DefectDojo/django-DefectDojo 2.44.0

2.44.0 🌈

on GitHub

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.0

• Update 12 parsers to have better metadata @Jino-T (#11900)
• fix(helm): add spec.strategy in deployment django @Mistikan (#11859)
• feat(helm): Add secret annotations @al-cheb (#11860)
• ms_defender: Improve reliability and error handling @valentijnscholten (#11898)
• markdown docs: fix dead links @valentijnscholten (#11878)
• docs: Updating Trustwave parser documentation with detailed field mappings @skywalke34 (#11880)
• arm64 builds: unit tests @valentijnscholten (#11830)
• fix / cleanup paths in integration tests @valentijnscholten (#11809)
• 🪲 Parse empty machines in Defender @manuel-sommer (#11844)
• Async Deprecation Notice + additional docs changes @paulOsinski (#11874)
• github templates: ask for docker compose and helm version @valentijnscholten (#11841)
• fix(docker): Some versions stayed behind @kiblik (#11785)
• ⬆️ Bump urllib3 to 1.26.20 @manuel-sommer (#11891)
• Feb docs hotfix @paulOsinski (#11870)
• Release Notes: 2.43.3 @paulOsinski (#11857)
• API Tags: Add filter for AND expressions @Maffooch (#11743)
• Surveys: Correct Question 404 @Maffooch (#11862)
• Return Feedback about wrong File Format in ZAP @manuel-sommer (#11772)
• Importer Close Old Findings: Accommodate different dedupe algorithms @Maffooch (#11729)
• Pin pyopenssl to something recent @valentijnscholten (#11800)
• fix: media-pvc template extraLabels @runderwoodcr14 (#11711)
• DOCKER.md: remove leftover dc- references @valentijnscholten (#11760)
• 🐛 fix Noseyparker description @manuel-sommer (#11726)
• feat(release): Label and group linters @kiblik (#11718)
• Ruff: Add PLR04 and fix PLR0402 @kiblik (#11713)
• Ruff: Add and fix ISC003 + merge ISC @kiblik (#11706)
• corrected link for parser guide @pUrGe12 (#11761)
• Fixing call to date_parser in AWS Inspector2 parser @cneill (#11767)
• Sample Data: Remove audit logs entries @Maffooch (#11752)
• Docs: fix broken links @valentijnscholten (#11762)
• Ruff: Add and fix PLW0108 @kiblik (#11641)
• Support builds for different architectures including arm64 @valentijnscholten (#11673)
• Ruff: Add PLC18 and fix PLC1802 @kiblik (#11707)
• NodeJS: Correct Debian bullseye reference @valentijnscholten (#11670)
• Ruff: Add and fix D414 @kiblik (#11655)
• Ruff: Add and fix SIM113 @kiblik (#11652)
• Ruff: Add and fix SIM117 @kiblik (#11653)
• Ruff: Add and fix PLW0127 @kiblik (#11642)
• dashboard: last 7 days should be 7 days @valentijnscholten (#11702)
• feat(db-migration-checker): Add successful message @kiblik (#11685)
• feat(gha): Pin and update actions/checkout @kiblik (#11675)
• feat(gha): Update and pin "peter-evans/create-pull-request" @kiblik (#11674)
• make alpine builds work with docker compose @valentijnscholten (#11669)
• feat(k8s-test): Try login and obtain API token @kiblik (#11656)
• fix(dockerfile): rename django stage in alpine @kiblik (#11654)
• feat(db-checker): Extension of "db reachable" @kiblik (#11651)
• Ruff: Add and fix TRY401 @kiblik (#11644)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 implement vulnid logic for suse @manuel-sommer (#11890)
• 🎉 add atlassian vulnids @manuel-sommer (#11882)
• Add Palo Alto Networks Security Advisories to vulnid @manuel-sommer (#11832)
• Add MGAA advisories to vulnid @manuel-sommer (#11858)
• fix(sessions): Clean old expired sessions @kiblik (#11770)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• add PMASA (php my admin security advisory) to vulnid @manuel-sommer (#11753)
• add Typo3 vulnids @manuel-sommer (#11744)
• Render SAML attributes_map_dir config value to string instead of an object @catshapednoodles (#11764)
• Ruff: Add and fix A002 @kiblik (#11646)
• Update Burp Scan to use Hashcode Dedupe @hblankenship (#11419)
• 🎉 add MGASA vulnid @manuel-sommer (#11668)

🚩 Database migration

• jira issue type migration quickfix @valentijnscholten (#11831)
• fix(sessions): Clean old expired sessions @kiblik (#11770)

