DefectDojo/django-DefectDojo 2.43.0

2.43.0 🌈

on GitHub

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.42.0

• Rename DD-Architecture.png to dd-architecture.png @paulOsinski (#11704)
• Docs Updates: CLI Tools / misc @paulOsinski (#11691)
• Edit defectdojo.com/pricing link @paulOsinski (#11678)
• feat(helm-local_settings): Add option to add local_settings.py @kiblik (#10803)
• Jira Epic Mapping: Support for the removal of Epic Name custom fields @Maffooch (#11690)
• feat(bash-script): Drop all dc- scripts @kiblik (#11649)
• feat(GHA): Pin azure/setup-helm @kiblik (#11493)
• Remove makemigrations from scripts @valentijnscholten (#11638)
• Changelog update 2.42.3 + fix docs image refs @paulOsinski (#11679)
• Ruff: Add already corrected rules @kiblik (#11648)
• AnchoreCTL_Vulns parser: removes URL and corrects mapping if no fix for mitigation field @maxi-bee (#11623)
• fix: Cleanup of old files and notes @kiblik (#11628)
• fix(webhook notif): Reorg docs, add 'ping' @kiblik (#11631)
• Fix to bump ruff to 0.9.3 @manuel-sommer (#11451)
• 🎉 advance NoseyParker to support version 0.22.0 @manuel-sommer (#11565)
• RustyHog: improve description and file_path @valentijnscholten (#11433)
• January wk 3/4 docs maintenance @paulOsinski (#11632)
• Fix Webhook notification test @cneill (#11629)
• Mend SCA Parser update @testaccount90009 (#11395)
• Wiz parser: Import findings regardless of status @valentijnscholten (#11585)
• Fixing openvas parser and including script_id for openvas and nmap @LeoOMaia (#11454)
• Log hashcode config not found @valentijnscholten (#11584)
• Reimport Legacy Reimport: Bump logging from debug to warning @Maffooch (#11566)
• Ruff: Fix DJ012 @kiblik (#11543)
• Add GHA updater for keep sample data at a reasonable date @Maffooch (#11593)
• Readme docs - followup PR @paulOsinski (#11525)
• Add Valentijn to dryrun exempt list @Maffooch (#11617)
• Pro Release Notes 2.42.2 @paulOsinski (#11611)
• Request Review does not apply RBAC in an expected way @hblankenship (#11545)
• fix(doc): Fix order for upgrade notes @kiblik (#11573)
• Mitigated On/Before/After now use DateTimeFilter @hblankenship (#11472)
• Adding annotations to different resources @veneber (#11467)
• Docs updates and QA - Jan 2025 @paulOsinski (#11568)
• Async Delete: Race condition bolstering @Maffooch (#11549)
• Handling "requires login" in "fingerprint" and "lines" fields of Semgrep JSON Report (issue #11480) @farsheedify (#11495)
• Add imageTags to AWS SecurityHub and Inspector2 parsers @hblankenship (#11517)
• Ruff: Fix RUF052 @kiblik (#11499)
• Adding range filters for EPSS @hblankenship (#11469)
• extract first boot portion of script @hblankenship (#11468)
• including test for Finding in xml parser @LeoOMaia (#11464)
• Kubescape: Reduce the size of steps to reproduce @maxi-bee (#11542)
• Ruff: Fix RUF056 @kiblik (#11501)
• Ruff: Fix D403 @kiblik (#11498)
• Ruff: Fix RUF051 @kiblik (#11497)
• Ruff: Fix RUF046 @kiblik (#11492)
• Make django service type configurable @jawadqur (#10660)
• update Pro changelog 2.42.0 @paulOsinski (#11518)
• Readme docs update @paulOsinski (#11516)

