2.53.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.52.0

• Remove left over log statement @valentijnscholten (#13784)
• fix: enable uwsgi DD_UWSGI_EXTRA_ARGS passthrough @Bump-Action (#13756)
• fix(helm): Avoid forbidden chars in annotation @kiblik (#13772)
• 🎉 Add 'fix_available' field to zora parser @manuel-sommer (#13760)
• Unit Testing: Do no run in debug mode in order to reduce logging @Maffooch (#13241)
• docs: Update number of concurrent connections for uWSGI @NoaFayn (#13752)
• Add path filter for docs in gh-pages workflow @Maffooch (#13755)
• Change log level from info to debug for Watson indexing @Maffooch (#13748)
• system settings caching optimization + test cases @valentijnscholten (#13739)
• Add boto3 dependency to dependabot configuration @Maffooch (#13733)
• 🐛 fix severity order of trivy @manuel-sommer (#13736)
• 🎉 implement zora vulnerabilty parser @manuel-sommer (#13744)
• 💄 restructure github vulnerability reports @manuel-sommer (#13745)
• [docs] update Jira documentation for Jira Spaces @paulOsinski (#13749)
• [docs] Add Apollo script @paulOsinski (#13734)
• Feat: Add HPA & PDB Helm Chart Support #13391 @carlosmt86 (#13512)
• fix(helm): Missing annotation for "master-into-..." @kiblik (#13722)
• feat(renovate): Do not split updates for renovate @kiblik (#13723)
• Qualys parser add CVEs to Vulnerability Ids for xml files @Jino-T (#13710)
• feat(helm): Relocate docs/schema hints @kiblik (#13698)
• [docs] typo fixes @paulOsinski (#13709)
• ⬆️ Bump ruff from 0.14.4 to 0.14.5 @manuel-sommer (#13708)
• 🐛 fix finding closed with a provided mitigated date #13699 @manuel-sommer (#13700)
• fix(helm): merge extraAnnotations with init job annotations @qlimenoque (#13677)
• docs: Update the API pull documentation @sNiXx (#13689)
• 🎉 Add pwn sast fix_available field @manuel-sommer (#13702)
• log a line when custom hash method is used @valentijnscholten (#13679)
• 🐛 fix DD_EDITABLE_MITIGATED_DATA close finding internal server error #13699 @manuel-sommer (#13701)
• reimport: support pro compute hash code method @valentijnscholten (#13680)
• fix(helm/renovate/dependabot): Commit changes & fix condition format @kiblik (#13695)
• feat(renovate): Wait 2 days to use latest k8s @kiblik (#13694)
• 🎉 Add Kubeaudit fix_available field @manuel-sommer (#13684)
• 🎉 implement new threatmapper file format #13639 @manuel-sommer (#13655)
• 🐛 fix debug mode in logging #13659 @manuel-sommer (#13662)
• 🐛 fix nancy severity calculation #13656 @manuel-sommer (#13657)
• 🎉 add Dawnscanner fix_available field. @manuel-sommer (#13660)
• 🎉 Advance ibm app parser with fix_available @manuel-sommer (#13663)
• 💄 beautify drheader jsonfiles @manuel-sommer (#13672)
• feat(renovate): track oldest maintained k8s @kiblik (#13670)
• 🐛 harden jfrog xray unified file parsing #13628 @manuel-sommer (#13632)
• Improve tag handling in importers and add tests for tag imports @Maffooch (#13650)
• [docs] SLAs for Pro @paulOsinski (#13652)
• 💄 Nancy parser docs: fix tool link @manuel-sommer (#13633)
• fix(helm): Fix PVC templating after #13210 @kiblik (#13619)
• 🐛 fix nancy file format update #12860 @manuel-sommer (#13634)
• SLA Calculations: Remove product grade calculation and consolidate task handlers @Maffooch (#13630)
• fix(helm/dependabot/renovate): Fix broken automatic update @kiblik (#13613)
• feat(renovate): track oldest maintained k8s @kiblik (#13545)
• 🐛 fix TestForms date validation #13623 @manuel-sommer (#13624)
• [docs] moving Parser Docs to new index @paulOsinski (#13528)
• Make Finding Group Push to Jira Push Push to Duplicate Issues @Jino-T (#13573)
• 🐛 calender: Fix incorrect end dates for engagements and tests #13593 @manuel-sommer (#13595)
• feat(renovate): Update renovate only weekly @kiblik (#13611)
• 🐛 Catch AuthTokenError in middleware @manuel-sommer (#13608)