🚀 API features and enhancements

• Ruff: Fix for Bump ruff to 0.9.7 @manuel-sommer (#11865)
• Ruff: Fix for bump to 0.9.6 #11759 @manuel-sommer (#11768)
• Hash Codes: Ensure Vulnerability IDs are used in calculations when added outside of import @Maffooch (#11732)
• Duplicate Delete errors: catch IntegrityErrors (A) @valentijnscholten (#11739)
• Ruff: Add PLR5 and fix PLR5501 @kiblik (#11714)
• Ruff: Add and fix PLR6201 @kiblik (#11717)
• Ruff: Add and fix A002 @kiblik (#11646)
• Ruff: Add and fix TRY300 @kiblik (#11643)
• Ruff: Add and fix A001 @kiblik (#11645)
• api spec: SLA days remaining can be null @valentijnscholten (#11701)
• Ruff: Add and fix FBT002 (+ merge all FBT rules) @kiblik (#11261)

🖌 Updates in UI

• Added accessibility for charts @littlesvensson (#11801)
• 🎉 implement vulnid logic for suse @manuel-sommer (#11890)
• fix(ui): Increase readability in "Members" list @kiblik (#11840)
• Docs Updates: Feb @paulOsinski (#11791)
• Allow tab to "Show Password" within Login Page @kevin-vuong99 (#11812)
• Added labels for checkbox column headers @littlesvensson (#11819)
• Fix aria-label in search box @kevin-vuong99 (#11769)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• Ruff: Add and fix PLR6201 @kiblik (#11717)
• jira push error reasons should not be propagated to all channels @valentijnscholten (#11738)
• Ruff: Add and fix A002 @kiblik (#11646)
• Ruff: Add and fix TRY300 @kiblik (#11643)
• Ruff: Add and fix ISC002 @kiblik (#11705)
• Adjusted number fields in tables @littlesvensson (#11677)
• Accessibility calendar switch buttons @littlesvensson (#11661)
• Ruff: Add and fix FBT002 (+ merge all FBT rules) @kiblik (#11261)

🗣 Updates in localization

• Accessibility calendar switch buttons @littlesvensson (#11661)

🔧 Improved code quality with linters

• Ruff: Add and fix PLW0604 @kiblik (#11773)
• Ruff: Add PLC28 and "fix" PLC28 @kiblik (#11774)
• Ruff: Add PLR02 and fix PLR0202 @kiblik (#11712)
• Ruff: Add PLR5 and fix PLR5501 @kiblik (#11714)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• Ruff: Merge safe rules (A, FIX, PLW01) @kiblik (#11750)
• Ruff: Add and fix PLR6201 @kiblik (#11717)

