DefectDojo/django-DefectDojo v1.0.5

on GitHub

This new version includes the following fixes and improvements:

1. Metrics view fixes, capturing correct product type from GET and modified the top ten query.
2. Updated bower components as well as some python dependencies. Updated some templates to reflect new bower components.
3. Added vobject for new iCalendar features in tests and engagements.
4. Fixes #45 - Endpoints are missing on findings when form fails to validate
5. Changed they way you add/remove endpoints from findings to address #46
6. Fixes #49 - django-audit log 0.3.2 breaks install
7. Fixes #46 - Can't Remove Endpoints
8. Address enhancement #50: Added ability to sort listing tables by clicking on TH. Added page size pull down to pagination widget.
9. Adds ability to "touch" Findings to clear alerts.
10. Added new upload/import of Nexpose XML 2.0 report. Refactored Burp upload.
11. Addresses #47 - Capture user who closes findings
12. Addresses #50 - Improving Sort for all table listing.
13. Added fundtionality to upload and re-upload Burp XML, Nessus (CSV, XML), Nexpose XML 2.0, Veracode XML, and ZAP XML scan results.
14. New documentation now at http://defectdojo.readthedocs.org
15. Added initial fixtures for Test_Type, Development_Evironment and Product_Type. New DefectDojo installs will have initial stub data.
16. Side menu, List filtering, and menu enhancements.
17. Finding, Product, and Test information is better displayed.
18. Alert item now has a count badge letting you know how many alerts you have pending. It will also disappear when all alerts have been cleared.
19. Breadcrumbs are more intuitive and offer better historical navigation.
20. Easier way to reopen closed findings - no need to fully Edit finding any more.
21. Finding quick add, all that is needed is a title. This will trigger a new alert to remind you to complete the findings details.
22. Endpoints are no longer required to add a finding since not all defects are endpoint related.
23. Finding field Endpoint has been DEPRECATED - makemigrations is needed.
24. Moved all views and urls into corresponding modules: development_environment, endpoint, engagement, finding, home, metrics, product, product_type, reports, scan, search, test, test_type, and user. urls.py now imports from each module to get urls and views defined.
25. Endpoints are now listed by main host only, port, path and other information is now collapsed under the main host.
26. Simple search now using django-watson see: https://github.com/etianen/django-watson/wiki for documenations. Must add watson to your INSTALLED_APPS setting and run ./manage.py migrate , ./manage.py installwatson and ./manage.py buildwatson.
27. Changed term highlighter to jquery-highlight (https://github.com/knownasilya/jquery-highlight) - simple and lightweight. Other js library introduced bug where text could not be selected for copy and paste.
28. Brand new Finding Template CRUD functionality. Listing, Add, Edit, Delete in order to make Finding Templates more effective/efficient.
29. Major Report functionality overhaul. Celery and wkhtmltopdf are now needed to generate PDF reports. See documentation at http://defectdojo.readthedocs.org/en/latest/features.html#reports
30. Other minor fixes and tweaks.

This version requires the following manage.py command to be executed:

./manage.py makemigrations
./manage.py migrate
./manage.py migrate_finding_templates
./manage.py stamp_finding_last_reviewed