v1.19.0rc1
Pre-release
Pre-release
·
288 commits
to main
since this release
v1.19.0rc1
dekkers
Jeroen Dekkers
This tag was signed with the committer’s verified signature.
dekkers
Jeroen Dekkers
https://docs.openkat.nl/about-openkat/release-notes/1.19.html
What's Changed
- fix logout and styling by @Rieven in #4080
- Translations update from Hosted Weblate by @weblate in #4085
- Lock down codeowner edit rights to operations by @nicktencate in #4086
- Update build-rdo-package.yml by @sigio in #4081
- optimize various bits around scan profiles by @underdarknl in #4050
- Hotfix for empty report in history table by @madelondohmen in #4087
- remove inline styling / svg graph as not compatible with out CSP by @underdarknl in #4075
- Combined schedulers by @jpbruinsslot in #3839
- add 1.18 release notes by @underdarknl in #4083
- Remove unused queue_uri from boefje settings by @dekkers in #4068
- 1.18 release notes improvements by @dekkers in #4109
- Remove the empty keiko package and container by @dekkers in #4110
- Updated testcase for
Scheduleshould result inschedule_idofTaskto be set toNoneby @jpbruinsslot in #4104 - fix task list for boefjes, normalizer and ooi detail by @Rieven in #4115
- Updated packages by @ammar92 in #4114
- Updated
cryptographyby @ammar92 in #4121 - Update client.py, relfect earlier changes in katalogus api by @underdarknl in #4107
- Pin Ubuntu runners to version
24.04by @ammar92 in #4120 - Remove deprecated queryparams by @jpbruinsslot in #4117
- Fix 'created by' in report and add 'created from recipe' by @madelondohmen in #4094
- Update disallowed_csp_hostnames.py, also trigger on higher level denied domains by @underdarknl in #3980
- Fix ssl certificates boefje scan level by @dekkers in #4127
- Add Nikto boefje that scans for outdated software by @Souf149 in #3409
- Delete Report Schedules by @Rieven in #4089
- Add missing locks in scheduler by @jpbruinsslot in #4130
- Remove block-all-mixed-content by @underdarknl in #4073
- Fix/side scrolling paginators by @underdarknl in #4076
- Create qa-test-plan.rst by @stephanie0x00 in #4113
- Fix ooi detail scan warnings by @Rieven in #4112
- Multi report fixes by @madelondohmen in #4125
- Bump settings-doc from 4.3.1 to 4.3.2 by @dependabot in #4006
- Update mixins.py, make sure findingsTypes are present in tree for OOI detail page by @underdarknl in #4139
- Ci python 3.12 3.13 by @dekkers in #3951
- Call python3 instead of python in Makefile by @dekkers in #4148
- Trim blocktranslates by @madelondohmen in #4154
- Add CodeQL Scan by @BramVWS in #4078
- Translations update from Hosted Weblate by @weblate in #4151
- Remove robotframework-tidy from rocky dev dependencies by @dekkers in #4155
- Fix spf with identifier by @noamblitz in #4145
- Remove caches for the KATalogus in the scheduler by @jpbruinsslot in #4108
- Add logging configuration for celery.worker in case of a crash by @Donnype in #4153
- Add permissions for RDO Build workflow Closes #4156 by @BramVWS in #4157
- fix template tag for unknown user by @Rieven in #4150
- Report notification for empty live set by @madelondohmen in #4152
- Moved the RabbitMQ installation and configuration section by @ammar92 in #4161
- Updated Django and Jinja2 by @ammar92 in #4162
- Translations update from Hosted Weblate by @weblate in #4163
- Add a cli command to evict reports due to a bug when upgrading from v1.17.0 to 1.18.0 by @Donnype in #4169
- Implement/refactor fastapi 'extra models' in scheduler api by @jpbruinsslot in #4165
- Add indices for task table by @jpbruinsslot in #4179
- Better findings table by @noamblitz in #4172
- Fixes dl behaviour within the findings table by @HeleenSG in #4181
- Update docker-compose.release-example.yml by @underdarknl in #4183
- Fix redirect after editing boefje variant by @madelondohmen in #4170
- Remove count from queue popping by @jpbruinsslot in #4177
- Update text "Enable plugins" button in report flow by @stephanie0x00 in #4186
