2.32.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.32.1

• Updated DryRun Security config @mtesauro (#9769)

🚩 Database migration

• correcting cvss scoring behavior when updating/adding findings via ui and api [sc-4849] @grendel513 (#9744)

🚀 API features and enhancements

• Import/Reimport: Add toggle for applying tags to endpoints @Maffooch (#9740)
• correcting cvss scoring behavior when updating/adding findings via ui and api [sc-4849] @grendel513 (#9744)

🐛 Bug Fixes

• Endpoints: Redefine vulnerable definition @Maffooch (#9772)
• Ruff Linter: Resolve deprecation notice @Maffooch (#9729)

🖌 Updates in UI

• Ruff: Solve E731 @kiblik (#9749)

2.32.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.32.0

• Helm: Remove PSQLHA Test @Maffooch (#9716)
• remove flotaxis, #9700 @manuel-sommer (#9709)
• Bugfix: checkmarx parser - datetime is no longer put into the Finding.date field @reichertan (#9570)

🚩 Changes to settings.dist.py / local_settings.py

• Added Checkmarx One Parser @FelixHernandez (#9715)
• Added crunch42 parser @FelixHernandez (#9714)

🐛 Bug Fixes

• Product Metrics: Correct week to week charts @Maffooch (#9695)
• Jira: Improve alerting on a per step basis @Maffooch (#9691)

🖌 Updates in UI

• Endpoints: Remove "verified" query on listing pages @Maffooch (#9717)

🗣 Updates in localization

• fix <br/> tag on django.po @paulOsinski (#9718)

2.32.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.31.0

• Upgrade drf-spectacular-sidecar to 2024.3.4 @kiblik (#9670)
• resolve doing, remove dead code @manuel-sommer (#9577)
• 🔨 restructure clair parser @manuel-sommer (#9660)
• 🔨 restructure openvas parser @manuel-sommer (#9658)
• Fix github parser issue 9582 @manuel-sommer (#9583)
• Bundler Audit Parser - Support for GHSA-Only Findings @rh0dy (#9649)
• StringAgg: use default Value('') @kiblik (#9661)
• Upgrade Notes: Move breaking helm change notice from 2.13.x -> 2.12.x @manuel-sommer (#9637)
• Anchore Grype: Default to Info severity if missing in report @manuel-sommer (#9620)
• resolve npm audit unittest doing @manuel-sommer (#9572)
• Extend APIv2 Findings endpoint and UI filters to accept new date filters @FelixHernandez (#9642)
• advance mobsf to also parse exisiting unittestfile @manuel-sommer (#9563)
• Qualys: Correct CVE assignment @Maffooch (#9653)
• ASFF Parser: Respect active status based on RecordState field @manuel-sommer (#9567)
• Add integration tests script @Maffooch (#9136)
• ✨ Fortify: Support .fpr format @manuel-sommer (#9590)
• Format cyclonedx_cwe.json unit test for legibility @paulOsinski (#9595)
• 🎉 Snyk epss update @quirinziessler (#9601)
• Revert psqlha version from v13 to v9 @Maffooch (#9630)
• Extend npm_audit.md with unsupported v7 notice @paulOsinski (#9593)
• ✨ AWS Security Hub: Add GuardDuty @manuel-sommer (#9524)
• Labeler: Add sync-labels @kiblik (#9565)
• ✨ Documentation for managing files @manuel-sommer (#9557)
• 🐛 fix nessus severity @manuel-sommer (#9549)
• Fix engagement/view if import fail @kiblik (#9544)
• 🎉 Importing EPSS score from AWS Inspector via AWS SecHub @quirinziessler (#9529)
• fix clair docs according to PR #9355 @manuel-sommer (#9523)
• 🎉 importing epss score from DependencyTrack output @quirinziessler (#9521)
• Remove handling of broken unittests @kiblik (#9504)
• ✨ add burp dastardly @manuel-sommer (#9514)
• Remove useless noqa, be more specific for usefull noqa @kiblik (#9510)
• 🐛 WFuzz: Generalize severity mapping @manuel-sommer (#9505)
• Update google-sheets-sync.md with deprecation notice @paulOsinski (#9495)
• Use full url for helm-repos and add alias in renovate.json @rndmh3ro (#9525)
• Modifying Bugcrowd API Parser to align to vendor documentation on wha… @grendel513 (#9517)
• Fix SARIF parser with CodeQL rules @ansereb (#9440)
• Parse GitHub vulnerability version @coheigea (#9462)
• 🐛 Yarn Audit: Add CI importer support @manuel-sommer (#9478)
• 🐛 Trufflehog3: Remove null characters @manuel-sommer (#9470)
• 🐛 WFuzz: Add additional severity mappings @manuel-sommer (#9486)
• fix typo in docs @manuel-sommer (#9487)
• Optimize list of Maintenance in relase notes @kiblik (#9492)
• Fix unittests with assertRaises + replace assertTrue/False with better checks @kiblik (#9435)
• API: Check missing endpoints @kiblik (#7618)
• Trivy Operator Parser additionalVulnerabilityReportFields @raouf-haddada (#9452)
• Add ruff for *tests @kiblik (#9406)
• Dependencytrack default severity @manuel-sommer (#9370)

