DefectDojo/django-DefectDojo 2.21.0

2.21.0 🌈

on GitHub

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.20.0

• Specify the endpoints that are specific to the Swagger Schema @Maffooch (#7865)
• Dependency track parser does not set false positive findings to inact… @coheigea (#7872)
• Adding/Simplify Assign Issue for Cloud/Premises @Roooodie (#7836)
• Release: Merge back 2.20.2 into dev from: master-into-bugfix/2.20.2-2.21.0-dev @github-actions (#7852)
• Entrypoints permissions fix @WojTecH94 (#7830)
• Update how-to-write-a-parser.md @devGregA (#7840)
• Update path to tests in CONTRIBUTING.md @italvi (#7832)
• Docs update master @devGregA (#7837)
• Qualys minor fix @37b (#7810)
• Allow pushing to JIRA and specifying the JIRA URL from the finding gr… @coheigea (#7820)
• Remove numpy @shipko (#7812)
• Release: Merge back 2.20.1 into dev from: master-into-bugfix/2.20.1-2.21.0-dev @github-actions (#7807)
• Fix product findings report @Maffooch (#7805)
• requirements: set 'jira' module to 3.5.0 which includes Jira 9 support @pna-nca (#7803)
• Release: Merge back 2.20.0 into dev from: master-into-dev/2.20.0-2.21.0-dev @github-actions (#7769)
• Release: Merge back 2.20.0 into dev from: master-into-bugfix/2.20.0-2.21.0-dev @github-actions (#7768)

🚩 Changes to settings.dist.py / local_settings.py

• Release: Merge release into master from: release/2.21.0 @github-actions (#7928)
• add parser for trivy-operator reports @bgoareguer (#7868)
• Add parser for AWS Security Finding Format (ASFF) @damiencarol (#7838)
• drf-spectacular : Load resources from static path @kiblik (#7787)
• Release: Merge back 2.20.1 into dev from: master-into-dev/2.20.1-2.21.0-dev @github-actions (#7808)
• Release: Merge release into master from: release/2.20.1 @github-actions (#7806)
• Add link to finding group from inside finding @coheigea (#7797)
• Fix tuple issue on DD_JIRA_EXTRA_ISSUE_TYPES @Gby56 (#7775)

🚩 Database migration

• Release: Merge release into master from: release/2.21.0 @github-actions (#7928)
• Remove Rules Framework and Google Sheets Integration @Maffooch (#7889)
• Add exponential backoff strategy for SLA notifications @coheigea (#7844)
• Release: Merge back 2.20.2 into dev from: master-into-dev/2.20.2-2.21.0-dev @github-actions (#7853)
• Release: Merge release into master from: release/2.20.2 @github-actions (#7851)
• Fix code warnings about logger.warn @coheigea (#7822)

🚀 API features and enhancements

• Release: Merge back 2.20.2 into dev from: master-into-dev/2.20.2-2.21.0-dev @github-actions (#7853)
• Release: Merge release into master from: release/2.20.2 @github-actions (#7851)
• Removing redundant information from Veracode SCA description @coheigea (#7823)
• Release: Merge back 2.20.1 into dev from: master-into-dev/2.20.1-2.21.0-dev @github-actions (#7808)
• Release: Merge release into master from: release/2.20.1 @github-actions (#7806)
• Add link to finding group from inside finding @coheigea (#7797)
• Improve Risk Acceptance api endpoint @Maffooch (#7770)
• Add extra path in Engagement endpoint for checklists @Maffooch (#7771)

🖌 Updates in UI

• Release: Merge release into master from: release/2.21.0 @github-actions (#7928)
• Merge bugfix into dev @Maffooch (#7927)
• Remove Rules Framework and Google Sheets Integration @Maffooch (#7889)
• Release: Merge back 2.20.3 into dev from: master-into-dev/2.20.3-2.21.0-dev @github-actions (#7893)
• Release: Merge release into master from: release/2.20.3 @github-actions (#7890)
• Fix menu items disappearing on error pages @blakeaowens (#7879)
• Remove BootSwatch dependency @blakeaowens (#7880)
• Benchmark v2 @shipko (#7695)
• Remove CSRF Token from merge findings request @Maffooch (#7866)
• fixing datatable column count @Roooodie (#7839)
• Release: Merge back 2.20.2 into dev from: master-into-dev/2.20.2-2.21.0-dev @github-actions (#7853)
• Release: Merge release into master from: release/2.20.2 @github-actions (#7851)
• updates footer @devGregA (#7841)
• Release: Merge back 2.20.1 into dev from: master-into-dev/2.20.1-2.21.0-dev @github-actions (#7808)
• Release: Merge release into master from: release/2.20.1 @github-actions (#7806)
• Add link to finding group from inside finding @coheigea (#7797)
• Updated Bootstrap, BootSwatch, and jQuery UI Components @blakeaowens (#7795)
• Updated Bootstrap, BootSwatch, and jQuery UI Components @blakeaowens (#7785)

🗣 Updates in localization

• Release: Merge release into master from: release/2.21.0 @github-actions (#7928)
• Remove Rules Framework and Google Sheets Integration @Maffooch (#7889)

