- Translations update from Hosted Weblate by @weblate in #2261
- Fixed invalid type usage in
get_rabbit_channel
andclose_rabbit_channel
by @ammar92 in #2280 - Translations update from Hosted Weblate by @weblate in #2279
- List item behaviour by @HeleenSG in #2281
- fix zero division by @noamblitz in #2298
- Updated template file to respect environment prefixes in docs by @ammar92 in #2317
- Remove preselection from multireport flow by @noamblitz in #2318
- Fix/upgrade jinja2 by @ammar92 in #2326
- Fix multiple Debian issues by @dekkers in #2283
- Add max fds ulimit to octopoes api worker by @originalsouth in #2327
- add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
- Remove smartphone from bug report template by @dekkers in #2334
- More ulimits for buggy celery by @originalsouth in #2338
- Remove icons from compliance issue table by @madelondohmen in #2340
- Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
- Chore/update pr template with comments by @Donnype in #2305
- Translations update from Hosted Weblate by @weblate in #2311
- Remove IPs with zero vulnerabilities by @madelondohmen in #2319
- Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
- Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
- Add hrefs to Basic Security overview by @madelondohmen in #2330
- Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
- Check for sudo in install and update script by @dekkers in #2360
- Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
- Add token authentication by @dekkers in #2349
- Update dependencies by @ammar92 in #2348
- Error handling for Generate Report by @madelondohmen in #2274
- Remove debian11 packages by @dekkers in #2358
- Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
- Prevent double github actions by @dekkers in #2374
- Remove uWSGI by @dekkers in #2366
- Convert
docker-compose
todocker compose
by @originalsouth in #2341 - Rename invalid rpki finding to expired by @noamblitz in #2377
- Show created at and data from in reports by @noamblitz in #2370
- Update RabbitMQ to the latest version by @dekkers in #2392
- Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
- Update dependencies by @ammar92 in #2396
- Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
- Feat/more csp checks by @underdarknl in #2025
- Remove everything related to old crux by @dekkers in #2403
- Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
- Bump actions/cache from 3 to 4 by @dependabot in #2417
- Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
- Fix usage of
SPAN_EXPORT_GRPC_ENDPOINT
variable by @ammar92 in #2420 - Fix mail report json by @noamblitz in #2426
- Fix open ports report by @noamblitz in #2430
- minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
- use oois instead of references by @noamblitz in #2433
- Update
fastapi
by @ammar92 in #2444 - fix wordpress check by @noamblitz in #2445
- Allow creation of declared scan profiles through normalizers by @Donnype in #2428
- Update DNS report by @madelondohmen in #2413
- upgrade forcediphttpsadapter by @noamblitz in #2453
- Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
- Hotfix for default arg by @Donnype in #2458
- Feature/report benchmarks by @Donnype in #2447
- Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
- Add mypy and application bootstrap test to boefjes by @Donnype in #2460
- Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
- Add timeouts to CVE API downloader by @dekkers in #2455
- Select all OOIS for Aggregate Reports by @Rieven in #2222
- Update Starlette, FastAPI and Django by @dekkers in #2480
- Do not log an error on token refresh in bytes client by @dekkers in #2469
- Enable ruff bandit checks by @dekkers in #2465
- Fix kat_dns settings by @originalsouth in #2459
- Ignore certificate errors in security txt boefje by @dekkers in #2487
- Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
- minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
- Remove support for Python 3.8 and 3.9 by @dekkers in #2470
- Update scheduler architecture documentation by @jpbruinsslot in #2387
- Revert fastapi and starlette downgrade by @dekkers in #2489
- Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
- Make rtest fail less than 1 in 20 by @originalsouth in #2441
- Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
- Health page accessable during onboarding by @Rieven in #2499
- Fix/systems report domain count by @noamblitz in #2490
- Skip or hide section on Plugin Page by @madelondohmen in #2461
- remove duplicate oois from report by @noamblitz in #2504
- Rename list method to prevent conflict with builtin by @dekkers in #2498
- Fix bug get_selection that is now an imported met...