🚩 Changes to settings.dist.py / local_settings.py

• DRF Spectacular: Enable sidecar by default @Maffooch (#9645)
• ✨ implement osv-scanner, #7321 @manuel-sommer (#9578)
• Force to use DjangoDivFormRenderer @kiblik (#9659)
• Added Snyk Code Parser @FelixHernandez (#9647)
• Remove filterwarnings for RemovedInDjango50Warning @kiblik (#9500)
• Nosey Parker Parser @tpat13 (#9067)
• Remote filterwarnings for "cgi is deprecated and slated" @kiblik (#9561)
• 🐛 fix kics, #7966 @manuel-sommer (#9542)
• improved Sonatype parser @reichertan (#9519)
• 🎉 introducing EPSS score @quirinziessler (#9516)
• Remove filterwarnings for "DateTimeField - timezone" @kiblik (#9497)
• 🐛 fix mobsf deduplication and severity mapping @manuel-sommer (#9471)
• Remove filterwarnings for "invalid escape sequence" @kiblik (#9496)
• Remove filterwarnings for "unclosed file" @kiblik (#9498)
• API: removal of drf_yasg (OpenAPI 2.0 Swagger) @kiblik (#9108)
• Remove DD_USE_L10N @kiblik (#9491)
• 🎉 Improvements for wazuh importer @quirinziessler (#9248)
• Add support for DD_APPEND_SLASH @kiblik (#9385)
• Be strict about Warnings during testing @kiblik (#9490)
• Revert adding severity to Dependency Track hash_code calculation @kepten (#9371)

🚩 Database migration

• Fix broken migration 0197 @kiblik (#9606)
• 🎉 introducing EPSS score @quirinziessler (#9516)
• Dojo_Group: Support for "RemoteUser" in model @kiblik (#9405)
• finding sla expiration date field (part two) @blakeaowens (#9494)
• Be strict about Warnings during testing @kiblik (#9490)

🚀 General features and enhancements

• Jira Webhook: Catch comments from other issue updates @Maffooch (#9513)

🚀 API features and enhancements

• FindingGroupSerializer: not break schemas when JIRAIssue not available @kiblik (#9651)
• Engagement validation for risk_acceptance API in POST PATCH and PUT @FelixHernandez (#9599)
• 🎉 introducing EPSS score @quirinziessler (#9516)
• API: removal of drf_yasg (OpenAPI 2.0 Swagger) @kiblik (#9108)
• Disallow duplicate tool types @Maffooch (#9530)
• Improve API endpoints for Risk Acceptances @FelixHernandez (#9415)
• Be strict about Warnings during testing @kiblik (#9490)

🐛 Bug Fixes

• DRF Spectacular: Enable sidecar by default @Maffooch (#9645)
• Metrics: Status unification @Maffooch (#9654)
• Correct search queries containing colons @Maffooch (#9624)
• Update SLA Violation Filter query @Maffooch (#9614)
• CSV/Excel Report: Correct date/datetime comparison error @Maffooch (#9609)
• Deduplication: Do not reopen original finding @Maffooch (#9558)
• Correct Endpoint "Hosts" views when the host field is None @Maffooch (#9560)
• Jira: Append labels and respect priority on update @Maffooch (#9571)
• Questionnaires: Correct nested object deletions @Maffooch (#9574)
• Disallow duplicate tool types @Maffooch (#9530)
• Jira Server/DataCenter: Update meta methods @Maffooch (#9512)
• dojo/importers/importer/importer.py - Change "None" string to "Info" from cvss module when a CVSS vector string should evaluate to "Info" @ninp0 (#9453)

