Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.
Changes since 2.17.0
- Release: Merge back 2.18.0 into dev from: master-into-dev/2.18.0-2.19.0-dev @github-actions (#7356)
- Release: Merge release into master from: release/2.18.0 @github-actions (#7355)
- Fix helm unit test duplicate 'key' value in secretKeyRef @nnamzlas (#7203)
- Localization: Mark PRs + release notes @kiblik (#7350)
- Enable remote RabbitMQ @cybercapsicum (#7266)
- Optimize call db query for product page @shipko (#7338)
- Prepare for bugfix branch and release cadence @Maffooch (#7308)
- Upgrade notes @dsever (#7331)
- Added exact product name filter @blakeaowens (#7329)
- Address K8 rate limiting issue @Maffooch (#7320)
- Set Veracode "Fixed" findings as mitigated @coheigea (#7307)
- Fixing error when grype location is empty @coheigea (#7302)
- Fix bug in the reimporter if Verified is None @coheigea (#7303)
- Dependency Check parser.py update @security101 (#6439)
- Update rabbit chart version @dsever (#7306)
- Fix open endpoint count @coheigea (#7292)
- Fix 404 for Metrics/Endpoints @coheigea (#7285)
- Show vulnerable hosts / endpoints in the Endpoint product tab @coheigea (#7282)
- Change Endpoint.host_mitigated_endpoints not to include active Findings @coheigea (#7273)
- Add OS Security Index Badge [skip actions] @Maffooch (#7272)
- Typos in samples (Verified: Trued) @Hunroll (#7262)
- "Duplicates" marked as "Active" after deleting a engagement with those findings "Mitigated" @adrianasantex (#7211)
- Updated edgescan parser and documentation @ShayVD (#7249)
- Release: Merge back 2.17.0 into dev from: master-into-dev/2.17.0-2.18.0-dev @github-actions (#7245)
π© Changes to settings.dist.py / local_settings.py
- Add AUDITLOG_DISABLE_ON_RAW_SAVE to Settings @Maffooch (#7319)
- Upgrade to FontAwesomeFree 6.2.1 @blakeaowens (#7304)
- Add endpoints to Qualys dedupe settings @Maffooch (#7289)
- Add an ability to change SAML AUTHENTICATION_BACKENDS by the env var @s2504s (#7252)
π© Database migration
- Bump pytz from 2022.6 to 2022.7 @dependabot (#7299)
π API features and enhancements
- Importer + Re-Importer are setting active/verified to false by default @coheigea (#7269)
- Replace url() by re_path(), ugettext_lazy() by gettext_lazy(), filter_fields by filterset_fields, filter_class by filterset_class, assertEquals by assertEqual for Django 4.x @Maffooch (#7258)
- Fix verified/active logic in the re-importer @coheigea (#7135)
π Bug Fixes
- Fix: removing typo from PVC name @dsever (#7333)
- Survey Bugs: Submit multichoice question, 500 when editing name @Maffooch (#7316)
π Updates in UI
- Dev @devGregA (#7351)
- Fix for CSS issue for EasyMDE table icon @blakeaowens (#7328)
- Add last login field to users page @Maffooch (#7318)
- Survey Bugs: Submit multichoice question, 500 when editing name @Maffooch (#7316)
- Upgrade to FontAwesomeFree 6.2.1 @blakeaowens (#7304)
- Fix regression in blocktranslate @coheigea (#7301)
- Fix for overscroll issue @blakeaowens (#7291)
- Add support to the bulk findings menu to be able to change the findin⦠@coheigea (#7286)
- Translate product type @shipko (#7255)
π§° Maintenance
- Bump coverage from 7.0.1 to 7.0.2 @dependabot (#7349)
- Bump numpy from 1.24.0 to 1.24.1 @dependabot (#7326)