💣 Breaking changes

• feat(helm): Use Valkey @kiblik (#13408)

🚩 Changes to settings.dist.py / local_settings.py

• JIRA: add retry/rate limit support @valentijnscholten (#13786)
• Add OpenReports import support @mfyll (#13562)
• 🎉 implement certfr vulnid @manuel-sommer (#13730)
• Deduplicate findings in batches @valentijnscholten (#13491)
• 🎉 Add VA vulnid @manuel-sommer (#13675)
• 🎉 Make social auth exceptions configurable @manuel-sommer (#13596)
• Adding SOCIAL_AUTH_REDIRECT_IS_HTTPS, to enable use of HTTPS protocol when redirecting after login using social auth. @marcelhorner (#13614)
• 🎉 implement n0s1 scanner #13564 @manuel-sommer (#13580)

🚩 Database migration

• 🐛 fix create questionnaire with empty survey @manuel-sommer (#13728)
• 🎉 Advance reimport to update fix_available field #12633 @manuel-sommer (#12922)

🚀 API features and enhancements

• Add choice fields for business criticality, platform, lifecycle, and origin @Maffooch (#13740)
• Add notification when finding is created via the API @Juu (#13732)
• 🐛 add user mention notifications in note creation for Engagement, Finding, and Tests @Maffooch (#13696)

🖌 Updates in UI

• 🎉 Advance reimport to update fix_available field #12633 @manuel-sommer (#12922)