🚩 Changes to settings.dist.py / local_settings.py

• Django AuditLog: Upgrade to 3.x @Maffooch (#11592)
• Ruff: Fix PTH118, merge PTH11 @kiblik (#11503)
• Add different pro banner for databases over 100k findings and endpoints @Maffooch (#11665)
• New HCL AppScan on Cloud SAST parser @xpert98 (#11375)
• 🎉 make vulnids more robust @manuel-sommer (#11569)
• remove mysql leftover @manuel-sommer (#10694)
• Feature: Checkmarx Cxflow SAST parser @biennd279 (#9719)
• Ruff: Fix PTH100, merge PTH10 @kiblik (#11502)
• 🎉 add ALBA to vulnid @manuel-sommer (#11487)

🚩 Database migration

• feat(disclaimers): Split disclaimers @kiblik (#10902)
• Verified Status Toggle: Add Granularity @Maffooch (#11548)

🚀 API features and enhancements

• Prefetching multiple endpoints should return all prefetch models @hblankenship (#11546)
• fix(ruff_sim): Wrong handling non-file API import @kiblik (#11561)
• Fix unit tests @Maffooch (#11583)
• Notes on Findings for Simple Risk Acceptance @hblankenship (#11482)

🖌 Updates in UI

• Release 2.43.0: Merge Bugfix into Dev @rossops (#11722)
• Jira Template: Do not HTML encode before shipping to jira @Maffooch (#11640)
• Django AuditLog: Upgrade to 3.x @Maffooch (#11592)
• Import History: Make the absence of action more clear @Maffooch (#11637)
• Accessibility ergonomy filtering @littlesvensson (#11634)
• Fix: Add missing aria labels and roles to buttons, links, tables @littlesvensson (#11577)
• Make links in the login page visually obvious @oussama-taoufiq (#11474)
• feat(disclaimers): Split disclaimers @kiblik (#10902)
• View Alerts: Sanitize and mark safe @Maffooch (#11594)
• Added accessibility for the pagination snippet @littlesvensson (#11591)
• fix(notification): Use site_url in notification contexts @kiblik (#11077)

