v0.9.3.5 (April 28, 2021)
UI changes
-
Rearrange Create | Import | Manage component buttons; put "Manage Import Records" button last.
-
Add links for "forgot password" and "change password".
-
Add control titles to component control listing pages.
-
Display control catalog guidance text in
detailstag next to component control implementation statements. -
Add control titles to component control listing pages.
-
Better notify users when project implementation statement differs from certified by displaying notice in third column of control detail pages.
-
Improve language notifying users that project implementation statement differs from certified. Only difference notice is clickable now.
-
Search component library by tag content and make component tags clickable.
Bug fixes
-
Immediately assign change project perms to user starting project and fix issue that non-admin users were not executing modifications to a project the user started such as setting baseline controls.
-
Properly filter system POA&M stat to only count POA&Ms for system.
-
Provide better error reporting on import component schema validation; report actual validation error to standout.
-
Fix N+1 slow display of component control statements with many statements.
Developer changes
-
Update stub_app used by compliance_app command for generating compliance app to include "input" and "output" section; and to have folders for templates, utils, and components.
-
Developers can now use
docker&docker-composeto deploy a local environment. This allows devs to work on any Operating System. Instructions can be found atdev_env/README.mdfolder. -
Set system fisma_impact_level as part of question action to set baseline. Also add fisma_impact_level set/get methods to System model.
-
Display system impact level on project page.
-
Introduce django-session-security package to allow for setting session time out and alert.
Data changes
- Use statement type
fisma_impact_levelto track impact level of a system.