- Fix documentation URL in Makefile by @stephanie0x00 in #4207
- make sure we can link to the plugins section from the report sidemenu by @underdarknl in #4185
- Use TaskPush model for scheduling tasks in rocky by @jpbruinsslot in #4192
- Add relationship filtering in the scheduler by @jpbruinsslot in #4136
- Correctly check if list empty by @jpbruinsslot in #4206
- Updated some packages by @ammar92 in #4209
- Fix: commit read-only transactions as well and do not loop into 10k requests by @Donnype in #4194
- Some refactoring and set the poll interval back by @Donnype in #4213
- Add docstrings to Octopoes models by @stephanie0x00 in #4038
- Fix possible html reinterpretation issues in javascript files by @underdarknl in #4221
- Disable
richtracebacks by @ammar92 in #4218 - Allow filter on multiple organizations in bytes API by @Donnype in #4215
- Updated some packages by @ammar92 in #4245
- Updated structlog by @ammar92 in #4251
- Add missing report_type field in report recipe serializer by @dekkers in #4258
- Add Octopoes bulk reports API by @Donnype in #4219
- Do not compress modal JS by @dekkers in #4262
- Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 by @dependabot in #4256
- Bump docker/login-action from 3.3.0 to 3.4.0 by @dependabot in #4255
- Bump docker/build-push-action from 6.13.0 to 6.15.0 by @dependabot in #4254
- Bump docker/metadata-action from 5.6.1 to 5.7.0 by @dependabot in #4253
- Bump github/codeql-action from 3.28.10 to 3.28.13 by @dependabot in #4252
- Dont allow open redirect in plugin_enable_disable.py by @underdarknl in #4250
- Add oci attributes to scheduler by @jpbruinsslot in #4257
- Remove compress from javascript in report_history_table.html by @dekkers in #4266
- Translations update from Hosted Weblate by @weblate in #4261
- Allow tls reports on hostname and ipaddresses by @noamblitz in #4188
- Change default password policy to be compliant with ASVS 2.1.9 by @BramVWS in #4189
- Docs - Add links to website and github by @stephanie0x00 in #4287
- Fix mixed languages in text by @madelondohmen in #4284
- Action for automatic uploading of Debian packages as release assets by @Donnype in #4288
- Fix required form fields by @madelondohmen in #4283
- Limit db and external service calls in scheduler by @jpbruinsslot in #4217
- Translation fix on plugin page by @madelondohmen in #4285
- Include integration tests coverage by @ammar92 in #4180
- Improve layout of docs.openkat.nl by @stephanie0x00 in #4300
- fix location PR templates by @stephanie0x00 in #4305
- Fix a regression introduced in #4169 blocking the ability of of
octopoes/tools/xtdb-cli.pyto be called by @originalsouth in #4299 - Updated dependencies by @ammar92 in #4298
- Python 3.10 compatibility for datetime parsing in report flow by @underdarknl in #4302
- Add changes from #4312 by @Donnype in #4319
- Update kat_finding_types.json, add more in dept details by @underdarknl in #4316
- Findings dashboard for all organizations by @madelondohmen in #4007
- Change OOI types for findings report by @stephanie0x00 in #4184
- Ignore incorrect type assumption from mypy by @jpbruinsslot in #4337
- Update QA testplan to add multiple organizations by @stephanie0x00 in #4338
- Updated
django_compressorby @ammar92 in #4342 - Fixes toc layout on the docs by @stephanie0x00 in #4341
- Fix broken normaliser list view link in plugins.html by @underdarknl in #4331
- Shows the current plugin state to users who cannot enable/disable plugins themselves. by @underdarknl in #4326
- Fix weblate by merging all pending translations by @dekkers in #4348
- Translations update from Hosted Weblate by @weblate in #4353
- remove unneeded task statistics for generic task showing pages by @underdarknl in #4344
- Fix scheduled reports view showing reports for all organizations by @dekkers in #4351
- Styling changes to meet the design by @underdarknl in #4263
