Skip to content

Releases: DefectDojo/django-DefectDojo

2.29.3 🌈

18 Dec 15:10
@github-actions github-actions
2.29.3
ae5ff9d
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.29.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.29.2

  • Docs: "Create upgrade notes to documentation" only once @kiblik (#9146)

Contributors

kiblik
Assets 5
Loading

2.29.2 🌈

11 Dec 17:19
@github-actions github-actions
2.29.2
6019c7b
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.29.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.29.1

🐛 Bug Fixes

Contributors

cneill, kiblik, and Maffooch
Assets 3
Loading

2.29.1 🌈

04 Dec 18:44
@github-actions github-actions
2.29.1
24584a8
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.29.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.29.0

Contributors

Maffooch
Assets 3
Loading

2.29.0 🌈

04 Dec 16:22
@github-actions github-actions
2.29.0
bddfe27
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.29.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.28.0

🚩 Changes to settings.dist.py / local_settings.py

🚩 Database migration

  • Notification: Allow to send notification even if there was no change in scan @kiblik (#8959)

🚀 API features and enhancements

  • OpenAPI schema: Use renderer with small size by default @kiblik (#8973)

🐛 Bug Fixes

  • fix metrics to also calculate risk acceptance and duplicate findings. @lme-nca (#9013)

🖌 Updates in UI

  • UI: Show Vuln ID from tool @kiblik (#9034)
  • fix button color in risk acceptance bug @FelixHernandez (#9008)
  • Notification: Allow to send notification even if there was no change in scan @kiblik (#8959)
  • Reporting: Exclude empty fields from report + correct host for HTML reports @Maffooch (#8961)

🧰 Maintenance

Contributors

tomaszn, cneill, and 16 other contributors
Assets 3
Loading

2.28.3 🌈

27 Nov 19:07
@github-actions github-actions
2.28.3
7912214
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.28.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.28.2

  • Fixbug: sonarqube severity property and remove sonarqube whitespace lead and trail properties @biennd279 (#9006)

🚩 Changes to settings.dist.py / local_settings.py

  • Improve DD_DEDUPLICATION_ALGORITHM_PER_PARSER DD_HASHCODE_FIELDS_PER_SCANNER @Gby56 (#9038)

🖌 Updates in UI

Contributors

kiblik, Gby56, and 2 other contributors
Assets 3
Loading

2.28.2 🌈

20 Nov 16:19
@github-actions github-actions
2.28.2
19c4e74
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.28.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.28.1

🚩 Changes to settings.dist.py / local_settings.py

  • fix: Bugcrowd API Import uses legacy dedupe instead of unique id from tool @Gby56 (#8994)

🐛 Bug Fixes

  • fix metrics to also calculate risk acceptance and duplicate findings. @lme-nca (#9013)

Contributors

Gby56 and lme-nca
Assets 3
Loading

2.28.1 🌈

13 Nov 18:10
@github-actions github-actions
2.28.1
393f460
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.28.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.28.0

🖌 Updates in UI

  • Reporting: Exclude empty fields from report + correct host for HTML reports @Maffooch (#8961)

🧰 Maintenance

Contributors

mtesauro, kiblik, and 3 other contributors
Assets 3
Loading

2.28.0 🌈

06 Nov 21:34
@github-actions github-actions
2.28.0
f3d3485
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.28.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.27.0

  • changed function based views to class based views @FelixHernandez (#8929)
  • Add GitHub workflow to protect certain files from modifications @dwalleck (#8927)
  • advance the description of rustyhog @manuel-sommer (#8897)
  • 🎉 added hcl appscan parser #8829 @manuel-sommer (#8858)
  • Implementation of a CSV parser for Sysdig Vulnerability reports @aaronm-sysdig (#8868)
  • fixed mobsf parser, #8860 @manuel-sommer (#8865)
  • [bugfix] Whispers 2.2 report importing support @adeptex (#8891)
  • Enable Auditlog for Product Types @kiblik (#8880)
  • Add sshaudit parser #8837 @manuel-sommer (#8838)
  • Fixed the link in the readme documentation @cy83r14n (#8870)
  • Release: Merge back 2.27.3 into dev from: master-into-dev/2.27.3-2.28.0-dev @github-actions (#8876)
  • Release: Merge back 2.27.3 into bugfix from: master-into-bugfix/2.27.3-2.28.0-dev @github-actions (#8877)
  • Release: Merge release into master from: release/2.27.3 @github-actions (#8875)
  • Add scan_type filter for Test in API @kiblik (#8872)
  • Fix findings and endpoints URLs in notifications @C0wnuts (#8839)
  • Fix Kiuwan CSV import parser @FelixHernandez (#8853)
  • Adjust how error handling is done in Excel and CSV downloads @FelixHernandez (#8864)
  • Update Qualys Parser to aggregate endpoints rather than only store 1 endpoint per Finding @FelixHernandez (#8844)
  • Migrate to Compose V2 for dev branch @trnayan (#8817)
  • Add translation, fix bug, and some improvements for SARIF parser @shipko (#8822)
  • 🎉 Add openvasxml parser #8761 @manuel-sommer (#8789)
  • Adds a code review process section to the contributors guide @dwalleck (#8818)
  • Release: Merge back 2.27.2 into bugfix from: master-into-bugfix/2.27.2-2.28.0-dev @github-actions (#8834)
  • Release: Merge back 2.27.2 into dev from: master-into-dev/2.27.2-2.28.0-dev @github-actions (#8833)
  • Release: Merge release into master from: release/2.27.2 @github-actions (#8832)
  • [ENHANCEMENT] AWS Security Hub parser: include more vulnerability details @tomaszn (#8664)
  • Release: Merge back 2.27.1 into bugfix from: master-into-bugfix/2.27.1-2.28.0-dev @github-actions (#8815)
  • Add integration test fix to bugfix branch (clone of #8783) @Maffooch (#8812)
  • Browser tests should use the latest Chrome stable release @dwalleck (#8783)
  • Check for empty cves array in JFrog Xray API Summary Artifact Parser @mowol (#8779)
  • Missing release notes for 2.27.x @kiblik (#8776)
  • Release: Merge back 2.27.0 into dev from: master-into-dev/2.27.0-2.28.0-dev @github-actions (#8775)

