2.38.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.38.1

• appcheck-severity-determination-fix Use v4, v3, v2 cvss vectors for severity @dogboat (#10918)
• Fix metrics aggregation @dogboat (#10917)
• [Helm] Fix typo in ingress netpol @C4tWithShell (#10898)
• Manage not defined metadata in mitigations and add assumptions comments @arivra (#10897)
• Fortify Parser: Fortification of the the FPR parsing @Maffooch (#10901)

🚩 Changes to settings.dist.py / local_settings.py

• Wiz Parser: Add SCA parser and fortify old format @Maffooch (#10905)
• Add support for Invicti parser through Netsparker @Maffooch (#10894)

🚀 API features and enhancements

• JSON Parsing Errors: Make errors less verbose @Maffooch (#10891)

🐛 Bug Fixes

• Product API scan config: Display view scan configs button for all products @Maffooch (#10889)

🖌 Updates in UI

• Product API scan config: Display view scan configs button for all products @Maffooch (#10889)

2.38.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.38.0

• ✨ add epss for aqua parser #10849 @manuel-sommer (#10855)
• fix(edit-prod): Add assigned PT to queryset @kiblik (#10843)

🚩 Changes to settings.dist.py / local_settings.py

• fix: dojo.JIRA_Instance.default_issue_type: (fields.E005) 'choices' @kiblik (#10864)
• Add new parser - Threat Composer @arivra (#10795)
• Add new parser - Legitify @damianpr (#10797)

🚩 Database migration

• Dynamic Parsing: Add flag to indicate new test types @Maffooch (#10871)

🚀 API features and enhancements

• Dynamic Parsing: Add flag to indicate new test types @Maffooch (#10871)

🐛 Bug Fixes

• Reimport: Set Vulnerability ID from incoming finding @Maffooch (#10870)

🖌 Updates in UI

• feat(ui): Make ProdType clickable (in Prod detail) @kiblik (#10840)

🧰 Maintenance

• Bump cryptography from 43.0.0 to 43.0.1 @dependabot (#10858)

2.38.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.37.0

• Bugfix -> Dev: Release 2.38.0 @Maffooch (#10851)
• fix(helm): Longer wait for DB @kiblik (#10818)
• feat(unittest): Not avoid PLW1514 @kiblik (#10812)
• Ruff: Add and fix ARG003,4,5 @kiblik (#10702)
• Ruff: Add and fix TCH @kiblik (#10700)
• 🐛 fix npm audit v7+, issue #10801 @manuel-sommer (#10813)
• fixes reimporter to ensure that risk accepted findings do not get mitigated @lme-nca (#9050)
• Improved naming of discovered findings filter and add same for mitigated @quirinziessler (#10429)
• Checkmarx one SCA parser fix @adamtimmins (#10770)
• Add AWS ARN for the specific offending Resource into the Description of the ASFF parser @testaccount90009 (#10761)
• Fixed extraEnv in Chart Values after upgrade @DevSecOps-Isotrol (#10731)
• Appcheck null byte fix @dogboat (#10804)
• Finding hash/dedupe changes @dogboat (#10386)
• Pinning Chrome version @cneill (#10805)
• #10732 Prowler v4 importer ignores muted findings @ivan-morhun (#10750)
• upd: [helm] resource optimization @Bagautdino (#10768)
• restore relative date filter for findings @hblankenship (#10760)
• feat(helm): Use --wait during tests @kiblik (#10744)
• fix(helm): Break circular dependency @kiblik (#10740)
• Ruff: Add and fix PLW15 @kiblik (#10706)
• if severity not enforced do not notify @hblankenship (#10776)
• OS Docs - Add accurate password for DefectDojo demo site @paulOsinski (#10759)
• No Docker build checks in GHA @cneill (#10747)
• Ruff: Add and fix RUF1,2 @kiblik (#10709)
• Ruff: Add and fix RUF013 @kiblik (#10711)
• Ruff: Add and fix RUF019 @kiblik (#10716)
• Ruff: Add and fix RUF025 @kiblik (#10717)
• Ruff: Add and fix A004 @kiblik (#10697)
• Ruff: Add and fix G001 and G002 @kiblik (#10698)
• Ruff: Add and fix INT @kiblik (#10701)
• Ruff: Add and fix PLE @kiblik (#10705)
• 🐛 fix nmap parser, add script output #10456 @manuel-sommer (#10739)
• Ruff: Solve F821 @kiblik (#9751)
• Ruff: Add and fix D3 @kiblik (#10083)
• fix(k8s): run k8s test on the latest version of k8s and minikube @kiblik (#10737)
• fix(helm): Add port support to ingress netpol @C4tWithShell (#10689)
• fix aqua parser #10585 @manuel-sommer (#10725)
• helm: helm chart enhancements @mikesindieiev (#10612)
• Ruff: Add some harmless rules @kiblik (#10718)
• fix(helm): Remove leftover from debugging (db-migration-checker) @kiblik (#10683)
• fix(docs): Typo in "Release Notes" link @kiblik (#10682)