- Translations update from Hosted Weblate by @weblate in #4363
- Fix/catch information source errors when filling/updating the rocky knowledge base by @underdarknl in #4347
- Update URL to docs in makefile by @stephanie0x00 in #4346
- Updated some packages by @ammar92 in #4364
- Bump django from 5.0.13 to 5.0.14 in /rocky by @dependabot in #4281
- Translations update from Hosted Weblate by @weblate in #4374
- fix permissions on report_overview.py by @underdarknl in #4264
- Add quick start to docs.openkat.nl by @stephanie0x00 in #4349
- add observed_at to links on finding_list.html by @underdarknl in #4367
- Update packages by @ammar92 in #4399
- Remove unused scan profile increment queues by @dekkers in #4383
- Add organisation queryparam for schedules endpoint by @jpbruinsslot in #4396
- Upgrade jaeger and prometheus, and enable spm by @jpbruinsslot in #4282
- Add all organization report task page by @dekkers in #4394
- Make the list of boefjes unqiue when querying the KATalogus for info on them by @underdarknl in #4391
- Feat/cleaner set scan profile form by @underdarknl in #4345
- Hotfix for NoReverseMatch in Crisis Room by @madelondohmen in #4405
- (temp) fix time parsing in report_overview.py by @underdarknl in #4402
- Fixed link in tree view by @ammar92 in #4404
- Use Python 3.13 as default Python version in container images and CI by @dekkers in #4406
- Update plugin tiles when user has no permission to enable/disable by @madelondohmen in #4412
- Remove leftover debug logging by @dekkers in #4418
- Add grafana pyroscope continuous profiling by @jpbruinsslot in #4297
- Updated packages by @ammar92 in #4433
- Update GitHub actions by @ammar92 in #4434
- Update 1.18.rst, add links to issues / bugs by @underdarknl in #4419
- Fix weblate by @dekkers in #4437
- Translations update from Hosted Weblate by @weblate in #4438
- Call gc.collect() after execution of task by @dekkers in #4432
- Fix broken image link in README.rst by @Potherca in #4444
- Translations update from Hosted Weblate by @weblate in #4439
- Fixes for disable/enable schedule modal by @madelondohmen in #4400
- Fix boefje detail page for client member by @madelondohmen in #4409
- Open asset report from within report by @madelondohmen in #4435
- Docs - add description of origin types by @stephanie0x00 in #4289
- Updated packages by @ammar92 in #4453
- Translations update from Hosted Weblate by @weblate in #4458
- Updated Django and other packages by @ammar92 in #4441
- Add configs endpoint with (optional) duplicate configs across organisations by @Donnype in #4436
- Fix exceptions and permission checks in katalogus client by @dekkers in #4457
- Updated packages by @ammar92 in #4472
- Bump base-x from 3.0.9 to 3.0.11 in /rocky by @dependabot in #4407
- Package updates in
cveapiby @ammar92 in #4473 - Add exponential backoff for external service requests in scheduler by @jpbruinsslot in #4408
- Add API for checking OOI existence in multiple organizations by @Donnype in #4459
- Bump setuptools from 72.1.0 to 78.1.1 in /boefjes by @dependabot in #4474
- Fix delete recipe modal by @madelondohmen in #4350
- use the active filter dict as an input for the count. by @underdarknl in #4423
- Fix clone settings organisation dropdown by @dekkers in #4461
- Log duration of boefje, normalizer and report tasks by @dekkers in #4465
- Fix findings history in findings report by @dekkers in #4466
- Update add_ooi_information.py by @underdarknl in #4476
- Bump setuptools from 75.9.1 to 78.1.1 in /octopoes by @dependabot in #4475
- Fix/add url to findings report by @Rieven in #4456
- Add dashboard items from object page by @madelondohmen in #4426
New Contributors
- @nicktencate made their first contribution in #4086
- @BramVWS made their first contribution in #4078
- @Potherca made their first contribution in #4444
Full Changelog: v1.18.2...v1.19.0rc1
Contributors
Potherca, dekkers, and 15 other contributors