Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.
Changes since 2.29.0
- Trivy: Improve package path parsing behavior @manuel-sommer (#9235)
- Drop DEV branch from release-drafter @kiblik (#9230)
- 🐛 fix error 500 for ssh-audit @manuel-sommer (#9228)
- fix typos in importing documentation @manuel-sommer (#9093)
- Trivy: Add k8 cluster resource objects @manuel-sommer (#9215)
- Use port names in Helm chart @sebastien-prudhomme (#9190)
- Fix DeprecationWarnings @kiblik (#9113)
- 🐛 fix issue #9201 @manuel-sommer (#9202)
- 🐛 fix mobsf parser #9132 @manuel-sommer (#9139)
- add component to blackduckimporter #9145 @manuel-sommer (#9148)
- 🐛 Handle when Burp Rest API Json file contains binary @manuel-sommer (#9131)
- 🐛 fix trivy parser cvss score severity discrepance #9092 @manuel-sommer (#9114)
- Django Admin pages for editing Notifications @tomaszn (#9193)
- 🎉 added component_name to AWSSecurityHub @manuel-sommer (#9161)
- Revert "Fix for vulns not included in host/endpoint views after reopening" @Maffooch (#9181)
- Docs: "Create upgrade notes to documentation" only once @kiblik (#9146)
- Add OpenAPI Specification to Release Assets @kiblik (#9054)
- Fix for vulns not included in host/endpoint views after reopening @WojTecH94 (#9077)
- Clean dojo.settings imports @kiblik (#9031)
- Debug: Avoid useless error in logs @kiblik (#9058)
- [ENHANCEMENT] Allow filtering Products and Engagements on unset properties @tomaszn (#9079)
- Store CVSS score and vector in Whitesource imports @twwd (#9019)
- [ED-308] Modify api_client to import all vulnerabilities when no asset IDs given and update documentation. @Dylan-OB (#8859)
- add unittest for .read() and utf-8 #9024 @manuel-sommer (#9026)
- Update helper.py to fix #8785 @devsecopsale (#8786)
- README typo @kiblik (#9091)
- Shellcheck workflow @cneill (#9119)
- Updated actions/labeler version, labeler.yml format @cneill (#9126)
- Revert Docker Compose version guidance @cneill (#9125)
- Correct SLA filter for Finding API @Maffooch (#9101)
🚩 Changes to settings.dist.py
/ local_settings.py
- 🐛 fix typo for MSDefender in settings.dist.py @manuel-sommer (#9249)
- Parser - Black Duck Binary Analysis @ninp0 (#9163)
- 🎉 implement ms defender parser #8908 @manuel-sommer (#9232)
- 🎉 remove unnecessary unique_id_from_tool in settings.dist.py @manuel-sommer (#9188)
- 🐛 fix dependencytrack deduplication @manuel-sommer (#9117)
- API: replace local swagger (drf-yasg -> sidecar) @kiblik (#9118)
- Parser - PWN_SAST Duplication Detection Change @ninp0 (#9185)
- Fix incorrect implementation of auditlog managment @kiblik (#9002)
- Trufflehog deduplication fix @Demaz93 (#9047)
🚩 Database migration
- 🐛 fix component_name max_length for ProwlerV3 #9221 @manuel-sommer (#9222)
- Fix incorrect implementation of auditlog managment @kiblik (#9002)
🚀 API features and enhancements
- API: drop unusable PATCHes from schema @kiblik (#9059)
- API: Use more readable ViewSets @kiblik (#9060)
🐛 Bug Fixes
🖌 Updates in UI
🧰 Maintenance
- Pinning of django versions into a helm release @dsever (#9160)
- Bump nginx from
3923f8d
toa59278f
@dependabot (#9217) - Bump openapitools/openapi-generator-cli from v7.1.0 to v7.2.0 @dependabot (#9218)
- Update rabbitmq Docker tag from 3.12.10 to v3.12.11 (docker-compose.yml) @renovate (#9233)
- Bump python-gitlab from 4.2.0 to 4.3.0 @dependabot (#9236)
- Bump djangosaml2 from 1.8.0 to 1.9.0 @dependabot (#9238)
- Bump coverage from 7.3.4 to 7.4.0 @dependabot (#9239)
- Bump boto3 from 1.34.8 to 1.34.9 @dependabot (#9237)
- Bump boto3 from 1.34.6 to 1.34.8 @dependabot (#9229)
- Bump boto3 from 1.34.5 to 1.34.6 @dependabot (#9212)
- Bump boto3 from 1.34.4 to 1.34.5 @dependabot (#9206)
- Bump coverage from 7.3.3 to 7.3.4 @dependabot (#9207)
- Bump boto3 from 1.34.3 to 1.34.4 @dependabot (#9197)
- Bump lxml from 4.9.3 to 4.9.4 @dependabot (#9198)
- Update rabbitmq:3.12.10-alpine Docker digest from 3.12.10 to 3.12.10-alpine (docker-compose.yml) @renovate (#9176)
- Update redis:7.2.3-alpine Docker digest from 7.2.3 to 7.2.3-alpine (docker-compose.yml) @renovate (#9177)
- Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9178)
- Bump boto3 from 1.34.1 to 1.34.3 @dependabot (#9191)
- Update mysql:5.7.44 Docker digest from 5.7.44 to v (docker-compose.yml) @renovate (#9171)
- Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9172)
- Bump boto3 from 1.34.0 to 1.34.1 @dependabot (#9174)
- Bump boto3 from 1.33.13 to 1.34.0 @dependabot (#9167)
- Bump coverage from 7.3.2 to 7.3.3 @dependabot (#9168)
- Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9156)
- Update rabbitmq:3.12.10-alpine Docker digest from 3.12.10 to 3.12.10-alpine (docker-compose.yml) @renovate (#9157)
- Bump boto3 from 1.33.12 to 1.33.13 @dependabot (#9158)
- Bump packageurl-python from 0.13.0 to 0.13.1 @dependabot (#9159)
- Bump drf-spectacular from 0.26.5 to 0.27.0 @dependabot (#9149)
- Bump boto3 from 1.33.11 to 1.33.12 @dependabot (#9150)
- Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9137)
- Update redis:7.2.3-alpine Docker digest from 7.2.3 to 7.2.3-alpine (docker-compose.yml) @renovate (#9138)
- Bump boto3 from 1.33.10 to 1.33.11 @dependabot (#9140)
- Bump packageurl-python from 0.12.0 to 0.13.0 @dependabot (#9141)
- Update actions/setup-python action from v4 to v5 (.github/workflows/test-helm-chart.yml) @renovate (#9121)
- Update nginx/nginx-prometheus-exporter Docker tag from 0.11.0 to v1 (helm/defectdojo/values.yaml) @renovate (#9124)
- Bump packageurl-python from 0.11.2 to 0.12.0 @dependabot (#9134)
- Bump boto3 from 1.33.7 to 1.33.10 @dependabot (#9135)
- Bump django-filter from 23.4 to 23.5 @dependabot (#9111)
- Bump boto3 from 1.33.6 to 1.33.7 @dependabot (#9110)
- Update dependency postcss from 8.4.31 to v8.4.32 (docs/package.json) @renovate (#9090)
- Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.14 to v1.33.15 (helm/defectdojo/values.yaml) @renovate (#9104)
- Bump boto3 from 1.33.5 to 1.33.6 @dependabot (#9095)
- Bump nginx from
db353d0
to3923f8d
@dependabot (#9094)