2.44.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.0

• Update 12 parsers to have better metadata @Jino-T (#11900)
• fix(helm): add spec.strategy in deployment django @Mistikan (#11859)
• feat(helm): Add secret annotations @al-cheb (#11860)
• ms_defender: Improve reliability and error handling @valentijnscholten (#11898)
• markdown docs: fix dead links @valentijnscholten (#11878)
• docs: Updating Trustwave parser documentation with detailed field mappings @skywalke34 (#11880)
• arm64 builds: unit tests @valentijnscholten (#11830)
• fix / cleanup paths in integration tests @valentijnscholten (#11809)
• 🪲 Parse empty machines in Defender @manuel-sommer (#11844)
• Async Deprecation Notice + additional docs changes @paulOsinski (#11874)
• github templates: ask for docker compose and helm version @valentijnscholten (#11841)
• fix(docker): Some versions stayed behind @kiblik (#11785)
• ⬆️ Bump urllib3 to 1.26.20 @manuel-sommer (#11891)
• Feb docs hotfix @paulOsinski (#11870)
• Release Notes: 2.43.3 @paulOsinski (#11857)
• API Tags: Add filter for AND expressions @Maffooch (#11743)
• Surveys: Correct Question 404 @Maffooch (#11862)
• Return Feedback about wrong File Format in ZAP @manuel-sommer (#11772)
• Importer Close Old Findings: Accommodate different dedupe algorithms @Maffooch (#11729)
• Pin pyopenssl to something recent @valentijnscholten (#11800)
• fix: media-pvc template extraLabels @runderwoodcr14 (#11711)
• DOCKER.md: remove leftover dc- references @valentijnscholten (#11760)
• 🐛 fix Noseyparker description @manuel-sommer (#11726)
• feat(release): Label and group linters @kiblik (#11718)
• Ruff: Add PLR04 and fix PLR0402 @kiblik (#11713)
• Ruff: Add and fix ISC003 + merge ISC @kiblik (#11706)
• corrected link for parser guide @pUrGe12 (#11761)
• Fixing call to date_parser in AWS Inspector2 parser @cneill (#11767)
• Sample Data: Remove audit logs entries @Maffooch (#11752)
• Docs: fix broken links @valentijnscholten (#11762)
• Ruff: Add and fix PLW0108 @kiblik (#11641)
• Support builds for different architectures including arm64 @valentijnscholten (#11673)
• Ruff: Add PLC18 and fix PLC1802 @kiblik (#11707)
• NodeJS: Correct Debian bullseye reference @valentijnscholten (#11670)
• Ruff: Add and fix D414 @kiblik (#11655)
• Ruff: Add and fix SIM113 @kiblik (#11652)
• Ruff: Add and fix SIM117 @kiblik (#11653)
• Ruff: Add and fix PLW0127 @kiblik (#11642)
• dashboard: last 7 days should be 7 days @valentijnscholten (#11702)
• feat(db-migration-checker): Add successful message @kiblik (#11685)
• feat(gha): Pin and update actions/checkout @kiblik (#11675)
• feat(gha): Update and pin "peter-evans/create-pull-request" @kiblik (#11674)
• make alpine builds work with docker compose @valentijnscholten (#11669)
• feat(k8s-test): Try login and obtain API token @kiblik (#11656)
• fix(dockerfile): rename django stage in alpine @kiblik (#11654)
• feat(db-checker): Extension of "db reachable" @kiblik (#11651)
• Ruff: Add and fix TRY401 @kiblik (#11644)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 implement vulnid logic for suse @manuel-sommer (#11890)
• 🎉 add atlassian vulnids @manuel-sommer (#11882)
• Add Palo Alto Networks Security Advisories to vulnid @manuel-sommer (#11832)
• Add MGAA advisories to vulnid @manuel-sommer (#11858)
• fix(sessions): Clean old expired sessions @kiblik (#11770)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• add PMASA (php my admin security advisory) to vulnid @manuel-sommer (#11753)
• add Typo3 vulnids @manuel-sommer (#11744)
• Render SAML attributes_map_dir config value to string instead of an object @catshapednoodles (#11764)
• Ruff: Add and fix A002 @kiblik (#11646)
• Update Burp Scan to use Hashcode Dedupe @hblankenship (#11419)
• 🎉 add MGASA vulnid @manuel-sommer (#11668)

🚩 Database migration

• jira issue type migration quickfix @valentijnscholten (#11831)
• fix(sessions): Clean old expired sessions @kiblik (#11770)