🖌 Updates in UI

• Metrics: Status unification @Maffooch (#9654)
• View Engagement to class based view and block in engagement template @FelixHernandez (#9613)
• Engagement validation for risk_acceptance API in POST PATCH and PUT @FelixHernandez (#9599)
• Making EPSS float formatting consistent in 'view Finding' @cneill (#9591)
• EPSS Data Displayed Everywhere @dogboat (#9621)
• 🎉 introducing EPSS score @quirinziessler (#9516)
• API: removal of drf_yasg (OpenAPI 2.0 Swagger) @kiblik (#9108)
• Remove flot-axis JS library @FelixHernandez (#9540)
• Fix "Overdue" tag still visible with closed issues @FelixHernandez (#9539)
• Engagement Surveys: Add missing leading slash @Maffooch (#9531)
• add metrics page: "Product Tag Count" (fixes #9151) @tomaszn (#9152)

🗣 Updates in localization

• add metrics page: "Product Tag Count" (fixes #9151) @tomaszn (#9152)

🧰 Maintenance

• Update dependency autoprefixer from 10.4.17 to v10.4.18 (docs/package.json) @renovate (#9664)
• Update dependency ruff from 0.2.2 to v0.3.0 (requirements-lint.txt) @renovate (#9652)
• Update azure/setup-helm action from v3 to v4 (.github/workflows/test-helm-chart.yml) @renovate (#9646)
• Update rabbitmq:3.13.0-alpine Docker digest from 3.13.0 to 3.13.0-alpine (docker-compose.yml) @renovate (#9644)
• Bump es5-ext from 0.10.62 to 0.10.64 in /components @dependabot (#9640)
• Update rabbitmq Docker tag from 3.12.13 to v3.13.0 (docker-compose.yml) @renovate (#9622)
• Bump cryptography from 42.0.2 to 42.0.4 @dependabot (#9607)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.16 to v1.34.0 (helm/defectdojo/values.yaml) @renovate (#9598)
• Update dependency ruff from 0.2.1 to v0.2.2 (requirements-lint.txt) @renovate (#9576)
• Bump nginx from 1.25.3-alpine to 1.25.4-alpine @dependabot (#9580)
• Update rabbitmq Docker tag from 3.12.12 to v3.12.13 (docker-compose.yml) @renovate (#9573)
• ⬆️ Bump openapitools/openapi-generator-cli from v7.2.0 to v7.3.0 @dependabot (#9526)
• Update Helm release postgresql-ha from 9.4.11 to v13 (helm/defectdojo/Chart.yaml) @renovate (#9553)
• Update Helm release postgresql-ha from 9.1.9 to ~9.4.0 (helm/defectdojo/Chart.yaml) @renovate (#9547)
• Update Helm release postgresql from 11.6.26 to ~11.9.0 (helm/defectdojo/Chart.yaml) @renovate (#9546)
• Update Helm release rabbitmq from 11.2.2 to ~11.16.0 (helm/defectdojo/Chart.yaml) @renovate (#9548)
• Update Helm release mysql from 9.1.8 to ~9.19.0 (helm/defectdojo/Chart.yaml) @renovate (#9545)
• Update postgres Docker tag from 16.1 to v16.2 (docker-compose.yml) @renovate (#9536)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9541)
• Update Helm release redis from 16.12.3 to ~16.13.0 (helm/defectdojo/Chart.yaml) @renovate (#9550)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9535)
• Update dependency postcss from 8.4.34 to v8.4.35 (docs/package.json) @renovate (#9502)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9501)
• Bump vulners from 2.1.2 to 2.1.5 @dependabot (#9391)
• Update dependency ruff from 0.1.15 to v0.2.1 (requirements-lint.txt) @renovate (#9459)
• ⬆️ Bump boto3 from 1.34.32 to 1.34.35 @dependabot (#9489)
• Update rabbitmq:3.12.12-alpine Docker di...

2.31.5 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.31.4

• Qualys: Correct CVE assignment @Maffooch (#9653)

🐛 Bug Fixes

• Metrics: Status unification @Maffooch (#9654)

🖌 Updates in UI

• Metrics: Status unification @Maffooch (#9654)

🧰 Maintenance

• Bump es5-ext from 0.10.62 to 0.10.64 in /components @dependabot (#9640)

2.31.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.31.3

• Revert psqlha version from v13 to v9 @Maffooch (#9630)

🐛 Bug Fixes

• Correct search queries containing colons @Maffooch (#9624)

2.31.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

🚩 Database migration

• Fix broken migration 0197 @kiblik (#9606)

