Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.
Changes since 2.38.0
- Added instructions for using an external postgresql db with defectdoj⦠@zazathomas (#10859)
- Update AWS SecurityHub ASFF Parser to include Impact @testaccount90009 (#10984)
- Compare trivy results cluster_name with None @paraddise (#10992)
- π Add vulnerability Id to ssh-audit @manuel-sommer (#10979)
- Integration Tests: Check for exceptions at build time @Maffooch (#10789)
- Ruff: Add more PLW @kiblik (#10848)
- π fix AWSScurityHub EPSS Score #10956 @manuel-sommer (#10959)
- Parsers: Speciy lists rather than
dict.values()
@Maffooch (#10945) - New Parser: Qualys Hacker Guardian @Maffooch (#10937)
- fix(docker compose): Use 'docker compose' everywhere @kiblik (#10916)
- appcheck-severty-determination-fix Use v4, v3, v2 cvss vectors for severity @dogboat (#10918)
- Fix metrics aggregation @dogboat (#10917)
- Ruff: Add ruff PLR0915 @kiblik (#10893)
- Ruff: Add C90 @kiblik (#10892)
- [Helm] Fix typo in ingress netpol @C4tWithShell (#10898)
- Manage not defined metadata in mitigations and add assumptions comments @arivra (#10897)
- Fortify Parser: Fortification of the the FPR parsing @Maffooch (#10901)
- fix(ruff): conolidate RUF rules @kiblik (#10828)
- Fixed replica reference for celery worker in Kubernetes.MD @zazathomas (#10842)
- feat(unittests): Try to avoid assertTrue/False @kiblik (#10817)
- β¨ add epss for aqua parser #10849 @manuel-sommer (#10855)
- fix(edit-prod): Add assigned PT to queryset @kiblik (#10843)
π© Changes to settings.dist.py
/ local_settings.py
- π add Alma Linux link to vulns @manuel-sommer (#10972)
- User Password:Add toggle to require on creation @Maffooch (#10962)
- Hacker One Parer: Add support for Bug Bounty Program reports @Maffooch (#10939)
- β¨ implement krakend audit parser @manuel-sommer (#10924)
- add permission for gitlab. @Ma1tobiose (#10880)
- Wiz Parser: Ad SCA parser and fortify old format @Maffooch (#10905)
- Add support for Invicti parser through Netsparker @Maffooch (#10894)
- Notifications: Add support for webhooks @kiblik (#7311)
- fix: dojo.JIRAInstance.default_issue_type: (fields.E005) 'choices' @kiblik (#10864)
- Add new parser - Threat Composer @arivra (#10795)
- Add new parser - Legitify @damianpr (#10797)
π© Database migration
- Jira Push All ssues: Improve help text @Maffooch (#10996)
- Notifications: Add support for webhooks @kiblik (#7311)
- Dynamic Parsin: Add flag to indicate new test types @Maffooch (#10871)
π General features and enhancements
- Risk Exceptions: Add/Remove notes when finding is added/removed from risk exception @Maffooch (#10934)
- User: Make email required at all times, password required for new users @Maffooch (#10938)
π API features and enhancements
- Fix tag creation bug in FindingTemplateSerializer (letters instead of full tags) @StephanPillhofer (#10995)
- Ruff: Add and fix D2 @kiblik (#10844)
- User Password:Add toggle to require on creation @Maffooch (#10962)
- Prefetch: Disable on some viewsets due to payload size @Maffooch (#10961)