🚩 Changes to settings.dist.py / local_settings.py

• feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)
• Ruff: Add and fix RUF005 @kiblik (#10714)
• Ruff: add and fix FBT001 & FBT003 @kiblik (#10085)
• Ruff: Add and fix FURB @kiblik (#10708)
• Ruff: Add and fix some TD rules @kiblik (#10704)
• Appcheck web application scanner parser @dogboat (#10723)
• feat(django): Upgrade to 5.0 @kiblik (#10409)

🚩 Security

• Permission fixes @Maffooch (#10713)
• Update to Django 4.2.15 @Maffooch (#10703)

🚀 API features and enhancements

• Ruff: Add and fix RUF005 @kiblik (#10714)
• Ruff: Add and fix FURB @kiblik (#10708)
• Ruff: Add and fix some TD rules @kiblik (#10704)
• Ruff: Add and fix RUF001,2,3 @kiblik (#10710)

🐛 Bug Fixes

• Permission fixes @Maffooch (#10713)

🖌 Updates in UI

• feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)
• fix(ruff): Findings from upgrade to 0.6.1 @kiblik (#10775)
• Ruff: Add and fix RUF021 @kiblik (#10715)
• Inline finding images on reports @dogboat (#10738)
• Ruff: Add and fix FURB @kiblik (#10708)
• Ruff: Add and fix RUF001,2,3 @kiblik (#10710)
• Add anonymous questionnaire to engagement @dogboat (#10734)

🗣 Updates in localization

• Ruff: Add and fix RUF001,2,3 @kiblik (#10710)

🧰 Maintenance

• Bump ruff from 0.6.2 to 0.6.3 @dependabot (#10830)
• Bump boto3 from 1.35.8 to 1.35.9 @dependabot (#10831)
• Bump python-gitlab from 4.9.0 to 4.10.0 @dependabot (#10822)
• Bump boto3 from 1.35.6 to 1.35.8 @dependabot (#10826)
• Bump django-dbbackup from 4.1.0 to 4.2.1 @dependabot (#10807)
• Bump boto3 from 1.35.2 to 1.35.6 @dependabot (#10816)
• Bump ruff from 0.6.1 to 0.6.2 @dependabot (#10800)
• Remove DebugPy @Maffooch (#10692)
• Bump boto3 from 1.35.0 to 1.35.2 @dependabot (#10794)
• Bump openapitools/openapi-generator-cli from v7.7.0 to v7.8.0 @dependabot (#10781)
• Bump boto3 from 1.34.162 to 1.35.0 @dependabot (#10780)
• Bump markdown from 3.6 to 3.7 @dependabot (#10779)
• Bump boto3 from 1.34.161 to 1.34.162 @dependabot (#10771)
• Bump boto3 from 1.34.160 to 1.34.161 @dependabot (#10764)
• Bump pdfmake from 0.2.11 to 0.2.12 in /components @dependabot (#10766)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.36.0 to v1.37.0 (helm/defectdojo/values.yaml) @renovate (#10762)
• Bump boto3 from 1.34.159 to 1.34.160 @dependabot (#10756)
• Bump cpe from 1.2.1 to 1.3.0 @dependabot (#10751)
• Bump boto3 from 1.34.158 to 1.34.159 @dependabot (#10752)
• Bump lxml from 5.2.2 to 5.3.0 @dependabot (#10742)
• Bump boto3 from 1.34.157 to 1.34.158 @dependabot (#10741)
• chore(deps): update postgres docker tag from 16.3 to v16.4 (docker-compose.yml) @renovate (#10724)
• Bump pdfmake from 0.2.10 to 0.2.11 in /components @dependabot (#10728)
• Bump boto3 from 1.34.156 to 1.34.157 @dependabot (#10729)
• Bump ruff from 0.5.6 to 0.5.7 @dependabot (#10730)
• Bump boto3 from 1.34.155 to 1.34.156 @dependabot (#10720)
• Rest Framework: Remove Parallel + Shuffle @Maffooch (#10696)
• Bump boto3 from 1.34.154 to 1.34.155 @dependabot (#10695)
• chore(deps): update dependency postcss from 8.4.40 to v8.4.41 (docs/package.json) @renovate (#10681)
• Bump boto3 from 1.34.153 to 1.34.154 @dependabot (#10687)
• Bump python-gitlab from 4.8.0 to 4.9.0 @dependabot (#10685)
• Bump sqlalchemy from 2.0.31 to 2.0.32 @dependabot (#10688)
• Bump ruff from 0.5.5 to 0.5.6 @dependabot (#10676)

