Skip to content

2.28.0 🌈

Compare
Choose a tag to compare
@github-actions github-actions released this 06 Nov 21:34
· 1822 commits to master since this release
f3d3485

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.27.0

  • changed function based views to class based views @FelixHernandez (#8929)
  • Add GitHub workflow to protect certain files from modifications @dwalleck (#8927)
  • advance the description of rustyhog @manuel-sommer (#8897)
  • 🎉 added hcl appscan parser #8829 @manuel-sommer (#8858)
  • Implementation of a CSV parser for Sysdig Vulnerability reports @aaronm-sysdig (#8868)
  • fixed mobsf parser, #8860 @manuel-sommer (#8865)
  • [bugfix] Whispers 2.2 report importing support @adeptex (#8891)
  • Enable Auditlog for Product Types @kiblik (#8880)
  • Add sshaudit parser #8837 @manuel-sommer (#8838)
  • Fixed the link in the readme documentation @cy83r14n (#8870)
  • Release: Merge back 2.27.3 into dev from: master-into-dev/2.27.3-2.28.0-dev @github-actions (#8876)
  • Release: Merge back 2.27.3 into bugfix from: master-into-bugfix/2.27.3-2.28.0-dev @github-actions (#8877)
  • Release: Merge release into master from: release/2.27.3 @github-actions (#8875)
  • Add scan_type filter for Test in API @kiblik (#8872)
  • Fix findings and endpoints URLs in notifications @C0wnuts (#8839)
  • Fix Kiuwan CSV import parser @FelixHernandez (#8853)
  • Adjust how error handling is done in Excel and CSV downloads @FelixHernandez (#8864)
  • Update Qualys Parser to aggregate endpoints rather than only store 1 endpoint per Finding @FelixHernandez (#8844)
  • Migrate to Compose V2 for dev branch @trnayan (#8817)
  • Add translation, fix bug, and some improvements for SARIF parser @shipko (#8822)
  • 🎉 Add openvasxml parser #8761 @manuel-sommer (#8789)
  • Adds a code review process section to the contributors guide @dwalleck (#8818)
  • Release: Merge back 2.27.2 into bugfix from: master-into-bugfix/2.27.2-2.28.0-dev @github-actions (#8834)
  • Release: Merge back 2.27.2 into dev from: master-into-dev/2.27.2-2.28.0-dev @github-actions (#8833)
  • Release: Merge release into master from: release/2.27.2 @github-actions (#8832)
  • [ENHANCEMENT] AWS Security Hub parser: include more vulnerability details @tomaszn (#8664)
  • Release: Merge back 2.27.1 into bugfix from: master-into-bugfix/2.27.1-2.28.0-dev @github-actions (#8815)
  • Add integration test fix to bugfix branch (clone of #8783) @Maffooch (#8812)
  • Browser tests should use the latest Chrome stable release @dwalleck (#8783)
  • Check for empty cves array in JFrog Xray API Summary Artifact Parser @mowol (#8779)
  • Missing release notes for 2.27.x @kiblik (#8776)
  • Release: Merge back 2.27.0 into dev from: master-into-dev/2.27.0-2.28.0-dev @github-actions (#8775)

🚩 Changes to settings.dist.py / local_settings.py

  • Release: Merge release into master from: release/2.28.0 @github-actions (#8947)
  • Release: Merge back 2.27.4 into dev from: master-into-dev/2.27.4-2.28.0-dev @github-actions (#8906)
  • Release: Merge release into master from: release/2.27.4 @github-actions (#8903)
  • Configure deduplication algorithm for Kubehunter Scan and kube-bench … @a-ruff (#8881)
  • Feat: Add Threagile parser @avlahop (#8716)
  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🚩 Database migration

  • Release: Merge release into master from: release/2.28.0 @github-actions (#8947)
  • Fix typo in notifications: risk_acceptance_expiration @kiblik (#8869)

🚀 API features and enhancements

  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🖌 Updates in UI

  • Release: Merge back 2.27.4 into dev from: master-into-dev/2.27.4-2.28.0-dev @github-actions (#8906)
  • Release: Merge release into master from: release/2.27.4 @github-actions (#8903)
  • Update deprecated escape sequence @FelixHernandez (#8879)
  • Release: Merge back 2.27.1 into dev from: master-into-dev/2.27.1-2.28.0-dev @github-actions (#8814)
  • Release: Merge release into master from: release/2.27.1 @github-actions (#8813)
  • Validate undefined and null value in criticality column table products @FelixHernandez (#8765)
  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🧰 Maintenance