- Risk Exception: Add/Remove notes when finding is added/removed from risk exception @Maffooch (#10934)
- User: Make email required at all times, password required for new users @Maffooch (#10938)
- Prefetching: Add swagger docs for models already supporting prefetching @Maffooch (#10931)
- Prefetch Serialization: Add a preference during mapping @Maffooch (#10933)
- Ruff: add and fix RET @kiblik (#10111)
- JSON Parsing Erors: Make errors less verbose @Maffooch (#10891)
- Notifications: Add support for webhooks @kiblik (#7311)
- Dynamic Parsin: Add flag to indicate new test types @Maffooch (#10871)
- Ruff: Add and fix ISC001 @kiblik (#10847)
π Bug Fixes
- User Password: Add toggle to require on creation @Maffooch (#10962)
- Prefetch: Disable on some viewsets due to payload size @Maffooch (#10961)
- Semgrep Parser: Add new severities @Maffooch (#10936)
- Prefetching: Add swagger docs for models already supporting prefetching @Maffooch (#10931)
- Manage Images: Do not display thumbnail for PDF @Maffooch (#10932)
- Prefetch Serialization: Add a preference during mapping @Maffooch (#10933)
- Product API scan config: Display view scan configs button for all products @Maffooch (#10889)
- Reimport: Set Vulnerability ID from incoming finding @Maffooch (#10870)
π Updates in UI
- Branding Updat: Replace old logos with new logos @blakeaowens (#10969)
- Manage Images:Do not display thumbnail for PDF @Maffooch (#10932)
- Metrics findings tests @dogboat (#10930)
- Ruff: add and fix RET @kiblik (#10111)
- feat(members): List global role members in Prod and ProdType @kiblik (#10850)
- Product API scn config: Display view scan configs button for all products @Maffooch (#10889)
- Notifications: Add support for webhooks @kiblik (#7311)
- feat(ui): MakeProdType clickable (in Prod detail) @kiblik (#10840)
π§° Maintenance
- Bump boto3 from 1.35.32 to 1.35.33 @dependabot (#10997)
- Bump python-gitlab from 4.11.1 to 4.12.2 @dependabot (#10990)
- Bump boto3 from 1.35.31 to 1.35.32 @dependabot (#10994)
- Update Helm release postgresql from 15.5.38 to v16 (helm/defectdojo/Chart.yaml) @renovate (#10993)
- Bump vobject from 0.9.7 to 0.9.8 @dependabot (#10989)
- Bump json-log-formatter from 1.0 to 1.1 @dependabot (#10988)
- Bump cpe from 1.3.0 to 1.3.1 @dependabot (#10987)
- Bump boto3 from 1.35.30 to 1.35.31 @dependabot (#10986)
- Update busybox Docker tag from 1.36.1 to v1.37.0 (docker-compose.override.unit_tests_cicd.yml) @renovate (#10985)
- Bump boto3 from 1.35.29 to 1.35.30 @dependabot (#10980)
- Update manusa/actions-setup-minikube action from v2.11.0 to v2.12.0 (.github/workflows/k8s-tests.yml) @renovate (#10983)
- Update postgres:17.0-alpine Docker digest from 17.0 to 17.0-alpine (docker-compose.yml) @renovate (#10971)
- Bump redis from 5.0.8 to 5.1.0 @dependabot (#10974)
- Bump psycopg[c] from 3.2.2 to 3.2.3 @dependabot (#10975)
- Bump asteval from 1.0.4 to 1.0.5 @dependabot (#10976)
- Bump boto3 from 1.35.28 to 1.35.29 @dependabot (#10977)
- Update postgres Docker tag from 16.4 to v17 (docker-compose.yml) @renovate (#10966)
- Bump ruff from 0.6.7 to 0.6.8 @dependabot (#10967)