🚀 API features and enhancements

• Ruff: Fix for Bump ruff to 0.9.7 @manuel-sommer (#11865)
• Ruff: Fix for bump to 0.9.6 #11759 @manuel-sommer (#11768)
• Hash Codes: Ensure Vulnerability IDs are used in calculations when added outside of import @Maffooch (#11732)
• Duplicate Delete errors: catch IntegrityErrors (A) @valentijnscholten (#11739)
• Ruff: Add PLR5 and fix PLR5501 @kiblik (#11714)
• Ruff: Add and fix PLR6201 @kiblik (#11717)
• Ruff: Add and fix A002 @kiblik (#11646)
• Ruff: Add and fix TRY300 @kiblik (#11643)
• Ruff: Add and fix A001 @kiblik (#11645)
• api spec: SLA days remaining can be null @valentijnscholten (#11701)
• Ruff: Add and fix FBT002 (+ merge all FBT rules) @kiblik (#11261)

🖌 Updates in UI

• Added accessibility for charts @littlesvensson (#11801)
• 🎉 implement vulnid logic for suse @manuel-sommer (#11890)
• fix(ui): Increase readability in "Members" list @kiblik (#11840)
• Docs Updates: Feb @paulOsinski (#11791)
• Allow tab to "Show Password" within Login Page @kevin-vuong99 (#11812)
• Added labels for checkbox column headers @littlesvensson (#11819)
• Fix aria-label in search box @kevin-vuong99 (#11769)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• Ruff: Add and fix PLR6201 @kiblik (#11717)
• jira push error reasons should not be propagated to all channels @valentijnscholten (#11738)
• Ruff: Add and fix A002 @kiblik (#11646)
• Ruff: Add and fix TRY300 @kiblik (#11643)
• Ruff: Add and fix ISC002 @kiblik (#11705)
• Adjusted number fields in tables @littlesvensson (#11677)
• Accessibility calendar switch buttons @littlesvensson (#11661)
• Ruff: Add and fix FBT002 (+ merge all FBT rules) @kiblik (#11261)

🗣 Updates in localization

• Accessibility calendar switch buttons @littlesvensson (#11661)

🔧 Improved code quality with linters

• Ruff: Add and fix PLW0604 @kiblik (#11773)
• Ruff: Add PLC28 and "fix" PLC28 @kiblik (#11774)
• Ruff: Add PLR02 and fix PLR0202 @kiblik (#11712)
• Ruff: Add PLR5 and fix PLR5501 @kiblik (#11714)
• Ruff: Add and fix PLR6104 @kiblik (#11716)
• Ruff: Merge safe rules (A, FIX, PLW01) @kiblik (#11750)
• Ruff: Add and fix PLR6201 @kiblik (#11717)