  • Update redis Docker tag from 7.2.2 to v7.2.3 (docker-compose.yml) @renovate (#8939)
  • Bump social-auth-core from 4.4.2 to 4.5.0 @dependabot (#8919)
  • Bump boto3 from 1.28.75 to 1.28.77 @dependabot (#8937)
  • Update helm/chart-testing-action action from v2.6.0 to v2.6.1 (.github/workflows/test-helm-chart.yml) @renovate (#8938)
  • Bump uwsgi from 2.0.22 to 2.0.23 @dependabot (#8923)
  • Update rabbitmq Docker tag from 3.12.7 to v3.12.8 (docker-compose.yml) @renovate (#8916)
  • Bump markdown from 3.5 to 3.5.1 @dependabot (#8918)
  • Bump boto3 from 1.28.73 to 1.28.75 @dependabot (#8915)
  • Update helm/chart-testing-action action from v2.4.0 to v2.6.0 (.github/workflows/test-helm-chart.yml) @renovate (#8912)
  • Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.11 to v1.33.13 (helm/defectdojo/values.yaml) @renovate (#8846)
  • Bump crypto-js from 4.1.1 to 4.2.0 in /components @dependabot (#8894)
  • Update mysql Docker tag from 5.7.43 to v5.7.44 (docker-compose.yml) @renovate (#8896)
  • Update rabbitmq:3.12.7-alpine Docker digest from 3.12.7 to 3.12.7-alpine (docker-compose.yml) @renovate (#8900)
  • Bump nginx from 1.25.2-alpine to 1.25.3-alpine @dependabot (#8901)
  • Bump boto3 from 1.28.70 to 1.28.73 @dependabot (#8902)
  • Bump djangosaml2 from 1.7.0 to 1.8.0 @dependabot (#8887)
  • Bump cryptography from 41.0.4 to 41.0.5 @dependabot (#8888)
  • Bump boto3 from 1.28.69 to 1.28.70 @dependabot (#8886)
  • Bump boto3 from 1.28.68 to 1.28.69 @dependabot (#8884)
  • Bump nginx from 4c93a3b to 7272a6e @dependabot (#8873)
  • Update actions/setup-node action from v3 to v4 (.github/workflows/gh-pages.yml) @renovate (#8878)
  • Bump boto3 from 1.28.67 to 1.28.68 @dependabot (#8874)
  • Bump boto3 from 1.28.66 to 1.28.67 @dependabot (#8866)
  • Update redis Docker tag from 7.2.1 to v7.2.2 (docker-compose.yml) @renovate (#8855)
  • Update rabbitmq Docker tag from 3.12.6 to v3.12.7 (docker-compose.yml) @renovate (#8856)
  • Bump gitpython from 3.1.38 to 3.1.40 @dependabot (#8861)
  • Bump boto3 from 1.28.65 to 1.28.66 @dependabot (#8862)
  • Bump boto3 from 1.28.64 to 1.28.65 @dependabot (#8851)
  • Bump social-auth-app-django from 5.3.0 to 5.4.0 @dependabot (#8841)
  • Update redis:7.2.1-alpine Docker digest from 7.2.1 to 7.2.1-alpine (docker-compose.yml) @renovate (#8849)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8848)
  • Update postgres:16.0-alpine Docker digest from 16.0 to 16.0-alpine (docker-compose.yml) @renovate (#8845)
  • Bump urllib3 from 1.26.17 to 1.26.18 @dependabot (#8847)
  • Update release-drafter/release-drafter action from v5.24.0 to v5.25.0 (.github/workflows/release-drafter.yml) @renovate (#8835)
  • Bump boto3 from 1.28.63 to 1.28.64 @dependabot (#8840)
  • Bump gitpython from 3.1.37 to 3.1.38 @dependabot (#8842)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8828)
  • Bump pillow from 10.0.1 to 10.1.0 @dependabot (#8831)
  • Update mysql:5.7.43 Docker digest from 5.7.43 to v (docker-compose.yml) @renovate (#8823)
  • Bump sqlalchemy from 2.0.21 to 2.0.22 @dependabot (#8827)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8825)
  • Bump boto3 from 1.28.62 to 1.28.63 @dependabot (#8826)
  • Update postgres:16.0-alpine Docker digest from 16.0 to 16.0-alpine (docker-compose.yml) @renovate (#8799)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8800)
  • Update stefanzweifel/git-auto-commit-action action from v4.16.0 to v5 (.github/workflows/release-3-master-into-dev.yml) @renovate (#8804)
  • Bump boto3 from 1.28.59 to 1.28.62 @dependabot (#8805)
  • Bump bleach from 6.0.0 to 6.1.0 @dependabot (#8806)
  • Bump markdown from 3.4.4 to 3.5 @dependabot (#8807)
  • Bump vulners from 2.1.0 to 2.1.1 @dependabot (#8810)
  • Update mysql:5.7.43 Docker digest from 5.7.43 to v (docker-compose.yml) @renovate (#8795)
  • Update styfle/cancel-workflow-action action from 0.11.0 to v0.12.0 (.github/workflows/cancel-outdated-workflow-runs.yml) @renovate (#8784)
  • Update redis:7.2.1-alpine Docker digest from 7.2.1 to 7.2.1-alpine (docker-compose.yml) @renovate (#8790)
  • Bump boto3 from 1.28.58 to 1.28.59 @dependabot (#8791)
  • Bump psycopg2-binary from 2.9.8 to 2.9.9 @dependabot (#8792)
  • Bump boto3 from 1.28.57 to 1.28.58 @dependabot (#8780)
  • Bump coverage from 7.3.1 to 7.3.2 @dependabot (#8782)
  • Bump urllib3 from 1.26.11 to 1.26.17 @dependabot (#8777)
  • Bump nginx from 16164a4 to 4c93a3b @dependabot (#8770)