v1.4.0

Summary

OpenKAT will be even more open:

OpenKAT has been open since summer 2022, with public releases after an internal release process. OpenKAT 1.4.0 is the last release that went through that process as we've moved to a fully open development process. We're one of the first government backed OSS projects to take this step and everyone is invited to join in.

The OpenKAT community is growing with contributions from within the healthcare sector, general non-profits and government suppliers. The uptake has been good and with each release the software becomes more mature and easier to use. We welcome everyone and look forward to working together on OpenKAT.

Features:

This release has several features, mostly aimed at stability and usability of the system. Several items are noteworthy:

• Mime-types have been introduced to decouple boefjes and whiskers, our scanners and normalizers. It opens up a world of possibilities for new modules for OpenKAT.

• Queuing in Mula, the scheduler, has been improved.

• Pre-commit workflow: the new workflow will help anyone who wishes to contribute to OpenKAT, bringing the developers on the team and everyone else on the same level

• Debian packages are now auto-generated for each module based on the latest release. We're working on a repository to make 'apt install openkat' a reality.

IMPORTANT

Add DATABASE_MIGRATION=true your .env to run all migrations on building.

Full Changelog

Coordination

What's Changed

• Fix table formatting by @dekkers in #72
• Add make down command by @helmo in #68
• Fix docker volume name in cleanup task by @helmo in #69
• Trigger compile on main branch by @Darwinkel in #95
• Add missing keiko in Makefile and docker-compose by @dekkers
• Release 1.3.0 by @dekkers
• Add workflow and dockerfile for a debian build image by @errieman
• add git to build images to allow installation of octopoes via git by @errieman
• add ssh client to debian build image by @errieman
• Add more build dependencies to Debian Dockerfile by @dekkers
• Add missing KATALOGUS_API for Octopoes by @dekkers
• Also update Ubuntu dependencies by @dekkers
• Initial pre-commit, Sphinx, and GitHub Pages pipeline by @Darwinkel

New Contributors

• @helmo made their first contribution in #68

Full Changelog: v1.3.0...v1.4.0

Rocky

What's Changed

• Download PDF Robot Flow by @reincode050
• Unify and update linter configs by @reincode050
• fix element not found by @Rieven
• Fix/styling checkboxes treeview by @Rieven
• add groups field to admin by @noamblitz
• support octopoes SCM versioning in docker dev setup by @errieman
• Improve User views in admin by @dekkers
• make rocky compatible with new scan profile model by @Lisser
• change name to id in normalizer task list by @noamblitz
• Create dependabot.yml by @sigio
• Update requirements.txt by @underdarknl
• Bump pylint from 2.13 to 2.15.5 by @dependabot
• build octopoes in main image by @errieman
• bump octopoes to 2.6.2 by @noamblitz
• accept jpg from katalogus by @noamblitz
• Bump django-formtools from 2.3 to 2.4 by @dependabot
• Bump sqlparse from 0.4.2 to 0.4.3 by @dependabot
• Bump uwsgi from 2.0.20 to 2.0.21 by @dependabot
• Required/mandatory settings for Boefjes by @Rieven
• perf(octopoes): improve pagination by @Lisser
• Fix for getting consumable oois at plugin detail by @Rieven
• Change date to time for checking OOI in future by @Rieven
• Translations before release by @Rieven
• Bump soupsieve from 2.2.1 to 2.3.2.post1 by @dependabot
• Bump phonenumbers from 8.12.30 to 8.12.57 by @dependabot
• Bump xhtml2pdf from 0.2.5 to 0.2.8 by @dependabot
• Fix toggle not working at ooi detail by @Rieven
• Bump toolz from 0.11.1 to 0.12.0 by @dependabot
• Bump psycopg2-binary from 2.8.6 to 2.9.5 by @dependabot
• Bump reportlab from 3.6.6 to 3.6.12 by @dependabot
• Bump colorama from 0.4.5 to 0.4.6 by @dependabot
• Bump requests from 2.26.0 to 2.28.1 by @dependabot
• Health link in footer by @Rieven
• Add total objects at all objects list by @Rieven
• Adds setting on organization member to assign and acknowledge OOI clearance levels on redteamers by @TwistMeister
• Bump urllib3 from 1.26.5 to 1.26.12 by @dependabot
• Bump python-dotenv from 0.19.0 to 0.21.0 by @dependabot
• Bump mypy from 0.971 to 0.991 by @dependabot
• Bump idna from 3.3 to 3.4 by @dependabot
• Bump qrcode from 6.1 to 7.3.1 by @dependabot
• Merge release back to develop by @dekkers
• Bump certifi from 2022.6.15 to 2022.9.24 by @dependabot
• Add scan levels to dev account in setup by @TwistMeister
• Improve onboarding "setup accounts" flow by @TwistMeister
• chore:upgraded to manon v1.1.0 by @HeleenSG
• Fixes task list download URL so it downloads zip with meta and RAW file by @TwistMeister
• Update stand alone checkboxes in forms in onboarding flow, to comply with new manon version by @TwistMeister
• Improve text "Got it, generate my report" to "start scanning" by @TwistMeister
• Bump vulture from 2.5 to 2.6 by @dependabot
• Bump djlint from 1.12.1 to 1.19.7 by @dependabot
• Revert "Bump djlint from 1.12.1 to 1.19.7" by @ammar92
• Bump pytz from 2021.1 to 2022.6 by @dependabot
• Set button states and heading styles by @TwistMeister
• Fix broken dashboard by @Rieven
• Move templates and locale directory inside rocky dir by @errieman
• Rocky deb package with venv by @errieman
• Changes to support new scheduler setup by @jpbruinsslot
• Feature/support download multiple raw files by @Donnype
• fix: Updated to manon v1.1.1 which includes the footer fix by @HeleenSG
• Fix normalizers task list by @noamblitz
• Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot
• Fix: re-use uuid by @noamblitz
• bump octopoes to 2.8.0 by @noamblitz
• Upgraded manon version by @HeleenSG
• Fixed: qr-code alignment and form message alignment by @HeleenSG
• Upgraded to manon v1.1.3 by @HeleenSG
• Fix setuptools version scheme by @dekkers in minvws/nl-kat-rocky#90
• Fix use of git tag in Debian package workflow by @dekkers in minvws/nl-kat-rocky#92