🚩 Changes to settings.dist.py / local_settings.py

  • Release: Merge release into master from: release/2.28.0 @github-actions (#8947)
  • Release: Merge back 2.27.4 into dev from: master-into-dev/2.27.4-2.28.0-dev @github-actions (#8906)
  • Release: Merge release into master from: release/2.27.4 @github-actions (#8903)
  • Configure deduplication algorithm for Kubehunter Scan and kube-bench … @a-ruff (#8881)
  • Feat: Add Threagile parser @avlahop (#8716)
  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🚩 Database migration

  • Release: Merge release into master from: release/2.28.0 @github-actions (#8947)
  • Fix typo in notifications: risk_acceptance_expiration @kiblik (#8869)

🚀 API features and enhancements

  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🖌 Updates in UI

  • Release: Merge back 2.27.4 into dev from: master-into-dev/2.27.4-2.28.0-dev @github-actions (#8906)
  • Release: Merge release into master from: release/2.27.4 @github-actions (#8903)
  • Update deprecated escape sequence @FelixHernandez (#8879)
  • Release: Merge back 2.27.1 into dev from: master-into-dev/2.27.1-2.28.0-dev @github-actions (#8814)
  • Release: Merge release into master from: release/2.27.1 @github-actions (#8813)
  • Validate undefined and null value in criticality column table products @FelixHernandez (#8765)
  • Release: Merge back 2.27.0 into bugfix from: master-into-bugfix/2.27.0-2.28.0-dev @github-actions (#8774)