🧰 Maintenance

• Bump ruff from 0.9.7 to 0.9.9 @dependabot (#11918)
• Bump json-log-formatter from 1.1 to 1.1.1 @dependabot (#11919)
• Bump boto3 from 1.37.2 to 1.37.3 @dependabot (#11917)
• Bump boto3 from 1.37.1 to 1.37.2 @dependabot (#11910)
• chore(deps): update actions/cache action from v4.2.1 to v4.2.2 (.github/workflows/gh-pages.yml) @renovate (#11914)
• Bump boto3 from 1.37.0 to 1.37.1 @dependabot (#11905)
• chore(deps): update docker/setup-buildx-action action from v3.9.0 to v3.10.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11907)
• chore(deps): update docker/build-push-action action from v6.14.0 to v6.15.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11906)
• chore(deps): update actions/download-artifact action from v4.1.8 to v4.1.9 (.github/workflows/rest-framework-tests.yml) @renovate (#11899)
• chore(deps): update dependency vite from 6.1.1 to v6.2.0 (docs/package.json) @renovate (#11895)
• Bump boto3 from 1.36.26 to 1.37.0 @dependabot (#11897)
• Bump boto3 from 1.36.25 to 1.36.26 @dependabot (#11883)
• chore(deps): update actions/upload-artifact action from v4.6.0 to v4.6.1 (.github/workflows/fetch-oas.yml) @renovate (#11871)
• chore(deps): update postgres docker tag from 17.3 to v17.4 (docker-compose.yml) @renovate (#11876)
• chore(deps): update dependency prettier from 3.5.1 to v3.5.2 (docs/package.json) @renovate (#11877)
• chore(deps): update peter-evans/create-pull-request action from v7.0.6 to v7.0.7 (.github/workflows/update-sample-data.yml) @renovate (#11881)
• Bump psycopg[c] from 3.2.4 to 3.2.5 @dependabot (#11884)
• Bump vulners from 2.3.4 to 2.3.6 @dependabot (#11885)
• fix(deps): update dependency @thulite/images from 3.3.0 to v3.3.1 (docs/package.json) @renovate (#11863)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.37.4 to v1.37.5 (helm/defectdojo/values.yaml) @renovate (#11866)
• Bump boto3 from 1.36.24 to 1.36.25 @dependabot (#11868)
• Bump boto3 from 1.36.23 to 1.36.24 @dependabot (#11861)
• chore(deps): update docker/build-push-action action from v6.13.0 to v6.14.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11855)
• Bump boto3 from 1.36.22 to 1.36.23 @dependabot (#11854)
• Bump humanize from 4.12.0 to 4.12.1 @dependabot (#11853)
• Bump social-auth-core from 4.5.4 to 4.5.6 @dependabot (#11825)
• chore(deps): update dependency vite from 6.1.0 to v6.1.1 (docs/package.json) @renovate (#11852)
• chore(deps): update actions/cache action from v4.2.0 to v4.2.1 (.github/workflows/gh-pages.yml) @renovate (#11851)
• Bump social-auth-app-django from 5.4.2 to 5.4.3 @dependabot (#11822)
• Bump easymde from 2.18.0 to 2.19.0 in /components @dependabot (#11847)
• Update azure/setup-helm action from v4.2.0 to v4.3.0 (.github/workflows/test-helm-chart.yml) @renovate (#11846)
• Bump boto3 from 1.36.20 to 1.36.22 @dependabot (#11845)
• Bump node from 23.7.0-alpine3.20 to 23.8.0-alpine3.20 @dependabot (#11839)
• Bump nginx from b471bb6 to 4ff102c @dependabot (#11838)
• Bump humanize from 4.11.0 to 4.12.0 @dependabot (#11837)
• Bump django-filter from 24.3 to 25.1 @dependabot (#11835)
• Update postgres:17.3-alpine Docker digest from 17.3 to 17.3-alpine (docker-compose.yml) @renovate (#11827)
• Bump boto3 from 1.36.19 to 1.36.20 @dependabot (#11824)
• Bump vulners from 2.3.3 to 2.3.4 @dependabot (#11823)
• chore(deps): update postgres docker tag from 17.2 to v17.3 (...

2.43.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.3

• Feb docs hotfix @paulOsinski (#11870)
• Release Notes: 2.43.3 @paulOsinski (#11857)
• API Tags: Add filter for AND expressions @Maffooch (#11743)
• Surveys: Correct Question 404 @Maffooch (#11862)
• Return Feedback about wrong File Format in ZAP @manuel-sommer (#11772)

🖌 Updates in UI

• Docs Updates: Feb @paulOsinski (#11791)

2.43.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.2

• Importer Close Old Findings: Accommodate different dedupe algorithms @Maffooch (#11729)

🚀 API features and enhancements

• Hash Codes: Ensure Vulnerability IDs are used in calculations when added outside of import @Maffooch (#11732)
• Duplicate Delete errors: catch IntegrityErrors (A) @valentijnscholten (#11739)

🖌 Updates in UI

• Fix aria-label in search box @kevin-vuong99 (#11769)

🧰 Maintenance

• Bump cryptography from 44.0.0 to 44.0.1 @dependabot[bot] (#11795)

2.43.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.1

• Pin pyopenssl to something recent @valentijnscholten (#11800)
• fix: media-pvc template extraLabels @runderwoodcr14 (#11711)
• DOCKER.md: remove leftover dc- references @valentijnscholten (#11760)
• 🐛 fix Noseyparker description @manuel-sommer (#11726)
• corrected link for parser guide @pUrGe12 (#11761)

🚩 Changes to settings.dist.py / local_settings.py

• add PMASA (php my admin security advisory) to vulnid @manuel-sommer (#11753)
• add Typo3 vulnids @manuel-sommer (#11744)

🖌 Updates in UI

• jira push error reasons should not be propagated to all channels @valentijnscholten (#11738)

2.43.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.43.0

• Fixing call to date_parser in AWS Inspector2 parser @cneill (#11767)
• Sample Data: Remove audit logs entries @Maffooch (#11752)
• Docs: fix broken links @valentijnscholten (#11762)
• dashboard: last 7 days should be 7 days @valentijnscholten (#11702)

🚩 Changes to settings.dist.py / local_settings.py

• Render SAML attributes_map_dir config value to string instead of an object @catshapednoodles (#11764)
• 🎉 add MGASA vulnid @manuel-sommer (#11668)

