Changes
See upgrade notes for details on upgrading:https://defectdojo.readthedocs.io/en/latest/upgrading.html
💣 Breaking changes
- Move charts to bitnami's repo @madchap (#2859)
- JIRA: Allow config per engagement, incl big JIRA refactor @valentijnscholten (#3200)
🚩 Requires settings change
- Acunetix parser: Import all affected items + technical details @steeve85 (#2289)
- performance: optimize a bit view_finding, max similar findings=25 @valentijnscholten (#3293)
- Various bug fixes in various places @Maffooch (#3308)
- sla notify: disable by default, add explanation to settings @valentijnscholten (#3289)
- Celery: only send model ids and not full instances @valentijnscholten (#3092)
🚀 Features and enhancements
- tags: add testcases @valentijnscholten (#3324)
- reimport: set component_name&version on existing findings @valentijnscholten (#3288)
- API_V2 : Add metadata operation on findings endpoints @RomainJufer (#3254)
- performance: optimize a bit view_finding, max similar findings=25 @valentijnscholten (#3293)
- Various bug fixes in various places @Maffooch (#3308)
- sla notify: disable by default, add explanation to settings @valentijnscholten (#3289)
- Reintroduce HTML report builder @Maffooch (#3250)
- JIRA: Allow config per engagement, incl big JIRA refactor @valentijnscholten (#3200)
- Celery: only send model ids and not full instances @valentijnscholten (#3092)
- jira: set jira_project when creating JIRA_Issue @valentijnscholten (#3294)
- Set flag for auto refresh of alert/counts @Maffooch (#3275)
🐛 Bug Fixes
- apiv2: set mitigated date if applicable @keenan-v1 (#3285)
- Acunetix parser: Import all affected items + technical details @steeve85 (#2289)
- Correct filter for findings for non-staff users @StefanFl (#3339)
- jira: fix add/edit engagement if no jira config used @valentijnscholten (#3335)
- fix importing aws securityhub timestamp @Enigmatyk (#3329)
- Fix Product Metrics link to false positives. @tohch4 (#3334)
- jira_webhook: improve error handling @valentijnscholten (#3321)
- Nikto quick fix to hostname/url parsing (fixes #3268) @madchap (#3318)
- reimport: don't try to set component_name for absent findings @valentijnscholten (#3331)
- debug_toolbar: add known issue + fix for static files @valentijnscholten (#3309)
- Added steps to reproduce in Jira Description Template @FallenAtticus (#2990)
- aws security hub: fix handling of missing lastObservedAt @valentijnscholten (#3277)
- jira: fix mailto link in description @valentijnscholten (#3281)
- jira: split url handling for issues and projects @valentijnscholten (#3284)
- Various bug fixes in various places @Maffooch (#3308)
- Allow re-import scan to function without JIRA @Maffooch (#3295)
- Fix Accepted Risk reporter/owner in engineer metrics @Maffooch (#3297)
- Fix JIRA owner instead of reporter @madchap (#3282)
- settings.dist.py: reduce default log level from DEBUG to INFO @valentijnscholten (#3280)
- jira: use correct url for dojo_alert notification @valentijnscholten (#3273)
- Update open finding definition on product level @Maffooch (#3267)
- uwsgi: increase default buffer-size @valentijnscholten (#3269)
- Change encoding from utf-8 to utf-8-sig @jhamba (#2583)
- Commented out print statement 'ready(): initializing watson' as it breaks 'manage.py dumpdata' @mtesauro (#3274)
- Fix NoneType error on Metrics page @danielnaab (#3323)
- unittests: delete erroneously committed empty ZoneIdentifier metatdata files @valentijnscholten (#3304)
🧰 Maintenance
- build(deps): bump django-celery-results from 1.2.1 to 2.0.0 @dependabot-preview (#3311)
- Move charts to bitnami's repo @madchap (#2859)
- chore(deps): update mysql:5.7.32 docker digest to ec6742a (docker-compose.yml) @renovate (#3300)
- chore(deps): update rabbitmq:3.8.9 docker digest to b05476a (docker-compose.yml) @renovate (#3301)
- build(deps): bump google-api-python-client from 1.12.6 to 1.12.8 @dependabot-preview (#3305)
- build(deps): bump django-crispy-forms from 1.9.2 to 1.10.0 @dependabot-preview (#3307)
- Release drafter - add breaking changes section @madchap (#3291)
- build(deps): bump google-api-python-client from 1.12.5 to 1.12.6 @dependabot-preview (#3287)
- build(deps): bump asteval from 0.9.20 to 0.9.21 @dependabot-preview (#3266)
- Update CONTRIBUTING.md @madchap (#3314)
- Update SPONSORING.md @madchap (#3316)
- Update MAINTAINERS.md @madchap (#3315)
- Update CONTRIBUTING.md @madchap (#3317)
- Updated contributing doc to have Python 3.6 instead of 3.5 @mtesauro (#3306)
- Release: Merge release into master from: release/1.10.0 @github-actions (#3344)
- Release: Merge back master into dev from: master-into-dev/1.10.0-dev @github-actions (#3268