Changes since 2.1.0
- Release: Merge release into master from: release/2.2.0 @github-actions (#5014)
- Master into dev/2.1.0 2.2.0 dev @Maffooch (#4878)
🚩 Requires settings changes, database migration, hash code recomputation
- Restrict deletion of users when used in product related objects @StefanFl (#4903)
- OAuth2: Default group and setting for staff members @StefanFl (#4863)
🚩 Security
- security: update npm path-parse to 1.0.7 @valentijnscholten (#4941)
🚀 New importers
- Add a parser for Aquasecurity's Cloudsploit @axelpavageau (#4916)
- add new parser - Mobsfscan @ansidorov (#4845)
🚀 General features and enhancements
- Add tags to Gitleaks parser @damiencarol (#4996)
- Helm extra volumes @dsever (#4837)
- cargo audit parser repaired @zakrush (#4867)
- Support JSON import of AWS Prowler scans @StefanFl (#4981)
- Don't allow risk acceptance on duplicates @madchap (#4342)
- Initialization of test types @StefanFl (#4979)
- Implementation for Engagement_Presets and Network_Locations API @jpbowie (#4965)
- Endpoint: Fix report generation @kiblik (#4942)
- Added API for Notifications and enhancements for MetaData API @StefanFl (#4904)
- Bugfix and enhancement for SLA notifications @StefanFl (#4896)
- SonarQube: support multiple SQ projects for one product @kiblik (#4676)
- OAuth2: Default group and setting for staff members @StefanFl (#4863)
- UI: Make all select fields searchable @kiblik (#4766)
🐛 Bug Fixes
- Fix 0120 migration when no SQ is configured @valentijnscholten (#5013)
- Semgrep: Add support for INFO severity @valentijnscholten (#5004)
- Fix newline characters in the summary (Jira issue) @Zilborg (#4954)
- Fix Incorrect False positives and Risk accepted metrics @XiChen-Tibco (#4930)
- cargo audit parser repaired @zakrush (#4867)
- Searchable fields are not displayed correctly for multiselect fields @StefanFl (#4894)
- Restrict deletion of users when used in product related objects @StefanFl (#4903)
- ZAP: Fix parsing of empty elements (fixes #4855) @iainrawson (#4935)
- Aws prowler fix @dkade (#4977)
- Truncate Path, Query and Fragment Endpoint Fields to their Max Column Length @J12934 (#4974)
- Update Google sheets to user newer libraries @StefanFl (#4968)
- Support new format of tfsec json @StefanFl (#4960)
- Dockle parser: switch to hash_code based deduplication @SoaAlex (#4886)
- Fix CWE parsing for SARIF parser (#4940) @akitibala (#4943)
- API: list all mandatory fields for FindingCreateSerializer @XiChen-Tibco (#4931)
- Fix and refactor
dojo.models.Finding_Group.components
@AndreyMZ (#4787) - Remove nonexisting file reference in sample data @Maffooch (#4928)
- Two bugfixes for engagemens lists @StefanFl (#4895)
- Fix Endpoint clean in migration @kiblik (#4887)
- AWS Prowler Scan Fix and Enhancement @dkade (#4915)
- Fix heading for intsights @kiblik (#4912)
- Install chromium driver in Python @StefanFl (#4891)
- Bugfix and enhancement for SLA notifications @StefanFl (#4896)
- Nessus parser: Fix error when fqdn is missing @Juu (#4857)
- Two problems with reviews for findings @StefanFl (#4890)
- Minikube update to make k8s tests run successfully again @StefanFl (#4898)
- Fix Pagination issue on paused engagements #4840 @christophe226 (#4846)
- Trivy parser - bugfix for initialization of cvssv3 @StefanFl (#4883)
- Solution for Issue#2835 @XiChen-Tibco (#4868)
📝 Documentation updates
- docs: update java api wrapper/lib info @wurstbrot (#4997)
- Added dd-import to WRAPPERS.md @StefanFl (#4976)
- Documentation: Naming of parser classes @StefanFl (#4908)
🧰 Maintenance
- Bump nginx from
8adf523