🚀 API features and enhancements

• api spec: SLA days remaining can be null @valentijnscholten (#11701)

2.43.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.42.0

• Rename DD-Architecture.png to dd-architecture.png @paulOsinski (#11704)
• Docs Updates: CLI Tools / misc @paulOsinski (#11691)
• Edit defectdojo.com/pricing link @paulOsinski (#11678)
• feat(helm-local_settings): Add option to add local_settings.py @kiblik (#10803)
• Jira Epic Mapping: Support for the removal of Epic Name custom fields @Maffooch (#11690)
• feat(bash-script): Drop all dc- scripts @kiblik (#11649)
• feat(GHA): Pin azure/setup-helm @kiblik (#11493)
• Remove makemigrations from scripts @valentijnscholten (#11638)
• Changelog update 2.42.3 + fix docs image refs @paulOsinski (#11679)
• Ruff: Add already corrected rules @kiblik (#11648)
• AnchoreCTL_Vulns parser: removes URL and corrects mapping if no fix for mitigation field @maxi-bee (#11623)
• fix: Cleanup of old files and notes @kiblik (#11628)
• fix(webhook notif): Reorg docs, add 'ping' @kiblik (#11631)
• Fix to bump ruff to 0.9.3 @manuel-sommer (#11451)
• 🎉 advance NoseyParker to support version 0.22.0 @manuel-sommer (#11565)
• RustyHog: improve description and file_path @valentijnscholten (#11433)
• January wk 3/4 docs maintenance @paulOsinski (#11632)
• Fix Webhook notification test @cneill (#11629)
• Mend SCA Parser update @testaccount90009 (#11395)
• Wiz parser: Import findings regardless of status @valentijnscholten (#11585)
• Fixing openvas parser and including script_id for openvas and nmap @LeoOMaia (#11454)
• Log hashcode config not found @valentijnscholten (#11584)
• Reimport Legacy Reimport: Bump logging from debug to warning @Maffooch (#11566)
• Ruff: Fix DJ012 @kiblik (#11543)
• Add GHA updater for keep sample data at a reasonable date @Maffooch (#11593)
• Readme docs - followup PR @paulOsinski (#11525)
• Add Valentijn to dryrun exempt list @Maffooch (#11617)
• Pro Release Notes 2.42.2 @paulOsinski (#11611)
• Request Review does not apply RBAC in an expected way @hblankenship (#11545)
• fix(doc): Fix order for upgrade notes @kiblik (#11573)
• Mitigated On/Before/After now use DateTimeFilter @hblankenship (#11472)
• Adding annotations to different resources @veneber (#11467)
• Docs updates and QA - Jan 2025 @paulOsinski (#11568)
• Async Delete: Race condition bolstering @Maffooch (#11549)
• Handling "requires login" in "fingerprint" and "lines" fields of Semgrep JSON Report (issue #11480) @farsheedify (#11495)
• Add imageTags to AWS SecurityHub and Inspector2 parsers @hblankenship (#11517)
• Ruff: Fix RUF052 @kiblik (#11499)
• Adding range filters for EPSS @hblankenship (#11469)
• extract first boot portion of script @hblankenship (#11468)
• including test for Finding in xml parser @LeoOMaia (#11464)
• Kubescape: Reduce the size of steps to reproduce @maxi-bee (#11542)
• Ruff: Fix RUF056 @kiblik (#11501)
• Ruff: Fix D403 @kiblik (#11498)
• Ruff: Fix RUF051 @kiblik (#11497)
• Ruff: Fix RUF046 @kiblik (#11492)
• Make django service type configurable @jawadqur (#10660)
• update Pro changelog 2.42.0 @paulOsinski (#11518)
• Readme docs update @paulOsinski (#11516)

🚩 Changes to settings.dist.py / local_settings.py

• Django AuditLog: Upgrade to 3.x @Maffooch (#11592)
• Ruff: Fix PTH118, merge PTH11 @kiblik (#11503)
• Add different pro banner for databases over 100k findings and endpoints @Maffooch (#11665)
• New HCL AppScan on Cloud SAST parser @xpert98 (#11375)
• 🎉 make vulnids more robust @manuel-sommer (#11569)
• remove mysql leftover @manuel-sommer (#10694)
• Feature: Checkmarx Cxflow SAST parser @biennd279 (#9719)
• Ruff: Fix PTH100, merge PTH10 @kiblik (#11502)
• 🎉 add ALBA to vulnid @manuel-sommer (#11487)