New Contributors

• @jpbruinsslot made their first contribution

Full Changelog: minvws/nl-kat-rocky@v1.3.0...v1.4.0

Boefjes

What's Changed

• fix env file by @underdarknl in minvws/nl-kat-boefjes#16
• LeakIX handle HTTP 204 response by @zcrt in minvws/nl-kat-boefjes#19
• Censys by @ammar92 in minvws/nl-kat-boefjes#20
• [log4shell] [#14] make REPLY_FQDN variable by @zcrt in minvws/nl-kat-boefjes#25
• [bug] [shodan] log no info instead of failing boefje by @zcrt in minvws/nl-kat-boefjes#22
• RE: [log4shell] [#14] [#25] make REPLY_FQDN variable by @zcrt in minvws/nl-kat-boefjes#28
• fixes, including formatting by @Lisser in minvws/nl-kat-boefjes#31
• Implement pre-commit hooks and some improvements by @ammar92
• Bump docker from 5.0.2 to 6.0.1 by @dependabot
• Bump jsonschema from 4.16.0 to 4.17.0 by @dependabot
• Bump sqlalchemy from 1.4.42 to 1.4.43 by @dependabot
• Bump click from 8.0.3 to 8.1.3 by @dependabot
• Bump fastapi from 0.85.1 to 0.86.0 by @dependabot
• Fix fierce error handling by @Lisser
• Bump dnspython from 2.1.0 to 2.2.1 by @dependabot
• Bump sqlalchemy from 1.4.43 to 1.4.44 by @dependabot
• Bump fastapi from 0.86.0 to 0.87.0 by @dependabot
• Add covers for: webpage analysis, greenhosting, leakIX and many new ports open by @TwistMeister
• Fix requirements by @dekkers
• Merge release back to develop by @dekkers
• Updates pre-commit pipeline by @ammar92
• Debian package with venv by @errieman
• Changes to support new scheduler setup by @jpbruinsslot
• Fix alembic invocation by @dekkers
• Feature/multiple raw returns by @Donnype
• Feature/multiple raw returns by @noamblitz
• Refactor: prepare-for-containerization support by @Donnype
• Fix setuptools version scheme by @dekkers in minvws/nl-kat-boefjes#42
• Debian package fixes by @dekkers in minvws/nl-kat-boefjes#45

New Contributors

• @TwistMeister made their first contribution
• @jpbruinsslot made their first contribution
• @underdarknl made their first contribution in minvws/nl-kat-boefjes#16
• @zcrt made their first contribution in minvws/nl-kat-boefjes#19
• @ammar92 made their first contribution in minvws/nl-kat-boefjes#20
• @Lisser made their first contribution in minvws/nl-kat-boefjes#31

Full Changelog: minvws/nl-kat-boefjes@v1.3.0...v1.4.0

Octopoes

What's Changed

• Add pytest, show test coverage and add more tests by @dekkers
• Replace the CI pipeline with pre-commit by @Darwinkel
• Feature/robot improvements by @Lisser
• chore(robot): explicit host mapping in docker compose by @Lisser
• Bump setuptools from 65.5.0 to 65.5.1 by @dependabot
• Bump fastapi from 0.85.1 to 0.86.0 by @dependabot
• chore(dependencies): fix dependencies by @Lisser
• Feature/pre commit compliance by @Lisser
• refactor(*): comply to vulture by @Lisser
• Fix pushing the scan profile increments events to the scheduler by @Lisser
• Updates pre-commit pipeline by @ammar92
• Merge release back to develop by @dekkers
• Add mypy pre-commit stubs by @Darwinkel
• Run unit tests with supported Python versions by @Darwinkel
• feat(scan_profiles): send all mutation events to scheduler by @Lisser
• feat(api): implement object filtering based on scan level by @Lisser
• fix(types): implement some missing types by @Lisser
• chore(deps): update by @Lisser
• Initial Sphinx/autodoc support by @Darwinkel
• Potential fix for Pages deploy by @Darwinkel
• Fix trailing spaces in diagrams by @Darwinkel
• v2 architectural design document by @Lisser
• v2 -> v3 by @Lisser
• Ship venv with debian package by @errieman
• Remove redundant artifact upload by @Darwinkel
• default 0 for filtering by scan level by @Lisser
• Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot
• Fix setuptools version scheme by @dekkers in minvws/nl-kat-octopoes#26
• Fix use of git tag in Debian package workflow by @dekkers in minvws/nl-kat-octopoes#27