v1.16.0rc2
https://docs.openkat.nl/release_notes/1.16.html
What's Changed
- Add pluginToggler.js to Aggregate Report (1.16) by @dekkers in #3203
- Updated
certifi
(1.16) #3209 by @ammar92 in #3212 - Updated Django (1.16) by @ammar92 in #3218
- Backport: update nmap udp image as well by @Donnype in #3233
- cve-2024-6387 from RickGeex (#3194) by @noamblitz in #3237
Full Changelog: v1.16.0rc1...v1.16.0rc2
v1.16.0rc1
https://docs.openkat.nl/release_notes/1.16.html
What's Changed
- Bump weasyprint from 61.0 to 61.2 in /rocky by @dependabot in #2625
- Fix setting clearence level on plugin detail page by @noamblitz in #2623
- Refactor onboarding wizard to use Generate Report flow to create a DNS report by @Rieven in #2561
- Update tabler icons to v3.01 by @Rieven in #2640
- New Rocky Paginator by @Rieven in #2627
- Makefile .env-default typo by @noamblitz in #2647
- Replace
requests
withhttpx
by @ammar92 in #2576 - Fix missing apt update in keiko github action by @dekkers in #2668
- Textual changes by @HeleenSG in #2676
- Remove unnecessary loop in
FilterRequest
in scheduler by @jpbruinsslot in #2684 - fix: openssl boefje stuck on port 80 by @tobiasBDO in #2600
- Remove superfluous curly bracket open from graph view template by @originalsouth in #2700
- Improvements of Aggregate Report by @madelondohmen in #2643
- refactor the leakix normalizer to be less one giant method. by @underdarknl in #2363
- Add fix-byte-order-marker and pretty-format-json to pre-commit by @dekkers in #2634
- Fix pdf alignment by @HeleenSG in #2674
- Fix critical vulnerability counter by @madelondohmen in #2712
- Improve generate report by @madelondohmen in #2633
- Fix #1739 by @originalsouth in #2705
- Upgrade
pre-commit
hooks by @ammar92 in #2729 - Remove Docker Compose: "version" by @originalsouth in #2718
- Undo project-directory in Rocky by @originalsouth in #2734
- Feat stepper design v2 by @HeleenSG in #2704
- Plugins overview in appendix not showing any plugins by @Rieven in #2694
- Fix in System Specific by @madelondohmen in #2732
- Query non-reference fields and subclass-specific fields through path queries by @Donnype in #2662
- Feature/boefjes to oci images by @Donnype in #2709
- Dont report vulnerabilites without version info of the software for snyk by @noamblitz in #2730
- Add xtdb-cli tool to Octopoes by @originalsouth in #2733
- Bump actions/configure-pages from 4 to 5 by @dependabot in #2745
- Remove octopoes coverage workflow by @dekkers in #2755
- Updated
phonenumbers
anddjango-phonenumber-field
by @ammar92 in #2757 - fix schema errors on empty / missing schemas by @underdarknl in #2744
- OOI selection at Aggregate report does not remember changed selection by @Rieven in #2619
- Fix static files for container images/Debian packages when DEBUG is on by @dekkers in #2742
- Upgrade
pillow
by @ammar92 in #2783 - Replace
black
withruff
s formatter by @ammar92 in #2762 - Feature/disallowed domains in csp by @noamblitz in #2624
- Add 127.0.0.1 to allowed hosts in Debian package by @dekkers in #2758
- Replace Wappalyzer by @ammar92 in #2727
- Add why container stdout/stderr can't be used for boefjes output by @dekkers in #2673
- Fix/2721 improve error handling by better exception aggregation v2 by @originalsouth in #2795
- Set katalogus limit to 200 by @dekkers in #2798
- Use public cryptography API in SSL certificate normalizer by @dekkers in #2796
- More improvements for reports by @madelondohmen in #2722
- Prevent confusing errors from leaking into the general logs by @originalsouth in #2815
- Fix wrong type in save_raw and list_origin_parameters httpx params by @dekkers in #2819
- Update performance of Findings Report by @madelondohmen in #2799
- Change titles to meet configuration page design by @madelondohmen in #2818
- Updated
idna
package by @ammar92 in #2845 - Fix missing cipher csv in Debian package by @dekkers in #2850
- Add 1.15 release name by @dekkers in #2854
- Bump sqlparse from 0.4.4 to 0.5.0 in /rocky by @dependabot in #2856
- Update
dnspython
by @ammar92 in #2861 - Bump aiohttp from 3.9.3 to 3.9.4 in /boefjes by @dependabot in #2867
- Add new boefjes and normalizers cover images to KAT-alogus by @Rieven in #2859
- Update and fix nuclei by @noamblitz in #2865
- Add some additional exception handling to the scheduler by @jpbruinsslot in #2814
- Use qualified image URLs in docker-compose by @dekkers in #2869
- Introduce importing/exporting capabilities in Octopoes/xtdb-multinode-tool (addressing #2761) by @originalsouth in #2855