🚩 Database migration

• feat(disclaimers): Split disclaimers @kiblik (#10902)
• Verified Status Toggle: Add Granularity @Maffooch (#11548)

🚀 API features and enhancements

• Prefetching multiple endpoints should return all prefetch models @hblankenship (#11546)
• fix(ruff_sim): Wrong handling non-file API import @kiblik (#11561)
• Fix unit tests @Maffooch (#11583)
• Notes on Findings for Simple Risk Acceptance @hblankenship (#11482)

🖌 Updates in UI

• Release 2.43.0: Merge Bugfix into Dev @rossops (#11722)
• Jira Template: Do not HTML encode before shipping to jira @Maffooch (#11640)
• Django AuditLog: Upgrade to 3.x @Maffooch (#11592)
• Import History: Make the absence of action more clear @Maffooch (#11637)
• Accessibility ergonomy filtering @littlesvensson (#11634)
• Fix: Add missing aria labels and roles to buttons, links, tables @littlesvensson (#11577)
• Make links in the login page visually obvious @oussama-taoufiq (#11474)
• feat(disclaimers): Split disclaimers @kiblik (#10902)
• View Alerts: Sanitize and mark safe @Maffooch (#11594)
• Added accessibility for the pagination snippet @littlesvensson (#11591)
• fix(notification): Use site_url in notification contexts @kiblik (#11077)

🧰 Maintenance

• Bump ruff from 0.9.2 to 0.9.4 @dependabot (#11699)
• Bump pytz from 2024.2 to 2025.1 @dependabot (#11698)
• Bump boto3 from 1.36.9 to 1.36.10 @dependabot (#11700)
• Bump boto3 from 1.36.8 to 1.36.9 @dependabot (#11692)
• Bump python-gitlab from 5.4.0 to 5.6.0 @dependabot (#11687)
• Bump boto3 from 1.36.7 to 1.36.8 @dependabot (#11686)
• chore(deps): update actions/setup-python action from v5.3.0 to v5.4.0 (.github/workflows/test-helm-chart.yml) @renovate (#11680)
• Bump python-gitlab from 5.3.1 to 5.4.0 @dependabot (#11682)
• Bump boto3 from 1.36.6 to 1.36.7 @dependabot (#11683)
• chore(deps): update actions/checkout action from v3 to v4 (.github/workflows/update-sample-data.yml) @renovate (#11671)
• Bump boto3 from 1.36.5 to 1.36.6 @dependabot (#11663)
• Bump openapitools/openapi-generator-cli from v7.10.0 to v7.11.0 @dependabot (#11662)
• chore(deps): update mccutchen/go-httpbin docker tag from v2.15.0 to v2.16.0 (docker-compose.override.unit_tests_cicd.yml) @renovate (#11658)
• chore(deps): update actions/setup-node action from v4.1.0 to v4.2.0 (.github/workflows/gh-pages.yml) @renovate (#11657)
• Bump boto3 from 1.36.4 to 1.36.5 @dependabot (#11635)
• chore(deps): update docker/build-push-action action from v6.12.0 to v6.13.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11636)
• Bump asteval from 1.0.5 to 1.0.6 @dependabot (#11633)
• Bump boto3 from 1.36.3 to 1.36.4 @dependabot (#11624)
• fix(deps): update dependency @tabler/icons from 3.28.1 to v3.29.0 (docs/package.json) @renovate (#11612)
• Bump boto3 from 1.36.2 to 1.36.3 @dependabot (#11616)
• chore(deps): update dependency vite from 6.0.10 to v6.0.11 (docs/package.json) @renovate (#11604)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.37.3 to v1.37.4 (helm/defectdojo/values.yaml) @renovate (#11587)
• chore(deps): update helm release postgresql from 16.3.5 to ~16.4.0 (helm/defectdojo/chart.yaml) @renovate (#11609)
• Bump vite from 6.0.7 to 6.0.9 in /docs @dependabot (#11610)
• Update helm/chart-testing-action action from v2.6.1 to v2.7.0 (.github/workflows/test-helm-chart.yml) @renovate (#11601)
• Bump boto3 from 1.36.0 to 1.36.2 @dependabot (#11600)
• Bump asteval from 1.0.5 to 1.0.6 @dependabot (#11599)
• Update dependency vite from 6.0.7 to v6.0.10 (docs/package.json) @renovate (#11598)
• Update release-drafter/release-drafter action from v6.0.0 to v6.1.0 (.github/workflows/release-drafter.yml) @renovate (#11596)
• Bump vcrpy from 6.0.2 to 7.0.0 @dependabot (#11481)
• Bump django from 5.1.4 to 5.1.5 @dependabot (#11580)
• Update manusa/actions-setup-minikube action from v2.13.0 to v2.13.1 (.github/workflows/k8s-tests.yml) @renovate (#11582)
• Bump psycopg[c] from 3.2.3 to 3.2.4 @dependabot (#11579)
• Bump boto3 from 1.35.99 to 1.36.0 @dependabot (#11578)
• Update docker/build-push-action action from v6.11.0 to v6.12.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11574)
• Bump gitpython from 3.1.43 to 3.1.44 @dependabot (#11489)
• Bump pillow from 11.0.0 to 11.1.0 @dependabot (#11488)
• Bump pdfmake from 0.2.17 to 0.2.18 in /components @dependabot (#11485)
• Bump django-debug-toolbar from 4.4.6 to 5.0.1 @dependabot (#11563)
• Bump django-environ from 0.11.2 to 0.12.0 @dependabot (#11564)
• Bump boto3 from 1.35.96 to 1.35.99 @dependabot (#11571)
• Bump django from 5.1.4 to 5.1.5 @dependabot (#11567)
• Update mikefarah/yq action from v4.44.6 to v4.45.1 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11551)
• Bump nginx from 4152318 to 814a8e8 @dependabot (#11556)
• Update actions/upload-artifact action from v4.5.0 to v4.6.0 (.github/workflows/fetch-oas.yml) @renovate (#11547)
• Update softprops/action-gh-release action from v2.0.9 to v2.2.1 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11515)
• Update stefanzweifel/git-auto-commit-action action from v5.0.1 to v5.1.0 (.github/workflows/release-3-master-into-dev.yml) @renovate (#11550)
• Update postgres:17.2-alpine Docker digest from 17.2 to 17.2-alpine (docker-compose.yml) @renovate (#11526)
• Update dependency @tabler/icons from 3.27.1 to v3.28.1 (docs/package.json) @renovate (#11527)
• Update docker/build-push-action action from v6.10.0 to v6.11.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11529)
• Bump python-gitlab from 5.3.0 to 5.3.1 @dependabot (#11530)
• Update nginx/nginx-prometheus-exporter Docker tag from 1.4.0 to v1.4.1 (helm/defectdojo/values.yaml) @renovate (#11534)
• Bump sqlalchemy from 2.0.36 to 2.0.37 @dependabot (#11537)
• Bump boto3 from 1.35.93 to 1.35.96 @dependabot (#11538)
• Update eps1lon/actions-label-merge-conflict action from v3.0.2 to v3.0.3 (.gith...