2.37.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.37.2

• Fixed extraEnv in Chart Values after upgrade @DevSecOps-Isotrol (#10731)
• Appcheck null byte fix @dogboat (#10804)
• Finding hash/dedupe changes @dogboat (#10386)
• Pinning Chrome version @cneill (#10805)

🚩 Changes to settings.dist.py / local_settings.py

• feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)

🖌 Updates in UI

• feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)

2.37.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.37.1

• restore relative date filter for findings @hblankenship (#10760)
• feat(helm): Use --wait during tests @kiblik (#10744)
• fix(helm): Break circular dependency @kiblik (#10740)
• if severity not enforced do not notify @hblankenship (#10776)
• OS Docs - Add accurate password for DefectDojo demo site @paulOsinski (#10759)
• No Docker build checks in GHA @cneill (#10747)
• 🐛 fix nmap parser, add script output #10456 @manuel-sommer (#10739)

🖌 Updates in UI

• Inline finding images on reports @dogboat (#10738)

2.37.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.37.0

• fix(k8s): run k8s test on the latest version of k8s and minikube @kiblik (#10737)
• fix aqua parser #10585 @manuel-sommer (#10725)
• fix(helm): Remove leftover from debugging (db-migration-checker) @kiblik (#10683)
• fix(docs): Typo in "Release Notes" link @kiblik (#10682)

🚩 Changes to settings.dist.py / local_settings.py

• Appcheck web application scanner parser @dogboat (#10723)

🚩 Security

• Permission fixes @Maffooch (#10713)
• Update to Django 4.2.15 @Maffooch (#10703)

🐛 Bug Fixes

• Permission fixes @Maffooch (#10713)

🖌 Updates in UI

• Add anonymous questionnaire to engagement @dogboat (#10734)

🧰 Maintenance

• Rest Framework: Remove Parallel + Shuffle @Maffooch (#10696)

2.37.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.36.0

• fix(multiselectfield): Use original repo @kiblik (#10420)
• Feature addition: Wizcli Parser @OsamaMahmood (#10603)
• Parser name matches module name test @cneill (#10656)
• remove coverage from requirements.txt @manuel-sommer (#10565)
• 🐛 fix Bearer CLI missing Scan Type #10652 @manuel-sommer (#10654)
• remove defusedxml in favor of lxml @manuel-sommer (#9840)
• 🐛 extend aqua format issue #10611 @manuel-sommer (#10616)
• feat(initContainer): Tune start-up process @kiblik (#10454)
• remove outdated skip_duplicates API reference from docs @paulOsinski (#10615)
• Aqua: Update parser deduplication criteria 🐛 @manuel-sommer (#10595)
• Aqua: Improve exception handling for reports without vulnerabilities 🐛 @manuel-sommer (#10594)
• Test Types: Return support for disabling test types via the active flag @Maffooch (#10562)
• fix: Dockerfile warnings @fcecagno (#10505)
• Import: leverage the minimum severity flag @Maffooch (#10550)
• Bulk Edit: Add note when pushing finding to jira @Maffooch (#10545)
• Fix(django): Upgrade of 4.2.14 @kiblik (#10553)
• fix(deps): build psycopg3 instead of using pre-build binary @gietschess (#10491)
• Allow setting --max-fd argument to uwsgi to stop it from getting OOMKilled in Kubernetes @tmablunar (#10384)
• fix(flake8): remove leftover @kiblik (#10539)
• Ruff: add and fix G1 and G2 @kiblik (#10088)
• fix(doc): Breaking Change for HELM deployments with PostgreSQL @kiblik (#10524)
• Ruff: Address migrations, reduce redundancy, and remove Flake8 @Maffooch (#10494)
• Direct Renovate to ignore MySQL and RabbitMQ packages @cneill (#10512)
• fix(docker-compose): Remove 'version' from docker-compose @kiblik (#10519)
• fix(doc): Disable markup.highlight.guessSyntax + enable mermaid @kiblik (#10509)
• fix(helm-psql): Drop pinning of old version of postgresql @kiblik (#10507)
• extend AWS prowler v3 parser @kagahd (#10372)
• Feat(psql): Use psycopg3 @kiblik (#10348)
• fix(helm-celery): Drop unused variable logLevel @kiblik (#10468)
• Revert "Shuffle tests" @Maffooch (#10495)
• Ruff: add and fix TID @kiblik (#10113)

