DefectDojo/django-DefectDojo 2.58.0

2.58.0 🌈

on GitHub

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• perf test: cover unsaved tags and vulnerability_ids @valentijnscholten (#14796)
• async delete: remove obsolete outside scope delete @valentijnscholten (#14798)
• fix(sonarqube): mdDesc fallback @samiat4911 (#14770)
• Jira webhook: stop mis-mitigating findings on non-"done" issues @paulOsinski (#14716)
• Fix #14623: Add created and updated date filters to ApiRiskAcceptance… @NasorHidar (#14754)
• add OS + Pro Engagement articles @dangoelz (#14583)
• fix(coverity-api): add support for RESOURCE_LEAK quality findings @Jino-T (#14749)
• add Test docs for OS and Pro @dangoelz (#14750)
• test: extend and consolidate tag inheritance tests into test_tag_inheritance.py @valentijnscholten (#14771)
• Bulk delete findings: extension hook @valentijnscholten (#14740)
• docs(pro changelog): add 2.57.3 entry @Maffooch (#14768)
• [pro] add DD-Orchestrator upgrade instructions for on-prem customers @paulOsinski (#14747)
• Fix Dependency Track parser missing vulnerability IDs when aliases is empty @valentijnscholten (#14748)
• ci: auto-label release PRs with release-management @Maffooch (#14744)
• 🐛 fix KeyError raised on Engineer Metrics #14737 @manuel-sommer (#14741)
• Fix Contrast parser collapsing findings with the same rule name @Jino-T (#14714)
• docs: global component deduplication @paulOsinski (#14717)
• docs(pro changelog): add 2.57.1 and 2.57.2 entries @Maffooch (#14736)
• docs optimization: use defer instead of async @paulOsinski (#14715)
• chore: reorganize dedupe code @valentijnscholten (#14641)
• perf: bulk-apply parser-supplied per-finding tags during import @valentijnscholten (#14701)
• docs: add CLAUDE.md with module reorganization playbook @Maffooch (#14705)
• 🎉 add fix_available and fix_version to govulncheck @manuel-sommer (#14681)
• Change to reactivating risk accepted findings @Jino-T (#14633)
• Use RBAC for accept_risks API endpoints @Jino-T (#14632)
• Added ssrf utils file to check urls and applied it to risk recon parser @Jino-T (#14631)
• Update dependency renovatebot/renovate from 43.110.14 to v43.112.1 (.github/workflows/renovate.yaml) @renovate (#14674)
• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• Remove pickle from forms and Celery serializer @Maffooch (#14791)
• fix cascade delete bug and restore default duplicate cluster reconfigure on delete @valentijnscholten (#14772)
• feat(parsers): add Qualys VMDR CSV parser @skywalke34 (#14453)
• refactor: consolidate audit-log code into dojo/auditlog/ package @Maffooch (#14763)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: consolidate GitHub integration into dojo/github/ package @Maffooch (#14766)
• 🎉 add watchguard security advisory @manuel-sommer (#14742)
• move MAX_ZIP_* to settings @fopina (#14730)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🚩 Database migration

• Locations performance improvements @dogboat (#14718)

🚀 API features and enhancements

• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Dispatch create-path notifications async to fix slow POST latency @Maffooch (#14731)
• Validate consistency between ID-based and name-based identifiers in import/reimport @Jino-T (#14636)
• Add permission checks for moving engagements between products @Jino-T (#14634)