2.42.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.42.2

• Fix Webhook notification test @cneill (#11629)
• Wiz parser: Import findings regardless of status @valentijnscholten (#11585)
• Fixing openvas parser and including script_id for openvas and nmap @LeoOMaia (#11454)
• Log hashcode config not found @valentijnscholten (#11584)
• Reimport Legacy Reimport: Bump logging from debug to warning @Maffooch (#11566)
• Add GHA updater for keep sample data at a reasonable date @Maffooch (#11593)
• Readme docs - followup PR @paulOsinski (#11525)
• Add Valentijn to dryrun exempt list @Maffooch (#11617)
• Pro Release Notes 2.42.2 @paulOsinski (#11611)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 make vulnids more robust @manuel-sommer (#11569)
• remove mysql leftover @manuel-sommer (#10694)

🚀 API features and enhancements

• Prefetching multiple endpoints should return all prefetch models @hblankenship (#11546)

🖌 Updates in UI

• Fix: Add missing aria labels and roles to buttons, links, tables @littlesvensson (#11577)
• View Alerts: Sanitize and mark safe @Maffooch (#11594)
• Added accessibility for the pagination snippet @littlesvensson (#11591)

🧰 Maintenance

• Bump asteval from 1.0.5 to 1.0.6 @dependabot (#11633)
• Bump vite from 6.0.7 to 6.0.9 in /docs @dependabot (#11610)

2.42.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.42.1

• Request Review does not apply RBAC in an expected way @hblankenship (#11545)
• fix(doc): Fix order for upgrade notes @kiblik (#11573)
• Mitigated On/Before/After now use DateTimeFilter @hblankenship (#11472)
• Adding annotations to different resources @veneber (#11467)
• Docs updates and QA - Jan 2025 @paulOsinski (#11568)
• Async Delete: Race condition bolstering @Maffooch (#11549)
• Handling "requires login" in "fingerprint" and "lines" fields of Semgrep JSON Report (issue #11480) @farsheedify (#11495)
• Add imageTags to AWS SecurityHub and Inspector2 parsers @hblankenship (#11517)
• Adding range filters for EPSS @hblankenship (#11469)
• including test for Finding in xml parser @LeoOMaia (#11464)
• update Pro changelog 2.42.0 @paulOsinski (#11518)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add ALBA to vulnid @manuel-sommer (#11487)