💣 Breaking Changes

• Remove MySQL and RabbitMQ @Maffooch (#10661)

🚩 Changes to settings.dist.py / local_settings.py

• Remove MySQL and RabbitMQ @Maffooch (#10661)
• Add new parser - Rapplex @AlperenY-cs (#10202)
• New Parser: Kiuwan SCA @mwager (#10522)
• Deprecate Python-jose and migrate okta to python_social_auth @manuel-sommer (#10117)
• 🐛 fix typo in settings.disty.py, #10529 @manuel-sommer (#10534)
• Ruff: Add and fix Q000 @kiblik (#10095)
• Ruff: add and fix COM @kiblik (#10086)

🚩 Database migration

• Listing Tables: Add toggle switch in system settings @Maffooch (#10617)

🚀 General features and enhancements

• Rest Framework Tests: Improve speed and repeatability @Maffooch (#10503)

🚀 API features and enhancements

• Remove MySQL and RabbitMQ @Maffooch (#10661)
• Uploaded File Management: Centralize file serving and bolster error handling @Maffooch (#10638)
• Ruff: add and fix T20 @kiblik (#10091)
• /import helptext correction: endpoint_to_add @paulOsinski (#10582)
• Ruff: Add and fix Q000 @kiblik (#10095)
• fix(api-notif): Fix order of validators @kiblik (#10533)
• API: Convert get_filterset calls to get_queryset @Maffooch (#10543)
• Rest Framework Tests: Improve speed and repeatability @Maffooch (#10503)
• Ruff: add and fix COM @kiblik (#10086)
• Mark Finding properties related_fields, jira_creation and jira_change as nullable @ccronca (#10371)
• Ruff: add and fix Q (except Q000) @kiblik (#10094)

🐛 Bug Fixes

• Report ToC: Expand on whitespace escaping @Maffooch (#10646)
• Importer: Correct logic bug for empty scan reports @Maffooch (#10645)
• Refresh Helm Chart Lock File: The removal @Maffooch (#10641)
• Benchmarks: Add additional permissions for AJAX calls @Maffooch (#10640)
• Finding notes cascading deletes @dogboat (#10636)
• Engagement: Add missing permission check to view an Engagement @Maffooch (#10639)
• Uploaded File Management: Centralize file serving and bolster error handling @Maffooch (#10638)
• Update Qualys WebApp parser to use DefusedXML @Maffooch (#10637)
• Option Compression: Accommodate unsaved objects a bit better @Maffooch (#10623)
• Finding Open/Close/Review: Enforce more status standardization @Maffooch (#10606)
• Option Compression: add some polish @Maffooch (#10583)
• Close Findings: Push notes if push notes is enabled @Maffooch (#10581)
• Endpoint get or create: Do not raise warning when there is an existing endpoint @Maffooch (#10555)

