v1.11.0rc1

https://docs.openkat.nl/release_notes/1.11.html

What's Changed

• Fix sorting in KAT-alogus by @Rieven in #1279
• Bump myst-parser from 1.0.0 to 2.0.0 by @dependabot in #1208
• Add 1.10 release notes and document new features by @dekkers in #1283
• Bump setuptools from 67.6.1 to 68.0.0 by @dependabot in #1282
• Update nginx.rst, mising reload, some more explanation by @underdarknl in #1280
• Cache RabbitMQ connections and HTTP Sessions in Octopoes by @Donnype in #1204
• Add boefje env var to release notes and improve documentation by @dekkers in #1291
• Add hyperlinks to boefje detail from task list by @TwistMeister in #1287
• 📝 resize LaTeX table & catch non-human-readable strings by @zcrt in #1278
• add cwe finding types boefje by @noamblitz in #1269
• Improved poetry configuration for keiko and octopoes by @Darwinkel in #1186
• Fix Debian package action error when matrix is empty by @dekkers in #1294
• Re-use RabbitMQ channels in Bytes by @Donnype in #1128
• Remove more then 1 active state on menu items by @Rieven in #1178
• Nmap boefjes: report only open ports by @praseodym in #1284
• updated intro by @ring-ring-ring in #1131
• Fix object page ignoring the filters for JSON and CSV export by @Donnype in #1300
• Handle RabbitMQ channel error in bytes by @dekkers in #1304
• Change port classification bit to ip address by @noamblitz in #1172
• External asset database boefje by @zcrt in #1175
• fix ooi form for netblocks by @noamblitz in #1316
• Align inline buttons when 2 or more buttons are available by @Rieven in #1321
• Add anchor tag to jump to after submitting the "set clearance level bulk form" on OOI list by @TwistMeister in #1315
• change TOC for usermanual by @ring-ring-ring in #1298
• Mute Findings in bulk at Finding list by @Rieven in #1165
• Retrieve and store env and code hashes of a Boefje job by @Darwinkel in #1227
• Fix mermaid diagrams in docs for Bytes and Octopoes by @Donnype in #1311
• Add Poetry configs for bytes, boefjes, rocky, and mula by @Darwinkel in #1295
• Add documentation about Config OOI's by @Darwinkel in #1307
• Rename pyc test files because they are overwritten by @Darwinkel in #1331
• Remove unused method from DNSReport view by @Donnype in #1322
• Fix hanging worker processes on a SIGKILL (e.g. when the container is out of memory) by @Donnype in #1187
• Remove unused max_plugin_runtime configuration variable by @Donnype in #1346
• Modify workflow to run make poetry-dependencies on Dependabot PR's and commit it by @Darwinkel in #1348
• Different commit & push strategy for Dependabot by @Darwinkel in #1350
• Update text on object detail page to talk about the objects clearance level instead of incorrectly use the phrase scan level by @TwistMeister in #1356
• Correctly sign Dependabot workflow commits by @Darwinkel in #1363
• Make sure Boefje containers are removed by @praseodym in #1361
• Add masscan boefje by @noamblitz in #1340
• Bump django from 4.2.2 to 4.2.3 in /rocky by @dependabot in #1347
• Remove redundant pyproject config entries by @Darwinkel in #1369
• Bump semver from 5.7.1 to 5.7.2 in /rocky by @dependabot in #1370
• Do not force that deletion can only be done by superuser by @dekkers in #1359
• Fix 403 on "My organizations" page by @dekkers in #1345
• Reduce RabbitMQ prefetch_count for mula and more AMQP exception handling by @Donnype in #1332
• Fix permission on general view PluginSettings and move in template by @Rieven in #1324
• Implement enabling/disabling schedulers by @jpbruinsslot in #1305
• Use fix multiprocessing bug on macOS where qsize() is not implemented by @Donnype in #1374
• Add buttons to manual rerun tasks, both boefjes or normalizers by @TwistMeister in #1339
• Add Debian build depends for CVE API package by @dekkers in #1384
• Remove hardcoded clearance level in member list for superusers by @TwistMeister in #1390
• Add configurable octpoes request timeout by @jpbruinsslot in #1382
• Fix in the user guide docs by @Darwinkel in #1391
• Add explicit black config to all modules by @Darwinkel in #1395
• Build the Debian build image on the main branch by @dekkers in #1387
• Bump cryptography from 41.0.1 to 41.0.2 in /bytes by @dependabot in #1397
• Bump cryptography from 41.0.0 to 41.0.2 in /boefjes/boefjes/plugins/kat_ssl_certificates by @dependabot in #1396
• Remove member group checks and check for permission instead by @Rieven in #1275
• Add task_id as a query parameter to the GET /origins endpoint by @Donnype in #1414
• Add and use our own CVE API by @dekkers in #1383
• Don't scan hostname nmap in nmap boefje by @dekkers in #1415
• Reschedule tasks when no results in bytes are found after grace period by @jpbruinsslot in #1410
• Fix translation in Debian package by @dekkers in #1432
• Use the correct clearance level variable in organization member list template by @TwistMeister in #1427
• Fix robot test by @Rieven in #1420
• KATalogus API filtering and pagination by @ammar92 in #1405
• make port classification configurable by @noamblitz in #1418