🚩 Database migration

• Verified Status Toggle: Add Granularity @Maffooch (#11548)

🚀 API features and enhancements

• fix(ruff_sim): Wrong handling non-file API import @kiblik (#11561)

🖌 Updates in UI

• fix(notification): Use site_url in notification contexts @kiblik (#11077)

🧰 Maintenance

• Bump django from 5.1.4 to 5.1.5 @dependabot (#11567)

2.42.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.42.0

• Readme docs update @paulOsinski (#11516)

2.42.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.41.0

• Fix image ref on README.md @paulOsinski (#11491)
• Docs maintenance - v2.41.4 @paulOsinski (#11484)
• Update JIRA for Finding Group When Risk Acceptance Expires @hblankenship (#11401)
• Add pro release notes for 2.41.4 @paulOsinski (#11483)
• update changelog, add changelog link to navbar @paulOsinski (#11465)
• Add EPSS score and percentile to generic csv parser @hblankenship (#11449)
• bump ruff to 0.8.1 @manuel-sommer (#11350)
• 2.41.1: docs maintenance @paulOsinski (#11413)
• fix typo in docs @manuel-sommer (#11387)
• Notifications: Convert to classes @Maffooch (#11296)
• [docs] Pro Docs release notes - 2.41.2 @paulOsinski (#11420)
• fix(helm): Unpin old HELM version @kiblik (#11363)
• Add uwsgi vars to docker-compose.yml @optimistic5 (#11186)
• fix(setEnv): remove debug from list @kiblik (#11374)
• feat(GHA): Add SHA pinning @kiblik (#11364)
• [docs] rename case-sensitive refs so that site builds correctly @paulOsinski (#11403)
• [docs] Pro Docs release notes - 2.41.1 @paulOsinski (#11402)
• [docs] add reo to script header @paulOsinski (#11396)
• Docs maintenance: remove external images, article QA + updates @paulOsinski (#11376)
• feat(parser: generic): Allow epss_* parameters @kiblik (#11293)
• Hotfix filenames @paulOsinski (#11368)
• fix(ruff): Fix RUF039 for v0.8.0 @kiblik (#11326)
• Update 2.36.md to fix typo's in version number @valentijnscholten (#11319)
• Ruff: Enable and fix RUF010 @kiblik (#11331)
• Ruff: Enable and fix RUF027 @kiblik (#11332)
• update Pro changelog 2.41.0 @paulOsinski (#11367)
• Request Review Notification Update to Usernames @hblankenship (#11295)
• Add a filter for Findings for Has Any JIRA (grouped or single) @hblankenship (#11313)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Add CGA vulnid @manuel-sommer (#11441)
• Add Horusec Scan to Hashcode settings. @hblankenship (#11418)
• Qualys Hacker Guardian: Set Dedupe Config @Maffooch (#11442)
• fix(oauth2): google oauth2 whitelisting. @JGodin-C2C (#11372)
• 🐛 fix RHS deduplication @manuel-sommer (#11385)
• Settings SHA: The Removal @Maffooch (#11299)
• Add DTSA to vulnid @manuel-sommer (#11302)
• Add GLSA gentoo vulnid @manuel-sommer (#9813)

🚀 API features and enhancements

• Add Ordering to Test_Import API Endpoint @hblankenship (#11448)
• Allow None Option for Active/Verified on Import/Reimport to Mirror UI Options @hblankenship (#11447)
• Request/Response API CRUD Endpoints @hblankenship (#11365)
• Disallow multiple single-use notes on a single object @hblankenship (#11306)
• dissallow already linked issue @hblankenship (#11298)

🖌 Updates in UI

• Ruff: Add and fix S110 (+ merge all S1 rules) @kiblik (#11256)
• Add Filters to the Products under View Product Type @hblankenship (#11321)
• Update Reported Finding Severity by Month on the dashboard to be by month instead of day. @hblankenship (#11304)
• Add GLSA gentoo vulnid @manuel-sommer (#9813)