🖌 Updates in UI

• Bugfix -> Dev for 2.37.0 @Maffooch (#10677)
• report-builder-sort-fixes Fix report builder finding and endpoints widgets @dogboat (#10650)
• Cosmetic UX change - clickable product metrics - redirect to findings with severity filter @KJana12 (#10613)
• Groups/users labels text @dogboat (#10663)
• Report ToC: Expand on whitespace escaping @Maffooch (#10646)
• creds-notes-fixes Some updates to creds/cred-related notes @dogboat (#10644)
• Listing Tables: Add toggle switch in system settings @Maffooch (#10617)
• Delete Preview: Expand on missed objects @Maffooch (#10564)
• Some Reporting Updates @dogboat (#10563)
• Ruff: Add and fix Q000 @kiblik (#10095)
• Ruff: add and fix COM @kiblik (#10086)
• Ruff: add and fix Q (except Q000) @kiblik (#10094)
• Ruff: add and fix PIE @kiblik (#10090)

🧰 Maintenance

• Remove MySQL and RabbitMQ @Maffooch (#10661)
• chore(deps): update dependency autoprefixer from 10.4.19 to v10.4.20 (docs/package.json) @renovate (#10672)
• Bump asteval from 1.0.1 to 1.0.2 @dependabot (#10671)
• Bump pyjwt from 2.8.0 to 2.9.0 @dependabot (#10670)
• Bump boto3 from 1.34.151 to 1.34.152 @dependabot (#10669)
• Bump redis from 5.0.7 to 5.0.8 @dependabot (#10659)
• Bump boto3 from 1.34.150 to 1.34.151 @dependabot (#10658)
• Bump boto3 from 1.34.149 to 1.34.150 @dependabot (#10653)
• Bump nginx from a45ee5d to 208b70e @dependabot (#10643)
• Bump ruff from 0.5.4 to 0.5.5 @dependabot (#10635)
• Bump boto3 from 1.34.148 to 1.34.149 @dependabot (#10634)
• Bump boto3 from 1.34.147 to 1.34.148 @dependabot (#10632)
• Bump packageurl-python from 0.15.4 to 0.15.6 @dependabot (#10633)
• Update redis:7.2.5-alpine Docker digest from 7.2.5 to 7.2.5-alpine (docker-compose.yml) @renovate (#10609)
• Update dependency postcss from 8.4.39 to v8.4.40 (docs/package.json) @renovate (#10624)
• Update nginx/nginx-prometheus-exporter Docker tag from 1.2.0 to v1.3.0 (helm/defectdojo/values.yaml) @renovate (#10625)
• Update postgres:16.3-alpine Docker digest from 16.3 to 16.3-alpine (docker-compose.yml) @renovate (#10608)
• Bump boto3 from 1.34.145 to 1.34.147 @dependabot (#10621)
• Bump django-crispy-forms from 2.2 to 2.3 @dependabot (#10601)
• Bump cryptography from 42.0.8 to 43.0.0 @dependabot (#10599)
• Bump ruff from 0.5.3 to 0.5.4 @dependabot (#10600)
• Bump ruff from 0.5.2 to 0.5.3 @dependabot (#10588)
• Bump boto3 from 1.34.144 to 1.34.145 @dependabot (#10587)
• Bump vulners from 2.1.7 to 2.2.0 @dependabot (#10579)
• Bump python-gitlab from 4.7.0 to 4.8.0 @dependabot (#10580)
• Bump fontawesomefree from 6.5.1 to 6.6.0 @dependabot (#10578)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.35.4 to v1.36.0 (helm/defectdojo/values.yaml) @renovate (#10577)
• Bump justgage from 1.6.1 to 1.7.0 in /components @dependabot (#10574)
• Bump ruff from 0.5.1 to 0.5.2 @dependabot (#10567)
• Bump boto3 from 1.34.143 to 1.34.144 @dependabot (#10569)
• Bump packageurl-python from 0.15.3 to 0.15.4 @dependabot (#10570)
• Bump social-auth-app-django from 5.4.1 to 5.4.2 @dependabot (#10568)
• Bump coverage from 7.5.4 to 7.6.0 @dependabot (#10560)
• Bump asteval from 1.0.0 to 1.0.1 @dependabot (#10561)
• Bump djangorestframework from 3.14.0 to 3.15.2 @dependabot (#10431)
• Bump boto3 from 1.34.142 to 1.34.143 @dependabot (#10558)
• Bump django-debug-toolbar from 4.4.5 to 4.4.6 @dependabot (#10557)
• Bump boto3 from 1.34.141 to 1.34.142 @dependabot (#10551)
• Bump packageurl-python from 0.15.2 to 0.15.3 @dependabot (#10541)
• Bump boto3 from 1.34.140 to 1.34.141 @dependabot (#10542)
• Bump django-debug-toolbar from 4.4.4 to 4.4.5 @dependabot (#10527)
• Bump openapitools/openapi-generator-cli from v7.6.0 to v7.7.0 @dependabot (#10531)
• Bump boto3 from 1.34.139 to 1.34.140 @dependabot (#10528)
• Bump django-split-settings from 1.3.1 to 1.3.2 @dependabot (#10526)
• Bump humanize from 4.9.0 to 4.10.0 @dependabot (#10525)
• Update dependency ruff from 0.5.0 to v0.5.1 (requirements-lint.txt) @renovate (#10521)
• Bump django-debug-toolbar from 4.4.2 to 4.4.4 @dependabot (#10520)
• Bump boto3 from 1.34.138 to 1.34.139 @dependabot (#10518)
• Bump psycopg[binary] from 3.1.19 to 3.2.1 @dependabot (#10517)
• Bump packageurl-python from 0.15.1 to 0.15.2 @dependabot (#10516)
• Bump boto3 from 1.34.137 to 1.34.138 @dependabot (#10508)
• Bump boto3 from 1.34.136 to 1.34.137 @dependabot (#10489)
• Bump asteval from 0.9.33 to 1.0.0 @dependabot (#10488)
• Bump drf-spectacular-sidecar from 2024.6.1 to 2024.7.1 @dependabot (#10479)
• Bump pillow from 10.3.0 to 10.4.0 @dependabot (#10482)
• Update dependency postcss from 8.4.38 to v8.4.39 (docs/package.json) @renovate (#10476)
• Bump openpyxl from 3.1.4 to 3.1.5 @dependabot (#10478)
• Bump django-test-migrations from 1.3.0 to 1.4.0 @dependabot (#10481)
• Bump boto3 from 1.34.135 to 1.34.136 @dependabot (#10480)
• Update dependency ruff from 0.4.10 to v0.5.0 (requirements-lint.txt) @renovate (#10466)
• Bump python-gitlab from 4.6.0 to 4.7.0 @dependabot...