🐛 Bug Fixes

• Update SLA Violation Filter query @Maffooch (#9614)
• CSV/Excel Report: Correct date/datetime comparison error @Maffooch (#9609)

🧰 Maintenance

• Bump cryptography from 42.0.2 to 42.0.4 @dependabot (#9607)

2.31.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.31.1

• Labeler: Add sync-labels @kiblik (#9565)
• Fix engagement/view if import fail @kiblik (#9544)
• Update google-sheets-sync.md with deprecation notice @paulOsinski (#9495)

🐛 Bug Fixes

• Deduplication: Do not reopen original finding @Maffooch (#9558)
• Correct Endpoint "Hosts" views when the host field is None @Maffooch (#9560)
• Jira: Append labels and respect priority on update @Maffooch (#9571)
• Questionnaires: Correct nested object deletions @Maffooch (#9574)

🖌 Updates in UI

• Fix "Overdue" tag still visible with closed issues @FelixHernandez (#9539)

2.31.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.31.0

• Fix SARIF parser with CodeQL rules @ansereb (#9440)
• Parse GitHub vulnerability version @coheigea (#9462)

🚩 Database migration

• finding sla expiration date field (part two) @blakeaowens (#9494)

🚀 General features and enhancements

• Jira Webhook: Catch comments from other issue updates @Maffooch (#9513)

🚀 API features and enhancements

• Disallow duplicate tool types @Maffooch (#9530)

🐛 Bug Fixes

• Disallow duplicate tool types @Maffooch (#9530)
• Jira Server/DataCenter: Update meta methods @Maffooch (#9512)

🖌 Updates in UI

• Engagement Surveys: Add missing leading slash @Maffooch (#9531)

2.31.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.30.0

• Update and rename whitesource.md to mend.md @paulOsinski (#9348)
• Add parser for Sonarqube JSON result. @biennd279 (#9366)
• ✨ add kubescape, #7060 @manuel-sommer (#9424)
• ✨ advance unittest for parser docs @manuel-sommer (#9372)
• 🐛 fix missing recommendation for cyclonedx @manuel-sommer (#9365)
• advance notifications.md with expanded slack guide @paulOsinski (#9420)
• add product grading documentation, fixes #6125 @manuel-sommer (#9376)
• 🐛 fix npm audit, issue #7897 @manuel-sommer (#9374)
• 🎉 advance sysdig to also parse json @manuel-sommer (#9377)
• ✨ add kubeaudit, #9384 @manuel-sommer (#9392)
• ✨ add redhatsatellite parser @manuel-sommer (#9401)
• remove duplicated risk accepted @FelixHernandez (#9419)
• Fixing "'WSGIRequest' object has no attribute 'user'" errors @cneill (#9373)
• Resolve new Ruff issues @Maffooch (#9364)
• ✨ advance parser docs to provide sample scan data @manuel-sommer (#9347)
• Enhancements to Govulncheck parser @a-ruff (#9339)
• Update to Node 20.x in all the places @Maffooch (#9349)
• Update ASFF parser to create endpoints @manuel-sommer (#9346)
• Restructure Release Drafter Flow @Maffooch (#9345)
• ✨ implement google cloud artifact scan @manuel-sommer (#9338)
• Trivy Parser: Expand Unit Tests @manuel-sommer (#9334)
• ✨ Implement Chef InSpec Parser @manuel-sommer (#9329)
• 🐛 Qualys Parser: Support for Monthly PCI Scan @manuel-sommer (#9328)
• 🐛 MicroFocus WebInspect: Add better error handling @manuel-sommer (#9327)
• Improve kiuwan import parser @flmarkus (#9316)
• 🐛 Semgrep: Accommodate description snippets @manuel-sommer (#9323)
• 🎉 merge OpenVAS XML and CSV parsers @manuel-sommer (#9322)
• Update jfrog_xray_api_summary_artifact.md @paulOsinski (#9326)
• advance snyk to support snykcode and snykcontainer #9270 @manuel-sommer (#9289)
• 🐛 fix kiuwan @manuel-sommer (#9309)
• Fix for vulns not included in host/endpoint views after reopening @WojTecH94 (#9246)
• 🐛 Nikto: Support v2.5.0 format @manuel-sommer (#9275)
• Parser guideline updates @paulOsinski (#9271)
• Release-drafter: Checkout to version @kiblik (#9231)
• ✨ Add option for additional labels on initializer @prempador (#9273)
• QualysParser: add cvss value to finding @MarianG (#9256)
• 🐛 None Type in cvss score in Trivy #9263 @manuel-sommer (#9268)
• 🐛 fix zap, issue #9242 @manuel-sommer (#9243)
• Update checkov.md with corrected typo @paulOsinski (#9247)