🧰 Maintenance

• Update dependency vite from 6.0.6 to v6.0.7 (docs/package.json) @renovate (#11494)
• Bump boto3 from 1.35.90 to 1.35.91 @dependabot (#11496)
• Bump python-gitlab from 5.2.0 to 5.3.0 @dependabot (#11475)
• Bump boto3 from 1.35.88 to 1.35.90 @dependabot (#11476)
• Bump boto3 from 1.35.87 to 1.35.88 @dependabot (#11473)
• Bump boto3 from 1.35.85 to 1.35.87 @dependabot (#11466)
• chore(deps): update dependency vite from 6.0.5 to v6.0.6 (docs/package.json) @renovate (#11471)
• Bump pdfmake from 0.2.16 to 0.2.17 in /components @dependabot (#11457)
• chore(deps): update dependency vite from 6.0.4 to v6.0.5 (docs/package.json) @renovate (#11445)
• Bump boto3 from 1.35.84 to 1.35.85 @dependabot (#11443)
• chore(deps): update dependency vite from 6.0.3 to v6.0.4 (docs/package.json) @renovate (#11439)
• Bump boto3 from 1.35.83 to 1.35.84 @dependabot (#11440)
• Bump python-gitlab from 5.1.0 to 5.2.0 @dependabot (#11438)
• Bump boto3 from 1.35.82 to 1.35.83 @dependabot (#11437)
• chore(deps): update actions/upload-artifact action from v4.4.3 to v4.5.0 (.github/workflows/fetch-oas.yml) @renovate (#11436)
• Bump boto3 from 1.35.81 to 1.35.82 @dependabot (#11434)
• Bump pycurl from 7.45.3 to 7.45.4 @dependabot (#11417)
• Bump nanoid from 3.3.7 to 3.3.8 in /docs @dependabot (#11421)
• Bump pdfmake from 0.2.15 to 0.2.16 in /components @dependabot (#11428)
• chore(deps): update docker/setup-buildx-action action from v3.7.1 to v3.8.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#11427)
• Bump vobject from 0.9.8 to 0.9.9 @dependabot (#11426)
• Bump boto3 from 1.35.78 to 1.35.81 @dependabot (#11425)
• fix(deps): update dependency @tabler/icons from 3.24.0 to v3.26.0 (docs/package.json) @renovate (#11423)
• chore(deps): update helm release postgresql from 16.2.5 to ~16.3.0 (helm/defectdojo/chart.yaml) @renovate (#11406)
• chore(deps): update mikefarah/yq action from v4.44.5 to v4.44.6 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11409)
• chore(deps): update softprops/action-gh-release action from v2.1.0 to v2.2.0 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#11412)
• chore(deps): update gcr.io/cloudsql-docker/gce-proxy docker tag from 1.37.2 to v1.37.3 (helm/defectdojo/values.yaml) @renovate (#11411)
• chore(deps): update actions/cache action from v4.1.2 to v4.2.0 (.github/workflows/gh-pages.yml) @renovate (#11410)
• Bump boto3 from 1.35.76 to 1.35.78 @dependabot (#11407)
• Bump nginx from 5acf10c to 4152318 @dependabot (#11391)
• chore(deps): update postgres:17.2-alpine docker digest from 17.2 to 17.2-alpine (docker-compose.yml) @renovate (#11397)
• Bump boto3 from 1.35.73 to 1.35.76 @dependabot (#11377)
• chore(deps): update dependency vite from 6.0.2 to v6.0.3 (docs/package.json) @renovate (#11380)
• chore(deps): update actions/configure-pages action from v4 to v5 (.github/workflows/gh-pages.yml) @renovate (#11329)
• fix(deps): update dependency @tabler/icons from 3.23.0 to v3.24.0 (docs/package.json) @renovate (#11360)
• chore(deps): update nginx/nginx-prometheus-exporter docker tag from 1.3.0 to v1.4.0 (helm/defectdojo/values.yaml) @renovate (#11373)
• chore(deps): update dependency prettier from 3.4.1 to v3.4.2 (docs/package.json) @renovate (#11370)
• Bump redis from 5.2.0 to 5.2.1 @dependabot (#11381)
• Bump django from 5.1.3 to 5.1.4 @dependabot (#11378)
• Bump drf-spectacular from 0.27.2 to 0.28.0 @dependabot (#11352)
• Bump boto3 from 1.35.71 to 1.35.73 @dependabot (#11362)
• Bump nginx from 1.27.2-alpine to 1.27.3-alpine @dependabot (#11355)
• Bump drf-spectacular-sidecar from 2024.11.1 to 2024.12.1 @dependabot (#11354)
• chore(deps): update dependency vite from 6.0.1 to v6.0.2 (docs/package.json) @renovate (#11351)