DefectDojo/django-DefectDojo 2.7.0

2.7.0 🌈

on GitHub

This is an incomplete release, please install 2.7.1 or higher

Release 2.7.1 contains the full release notes, including the changes introduced in 2.7.0

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.6.0

• Finetune and document release process @valentijnscholten (#5751)
• Update social authentication docs @nobletrout (#5782)
• Update values.yaml @mtcolman (#5762)
• Adds AMI to readme and docs @devGregA (#5752)
• Update Jira Integration docs for Jira Server @jefQuery (#5741)
• Release: Merge back 2.6.2 into dev from: master-into-dev/2.6.2-2.7.0-dev @github-actions (#5724)
• Release: Merge release into master from: release/2.6.2 @github-actions (#5723)
• Release: Merge back 2.6.1 into dev from: master-into-dev/2.6.1-2.7.0-dev @github-actions (#5703)
• Release: Merge release into master from: release/2.6.1 @github-actions (#5702)
• Revert "Updated django dockerfile to work with bind mounts for local_settings.py" @Maffooch (#5701)
• Revert "Updated all dockerfiles to match the django dockerfile so UID/GIDs are consistent across dockerfiles" @Maffooch (#5700)
• dependabot: unignore celery 5.x updates @valentijnscholten (#5669)
• Updated all dockerfiles to match the django dockerfile so UID/GIDs are consistent across dockerfiles @mtesauro (#5691)
• Updated django dockerfile to work with bind mounts for local_settings.py @mtesauro (#5681)
• Adds Fred to HoF, Removes others who are MIA and I couldn't get in contact with @devGregA (#5679)
• add upgrade notes 2.6.0 @valentijnscholten (#5678)
• Release: Merge back 2.6.0 into dev from: master-into-dev/2.6.0-2.7.0-dev @github-actions (#5677)

🚩 Changes to settings.dist.py / local_settings.py

• Release: Merge release into master from: release/2.7.0 @github-actions (#5865)
• Rubocop: add parser @damiencarol (#5711)

🚩 Database migration

• Release: Merge release into master from: release/2.7.0 @github-actions (#5865)
• Email pattern for default group @StefanFl (#5719)
• API: return stats for api (re)imports @valentijnscholten (#5635)

🚀 New importers

• Remove CCVS API parser @damiencarol (#5728)
• Rubocop: add parser @damiencarol (#5711)

🚀 General features and enhancements

• Configuration authorization 3: Finish making more configuration permissions editable @StefanFl (#5713)
• Email pattern for default group @StefanFl (#5719)
• rustyhog replaces choctawhog and gottingenhog is added #5607 @manuel-sommer (#5614)

🚀 API features and enhancements

• Release: Merge release into master from: release/2.7.0 @github-actions (#5865)
• Wrong var in include_executive_summary block for product_type @Safren-tutu (#5833)
• Configuration authorization 3: Finish making more configuration permissions editable @StefanFl (#5713)
• Removal of AUTHORIZATION_STAFF_OVERRIDE @StefanFl (#5699)
• Removal of is_staff for various functionalities @StefanFl (#5682)
• Revert permission changes for test_type and development_environment @StefanFl (#5692)
• API: return stats for api (re)imports @valentijnscholten (#5635)

🐛 Bug Fixes

• Wrong var in include_executive_summary block for product_type @Safren-tutu (#5833)
• Correct date format mismatch when async imports are enabled @Maffooch (#5721)
• Reinstate copying of extra_settings @StefanFl (#5693)
• Revert permission changes for test_type and development_environment @StefanFl (#5692)

🧰 Maintenance

• Update stefanzweifel/git-auto-commit-action action from v4.13.0 to v4.13.1 (.github/workflows/plantuml.yml) @renovate (#5740)
• Bump google-api-python-client from 2.34.0 to 2.35.0 @dependabot (#5748)
• Bump celery from 5.1.2 to 5.2.2 @dependabot (#5729)
• Bump numpy from 1.21.5 to 1.22.0 @dependabot (#5660)
• Bump urllib3 from 1.26.7 to 1.26.8 @dependabot (#5715)
• Bump gitpython from 3.1.24 to 3.1.26 @dependabot (#5727)
• Bump easymde from 2.15.0 to 2.16.0 in /components @dependabot (#5734)
• Remove CCVS API parser @damiencarol (#5728)
• Update stefanzweifel/git-auto-commit-action action from v4.12.0 to v4.13.0 (.github/workflows/plantuml.yml) @renovate (#5718)
• Update mysql:5.7.36 Docker digest from 5.7.36 to v5.7.36 (docker-compose.yml) @renovate (#5716)
• Update helm/chart-testing-action action from v2.1.0 to v2.2.0 (.github/workflows/test-helm-chart.yml) @renovate (#5710)
• Update dependency autoprefixer from 10.4.1 to v10.4.2 (docs/package.json) @renovate (#5709)
• Bump google-api-python-client from 2.33.0 to 2.34.0 @dependabot (#5696)
• Bump requests from 2.27.0 to 2.27.1 @dependabot (#5695)
• Make dashboard more modular @Maffooch (#5722)
• Bump nginx from 1.21.4-alpine to 1.21.5-alpine @dependabot (#5661)
• Bump pillow from 8.4.0 to 9.0.0 @dependabot (#5659)
• Bump requests from 2.26.0 to 2.27.0 @dependabot (#5668)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.27.1 to v1.28.0 (helm/defectdojo/values.yaml) @renovate (#5680)

🖌 Updates in UI

• Release: Merge release into master from: release/2.7.0 @github-actions (#5865)
• Configuration authorization 3: Finish making more configuration permissions editable @StefanFl (#5713)
• Fixed indentation/naming of two blocks in base.html @blakeaowens (#5746)
• Removal of is_staff for various functionalities @StefanFl (#5682)
• Make dashboard more modular @Maffooch (#5722)
• API: return stats for api (re)imports @valentijnscholten (#5635)