🧰 Maintenance

• Bump ruff from 0.9.7 to 0.9.9 @dependabot (#11918)
• Bump json-log-formatter from 1.1 to 1.1.1 @dependabot (#11919)
• Bump boto3 from 1.37.2 to 1.37.3 @dependabot (#11917)
• Bump boto3 from 1.37.1 to 1.37.2 @dependabot (#11910)
• chore(deps): update actions/cache action from v4.2.1 to v4.2.2 (.github/workflows/gh-pages.yml) @renovate (#11914)
• Bump boto3 from 1.37.0 to 1.37.1 @dependabot (#11905)
• chore(deps): update docker/setup-buildx-action action from v3.9.0 to v3.10.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11907)
• chore(deps): update docker/build-push-action action from v6.14.0 to v6.15.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11906)
• chore(deps): update actions/download-artifact action from v4.1.8 to v4.1.9 (.github/workflows/rest-framework-tests.yml) @renovate (#11899)
• chore(deps): update dependency vite from 6.1.1 to v6.2.0 (docs/package.json) @renovate (#11895)
• Bump boto3 from 1.36.26 to 1.37.0 @dependabot (#11897)
• Bump boto3 from 1.36.25 to 1.36.26 @dependabot (#11883)
• chore(deps): update actions/upload-artifact action from v4.6.0 to v4.6.1 (.github/workflows/fetch-oas.yml) @renovate (#11871)
• chore(deps): update postgres docker tag from 17.3 to v17.4 (docker-compose.yml) @renovate (#11876)
• chore(deps): update dependency prettier from 3.5.1 to v3.5.2 (docs/package.json) @renovate (#11877)
• chore(deps): update peter-evans/create-pull-request action from v7.0.6 to v7.0.7 (.github/workflows/update-sample-data.yml) @renovate (#11881)
• Bump psycopg[c] from 3.2.4 to 3.2.5 @dependabot (#11884)
• Bump vulners from 2.3.4 to 2.3.6 @dependabot (#11885)
• fix(deps): update dependency @thulite/images from 3.3.0 to v3.3.1 (docs/package.json) @renovate (#11863)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.37.4 to v1.37.5 (helm/defectdojo/values.yaml) @renovate (#11866)
• Bump boto3 from 1.36.24 to 1.36.25 @dependabot (#11868)
• Bump boto3 from 1.36.23 to 1.36.24 @dependabot (#11861)
• chore(deps): update docker/build-push-action action from v6.13.0 to v6.14.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11855)
• Bump boto3 from 1.36.22 to 1.36.23 @dependabot (#11854)
• Bump humanize from 4.12.0 to 4.12.1 @dependabot (#11853)
• Bump social-auth-core from 4.5.4 to 4.5.6 @dependabot (#11825)
• chore(deps): update dependency vite from 6.1.0 to v6.1.1 (docs/package.json) @renovate (#11852)
• chore(deps): update actions/cache action from v4.2.0 to v4.2.1 (.github/workflows/gh-pages.yml) @renovate (#11851)
• Bump social-auth-app-django from 5.4.2 to 5.4.3 @dependabot (#11822)
• Bump easymde from 2.18.0 to 2.19.0 in /components @dependabot (#11847)
• Update azure/setup-helm action from v4.2.0 to v4.3.0 (.github/workflows/test-helm-chart.yml) @renovate (#11846)
• Bump boto3 from 1.36.20 to 1.36.22 @dependabot (#11845)
• Bump node from 23.7.0-alpine3.20 to 23.8.0-alpine3.20 @dependabot (#11839)
• Bump nginx from b471bb6 to 4ff102c @dependabot (#11838)
• Bump humanize from 4.11.0 to 4.12.0 @dependabot (#11837)
• Bump django-filter from 24.3 to 25.1 @dependabot (#11835)
• Update postgres:17.3-alpine Docker digest from 17.3 to 17.3-alpine (docker-compose.yml) @renovate (#11827)
• Bump boto3 from 1.36.19 to 1.36.20 @dependabot (#11824)
• Bump vulners from 2.3.3 to 2.3.4 @dependabot (#11823)
• chore(deps): update postgres docker tag from 17.2 to v17.3 (docker-compose.yml) @renovate (#11820)
• Bump cryptography from 44.0.0 to 44.0.1 @dependabot (#11795)
• Update dependency prettier from 3.5.0 to v3.5.1 (docs/package.json) @renovate (#11817)
• Bump cvss from 3.3 to 3.4 @dependabot (#11802)
• Bump cryptography from 44.0.0 to 44.0.1 @dependabot (#11803)
• Bump boto3 from 1.36.16 to 1.36.19 @dependabot (#11813)
• Bump lxml from 5.3.0 to 5.3.1 @dependabot (#11783)
• Bump boto3 from 1.36.15 to 1.36.16 @dependabot (#11782)
• Bump nginx from 1.27.3-alpine to 1.27.4-alpine @dependabot (#11780)
• Bump node from 20.18.2-alpine3.20 to 23.7.0-alpine3.20 @dependabot (#11779)
• Update dependency prettier from 3.4.2 to v3.5.0 (docs/package.json) @renovate (#11775)
• Update dependency @tabler/icons from 3.29.0 to v3.30.0 (docs/package.json) @renovate (#11766)
• Bump sqlalchemy from 2.0.37 to 2.0.38 @dependabot (#11758)
• Bump boto3 from 1.36.14 to 1.36.15 @dependabot (#11757)
• Bump django from 5.1.5 to 5.1.6 @dependabot (#11746)
• Bump boto3 from 1.36.13 to 1.36.14 @dependabot (#11747)
• Update docker/setup-buildx-action action from v3.8.0 to v3.9.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11748)
• chore(deps): update postgres:17.2-alpine docker digest from 17.2 to 17.2-alpine (docker-compose.yml) @renovate (#11733)
• Bump boto3 from 1.36.12 to 1.36.13 @dependabot (#11736)
• Bump vulners from 2.3.2 to 2.3.3 @dependabot (#11737)
• chore(deps): update dependency vite from 6.0.11 to v6.1.0 (docs/package.json) @renovate (#11742)
• fix(deps): update dependency @thulite/doks-core from 1.8.0 to v1.8.1 (docs/package.json) @renovate (#11727)
• Bump boto3 from 1.36.11 to 1.36.12 @dependabot (#11728)
• Bump vulners from 2.3.1 to 2.3.2 @dependabot (#11731)
• Bump drf-spectacular-sidecar from 2024.12.1 to 2025.2.1 @dependabot (#11721)
• Bump boto3 from 1.36.10 to 1.36.11 @dependabot (#11720)
• Bump vulners from 2.2.3 to 2.3.1 @dependabot (#11719)