tobfe377b
@dependabot (#4999) - Bump python-gitlab from 2.10.0 to 2.10.1 @dependabot (#4998)
- chore(deps): update rabbitmq docker tag from 3.9.4 to v3.9.5 (docker-compose.yml) @renovate (#4993)
- Deprecation notice for legacy authorization @StefanFl (#4982)
- Bump django-tagulous from 1.1.0 to 1.2.0 @dependabot (#4984)
- Bump bleach from 4.0.0 to 4.1.0 @dependabot (#4986)
- chore(deps): update dependency autoprefixer from 10.3.2 to v10.3.3 (docs/package.json) @renovate (#4990)
- Bump django-slack from 5.16.2 to 5.17.6 @dependabot (#4992)
- Add Leak URL to Gitleaks parser @ed-wp (#4959)
- Bump cryptography from 3.4.7 to 3.4.8 @dependabot (#4980)
- chore(deps): update rabbitmq:3.9.4 docker digest from 3.9.4 to 3.9.4 (docker-compose.yml) @renovate (#4978)
- Bump nginx from
f5c8441
to8adf523
@dependabot (#4972) - Bump google-api-python-client from 2.17.0 to 2.18.0 @dependabot (#4975)
- Update Google sheets to user newer libraries @StefanFl (#4968)
- chore(deps): update dependency autoprefixer from 10.3.1 to v10.3.2 (docs/package.json) @renovate (#4966)
- chore(deps): update busybox docker tag from 1.33.1 to v1.34.0 (docker-compose.override.unit_tests_cicd.yml) @renovate (#4964)
- chore(deps): update rabbitmq docker tag from 3.9.3 to v3.9.4 (docker-compose.yml) @renovate (#4955)
- Bump sqlalchemy from 1.4.22 to 1.4.23 @dependabot (#4957)
- Bump social-auth-app-django from 4.0.0 to 5.0.0 @dependabot (#4918)
- chore(deps): update mysql:5.7.35 docker digest from 5.7.35 to v5.7.35 (docker-compose.yml) @renovate (#4947)
- Bump google-auth from 1.34.0 to 1.35.0 @dependabot (#4948)
- Bump django-debug-toolbar from 3.2.1 to 3.2.2 @dependabot (#4945)
- Bump django-split-settings from 1.0.1 to 1.1.0 @dependabot (#4944)
- Bump django-fieldsignals from 0.6.0 to 0.7.0 @dependabot (#4946)
- chore(deps): update rabbitmq docker tag from 3.9.2 to v3.9.3 (docker-compose.yml) @renovate (#4938)
- [GHA - release] Bump chart version when merging master back to dev @madchap (#4923)
- chore(deps): update rabbitmq docker tag from 3.9.1 to v3.9.2 (docker-compose.yml) @renovate (#4929)
- [GHA] Remove un-needed docker login @madchap (#4924)
- Bump nginx from
e22b3ba
tof5c8441
@dependabot (#4927) - Update Chart.yaml @madchap (#4925)
- Bump drf-spectacular from 0.17.2 to 0.17.3 @dependabot (#4873)
- Bump sqlalchemy from 1.4.21 to 1.4.22 @dependabot (#4853)
- Upgrade celery to 5.1.2 @Homopatrol (#4917)
- Bump jszip from 3.6.0 to 3.7.1 in /components @dependabot (#4913)
- Bump google-auth from 1.33.0 to 1.34.0 @dependabot (#4882)
- Bump python-gitlab from 2.9.0 to 2.10.0 @dependabot (#4881)
- Bump bleach from 3.3.1 to 4.0.0 @dependabot (#4909)
- chore(deps): update rabbitmq docker tag from 3.8.19 to v3.9.1 (docker-compose.yml) @renovate (#4870)
- Bump debugpy from 1.3.0 to 1.4.1 @dependabot (#4864)
- chore(deps): update dependency postcss from 8.3.5 to v8.3.6 (docs/package.json) @renovate (#4849)
- chore(deps): update rabbitmq:3.8.19 docker digest from 3.8.19 to v3.8.19 (docker-compose.yml) @renovate (#4869)
- Bump nginx from
2c2dfbb
toe22b3ba
@dependabot (#4866) - chore(deps): update mysql docker tag from 5.7.34 to v5.7.35 (docker-compose.yml) @renovate (#4841)
- chore(deps): update styfle/cancel-workflow-action action from 0.9.0 to v0.9.1 (.github/workflows/cancel-outdated-workflow-runs.yml) @renovate (#4892)
- Bump google-auth-oauthlib from 0.4.4 to 0.4.5 @dependabot (#4893)
- Bump humanize from 3.10.0 to 3.11.0 @dependabot (#4901)
- Bump pdfmake from 0.2.0 to 0.2.2 in /components @dependabot (#4905)
- Remove setup.py from GHA @madchap (#4879)