🖌 Updates in UI

• Remove 'safe' filter from description output @Maffooch (#14789)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• Fix planned remediation version appearing under Reviewers in findings list @valentijnscholten (#14773)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Improve SLA breach notification format and display @Maffooch (#14746)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• fix css overflow issue - reports @paulOsinski (#14666)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• Clean up endpoint template rendering for user fields @Maffooch (#14682)
• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): update release-drafter/release-drafter action from v7.2.0 to v7.2.1 (.github/workflows/release-drafter.yml) @renovate (#14785)
• chore(deps): bump gitpython from 3.1.47 to 3.1.49 @dependabot (#14783)
• chore(deps): bump python-gitlab from 8.2.0 to 8.3.0 @dependabot (#14781)
• chore(deps): bump pyopenssl from 26.0.0 to 26.1.0 @dependabot (#14777)
• chore(deps): bump postcss from 8.5.6 to 8.5.12 in /docs @dependabot (#14759)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14774)
• Update openapitools/openapi-generator-cli Docker tag from v7.21.0 to v7.22.0 (Dockerfile.integration-tests-debian) @renovate (#14776)
• chore(deps): bump ruff from 0.15.11 to 0.15.12 @dependabot (#14778)
• chore(deps): bump datatables.net from 2.3.7 to 2.3.8 in /components @dependabot (#14780)
• chore(deps): bump vulners from 3.1.8 to 3.1.9 @dependabot (#14782)
• chore(deps): bump social-auth-core from 4.8.6 to 4.8.7 @dependabot (#14784)
• Update dependency renovatebot/renovate from 43.139.4 to v43.141.6 (.github/workflows/renovate.yaml) @renovate (#14751)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14753)
• chore(deps): bump social-auth-app-django from 5.6.0 to 5.8.0 @dependabot (#14724)
• Update dependency node from 24.14.1 to v24.15.0 (.github/workflows/validate_docs_build.yml) @renovate (#14738)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14725)
• Update valkey Docker tag from 0.19.0 to v0.20.0 (helm/defectdojo/Chart.yaml) @renovate (#14739)
• Update actions/setup-node action from v6.3.0 to v6.4.0 (.github/workflows/validate_docs_build.yml) @renovate (#14734)
• Update dependency kubernetes/kubernetes from v1.35.3 to v1.35.4 (.github/workflows/k8s-tests.yml) @renovate (#14733)
• Update dependency kubernetes from 1.33.10 to v1.33.11 (.github/workflows/k8s-tests.yml) @renovate (#14728)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14727)
• chore(deps): bump ruff from 0.15.10 to 0.15.11 @dependabot (#14726)
• chore(deps): bump social-auth-core from 4.8.5 to 4.8.6 @dependabot (#14723)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14721)
• Update postgres:18.3-alpine Docker digest from 18.3 to 18.3-alpine (docker-compose.yml) @renovate (#14720)
• chore(deps): bump lxml from 6.0.2 to 6.1.0 @dependabot (#14719)
• Update dependency renovatebot/renovate from 43.112.1 to v43.139.4 (.github/workflows/renovate.yaml) @renovate (#14709)
• Update mccutchen/go-httpbin Docker tag from 2.21.0 to v2.22.1 (docker-compose.override.dev.yml) @renovate (#14697)
• Update softprops/action-gh-release action from v2.6.2 to v3 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14702)
• Update actions/github-script action from v8.0.0 to v9 (.github/workflows/release-3-master-into-dev.yml) @renovate (#14700)
• Update release-drafter/release-drafter action from v7.1.1 to v7.2.0 (.github/workflows/release-drafter.yml) @renovate (#14699)
• chore(deps): bump lxml from 6.0.2 to 6.0.4 @dependabot (#14692)
• Update valkey Docker tag from 0.18.0 to v0.19.0 (helm/defectdojo/Chart.yaml) @renovate (#14696)
• Update docker/build-push-action action from v7.0.0 to v7.1.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14695)
• chore(deps): bump django-dbbackup from 5.2.0 to 5.3.0 @dependabot (#14694)
• Update softprops/action-gh-release action from v2.6.1 to v2.6.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14693)
• Update peter-evans/create-pull-request action from v8.1.0 to v8.1.1 (.github/workflows/update-sample-data.yml) @renovate (#14691)
• chore(deps): bump ruff from 0.15.9 to 0.15.10 @dependabot (#14690)
• chore(deps): bump pygithub from 2.9.0 to 2.9.1 @dependabot (#14689)
• chore(deps): bump drf-spectacular-sidecar from 2026.4.1 to 2026.4.14 @dependabot (#14688)
• Update actions/upload-artifact action from v7.0.0 to v7.0.1 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14686)
• Update actions/cache action from v5.0.4 to v5.0.5 (.github/workflows/validate_docs_build.yml) @renovate (#14685)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14684)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14683)
• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot (#14680)
• Update python Docker tag from 3.13.12 to v3.13.13 (Dockerfile.nginx-alpine) @renovate (#14669)
• chore(deps): bump django from 5.2.12 to 5.2.13 @dependabot (#14664)
• chore(deps): bump cryptography from 46.0.6 to 46.0.7 @dependabot (#14660)
• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot (#14659)
• chore(deps): bump drf-spectacular-sidecar from 2026.3.1 to 2026.4.1 @dependabot (#14658)
• chore(deps): bump sqlalchemy from 2.0.48 to 2.0.49 @dependabot (#14657)
• Update docker/login-action action from v4.0.0 to v4.1.0 (.github/workflows/release-x-manual-tag-as-latest.yml) @renovate (#14655)
• Update valkey/valkey:9.0.3-alpine Docker digest from 9.0.3 to 9.0.3-alpine (docker-compose.yml) @renovate (#14653)
• Update python:3.13.12-slim-trixie Docker digest from 3.13.12 to v (Dockerfile.integration-tests-debian) @renovate (#14652)
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /docs @dependabot (#14651)
• chore(deps): bump lodash from 4.17.23 to 4.18.1 in /docs @dependabot (#14648)
• Update dependency renovatebot/renovate from 43.102.8 to v43.110.14 (.github/workflows/renovate.yaml) @renovate (#14637)
• Update dependency django-debug-toolbar from 6.2.0 to v6.3.0 (requirements-dev.txt) @renovate (#14654)