Added
- Now CVAT supports project/task markdown description with additional assets
(png, jpeg, gif, webp images and pdf files) (#6191) - Ground Truth jobs and quality analytics for tasks (#6039)
Fixed
- The problem with manifest file in tasks restored from backup (#5971)
- The problem with task mode in a task restored from backup (#5668)
- Visible 'To background' button in review mode (#6363)
- Added missed auto_add argument to Issue model (#6364)
- [API] Performance of several API endpoints (#6340)
- [API] Invalid schema for the owner field in several endpoints (#6343)
- Some internal errors occurring during lambda function invocations
could be mistakenly reported as invalid requests
(#6394) - [SDK] Loading tasks that have been cached with the PyTorch adapter
(#6047) - The problem with importing annotations if dataset has extra dots in filenames
(#6350)
Security
- More comprehensive SSRF mitigations were implemented.
Previously, on task creation it was prohibited to specify remote data URLs
with hosts that resolved to IP addresses in the private ranges.
Now, redirects to such URLs are also prohibited.
In addition, this restriction is now also applied to webhook URLs.
System administrators can allow or deny custom IP address ranges
with theSMOKESCREEN_OPTSenvironment variable.
(#6362).
Full Changelog: v2.4.9...v2.5.0