DefectDojo/django-DefectDojo 2.22.0

2.22.0 🌈

on GitHub

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.21.0

• Merge Bugfix into Dev @Maffooch (#8037)
• Update sarif parser.py fit for android lint @Ma1tobiose (#8017)
• Feature freeze clarification @cneill (#7932)
• Release: Merge back 2.21.1 into dev from: master-into-bugfix/2.21.1-2.22.0-dev @github-actions (#7981)
• bugfix - Add support for current close old findings behavior to UI @sarahgibs (#7964)
• Fix processing of test/eng fields during re-import @kiblik (#7955)
• add license parser to trivy scan @abheeshtan (#7624)
• Add parser for Talisman @iamnihal (#7933)
• Update detect_secrets parser and include FP findings in importer @adrianasantex (#7915)
• UnitTest: Are all models defined in AdminSite? @kiblik (#7731)
• feat: fix jira errors handling @kokhanevych-macpaw (#7895)
• Azure-groups: raise error on broken request @kiblik (#7896)
• Release: Merge back 2.21.0 into dev from: master-into-dev/2.21.0-2.22.0-dev @github-actions (#7929)

🚩 Changes to settings.dist.py / local_settings.py

• Release: Merge release into master from: release/2.22.0 @github-actions (#8038)
• 🎉 New parser: Wazuh #7683 @manuel-sommer (#7684)
• Fix wide grants for gitlab auth @shipko (#7960)
• Release: Merge back 2.21.0 into dev from: master-into-bugfix/2.21.0-2.22.0-dev @github-actions (#7930)

🚩 Database migration

• Release: Merge release into master from: release/2.22.0 @github-actions (#8038)
• Add the ability to disable SLA notifications on a product basis @coheigea (#7882)
• Release: Merge back 2.21.0 into dev from: master-into-bugfix/2.21.0-2.22.0-dev @github-actions (#7930)

🚀 API features and enhancements

• Release: Merge back 2.21.1 into dev from: master-into-dev/2.21.1-2.22.0-dev @github-actions (#7980)
• Release: Merge release into master from: release/2.21.1 @github-actions (#7979)
• Update DRF Filtersets fields to lists rather than tuples @Maffooch (#7958)

🐛 Bug Fixes

• Strip spaces from tags before pushing to jira @Maffooch (#7996)
• Finding List Fixes + Finding Template Permission Fixes @Maffooch (#7997)

🖌 Updates in UI

• Release: Merge back 2.21.2 into dev from: master-into-dev/2.21.2-2.22.0-dev @github-actions (#8009)
• Release: Merge release into master from: release/2.21.2 @github-actions (#8006)
• Finding List Fixes + Finding Template Permission Fixes @Maffooch (#7997)
• Release: Merge back 2.21.1 into dev from: master-into-dev/2.21.1-2.22.0-dev @github-actions (#7980)
• Release: Merge release into master from: release/2.21.1 @github-actions (#7979)
• msteams notifications template fix @frost9i (#7962)
• Remove MySQL incompatibility from template tags (benchmarks) @Maffooch (#7959)
• Release: Merge back 2.21.0 into dev from: master-into-bugfix/2.21.0-2.22.0-dev @github-actions (#7930)

🗣 Updates in localization

• Release: Merge back 2.21.0 into dev from: master-into-bugfix/2.21.0-2.22.0-dev @github-actions (#7930)

🧰 Maintenance

• Update rabbitmq Docker tag from 3.11.13 to v3.11.14 (docker-compose.yml) @renovate (#8024)
• Bump coverage from 7.2.3 to 7.2.4 @dependabot (#8026)
• Bump boto3 from 1.26.121 to 1.26.122 @dependabot (#8027)
• Bump boto3 from 1.26.118 to 1.26.121 @dependabot (#8019)
• Bump requests from 2.28.2 to 2.29.0 @dependabot (#8018)
• Bump yaml from 2.1.1 to 2.2.2 in /docs @dependabot (#8007)
• Bump boto3 from 1.26.117 to 1.26.118 @dependabot (#8003)
• Bump social-auth-core from 4.4.1 to 4.4.2 @dependabot (#8005)
• Bump boto3 from 1.26.116 to 1.26.117 @dependabot (#8000)
• Update dependency postcss from 8.4.22 to v8.4.23 (docs/package.json) @renovate (#7990)
• Bump boto3 from 1.26.115 to 1.26.116 @dependabot (#7993)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.5 to v1.33.6 (helm/defectdojo/values.yaml) @renovate (#7985)
• Update redis Docker tag from 7.0.10 to v7.0.11 (docker-compose.yml) @renovate (#7982)
• Update mysql Docker tag from 5.7.41 to v5.7.42 (docker-compose.yml) @renovate (#7983)
• Bump boto3 from 1.26.114 to 1.26.115 @dependabot (#7984)
• Bump cryptography from 40.0.1 to 40.0.2 @dependabot (#7972)
• Update dependency postcss from 8.4.21 to v8.4.22 (docs/package.json) @renovate (#7975)
• Bump drf-spectacular from 0.26.1 to 0.26.2 @dependabot (#7976)
• Bump python from 0ba61d0 to 0ba61d0 @dependabot (#7977)
• Bump boto3 from 1.26.111 to 1.26.114 @dependabot (#7978)
• Bump boto3 from 1.26.110 to 1.26.111 @dependabot (#7963)
• Bump python-gitlab from 3.13.0 to 3.14.0 @dependabot (#7956)
• Bump boto3 from 1.26.106 to 1.26.110 @dependabot (#7957)
• Bump python from 3.11.1-alpine3.16 to 3.11.3-alpine3.16 @dependabot (#7953)
• Bump nginx from c94a22b to dd2a917 @dependabot (#7952)
• Bump django-debug-toolbar from 3.8.1 to 4.0.0 @dependabot (#7938)
• Bump djangosaml2 from 1.5.5 to 1.5.6 @dependabot (#7943)
• Bump debugpy from 1.6.6 to 1.6.7 @dependabot (#7944)
• Update rabbitmq:3.11.13-alpine Docker digest from 3.11.13 to 3.11.13-alpine (docker-compose.yml) @renovate (#7945)
• Update postgres:15.2-alpine Docker digest from 15.2 to 15.2-alpine (docker-compose.yml) @renovate (#7948)
• Update redis:7.0.10-alpine Docker digest from 7.0.10 to 7.0.10-alpine (docker-compose.yml) @renovate (#7949)
• Bump coverage from 7.2.2 to 7.2.3 @dependabot (#7947)
• Bump boto3 from 1.26.105 to 1.26.106 @dependabot (#7939)
• Update rabbitmq Docker tag from 3.11.11 to v3.11.13 (docker-compose.yml) @renovate (#7935)
• Bump boto3 from 1.26.104 to 1.26.105 @dependabot (#7937)
• Bump nginx from 1.23.3-alpine to 1.23.4-alpine @dependabot (#7922)
• Bump pillow from 9.4.0 to 9.5.0 @dependabot (#7925)