🧰 Maintenance

  • Update redis Docker tag from 7.2.2 to v7.2.3 (docker-compose.yml) @renovate (#8939)
  • Bump social-auth-core from 4.4.2 to 4.5.0 @dependabot (#8919)
  • Bump boto3 from 1.28.75 to 1.28.77 @dependabot (#8937)
  • Update helm/chart-testing-action action from v2.6.0 to v2.6.1 (.github/workflows/test-helm-chart.yml) @renovate (#8938)
  • Bump uwsgi from 2.0.22 to 2.0.23 @dependabot (#8923)
  • Update rabbitmq Docker tag from 3.12.7 to v3.12.8 (docker-compose.yml) @renovate (#8916)
  • Bump markdown from 3.5 to 3.5.1 @dependabot (#8918)
  • Bump boto3 from 1.28.73 to 1.28.75 @dependabot (#8915)
  • Update helm/chart-testing-action action from v2.4.0 to v2.6.0 (.github/workflows/test-helm-chart.yml) @renovate (#8912)
  • Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.11 to v1.33.13 (helm/defectdojo/values.yaml) @renovate (#8846)
  • Bump crypto-js from 4.1.1 to 4.2.0 in /components @dependabot (#8894)
  • Update mysql Docker tag from 5.7.43 to v5.7.44 (docker-compose.yml) @renovate (#8896)
  • Update rabbitmq:3.12.7-alpine Docker digest from 3.12.7 to 3.12.7-alpine (docker-compose.yml) @renovate (#8900)
  • Bump nginx from 1.25.2-alpine to 1.25.3-alpine @dependabot (#8901)
  • Bump boto3 from 1.28.70 to 1.28.73 @dependabot (#8902)
  • Bump djangosaml2 from 1.7.0 to 1.8.0 @dependabot (#8887)
  • Bump cryptography from 41.0.4 to 41.0.5 @dependabot (#8888)
  • Bump boto3 from 1.28.69 to 1.28.70 @dependabot (#8886)
  • Bump boto3 from 1.28.68 to 1.28.69 @dependabot (#8884)
  • Bump nginx from 4c93a3b to 7272a6e @dependabot (#8873)
  • Update actions/setup-node action from v3 to v4 (.github/workflows/gh-pages.yml) @renovate (#8878)
  • Bump boto3 from 1.28.67 to 1.28.68 @dependabot (#8874)
  • Bump boto3 from 1.28.66 to 1.28.67 @dependabot (#8866)
  • Update redis Docker tag from 7.2.1 to v7.2.2 (docker-compose.yml) @renovate (#8855)
  • Update rabbitmq Docker tag from 3.12.6 to v3.12.7 (docker-compose.yml) @renovate (#8856)
  • Bump gitpython from 3.1.38 to 3.1.40 @dependabot (#8861)
  • Bump boto3 from 1.28.65 to 1.28.66 @dependabot (#8862)
  • Bump boto3 from 1.28.64 to 1.28.65 @dependabot (#8851)
  • Bump social-auth-app-django from 5.3.0 to 5.4.0 @dependabot (#8841)
  • Update redis:7.2.1-alpine Docker digest from 7.2.1 to 7.2.1-alpine (docker-compose.yml) @renovate (#8849)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8848)
  • Update postgres:16.0-alpine Docker digest from 16.0 to 16.0-alpine (docker-compose.yml) @renovate (#8845)
  • Bump urllib3 from 1.26.17 to 1.26.18 @dependabot (#8847)
  • Update release-drafter/release-drafter action from v5.24.0 to v5.25.0 (.github/workflows/release-drafter.yml) @renovate (#8835)
  • Bump boto3 from 1.28.63 to 1.28.64 @dependabot (#8840)
  • Bump gitpython from 3.1.37 to 3.1.38 @dependabot (#8842)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8828)
  • Bump pillow from 10.0.1 to 10.1.0 @dependabot (#8831)
  • Update mysql:5.7.43 Docker digest from 5.7.43 to v (docker-compose.yml) @renovate (#8823)
  • Bump sqlalchemy from 2.0.21 to 2.0.22 @dependabot (#8827)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8825)
  • Bump boto3 from 1.28.62 to 1.28.63 @dependabot (#8826)
  • Update postgres:16.0-alpine Docker digest from 16.0 to 16.0-alpine (docker-compose.yml) @renovate (#8799)
  • Update rabbitmq:3.12.6-alpine Docker digest from 3.12.6 to 3.12.6-alpine (docker-compose.yml) @renovate (#8800)
  • Update stefanzweifel/git-auto-commit-action action from v4.16.0 to v5 (.github/workflows/release-3-master-into-dev.yml) @renovate (#8804)
  • Bump boto3 from 1.28.59 to 1.28.62 @dependabot (#8805)
  • Bump bleach from 6.0.0 to 6.1.0 @dependabot (#8806)
  • Bump markdown from 3.4.4 to 3.5 @dependabot (#8807)
  • Bump vulners from 2.1.0 to 2.1.1 @dependabot (#8810)
  • Update mysql:5.7.43 Docker digest from 5.7.43 to v (docker-compose.yml) @renovate (#8795)
  • Update styfle/cancel-workflow-action action from 0.11.0 to v0.12.0 (.github/workflows/cancel-outdated-workflow-runs.yml) @renovate (#8784)
  • Update redis:7.2.1-alpine Docker digest from 7.2.1 to 7.2.1-alpine (docker-compose.yml) @renovate (#8790)
  • Bump boto3 from 1.28.58 to 1.28.59 @dependabot (#8791)
  • Bump psycopg2-binary from 2.9.8 to 2.9.9 @dependabot (#8792)
  • Bump boto3 from 1.28.57 to 1.28.58 @dependabot (#8780)
  • Bump coverage from 7.3.1 to 7.3.2 @dependabot (#8782)
  • Bump urllib3 from 1.26.11 to 1.26.17 @dependabot (#8777)
  • Bump nginx from 16164a4 to 4c93a3b @dependabot (#8770)

Contributors

dwalleck, tomaszn, and 15 other contributors
Assets 3
Loading

2.27.4 🌈

30 Oct 16:11
@github-actions github-actions
2.27.4
797a80a
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.27.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.27.3

🚩 Changes to settings.dist.py / local_settings.py

  • Configure deduplication algorithm for Kubehunter Scan and kube-bench … @a-ruff (#8881)

🖌 Updates in UI

Contributors

kiblik, FelixHernandez, and 2 other contributors
Assets 3
Loading

2.27.3 🌈

23 Oct 15:20
@github-actions github-actions
2.27.3
584371d
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.27.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.27.2

🧰 Maintenance

Contributors

kiblik, FelixHernandez, and 2 other contributors
Assets 3
Loading