🚩 Changes to settings.dist.py / local_settings.py

• Changing name of WhiteSource to Mend @grendel513 (#9359)
• 🐛 HCL AppScan: Improve Robustness @manuel-sommer (#9282)
• Add "First Seen" Parser Flag @Maffooch (#9361)
• Fix shellcheck @kiblik (#9147)
• Unittests for REMOTE_USER @kiblik (#9021)
• Support "_FILE" environmental variables @kiblik (#9069)
• 🐛 fix deduplication for trivy, #9290 @manuel-sommer (#9292)
• Add bitbucket support to finding view SCM urls @drJabber (#9262)
• 🐛CycloneDX: Add default for description @manuel-sommer (#9280)
• Feature: Add Auditlog Retention and Cleanup @MarianG (#9208)

🚩 Database migration

• finding sla expiration date field (part one) @blakeaowens (#9473)
• 🐛 fix migration @manuel-sommer (#9467)
• Changing name of WhiteSource to Mend @grendel513 (#9359)
• fix deduplication tooltip @manuel-sommer (#9454)
• ✨ merge clair and clair klar together @manuel-sommer (#9355)
• Fix shellcheck @kiblik (#9147)
• Fix db migration 0195/0196 @kiblik (#9312)
• Add bitbucket support to finding view SCM urls @drJabber (#9262)
• 🐛CycloneDX: Add default for description @manuel-sommer (#9280)
• new notifications type: SLA breach combined (per product) @pna-nca (#8659)
• API: Add Announcements @kiblik (#9112)

🚀 API features and enhancements

• finding sla expiration date field (part one) @blakeaowens (#9473)
• Fix shellcheck @kiblik (#9147)
• Adds ruff linter, fixes unused variables errors @Maffooch (#9123)
• Add bitbucket support to finding view SCM urls @drJabber (#9262)
• 🐛CycloneDX: Add default for description @manuel-sommer (#9280)
• new notifications type: SLA breach combined (per product) @pna-nca (#8659)
• Add a "tag findings" parameter to the import-scan and reimport-scan API endpoints @FelixHernandez (#8707)
• API: Add Announcements @kiblik (#9112)

🐛 Bug Fixes

• Update static finding favicon @Maffooch (#9431)
• Add CVSS vector string to JIRA description @Maffooch (#9403)
• Open attached files as bytes @Maffooch (#9402)
• Endpoint Status: Accommodate Risk Exceptions @Maffooch (#9360)
• Veracode: Update license mapping @Maffooch (#9325)

🖌 Updates in UI

• Merge Bugfix Into Dev: 2.31.0 @Maffooch (#9482)
• finding sla expiration date field (part one) @blakeaowens (#9473)
• API: Remove v2 OpenAPI2 Docs from menu @kiblik (#9469)
• Update static finding favicon @Maffooch (#9431)
• Add CVSS vector string to JIRA description @Maffooch (#9403)
• 🐛 fix view engagement @manuel-sommer (#9410)
• Fix shellcheck @kiblik (#9147)
• Adds ruff linter, fixes unused variables errors @Maffooch (#9123)
• Update finding templates to use test_type rather then found_by @FelixHernandez (#9287)
• new notifications type: SLA breach combined (per product) @pna-nca (#8659)