- Bump boto3 from 1.35.26 to 1.35.28 @dependabot (#10968)
- Bump boto3 from 1.35.24 to 1.35.26 @dependabot (#10958)
- Bump uwsgi from 2.0.26 to 2.0.27 @dependabot (#10954)
- Bump pdfmake from 0.2.12 to 0.2.13 in /components @dependabot (#10950)
- Bump ruff from 0.6.6 to 0.6.7 @dependabot (#10947)
- Bump boto3 from 1.35.23 to 1.35.24 @dependabot (#10946)
- GHA: Remove Docker Caches @Maffooch (#10928)
- GHA Release: Update settings SHA when creating PR from master @Maffooch (#10927)
- Bump boto3 from 1.35.22 to 1.35.23 @dependabot (#10941)
- Bump ruff from 0.6.5 to 0.6.6 @dependabot (#10942)
- Bump boto3 from 1.35.21 to 1.35.22 @dependabot (#10935)
- Bump boto3 from 1.35.20 to 1.35.21 @dependabot (#10929)
- Update mccutchen/go-httpbin Docker tag from v2.14.1 to v2.15.0 (docker-compose.override.unit_tests_cicd.yml) @renovate (#10923)
- Bump sqlalchemy from 2.0.34 to 2.0.35 @dependabot (#10925)
- Bump python-gitlab from 4.10.0 to 4.11.1 @dependabot (#10912)
- Bump boto3 from 1.35.19 to 1.35.20 @dependabot (#10922)
- Update dependency postcss from 8.4.45 to v8.4.47 (docs/package.json) @renovate (#10908)
- Bump boto3 from 1.35.18 to 1.35.19 @dependabot (#10914)
- Bump pyyaml from 6.0.1 to 6.0.2 @dependabot (#10913)
- Bump asteval from 1.0.3 to 1.0.4 @dependabot (#10911)
- Bump psycopg[c] from 3.2.1 to 3.2.2 @dependabot (#10910)
- Bump ruff from 0.6.4 to 0.6.5 @dependabot (#10909)
- chore(deps): update mccutchen/go-httpbin docker tag from v2.14.0 to v2.14.1 (docker-compose.override.unit_tests_cicd.yml) @renovate (#10907)
- Bump asteval from 1.0.2 to 1.0.3 @dependabot (#10903)
- Bump boto3 from 1.35.16 to 1.35.18 @dependabot (#10904)
- Bump pytz from 2024.1 to 2024.2 @dependabot (#10896)
- Bump boto3 from 1.35.15 to 1.35.16 @dependabot (#10895)
- Bump boto3 from 1.35.14 to 1.35.15 @dependabot (#10888)
- chore(deps): update redis:7.2.5-alpine docker digest from 7.2.5 to v (docker-compose.yml) @renovate (#10878)
- chore(deps): update postgres:16.4-alpine docker digest from 16.4 to 16.4-alpine (docker-compose.yml) @renovate (#10877)
- Bump boto3 from 1.35.13 to 1.35.14 @dependabot (#10881)
- Bump cvss from 3.1 to 3.2 @dependabot (#10882)
- Bump vulners from 2.2.0 to 2.2.1 @dependabot (#10875)
- Bump ruff from 0.6.3 to 0.6.4 @dependabot (#10874)
- Bump boto3 from 1.35.12 to 1.35.13 @dependabot (#10873)
- Bump sqlalchemy from 2.0.33 to 2.0.34 @dependabot (#10868)
- Bump boto3 from 1.35.11 to 1.35.12 @dependabot (#10867)
- Bump jquery-ui from 1.13.3 to 1.14.0 in /components @dependabot (#10684)
- Bump django-tagulous from 1.3.3 to 2.1.0 @dependabot (#10821)
- chore(deps): update dependency postcss from 8.4.44 to v8.4.45 (docs/package.json) @renovate (#10860)
- Bump sqlalchemy from 2.0.32 to 2.0.33 @dependabot (#10861)
- Bump cryptography from 43.0.0 to 43.0.1 @dependabot (#10862)
- Bump boto3 from 1.35.10 to 1.35.11 @dependabot (#10863)
- Bump cryptography from 43.0.0 to 43.0.1 @dependabot (#10858)
- Bump boto3 from 1.35.9 to 1.35.10 @dependabot (#10841)
- chore(deps): update dependency postcss from 8.4.41 to v8.4.44 (docs/package.json) @renovate (#10834)