- Bump pillow from 9.3.0 to 9.4.0 @dependabot (#7343)
- Bump cryptography from 38.0.4 to 39.0.0 @dependabot (#7344)
- Bump gitpython from 3.1.29 to 3.1.30 @dependabot (#7334)
- Bump boto3 from 1.26.37 to 1.26.41 @dependabot (#7345)
- Update release-drafter/release-drafter action from v5.21.1 to v5.22.0 (.github/workflows/release-drafter.yml) @renovate (#7347)
- Bump supervisor from 4.2.4 to 4.2.5 @dependabot (#7322)
- Bump coverage from 7.0.0 to 7.0.1 @dependabot (#7324)
- Bump python from
555dcc9to8f39972@dependabot (#7323) - Bump boto3 from 1.26.36 to 1.26.37 @dependabot (#7325)
- Add AUDITLOG_DISABLE_ON_RAW_SAVE to Settings @Maffooch (#7319)
- Bump boto3 from 1.26.35 to 1.26.36 @dependabot (#7317)
- Bump djangosaml2 from 1.5.4 to 1.5.5 @dependabot (#7313)
- Bump boto3 from 1.26.34 to 1.26.35 @dependabot (#7314)
- Bump jquery from 3.6.2 to 3.6.3 in /components @dependabot (#7309)
- Bump boto3 from 1.26.33 to 1.26.34 @dependabot (#7310)
- Bump pdfmake from 0.2.6 to 0.2.7 in /components @dependabot (#7297)
- Bump pytz from 2022.6 to 2022.7 @dependabot (#7299)
- Bump pycurl from 7.45.1 to 7.45.2 @dependabot (#7294)
- Bump numpy from 1.23.3 to 1.24.0 @dependabot (#7296)
- Bump drf-spectacular from 0.25.0 to 0.25.1 @dependabot (#7295)
- Bump boto3 from 1.26.32 to 1.26.33 @dependabot (#7305)
- Update redis Docker tag from 7.0.6 to v7.0.7 (docker-compose.yml) @renovate (#7290)
- Bump coverage from 6.5.0 to 7.0.0 @dependabot (#7293)
- Bump boto3 from 1.26.31 to 1.26.32 @dependabot (#7298)
- Bump nginx from 1.23.2-alpine to 1.23.3-alpine @dependabot (#7300)
- Bump boto3 from 1.26.30 to 1.26.31 @dependabot (#7287)
- Bump boto3 from 1.26.29 to 1.26.30 @dependabot (#7284)
- Bump google-api-python-client from 2.69.0 to 2.70.0 @dependabot (#7276)
- Bump drf-spectacular from 0.24.2 to 0.25.0 @dependabot (#7278)
- Update rabbitmq Docker tag from 3.11.4 to v3.11.5 (docker-compose.yml) @renovate (#7281)
- Update manusa/actions-setup-minikube action from v2.7.1 to v2.7.2 (.github/workflows/k8s-testing.yml) @renovate (#7275)
- Bump lxml from 4.9.1 to 4.9.2 @dependabot (#7279)
- Bump jquery from 3.6.1 to 3.6.2 in /components @dependabot (#7280)
- Bump boto3 from 1.26.28 to 1.26.29 @dependabot (#7277)
- Bump sqlalchemy from 1.4.44 to 1.4.45 @dependabot (#7263)
- Bump boto3 from 1.26.26 to 1.26.28 @dependabot (#7270)
- Bump google-auth-oauthlib from 0.7.1 to 0.8.0 @dependabot (#7271)
- Update redis Docker tag from 7.0.5 to v7.0.6 (docker-compose.yml) @renovate (#7268)
- Bump python from 3.11.0-slim-bullseye to 3.11.1-slim-bullseye @dependabot (#7265)
- Update redis:7.0.5-alpine Docker digest from 7.0.5 to v (docker-compose.yml) @renovate (#7267)
- Update dependency postcss from 8.4.19 to v8.4.20 (docs/package.json) @renovate (#7259)
- Bump django-ratelimit from 3.0.1 to 4.0.0 @dependabot (#7233)
- Replace url() by re_path(), ugettext_lazy() by gettext_lazy(), filter_fields by filterset_fields, filter_class by filterset_class, assertEquals by assertEqual for Django 4.x @Maffooch (#7258)
- Bump google-api-python-client from 2.68.0 to 2.69.0 @dependabot (#7256)
- Bump boto3 from 1.26.24 to 1.26.26 @dependabot (#7257)
- Bump boto3 from 1.26.23 to 1.26.24 @dependabot (#7248)
- Bump redis from 4.3.5 to 4.4.0 @dependabot (#7231)