🧰 Maintenance

• Bump boto3 from 1.26.102 to 1.26.103 @dependabot (#7918)
• Bump social-auth-app-django from 5.0.0 to 5.2.0 @dependabot (#7919)
• Bump fontawesomefree from 6.3.0 to 6.4.0 @dependabot (#7898)
• Bump pytz from 2023.2 to 2023.3 @dependabot (#7905)
• Bump redis from 4.5.3 to 4.5.4 @dependabot (#7913)
• Bump social-auth-core from 4.3.0 to 4.4.1 @dependabot (#7912)
• chore(deps): update postgres:15.2-alpine docker digest from 15.2 to 15.2-alpine (docker-compose.yml) @renovate (#7910)
• Bump boto3 from 1.26.100 to 1.26.102 @dependabot (#7911)
• chore(deps): update redis:7.0.10-alpine docker digest from 7.0.10 to 7.0.10-alpine (docker-compose.yml) @renovate (#7909)
• Bump google-api-python-client from 2.82.0 to 2.83.0 @dependabot (#7904)
• Update rabbitmq:3.11.11-alpine Docker digest from 3.11.11 to 3.11.11-alpine (docker-compose.yml) @renovate (#7900)
• Bump boto3 from 1.26.99 to 1.26.100 @dependabot (#7899)
• Bump packageurl-python from 0.10.4 to 0.11.1 @dependabot (#7883)
• Bump django-filter from 21.1 to 23.1 @dependabot (#7887)
• Bump boto3 from 1.26.98 to 1.26.99 @dependabot (#7884)
• Bump pytz from 2022.7.1 to 2023.2 @dependabot (#7885)
• Bump cryptography from 40.0.0 to 40.0.1 @dependabot (#7886)
• chore(deps): update helm/chart-testing-action action from v2.3.1 to v2.4.0 (.github/workflows/test-helm-chart.yml) @renovate (#7877)
• Bump cryptography from 39.0.2 to 40.0.0 @dependabot (#7873)
• Bump markdown from 3.4.2 to 3.4.3 @dependabot (#7874)
• Bump google-auth from 2.16.2 to 2.16.3 @dependabot (#7875)
• Bump boto3 from 1.26.97 to 1.26.98 @dependabot (#7876)
• Bump redis from 4.5.2 to 4.5.3 @dependabot (#7871)
• chore(deps): update rabbitmq docker tag from 3.11.10 to v3.11.11 (docker-compose.yml) @renovate (#7856)
• Bump markdown from 3.4.1 to 3.4.2 @dependabot (#7869)
• Bump boto3 from 1.26.96 to 1.26.97 @dependabot (#7870)
• chore(deps): update postgres:15.2-alpine docker digest from 15.2 to 15.2-alpine (docker-compose.yml) @renovate (#7854)
• chore(deps): update rabbitmq:3.11.10-alpine docker digest from 3.11.10 to v (docker-compose.yml) @renovate (#7855)
• chore(deps): update redis docker tag from 7.0.9 to v7.0.10 (docker-compose.yml) @renovate (#7857)
• Bump boto3 from 1.26.94 to 1.26.96 @dependabot (#7861)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.33.4 to v1.33.5 (helm/defectdojo/values.yaml) @renovate (#7864)
• Bump google-api-python-client from 2.81.0 to 2.82.0 @dependabot (#7862)
• Bump redis from 4.5.1 to 4.5.2 @dependabot (#7845)
• Bump pygithub from 1.58.0 to 1.58.1 @dependabot (#7846)
• Bump drf-spectacular from 0.26.0 to 0.26.1 @dependabot (#7848)
• Bump boto3 from 1.26.93 to 1.26.94 @dependabot (#7849)
• Bump boto3 from 1.26.92 to 1.26.93 @dependabot (#7834)
• Bump coverage from 7.2.1 to 7.2.2 @dependabot (#7833)
• Bump boto3 from 1.26.91 to 1.26.92 @dependabot (#7827)
• Bump boto3 from 1.26.90 to 1.26.91 @dependabot (#7821)
• Bump json-log-formatter from 0.5.1 to 0.5.2 @dependabot (#7815)
• Bump google-api-python-client from 2.80.0 to 2.81.0 @dependabot (#7817)
• Bump boto3 from 1.26.89 to 1.26.90 @dependabot (#7816)
• chore(deps): update redis:7.0.9-alpine docker digest from 7.0.9 to 7.0.9-alpine (docker-compose.yml) @renovate (#7811)
• Bump boto3 from 1.26.88 to 1.26.89 @dependabot (#7799)
• Bump django-celery-results from 2.4.0 to 2.5.0 @dependabot (#7801)
• Bump openpyxl from 3.1.1 to 3.1.2 @dependabot (#7798)
• Bump datatables.net-buttons-dt from 2.3.5 to 2.3.6 in /components @dependabot (#7793)
• Bump datatables.net-buttons-bs from 2.3.5 to 2.3.6 in /components @dependabot (#7792)
• chore(deps): update dependency autoprefixer from 10.4.13 to v10.4.14 (docs/package.json) @renovate (#7786)
• Bump datatables.net from 1.13.3 to 1.13.4 in /components @dependabot (#7788)
• Bump datatables.net-dt from 1.13.3 to 1.13.4 in /components @dependabot (#7790)
• Bump boto3 from 1.26.87 to 1.26.88 @dependabot (#7789)
• chore(deps): update mysql:5.7.41 docker digest from 5.7.41 to v (docker-compose.yml) @renovate (#7776)
• chore(deps): update rabbitmq:3.11.10-alpine docker digest from 3.11.10 to 3.11.10-alpine (docker-compose.yml) @renovate (#7778)
• Bump boto3 from 1.26.86 to 1.26.87 @dependabot (#7781)
• Bump jquery from 3.6.3 to 3.6.4 in /components @dependabot (#7782)
• Bump boto3 from 1.26.85 to 1.26.86 @dependabot (#7774)
• Bump boto3 from 1.26.84 to 1.26.85 @dependabot (#7772)