2.36.6 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

🚩 Database migration

• Listing Tables: Add toggle switch in system settings @Maffooch (#10617)

🚀 API features and enhancements

• Uploaded File Management: Centralize file serving and bolster error handling @Maffooch (#10638)

🐛 Bug Fixes

• Report ToC: Expand on whitespace escaping @Maffooch (#10646)
• Importer: Correct logic bug for empty scan reports @Maffooch (#10645)
• Refresh Helm Chart Lock File: The removal @Maffooch (#10641)
• Benchmarks: Add additional permissions for AJAX calls @Maffooch (#10640)
• Finding notes cascading deletes @dogboat (#10636)
• Engagement: Add missing permission check to view an Engagement @Maffooch (#10639)
• Uploaded File Management: Centralize file serving and bolster error handling @Maffooch (#10638)
• Update Qualys WebApp parser to use DefusedXML @Maffooch (#10637)
• 🐛 extend aqua format issue #10611 @manuel-sommer (#10616)

🖌 Updates in UI

• Report ToC: Expand on whitespace escaping @Maffooch (#10646)
• creds-notes-fixes Some updates to creds/cred-related notes @dogboat (#10644)
• Listing Tables: Add toggle switch in system settings @Maffooch (#10617)

2.36.5 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

🐛 Bug Fixes

• remove outdated skip_duplicates API reference from docs @paulOsinski (#10615)
• Option Compression: Accommodate unsaved objects a bit better @Maffooch (#10623)
• Finding Open/Close/Review: Enforce more status standardization @Maffooch (#10606)

2.36.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

🚀 API features and enhancements

• /import helptext correction: endpoint_to_add @paulOsinski (#10582)

🐛 Bug Fixes

• Option Compression: add some polish @Maffooch (#10583)
• Close Findings: Push notes if push notes is enabled @Maffooch (#10581)
• Aqua: Update parser deduplication criteria 🐛 @manuel-sommer (#10595)
• Aqua: Improve exception handling for reports without vulnerabilities 🐛 @manuel-sommer (#10594)