🧰 Maintenance

• Bump ruff from 0.9.2 to 0.9.4 @dependabot (#11699)
• Bump pytz from 2024.2 to 2025.1 @dependabot (#11698)
• Bump boto3 from 1.36.9 to 1.36.10 @dependabot (#11700)
• Bump boto3 from 1.36.8 to 1.36.9 @dependabot (#11692)
• Bump python-gitlab from 5.4.0 to 5.6.0 @dependabot (#11687)
• Bump boto3 from 1.36.7 to 1.36.8 @dependabot (#11686)
• chore(deps): update actions/setup-python action from v5.3.0 to v5.4.0 (.github/workflows/test-helm-chart.yml) @renovate (#11680)
• Bump python-gitlab from 5.3.1 to 5.4.0 @dependabot (#11682)
• Bump boto3 from 1.36.6 to 1.36.7 @dependabot (#11683)
• chore(deps): update actions/checkout action from v3 to v4 (.github/workflows/update-sample-data.yml) @renovate (#11671)
• Bump boto3 from 1.36.5 to 1.36.6 @dependabot (#11663)
• Bump openapitools/openapi-generator-cli from v7.10.0 to v7.11.0 @dependabot (#11662)
• chore(deps): update mccutchen/go-httpbin docker tag from v2.15.0 to v2.16.0 (docker-compose.override.unit_tests_cicd.yml) @renovate (#11658)
• chore(deps): update actions/setup-node action from v4.1.0 to v4.2.0 (.github/workflows/gh-pages.yml) @renovate (#11657)
• Bump boto3 from 1.36.4 to 1.36.5 @dependabot (#11635)
• chore(deps): update docker/build-push-action action from v6.12.0 to v6.13.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11636)
• Bump asteval from 1.0.5 to 1.0.6 @dependabot (#11633)
• Bump boto3 from 1.36.3 to 1.36.4 @dependabot (#11624)
• fix(deps): update dependency @tabler/icons from 3.28.1 to v3.29.0 (docs/package.json) @renovate (#11612)
• Bump boto3 from 1.36.2 to 1.36.3 @dependabot (#11616)
• chore(deps): update dependency vite from 6.0.10 to v6.0.11 (docs/package.json) @renovate (#11604)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.37.3 to v1.37.4 (helm/defectdojo/values.yaml) @renovate (#11587)
• chore(deps): update helm release postgresql from 16.3.5 to ~16.4.0 (helm/defectdojo/chart.yaml) @renovate (#11609)
• Bump vite from 6.0.7 to 6.0.9 in /docs @dependabot (#11610)
• Update helm/chart-testing-action action from v2.6.1 to v2.7.0 (.github/workflows/test-helm-chart.yml) @renovate (#11601)
• Bump boto3 from 1.36.0 to 1.36.2 @dependabot (#11600)
• Bump asteval from 1.0.5 to 1.0.6 @dependabot (#11599)
• Update dependency vite from 6.0.7 to v6.0.10 (docs/package.json) @renovate (#11598)
• Update release-drafter/release-drafter action from v6.0.0 to v6.1.0 (.github/workflows/release-drafter.yml) @renovate (#11596)
• Bump vcrpy from 6.0.2 to 7.0.0 @dependabot (#11481)
• Bump django from 5.1.4 to 5.1.5 @dependabot (#11580)
• Update manusa/actions-setup-minikube action from v2.13.0 to v2.13.1 (.github/workflows/k8s-tests.yml) @renovate (#11582)
• Bump psycopg[c] from 3.2.3 to 3.2.4 @dependabot (#11579)
• Bump boto3 from 1.35.99 to 1.36.0 @dependabot (#11578)
• Update docker/build-push-action action from v6.11.0 to v6.12.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11574)
• Bump gitpython from 3.1.43 to 3.1.44 @dependabot (#11489)
• Bump pillow from 11.0.0 to 11.1.0 @dependabot (#11488)
• Bump pdfmake from 0.2.17 to 0.2.18 in /components @dependabot (#11485)
• Bump django-debug-toolbar from 4.4.6 to 5.0.1 @dependabot (#11563)
• Bump django-environ from 0.11.2 to 0.12.0 @dependabot (#11564)
• Bump boto3 from 1.35.96 to 1.35.99 @dependabot (#11571)
• Bump django from 5.1.4 to 5.1.5 @dependabot (#11567)
• Update mikefarah/yq action from v4.44.6 to v4.45.1 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11551)
• Bump nginx from 4152318 to 814a8e8 @dependabot (#11556)
• Update actions/upload-artifact action from v4.5.0 to v4.6.0 (.github/workflows/fetch-oas.yml) @renovate (#11547)
• Update softprops/action-gh-release action from v2.0.9 to v2.2.1 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11515)
• Update stefanzweifel/git-auto-commit-action action from v5.0.1 to v5.1.0 (.github/workflows/release-3-master-into-dev.yml) @renovate (#11550)
• Update postgres:17.2-alpine Docker digest from 17.2 to 17.2-alpine (docker-compose.yml) @renovate (#11526)
• Update dependency @tabler/icons from 3.27.1 to v3.28.1 (docs/package.json) @renovate (#11527)
• Update docker/build-push-action action from v6.10.0 to v6.11.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11529)
• Bump python-gitlab from 5.3.0 to 5.3.1 @dependabot (#11530)
• Update nginx/nginx-prometheus-exporter Docker tag from 1.4.0 to v1.4.1 (helm/defectdojo/values.yaml) @renovate (#11534)
• Bump sqlalchemy from 2.0.36 to 2.0.37 @dependabot (#11537)
• Bump boto3 from 1.35.93 to 1.35.96 @dependabot (#11538)
• Update eps1lon/actions-label-merge-conflict action from v3.0.2 to v3.0.3 (.github/workflows/detect-merge-conflicts.yaml) @renovate (#11510)
• Update postgres:17.2-alpine Docker digest from 17.2 to 17.2-alpine (docker-compose.yml) @renovate (#11521)
• Bump boto3 from 1.35.92 to 1.35.93 @dependabot (#11520)
• Update dependency @tabler/icons from 3.26.0 to v3.27.1 (docs/package.json) @renovate (#11519)
• Bump boto3 from 1.35.91 to 1.35.92 @dependabot (#11508)