v1.15.0
·
398 commits
to main
since this release
https://docs.openkat.nl/release_notes/1.15.html
What's Changed
- Upgrade GitHub actions by @ammar92 in #2235
- Add note about Debian packages to 1.14 release notes by @dekkers in #2234
- Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
- Updated deploy-pages action by @ammar92 in #2251
- Fix environment page in docs by @ammar92 in #2257
- Fix export buttons report by @Rieven in #2259
- Translations update from Hosted Weblate by @weblate in #2261
- Fixed invalid type usage in
get_rabbit_channelandclose_rabbit_channelby @ammar92 in #2280 - Translations update from Hosted Weblate by @weblate in #2279
- List item behaviour by @HeleenSG in #2281
- fix zero division by @noamblitz in #2298
- Updated template file to respect environment prefixes in docs by @ammar92 in #2317
- Remove preselection from multireport flow by @noamblitz in #2318
- Fix/upgrade jinja2 by @ammar92 in #2326
- Fix multiple Debian issues by @dekkers in #2283
- Add max fds ulimit to octopoes api worker by @originalsouth in #2327
- add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
- Remove smartphone from bug report template by @dekkers in #2334
- More ulimits for buggy celery by @originalsouth in #2338
- Remove icons from compliance issue table by @madelondohmen in #2340
- Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
- Chore/update pr template with comments by @Donnype in #2305
- Translations update from Hosted Weblate by @weblate in #2311
- Remove IPs with zero vulnerabilities by @madelondohmen in #2319
- Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
- Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
- Add hrefs to Basic Security overview by @madelondohmen in #2330
- Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
- Check for sudo in install and update script by @dekkers in #2360
- Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
- Add token authentication by @dekkers in #2349
- Update dependencies by @ammar92 in #2348
- Error handling for Generate Report by @madelondohmen in #2274
- Remove debian11 packages by @dekkers in #2358
- Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
- Prevent double github actions by @dekkers in #2374
- Remove uWSGI by @dekkers in #2366
- Convert
docker-composetodocker composeby @originalsouth in #2341 - Rename invalid rpki finding to expired by @noamblitz in #2377
- Show created at and data from in reports by @noamblitz in #2370
- Update RabbitMQ to the latest version by @dekkers in #2392
- Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
- Update dependencies by @ammar92 in #2396
- Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
- Feat/more csp checks by @underdarknl in #2025
- Remove everything related to old crux by @dekkers in #2403
- Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
- Bump actions/cache from 3 to 4 by @dependabot in #2417
- Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
- Fix usage of
SPAN_EXPORT_GRPC_ENDPOINTvariable by @ammar92 in #2420 - Fix mail report json by @noamblitz in #2426
- Fix open ports report by @noamblitz in #2430
- minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
- use oois instead of references by @noamblitz in #2433
- Update
fastapiby @ammar92 in #2444 - fix wordpress check by @noamblitz in #2445
- Allow creation of declared scan profiles through normalizers by @Donnype in #2428
- Update DNS report by @madelondohmen in #2413
- upgrade forcediphttpsadapter by @noamblitz in #2453
- Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
- Hotfix for default arg by @Donnype in #2458
- Feature/report benchmarks by @Donnype in #2447
- Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
- Add mypy and application bootstrap test to boefjes by @Donnype in #2460
- Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
- Add timeouts to CVE API downloader by @dekkers in #2455
- Select all OOIS for Aggregate Reports by @Rieven in #2222
- Update Starlette, FastAPI and Django by @dekkers in #2480
- Do not log an error on token refresh in bytes client by @dekkers in #2469
- Enable ruff bandit checks by @dekkers in #2465
- Fix kat_dns settings by @originalsouth in #2459
- Ignore certificate errors in security txt boefje by @dekkers in #2487
- Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
- minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
- Remove support for Python 3.8 and 3.9 by @dekkers in #2470
- Update scheduler architecture documentation by @jpbruinsslot in #2387
- Revert fastapi and starlette downgrade by @dekkers in #2489
- Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
- Make rtest fail less than 1 in 20 by @originalsouth in #2441
- Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
- Health page accessable during onboarding by @Rieven in #2499
- Fix/systems report domain count by @noamblitz in #2490
- Skip or hide section on Plugin Page by @madelondohmen in #2461
- remove duplicate oois from report by @noamblitz in #2504