- Don't show records of the nameservers of chosen hostnames in DNS report by @noamblitz in #2809
- Styling Report Types names by @Rieven in #2791
- Backup scripts from TobiasBDO by @ring-ring-ring in #1794
- Plugin overview table by @madelondohmen in #2804
- Add some additional exception handling to the scheduler by @jpbruinsslot in #2878
- Fixed image reference in
pdio_subfinder
plugin by @ammar92 in #2860 - Implement Octopoes Models documentation by @ammar92 in #2858
- Updated some packages by @ammar92 in #2891
- Add stepper to report configuration by @madelondohmen in #2868
- Translations update from Hosted Weblate by @weblate in #2792
- Build nmap OCI image that handles both nmap-tcp and nmap-udp using a new
oci_arguments
field by @Donnype in #2832 - Fix and improve running boefjes/normalizer by hand by @dekkers in #2802
- Docs update on OCI image building from current Python/Docker boefjes by @Donnype in #2827
- Specify bit in the answer raw file instead of as mimetype by @dekkers in #2900
- Add a warning to the CSP validator for 'self' on script-src directives. by @underdarknl in #2672
- Replace old plugin in Vulnerability Report by @madelondohmen in #2910
- Update
jinja2
andtqdm
by @ammar92 in #2919 - Add wappalyzer software to weburl instead of hostname by @noamblitz in #2912
- Set no limit by default in the KATalogus plugin API by @Donnype in #2921
- Replace python-jose with pyjwt by @Donnype in #2925
- Fixes in OOI Add/ Edit form by @ammar92 in #2906
- Update required and suggested plugin section in report configuration by @madelondohmen in #2897
- Remove many new ports open boefje/normalizer by @dekkers in https://github.com/minvws/nl-kat-coord...
v1.15.1
What's Changed
- Add wappalyzer software to weburl instead of hostname (1.15) by @dekkers in #2938
- Replace old plugin in Vulnerability Report (1.15) by @dekkers in #2937
- Add workaround for Granian HTTP/2 bug (1.15) by @dekkers in #2936
- Dependency security updates (1.15) by @dekkers in #2995
Full Changelog: v1.15.0...v1.15.1
v1.15.0
https://docs.openkat.nl/release_notes/1.15.html
What's Changed
- Upgrade GitHub actions by @ammar92 in #2235
- Add note about Debian packages to 1.14 release notes by @dekkers in #2234
- Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
- Updated deploy-pages action by @ammar92 in #2251
- Fix environment page in docs by @ammar92 in #2257
- Fix export buttons report by @Rieven in #2259
- Translations update from Hosted Weblate by @weblate in #2261
- Fixed invalid type usage in
get_rabbit_channel
andclose_rabbit_channel
by @ammar92 in #2280 - Translations update from Hosted Weblate by @weblate in #2279
- List item behaviour by @HeleenSG in #2281
- fix zero division by @noamblitz in #2298
- Updated template file to respect environment prefixes in docs by @ammar92 in #2317
- Remove preselection from multireport flow by @noamblitz in #2318
- Fix/upgrade jinja2 by @ammar92 in #2326
- Fix multiple Debian issues by @dekkers in #2283
- Add max fds ulimit to octopoes api worker by @originalsouth in #2327
- add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
- Remove smartphone from bug report template by @dekkers in #2334
- More ulimits for buggy celery by @originalsouth in #2338
- Remove icons from compliance issue table by @madelondohmen in #2340
- Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
- Chore/update pr template with comments by @Donnype in #2305
- Translations update from Hosted Weblate by @weblate in #2311
- Remove IPs with zero vulnerabilities by @madelondohmen in #2319
- Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
- Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
- Add hrefs to Basic Security overview by @madelondohmen in #2330
- Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
- Check for sudo in install and update script by @dekkers in #2360
- Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
- Add token authentication by @dekkers in #2349
- Update dependencies by @ammar92 in #2348
- Error handling for Generate Report by @madelondohmen in #2274
- Remove debian11 packages by @dekkers in #2358
- Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
- Prevent double github actions by @dekkers in #2374
- Remove uWSGI by @dekkers in #2366
- Convert
docker-compose
todocker compose
by @originalsouth in #2341 - Rename invalid rpki finding to expired by @noamblitz in #2377
- Show created at and data from in reports by @noamblitz in #2370
- Update RabbitMQ to the latest version by @dekkers in #2392
- Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
- Update dependencies by @ammar92 in #2396
- Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
- Feat/more csp checks by @underdarknl in #2025
- Remove everything related to old crux by @dekkers in #2403
- Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
- Bump actions/cache from 3 to 4 by @dependabot in #2417
- Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
- Fix usage of
SPAN_EXPORT_GRPC_ENDPOINT
variable by @ammar92 in #2420 - Fix mail report json by @noamblitz in #2426
- Fix open ports report by @noamblitz in #2430
- minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
- use oois instead of references by @noamblitz in #2433
- Update
fastapi
by @ammar92 in #2444 - fix wordpress check by @noamblitz in #2445
- Allow creation of declared scan profiles through normalizers by @Donnype in #2428
- Update DNS report by @madelondohmen in #2413
- upgrade forcediphttpsadapter by @noamblitz in #2453
- Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
- Hotfix for default arg by @Donnype in #2458
- Feature/report benchmarks by @Donnype in #2447
- Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
- Add mypy and application bootstrap test to boefjes by @Donnype in #2460
- Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
- Add timeouts to CVE API downloader by @dekkers in #2455
- Select all OOIS for Aggregate Reports by @Rieven in #2222
- Update Starlette, FastAPI and Django by @dekkers in #2480
- Do not log an error on token refresh in bytes client by @dekkers in #2469
- Enable ruff bandit checks by @dekkers in #2465
- Fix kat_dns settings by @originalsouth in #2459
- Ignore certificate errors in security txt boefje by @dekkers in #2487
- Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
- minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
- Remove support for Python 3.8 and 3.9 by @dekkers in #2470
- Update scheduler architecture documentation by @jpbruinsslot in #2387
- Revert fastapi and starlette downgrade by @dekkers in #2489
- Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
- Make rtest fail less than 1 in 20 by @originalsouth in #2441
- Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
- Health page accessable during onboarding by @Rieven in #2499
- Fix/systems report domain count by @noamblitz in #2490
- Skip or hide section on Plugin Page by @madelondohmen in #2461
- remove duplicate oois from report by @noamblitz in #2504
- Rename list method to prevent conflict with builtin by @dekkers in #2498
- Fix bug get_selection that is now an imported met...
v1.15.0rc1
https://docs.openkat.nl/release_notes/1.15.html
What's Changed
- Upgrade GitHub actions by @ammar92 in #2235
- Add note about Debian packages to 1.14 release notes by @dekkers in #2234
- Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
- Updated deploy-pages action by @ammar92 in #2251
- Fix environment page in docs by @ammar92 in #2257
- Fix export buttons report by @Rieven in #2259
- Translations update from Hosted Weblate by @weblate in #2261
- Fixed invalid type usage in
get_rabbit_channel
andclose_rabbit_channel
by @ammar92 in #2280 - Translations update from Hosted Weblate by @weblate in #2279
- List item behaviour by @HeleenSG in #2281
- fix zero division by @noamblitz in #2298
- Updated template file to respect environment prefixes in docs by @ammar92 in #2317
- Remove preselection from multireport flow by @noamblitz in #2318
- Fix/upgrade jinja2 by @ammar92 in #2326
- Fix multiple Debian issues by @dekkers in #2283
- Add max fds ulimit to octopoes api worker by @originalsouth in #2327
- add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
- Remove smartphone from bug report template by @dekkers in #2334
- More ulimits for buggy celery by @originalsouth in #2338
- Remove icons from compliance issue table by @madelondohmen in #2340
- Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
- Chore/update pr template with comments by @Donnype in #2305
- Translations update from Hosted Weblate by @weblate in #2311
- Remove IPs with zero vulnerabilities by @madelondohmen in #2319
- Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
- Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
- Add hrefs to Basic Security overview by @madelondohmen in #2330
- Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
- Check for sudo in install and update script by @dekkers in #2360
- Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