New Contributors

• @Darwinkel made their first contribution
• @dependabot made their first contribution

Full Changelog: minvws/nl-kat-octopoes@v1.3.0...v1.4.0

Mula

What's changed

• Automated update to workflows: use checkout@v3 by @sigio
• Create dependabot.yml by @sigio
• Bump alembic from 1.7.6 to 1.8.1 by @dependabot
• Bump psutil from 5.9.1 to 5.9.4 by @dependabot
• Bump psycopg2-binary from 2.9.3 to 2.9.5 by @dependabot
• Bump celery from 5.2.3 to 5.2.7 by @dependabot
• Bump fastapi from 0.73.0 to 0.86.0 by @dependabot
• Fix database dsn name in env.py (PR from open) by @dekkers
• Fix/task not found bytes, octopoes scan profile object_type by @jpbruinsslot
• Debian package for mula by @errieman
• PriorityQueue filtering by @jpbruinsslot
• Investigate stuck dispatched status by @jpbruinsslot
• Feature/dispatch normalizers with raw data field by @Donnype
• Fix setuptools version scheme by @dekkers in minvws/nl-kat-mula#18
• Fix use of git tag in Debian package workflow by @dekkers in minvws/nl-kat-mula#19
• Let scheduler use env var DATABASE_MIGRATION for migrations by @jpbruinsslot in minvws/nl-kat-mula#21
• Also check in 0002 migration if table already exists by @dekkers in minvws/nl-kat-mula#23

Full Changelog: minvws/nl-kat-mula@v1.3.0...v1.4.0

Bytes

What's Changed

• Bump fastapi from 0.78.0 to 0.86.0 by @dependabot
• Bump attrs from 21.4.0 to 22.1.0 by @dependabot
• Bump pika from 1.2.1 to 1.3.1 by @dependabot
• Bump mccabe from 0.6.1 to 0.7.0 by @dependabot
• Bump psycopg2-binary from 2.9.3 to 2.9.5 by @dependabot
• Bump toolz from 0.11.2 to 0.12.0 by @dependabot
• Bump requests from 2.27.1 to 2.28.1 by @dependabot
• Bump alembic from 1.7.7 to 1.8.1 by @dependabot
• Bump certifi from 2022.5.18.1 to 2022.9.24 by @dependabot
• Bump bcrypt from 3.2.2 to 4.0.1 by @dependabot
• Release 0.15.0 by @dekkers
• Feature/pre commit by @Darwinkel
• Bump mako from 1.2.2 to 1.2.4 by @dependabot
• Bump pylint from 2.15.5 to 2.15.6 by @dependabot
• Bump python-dotenv from 0.20.0 to 0.21.0 by @dependabot
• Bump idna from 3.3 to 3.4 by @dependabot
• Bump sqlalchemy from 1.4.36 to 1.4.44 by @dependabot
• Bump sniffio from 1.2.0 to 1.3.0 by @dependabot
• Bump importlib-metadata from 4.11.4 to 5.1.0 by @dependabot
• Bump greenlet from 2.0.0a2 to 2.0.1 by @dependabot
• Fix mypy and pylint configs by @Darwinkel
• Ship venv with debian package by @errieman
• Bump cryptography from 37.0.2 to 38.0.4 by @dependabot
• Fix alembic invocation by @dekkers
• Make raw_file_id mandatory when saving normalizers by @Donnype
• Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot
• Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot
• Back to optional raw_file id by @Donnype
• Fix setuptools version scheme by @dekkers in minvws/nl-kat-bytes#21
• Debian package fixes by @dekkers in minvws/nl-kat-bytes#22

New Contributors

• @Darwinkel made their first contribution

Full Changelog: minvws/nl-kat-bytes@v1.3.0...v1.4.0

Keiko

What's Changed

• chore(dependencies): update and export requirements by @Lisser
• build(deps): bump fastapi from 0.85.2 to 0.86.0 by @dependabot
• Release 0.1.0 by @dekkers
• Feature/pre commit compliance by @Lisser
• Update pre-commit configs (squashed) by @Darwinkel
• Add mypy pre-commit stubs by @Darwinkel
• Files and scripts for creating debian package by @errieman
• Fix use of git tag in Debian package workflow by @dekkers in minvws/nl-kat-keiko#14

New Contributors

• @dependabot made their first contribution
• @dekkers made their first contribution
• @errieman made their first contribution

Full Changelog: minvws/nl-kat-keiko@v1.3.0...v1.4.0