- Rename list method to prevent conflict with builtin by @dekkers in #2498
- Fix bug get_selection that is now an imported method by @Rieven in #2509
- Align primary button to the left by @Rieven in #2500
- Update typing to Python 3.10 style by @dekkers in #2491
- Open ports report unit tests by @noamblitz in #2514
- Update and remove dependencies by @ammar92 in #2517
- Add pyupgrade and django-upgrade to pre-commit by @dekkers in #2523
- Ipv6 report unit tests by @noamblitz in #2512
- Add documentation about yielding declared scan profiles in normalizers by @Donnype in #2501
- Fix/case insensitive hsts by @noamblitz in #2505
- Checks for future dates (observed_at) by @Rieven in #2023
- Mail Report unit tests by @madelondohmen in #2513
- Fix typing in rocky and few other places by @dekkers in #2519
- Fix/1963 nxdomain keeps findings in kat by @originalsouth in #2310
- Add VLSM settings for Nmap IP-range by @zcrt in #1378
- Safe Connections Report unit tests by @madelondohmen in #2515
- Bump settings-doc from 3.0.0 to 4.0.0 by @dependabot in #2529
- unit tests rpki report by @noamblitz in #2511
- Translations update from Hosted Weblate by @weblate in #2546
- Remove FMEA by @ammar92 in #2539
- Update packages by @ammar92 in #2552
- Fix missing fmea init.py by @dekkers in #2553
- Unit tests to Name Server Report by @madelondohmen in #2542
- Make valid time required parameter in the octopoes API by @dekkers in #2543
- Remove unnecessary toplevel dependencies by @dekkers in #2554
- Select all oois triggers toggle all by @Rieven in #2536
- Disable ruff split-on-trailing-comma and update ruff by @dekkers in #2544
- Sort vulnerabilities in vulnerability report by @noamblitz in #2378
- Add return typing to report test fixtures by @noamblitz in #2557
- Fix/2527 octopoes unicode by @originalsouth in #2558
- Quick fix for PDF table overflow by @madelondohmen in #2562
- Add pool size config and logs by @zcrt in #2541
- add unit test for web report by @noamblitz in #2528
- Updated findings database. Removed old findings, added Impact, Source… by @stephanie0x00 in #2569
- Feature/efficient reporting by @Donnype in #2516
- Set a timeout on hanging test ssl container by @noamblitz in #2560
- Raise exception if boefje input OOI has been deleted by @dekkers in #2573
- Create findings report by @madelondohmen in #2393
- Fix octopoes typing by @dekkers in #2555
- Update django by @dekkers in #2587
- Hotfix for where_in queries for abstract types by @Donnype in #2577
- Add metrics collection for scheduler using prometheus by @jpbruinsslot in #2468
- Fix wrong solving of merge conflict by @dekkers in #2585
- Feature/efficient reporting for all reports by @Donnype in #2586
- Filter out undeserializable objects from xtdb query in
construct_neighbour_query_multiby @originalsouth in #2592 - TLS Report unit tests by @madelondohmen in #2593
- Translations update from Hosted Weblate by @weblate in #2594
- Fix missing finding_type table by @madelondohmen in #2596
- add extra checks for findings to dns report by @underdarknl in #2506
- fix deprecated warning due to old env in .env-defaults by @underdarknl in #2597
- Translations update from Hosted Weblate by @weblate in #2614
- Fix bug in Generate Report by @madelondohmen in #2616
- Fix HTML in DNS report by @madelondohmen in #2617
- DNS Report unit tests by @madelondohmen in #2602
- Fix architecture check for Wappalyzer boefje by @noamblitz in #2620
- Filter invalid mimetypes in boefjes output. by @underdarknl in #2563
- split output into two raw files, and fix no-output mimetype in main.py by @underdarknl in #2604
- fix output mimetypes for no-action runs by @underdarknl in #2606
- Add 1.15 release notes by @dekkers in #2605
- Bump weasyprint from 61.0 to 61.2 in /rocky by @dependabot in #2625
- Fix setting clearence level on plugin detail page by @noamblitz in #2623
- Fix critical vulnerability counter (1.15) by @dekkers in #2752
- Fix pdf alignment (1.15) by @dekkers in #2751
- Remove superfluous curly bracket open from graph view template (1.15) by @dekkers in #2750
- fix: openssl boefje stuck on port 80 (1.15) by @dekkers in #2749
- Remove unnecessary loop in
FilterRequestin scheduler (1.15) by @dekkers in #2748 - Fix missing apt update in keiko github action (1.15) by @dekkers in #2747
- Dont report vulnerabilites without version info of the software for snyk (1.15) by @dekkers in #2754
- Fix #1739 (1.15) by @dekkers in #2753
- Fix static files for container images/Debian packages when DEBUG is on (1.15) by @dekkers in #2788
- Pillow (1.15) by @dekkers in #2789
- Replace Wappalyzer (1.15) by @dekkers in #2801
- Use public cryptography API in SSL certificate normalizer (1.15) by @dekkers in #2800
- Updated
idnapackage (1.15) by @ammar92 in #2846 - fix schema errors on empty / missing schemas (1.15) by @dekkers in #2852
- Fix missing cipher csv in Debian package (1.15) by @dekkers in #2851
Full Changelog: v1.14.0...v1.15.0
Contributors
dekkers, jpbruinsslot, and 12 other contributors