- Add token authentication by @dekkers in #2349
- Update dependencies by @ammar92 in #2348
- Error handling for Generate Report by @madelondohmen in #2274
- Remove debian11 packages by @dekkers in #2358
- Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
- Prevent double github actions by @dekkers in #2374
- Remove uWSGI by @dekkers in #2366
- Convert
docker-compose
todocker compose
by @originalsouth in #2341 - Rename invalid rpki finding to expired by @noamblitz in #2377
- Show created at and data from in reports by @noamblitz in #2370
- Update RabbitMQ to the latest version by @dekkers in #2392
- Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
- Update dependencies by @ammar92 in #2396
- Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
- Feat/more csp checks by @underdarknl in #2025
- Remove everything related to old crux by @dekkers in #2403
- Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
- Bump actions/cache from 3 to 4 by @dependabot in #2417
- Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
- Fix usage of
SPAN_EXPORT_GRPC_ENDPOINT
variable by @ammar92 in #2420 - Fix mail report json by @noamblitz in #2426
- Fix open ports report by @noamblitz in #2430
- minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
- use oois instead of references by @noamblitz in #2433
- Update
fastapi
by @ammar92 in #2444 - fix wordpress check by @noamblitz in #2445
- Allow creation of declared scan profiles through normalizers by @Donnype in #2428
- Update DNS report by @madelondohmen in #2413
- upgrade forcediphttpsadapter by @noamblitz in #2453
- Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
- Hotfix for default arg by @Donnype in #2458
- Feature/report benchmarks by @Donnype in #2447
- Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
- Add mypy and application bootstrap test to boefjes by @Donnype in #2460
- Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
- Add timeouts to CVE API downloader by @dekkers in #2455
- Select all OOIS for Aggregate Reports by @Rieven in #2222
- Update Starlette, FastAPI and Django by @dekkers in #2480
- Do not log an error on token refresh in bytes client by @dekkers in #2469
- Enable ruff bandit checks by @dekkers in #2465
- Fix kat_dns settings by @originalsouth in #2459
- Ignore certificate errors in security txt boefje by @dekkers in #2487
- Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
- minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
- Remove support for Python 3.8 and 3.9 by @dekkers in #2470
- Update scheduler architecture documentation by @jpbruinsslot in #2387
- Revert fastapi and starlette downgrade by @dekkers in #2489
- Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
- Make rtest fail less than 1 in 20 by @originalsouth in #2441
- Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
- Health page accessable during onboarding by @Rieven in #2499
- Fix/systems report domain count by @noamblitz in #2490
- Skip or hide section on Plugin Page by @madelondohmen in #2461
- remove duplicate oois from report by @noamblitz in #2504
- Rename list method to prevent conflict with builtin by @dekkers in #2498
- Fix bug get_selection that is now an imported met...
v1.14.2
What's Changed
- Add pool size config and logs postgresql connections by @zcrt in #2584
- Set a timeout on hanging test ssl container by @noamblitz in #2583
- Update django for upstream security fix by @dekkers in #2589
Full Changelog: v1.14.1...v1.14.2
v1.14.1
What's Changed
- Fixed invalid type usage in
get_rabbit_channel
andclose_rabbit_channel
(1.14) by @dekkers in #2282 - Fix multiple Debian issues (1.14) by @dekkers in #2362
- fix zero division (1.14) by @dekkers in #2361
- Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml (1.14) by @dekkers in #2380
- List item behaviour (1.14) by @dekkers in #2381
- Remove IPs with zero vulnerabilities (1.14) by @dekkers in #2382
- Sector report summary - Best and worst scoring security checks (1.14) by @dekkers in #2383
- Add hrefs to Basic Security overview (1.14) by @dekkers in #2384
- Remove icons from compliance issue table (1.14) by @dekkers in #2385
- add meta / cache hash for rpki boefje to raw output (1.14) by @dekkers in #2386
- Rename invalid rpki finding to expired (1.14) by @dekkers in #2391
- Update pillow (1.14) by @dekkers in #2402
- Fix normalizer filtering on tasks endpoint (1.14) by @dekkers in #2416
- Update forcediphttpsadapter, fastapi, starlette and django (1.14) by @dekkers in #2483
Full Changelog: v1.14.0...v1.14.1