Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.
Changes since 2.37.0
- Bugfix -> Dev: Release 2.38.0 @Maffooch (#10851)
- fix(helm): Longer wait for DB @kiblik (#10818)
- feat(unittest): Not avoid PLW1514 @kiblik (#10812)
- Ruff: Add and fix ARG003,4,5 @kiblik (#10702)
- Ruff: Add and fix TCH @kiblik (#10700)
- 🐛 fix npm audit v7+, issue #10801 @manuel-sommer (#10813)
- fixes reimporter to ensure that risk accepted findings do not get mitigated @lme-nca (#9050)
- Improved naming of discovered findings filter and add same for mitigated @quirinziessler (#10429)
- Checkmarx one SCA parser fix @adamtimmins (#10770)
- Add AWS ARN for the specific offending Resource into the Description of the ASFF parser @testaccount90009 (#10761)
- Fixed extraEnv in Chart Values after upgrade @DevSecOps-Isotrol (#10731)
- Appcheck null byte fix @dogboat (#10804)
- Finding hash/dedupe changes @dogboat (#10386)
- Pinning Chrome version @cneill (#10805)
- #10732 Prowler v4 importer ignores muted findings @ivan-morhun (#10750)
- upd: [helm] resource optimization @Bagautdino (#10768)
- restore relative date filter for findings @hblankenship (#10760)
- feat(helm): Use
--waitduring tests @kiblik (#10744) - fix(helm): Break circular dependency @kiblik (#10740)
- Ruff: Add and fix PLW15 @kiblik (#10706)
- if severity not enforced do not notify @hblankenship (#10776)
- OS Docs - Add accurate password for DefectDojo demo site @paulOsinski (#10759)
- No Docker build checks in GHA @cneill (#10747)
- Ruff: Add and fix RUF1,2 @kiblik (#10709)
- Ruff: Add and fix RUF013 @kiblik (#10711)
- Ruff: Add and fix RUF019 @kiblik (#10716)
- Ruff: Add and fix RUF025 @kiblik (#10717)
- Ruff: Add and fix A004 @kiblik (#10697)
- Ruff: Add and fix G001 and G002 @kiblik (#10698)
- Ruff: Add and fix INT @kiblik (#10701)
- Ruff: Add and fix PLE @kiblik (#10705)
- 🐛 fix nmap parser, add script output #10456 @manuel-sommer (#10739)
- Ruff: Solve F821 @kiblik (#9751)
- Ruff: Add and fix D3 @kiblik (#10083)
- fix(k8s): run k8s test on the latest version of k8s and minikube @kiblik (#10737)
- fix(helm): Add port support to ingress netpol @C4tWithShell (#10689)
- fix aqua parser #10585 @manuel-sommer (#10725)
- helm: helm chart enhancements @mikesindieiev (#10612)
- Ruff: Add some harmless rules @kiblik (#10718)
- fix(helm): Remove leftover from debugging (db-migration-checker) @kiblik (#10683)
- fix(docs): Typo in "Release Notes" link @kiblik (#10682)
🚩 Changes to settings.dist.py / local_settings.py
- feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)
- Ruff: Add and fix RUF005 @kiblik (#10714)
- Ruff: add and fix FBT001 & FBT003 @kiblik (#10085)
- Ruff: Add and fix FURB @kiblik (#10708)
- Ruff: Add and fix some TD rules @kiblik (#10704)
- Appcheck web application scanner parser @dogboat (#10723)
- feat(django): Upgrade to 5.0 @kiblik (#10409)
🚩 Security
🚀 API features and enhancements
- Ruff: Add and fix RUF005 @kiblik (#10714)
- Ruff: Add and fix FURB @kiblik (#10708)
- Ruff: Add and fix some TD rules @kiblik (#10704)
- Ruff: Add and fix RUF001,2,3 @kiblik (#10710)
🐛 Bug Fixes
🖌 Updates in UI
- feat(api-token): Add ability to use API tokens but not disable "api-token-auth" @kiblik (#10786)
- fix(ruff): Findings from upgrade to 0.6.1 @kiblik (#10775)
- Ruff: Add and fix RUF021 @kiblik (#10715)
- Inline finding images on reports @dogboat (#10738)
- Ruff: Add and fix FURB @kiblik (#10708)
- Ruff: Add and fix RUF001,2,3 @kiblik (#10710)
- Add anonymous questionnaire to engagement @dogboat (#10734)
🗣 Updates in localization
🧰 Maintenance
- Bump ruff from 0.6.2 to 0.6.3 @dependabot (#10830)
- Bump boto3 from 1.35.8 to 1.35.9 @dependabot (#10831)
- Bump python-gitlab from 4.9.0 to 4.10.0 @dependabot (#10822)
- Bump boto3 from 1.35.6 to 1.35.8 @dependabot (#10826)
- Bump django-dbbackup from 4.1.0 to 4.2.1 @dependabot (#10807)
- Bump boto3 from 1.35.2 to 1.35.6 @dependabot (#10816)
- Bump ruff from 0.6.1 to 0.6.2 @dependabot (#10800)
- Remove DebugPy @Maffooch (#10692)
- Bump boto3 from 1.35.0 to 1.35.2 @dependabot (#10794)
- Bump openapitools/openapi-generator-cli from v7.7.0 to v7.8.0 @dependabot (#10781)
- Bump boto3 from 1.34.162 to 1.35.0 @dependabot (#10780)
- Bump markdown from 3.6 to 3.7 @dependabot (#10779)
- Bump boto3 from 1.34.161 to 1.34.162 @dependabot (#10771)
- Bump boto3 from 1.34.160 to 1.34.161 @dependabot (#10764)
- Bump pdfmake from 0.2.11 to 0.2.12 in /components @dependabot (#10766)
- Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.36.0 to v1.37.0 (helm/defectdojo/values.yaml) @renovate (#10762)
- Bump boto3 from 1.34.159 to 1.34.160 @dependabot (#10756)
- Bump cpe from 1.2.1 to 1.3.0 @dependabot (#10751)
- Bump boto3 from 1.34.158 to 1.34.159 @dependabot (#10752)
- Bump lxml from 5.2.2 to 5.3.0 @dependabot (#10742)
- Bump boto3 from 1.34.157 to 1.34.158 @dependabot (#10741)
- chore(deps): update postgres docker tag from 16.3 to v16.4 (docker-compose.yml) @renovate (#10724)
- Bump pdfmake from 0.2.10 to 0.2.11 in /components @dependabot (#10728)
- Bump boto3 from 1.34.156 to 1.34.157 @dependabot (#10729)
- Bump ruff from 0.5.6 to 0.5.7 @dependabot (#10730)
- Bump boto3 from 1.34.155 to 1.34.156 @dependabot (#10720)
- Rest Framework: Remove Parallel + Shuffle @Maffooch (#10696)
- Bump boto3 from 1.34.154 to 1.34.155 @dependabot (#10695)
- chore(deps): update dependency postcss from 8.4.40 to v8.4.41 (docs/package.json) @renovate (#10681)
- Bump boto3 from 1.34.153 to 1.34.154 @dependabot (#10687)
- Bump python-gitlab from 4.8.0 to 4.9.0 @dependabot (#10685)
- Bump sqlalchemy from 2.0.31 to 2.0.32 @dependabot (#10688)
- Bump ruff from 0.5.5 to 0.5.6 @dependabot (#10676)