🧰 Maintenance

• Bump drf-spectacular-sidecar from 2024.1.1 to 2024.2.1 @dependabot (#9456)
• Bump boto3 from 1.34.31 to 1.34.32 @dependabot (#9455)
• Update dependency postcss-cli from 10.1.0 to v11 (docs/package.json) @renovate (#9116)
• Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9446)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9447)
• Bump boto3 from 1.34.30 to 1.34.31 @dependabot (#9448)
• Bump cryptography from 42.0.1 to 42.0.2 @dependabot (#9449)
• Update redis:7.2.4-alpine Docker digest from 7.2.4 to 7.2.4-alpine (docker-compose.yml) @renovate (#9444)
• Bump netaddr from 0.8.0 to 0.10.1 @dependabot (#9264)
• Bump coverage from 7.4.0 to 7.4.1 @dependabot (#9439)
• Bump boto3 from 1.34.29 to 1.34.30 @dependabot (#9437)
• Bump ruff from 0.1.14 to 0.1.15 @dependabot (#9436)
• Bump vcrpy from 6.0.0 to 6.0.1 @dependabot (#9417)
• Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9421)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9422)
• Update redis:7.2.4-alpine Docker digest from 7.2.4 to 7.2.4-alpine (docker-compose.yml) @renovate (#9423)
• Bump nginx from a59278f to d12e6f7 @dependabot (#9426)
• Bump pytz from 2023.3.post1 to 2023.4 @dependabot (#9427)
• Bump social-auth-core from 4.5.1 to 4.5.2 @dependabot (#9429)
• Bump boto3 from 1.34.27 to 1.34.29 @dependabot (#9428)
• Update styfle/cancel-workflow-action action from 0.12.0 to v0.12.1 (.github/workflows/cancel-outdated-workflow-runs.yml) @renovate (#9411)
• Bump cryptography from 42.0.0 to 42.0.1 @dependabot (#9409)
• Bump cvss from 2.6 to 3.0 @dependabot (#9407)
• Bump boto3 from 1.34.26 to 1.34.27 @dependabot (#9408)
• Bump cryptography from 41.0.7 to 42.0.0 @dependabot (#9396)
• Bump vcrpy from 5.1.0 to 6.0.0 @dependabot (#9400)
• Bump boto3 from 1.34.25 to 1.34.26 @dependabot (#9399)
• Bump djangosaml2 from 1.9.0 to 1.9.1 @dependabot (#9397)
• Bump boto3 from 1.34.23 to 1.34.25 @dependabot (#9395)
• Update dependency ruff from 0.1.13 to v0.1.14 (requirements-lint.txt) @renovate (#9363)
• Bump boto3 from 1.34.22 to 1.34.23 @dependabot (#9383)
• Bump ruff from 0.1.7 to 0.1.13 @dependabot (#9367)
• Bump boto3 from 1.34.21 to 1.34.22 @dependabot (#9368)
• Bump drf-spectacular from 0.27.0 to 0.27.1 @dependabot (#9369)
• Bump boto3 from 1.34.20 to 1.34.21 @dependabot (#9357)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.33.15 to v1.33.16 (helm/defectdojo/values.yaml) @renovate (#9354)
• Update dependency autoprefixer from 10.4.16 to v10.4.17 (docs/package.json) @renovate (#9353)
• Update actions/cache action from v3 to v4 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#9352)
• Bump boto3 from 1.34.19 to 1.34.20 @dependabot (#9350)
• Bump python-gitlab from 4.3.0 to 4.4.0 @dependabot (#9330)
• Bump django-dbbackup from 4.0.2 to 4.1.0 @dependabot (#9331)
• Bump boto3 from 1.34.17 to 1.34.19 @dependabot (#9332)
• Bump boto3 from 1.34.16 to 1.34.17 @dependabot (#9324)
• Bump vulners from 2.1.1 to 2.1.2 @dependabot (#9317)
• Bump markdown from 3.5.1 to 3.5.2 @dependabot (#9318)
• Bump boto3 from 1.34.15 to 1.34.16 @dependabot (#9319)
• Update nginx/nginx-prometheus-exporter Docker tag from 1.0.0 to v1.1.0 (helm/defectdojo/values.yaml) @renovate (#9304)
• Bump gitpython from 3.1.40 to 3.1.41 @dependabot (#9310)
• Update redis Docker tag from 7.2.3 to v7.2.4 (docker-compose.yml) @renovate (#9305)
• Bump packageurl-python from 0.13.3 to 0.13.4 @dependabot (#9303)
• Bump boto3 from 1.34.14 to 1.34.15 @dependabot (#9302)
• Update rabbitmq:3.12.12-alpine Docker digest from 3.12.12 to 3.12.12-alpine (docker-compose.yml) @renovate (#9301)
• Bump lxml from 5.0.0 to 5.1.0 @dependabot (#9293)
• Update postgres:16.1-alpine Docker digest from 16.1 to 16.1-alpine (docker-compose.yml) @renovate (#9291)
• Bump boto3 from 1.34.13 to 1.34.14 @dependabot (#9294)
• Bump jira from 3.5.2 to 3.6.0 @dependabot (#9296)
• Bump packageurl-python from 0.13.2 to 0.13.3 @dependabot (#9295)
• Update rabbitmq Docker tag from 3.12.11 to v3.12.12 (docker-compose.yml) @renovate (#92...

2.30.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

🐛 Bug Fixes

• Open attached files as bytes @Maffooch (#9402)