• Add Question ooi model and create the first bit that generates a question by @Donnype in #1407
• Translations for release 1.11 - EN -> NL, PAP by @Rieven in #1439
• Remove unnecessary dependency on ipaddress package by @dekkers in #1448
• Remove some unused config options, and set better defaults for others by @Darwinkel in #1428
• Default scan level filter to 0 by @noamblitz in #1463
• Upgrade certifi by @ammar92 in #1462
• Add Question OOI form rendering on the object detail page by @Donnype in #1408
• Create new filters for findings by @Rieven in #1293
• Fix exception in object report view by @dekkers in #1475
• Fix image references from readme's in developer documentation by @Donnype in #1487
• Remove duplicate diagram of KATalogus View structure in the docs by @Donnype in #1486
• Add boefje worker diagrams and add missing env vars in documentation by @Donnype in #1489
• Fix CVE findings with cvss V2 by @dekkers in #1497
• Fix webpage capture boefje by @praseodym in #1430
• allow subject to be None by @noamblitz in #1484
• Add answer normalizer to create Config OOI by @Donnype in #1409
• Upload members with a csv file by @Donnype in #1423
• Admin permissions by @dekkers in #1508
• Add backported boefjes to the release notes by @dekkers in #1514
• Fix organization setup by @Rieven in #1496
• Add shellcheck precommit hook by @dekkers in #1483
• Fix ooi detail observations by @noamblitz in #1521
• Include "observed_at" from ooi_list filters in the URL of the ooi_detail hyperlink by @TwistMeister in #1431
• remove expect-ct finding by @noamblitz in #1490
• Fix: Enable/disable boefjes notification, it now uses name instead of ID by @TwistMeister in #1507
• Remove hyperlink to 'manual' boefje, which isn't actually a boefje and resulted in a 404 by @TwistMeister in #1524
• Commit xtdb session before returning request from Octopoes by @Donnype in #1500
• Withdraw clearance level must have a value of -1 instead of 0 by @Rieven in #1531
• Read .env in rocky settings by @dekkers in #1525
• Fix OOI edit form by @praseodym in #1501
• Bump cryptography by @ammar92 in #1548
• Make WPScan API token optional by @praseodym in #1547
• Add security.txt boefje by @Haikevt in #1467
• Clearance level choice for redteam member creation + warning for onboarding redteamers with clearance level below L1 by @Rieven in #1474
• Ask for aggregate and fix description by @noamblitz in #1566
• Fix crisis room error when the finding type is not in the database by @dekkers in #1555
• CVE-2023-35078 finder v1 by @noamblitz in #1528
• Fix schema descriptions by @noamblitz in #1567
• Cleanup migration unit test by @dekkers in #1557
• Manage boefjes requirements with Poetry by @praseodym in #1572
• Fix rstcheck hook by @ammar92 in #1584
• OOI Detail page: Remember page position after clicking the "show inheritance" link by @TwistMeister in #1590
• Upgrade FastAPI by @ammar92 in #1576
• Fix human-readable name for ImageMetadata by @praseodym in #1558
• fix many ports open normalizer by @noamblitz in #1592
• Configure github actions in dependabot by @dekkers in #1594
• Run docker-compose pull in make pull by @dekkers in #1585
• Bump actions/checkout from 1 to 3 by @dependabot in #1598
• Add community install/update scripts by @ring-ring-ring in #1309
• Update scheduler documentation by @jpbruinsslot in #1476
• Translations update from Hosted Weblate by @weblate in #1604
• Add pipeline to check if there are new translation strings by @Darwinkel in #1606
• Refactor environment settings, names, and documentation by @Darwinkel in #1517
• Add sectxt dependency by @praseodym in #1610
• Fix env setting issues found in test debian workflow by @Darwinkel in #1608
• Add TLS Cipher checks by @noamblitz in #1381
• Do not add line information in .po files by @Darwinkel in #1616
• Redteamer can now acknowledge clearance level during onboarding by @Rieven in #1549
• Improve filter by muted findings on findings page by @dekkers in #1595
• Updated cryptography by @ammar92 in #1615
• Update GitHub Actions by @Darwinkel in #1618
• Update django-admin-auto-tests by @dekkers in #1617
• Feature: Add task detail pages and show objects yielded by normalizer by @TwistMeister in #1506
• Remove finding types from rocky/OOI_database_seed.json by @dekkers in #1619
• Upgrade OpenTelemetry by @praseodym in #1626
• Fix poetry-dependencies target in Makefile by @praseodym in #1627
• Add first version of new normalisers runner design by @praseodym in #1538
• Add reverse DNS boefje by @noamblitz in #1579
• Report generation timeout by @ammar92 in #1640
• Remove environment variables from container docs by @praseodym in #1645
• Use 127.0.0.1 for RabbitMQ in install script by @praseodym in #1644
• Fix configuration issues upgrading Debian installs by @dekkers in #1636
• Automatically re-create queue if durable changed by @dekkers in #1637
• Add 1.11 release notes by @dekkers in #1646
• Remove security txt boefje for 1.11 by @dekkers in #1647

New Contributors

• @weblate made their first contribution in #1604

Full Changelog: v1.10.2...v1.11.0rc1