🧰 Maintenance

• Update dependency renovatebot/renovate from 42.21.0 to v42.27.0 (.github/workflows/renovate.yaml) @renovate (#13788)
• chore(deps): bump boto3 from 1.41.4 to 1.41.5 @dependabot (#13782)
• Update dependency prettier from 3.6.2 to v3.7.2 (docs/package.json) @renovate (#13781)
• Update nginx/nginx-prometheus-exporter Docker tag from 1.4.2 to v1.5.1 (helm/defectdojo/values.yaml) @renovate (#13726)
• chore(deps): bump boto3 from 1.41.1 to 1.41.4 @dependabot (#13778)
• chore(deps): update actions/setup-python action from v6.0.0 to v6.1.0 (.github/workflows/test-helm-chart.yml) @renovate (#13774)
• chore(deps): bump packageurl-python from 0.17.5 to 0.17.6 @dependabot (#13773)
• chore(deps): bump psycopg[c] from 3.2.12 to 3.2.13 @dependabot (#13764)
• chore(deps): bump ruff from 0.14.5 to 0.14.6 @dependabot (#13763)
• Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.37.9 to v1.37.10 (helm/defectdojo/values.yaml) @renovate (#13725)
• Update peter-evans/create-pull-request action from v7.0.8 to v7.0.9 (.github/workflows/update-sample-data.yml) @renovate (#13757)
• Update dependency renovatebot/renovate from 42.13.3 to v42.21.0 (.github/workflows/renovate.yaml) @renovate (#13759)
• chore(deps): bump boto3 from 1.41.0 to 1.41.1 @dependabot (#13753)
• chore(deps): update actions/checkout action from v5.0.1 to v6 (.github/workflows/validate_docs_build.yml) @renovate (#13747)
• chore(deps): update dependency yamale from 6.0.0 to v6.1.0 (.github/workflows/test-helm-chart.yml) @renovate (#13746)
• Update dependency vite from 7.2.2 to v7.2.4 (docs/package.json) @renovate (#13741)
• chore(deps): bump boto3 from 1.40.75 to 1.41.0 @dependabot (#13743)
• chore(deps): bump redis from 7.0.1 to 7.1.0 @dependabot (#13742)
• chore(deps): bump boto3 from 1.40.74 to 1.40.75 @dependabot (#13731)
• chore(deps): update actions/checkout action from v5.0.0 to v5.0.1 (.github/workflows/validate_docs_build.yml) @renovate (#13724)
• chore(deps): bump datatables.net from 2.3.4 to 2.3.5 in /components @dependabot (#13716)
• chore(deps): bump boto3 from 1.40.73 to 1.40.74 @dependabot (#13715)
• chore(deps): update dependency renovatebot/renovate from 42.5.4 to v42.13.3 (.github/workflows/renovate.yaml) @renovate (#13713)
• Update dependency kubernetes from v1.31.13 to v1.32.10 (.github/workflows/k8s-tests.yml) @renovate (#13719)
• Update dependency renovatebot/renovate from 42.5.0 to v42.5.4 (.github/workflows/renovate.yaml) @renovate (#13712)
• Update postgres:18.1-alpine Docker digest from 18.1 to 18.1-alpine (docker-compose.yml) @renovate (#13711)
• chore(deps): update postgres docker tag from 18.0 to v18.1 (docker-compose.yml) @renovate (#13704)
• chore(deps): bump boto3 from 1.40.72 to 1.40.73 @dependabot (#13706)
• chore(deps): bump boto3 from 1.40.71 to 1.40.72 @dependabot (#13697)
• Update dependency gohugoio/hugo from v0.152.1 to v0.152.2 (.github/workflows/validate_docs_build.yml) @renovate (#13665)
• Update dependency @docsearch/js from 4.3.1 to v4.3.2 (docs/package.json) @renovate (#13674)
• chore(deps): bump vulners from 3.1.1 to 3.1.2 @dependabot (#13691)
• chore(deps): bump boto3 from 1.40.69 to 1.40.71 @dependabot (#13692)
• Update dependency kubernetes/kubernetes from v1.34.1 to v1.34.2 (.github/workflows/k8s-tests.yml) @renovate (#13693)
• Update dependency node from 24.11.0 to v24.11.1 (.github/workflows/validate_docs_build.yml) @renovate (#13686)
• Update dependency @docsearch/css from 4.3.1 to v4.3.2 (docs/package.json) @renovate (#13673)
• chore(deps): update dependency renovatebot/renovate from 42.0.3 to v42.5.0 (.github/workflows/renovate.yaml) @renovate (#13651)
• chore(deps): update softprops/action-gh-release action from v2.4.1 to v2.4.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#13654)
• chore(deps): bump boto3 from 1.40.68 to 1.40.69 @dependabot (#13661)
• chore(deps): bump django-crispy-forms from 2.4 to 2.5 @dependabot (#13642)
• chore(deps): bump django-dbbackup from 5.0.0 to 5.0.1 @dependabot (#13643)
• chore(deps): bump asteval from 1.0.6 to 1.0.7 @dependabot (#13646)
• chore(deps): update dependency vite from 7.2.1 to v7.2.2 (docs/package.json) @renovate (#13641)
• chore(deps): bump boto3 from 1.40.66 to 1.40.68 @dependabot (#13644)
• chore(deps): bump ruff from 0.14.3 to 0.14.4 @dependabot (#13645)
• chore(deps): update dependency renovatebot/renovate from ...

nightly-dev 🌈

Run the release drafter to populate the release notes.

2.52.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.52.2

• Add path filter for docs in gh-pages workflow @Maffooch (#13755)
• Change log level from info to debug for Watson indexing @Maffooch (#13748)
• system settings caching optimization + test cases @valentijnscholten (#13739)
• Add boto3 dependency to dependabot configuration @Maffooch (#13733)
• 🐛 fix severity order of trivy @manuel-sommer (#13736)
• 💄 restructure github vulnerability reports @manuel-sommer (#13745)
• [docs] update Jira documentation for Jira Spaces @paulOsinski (#13749)
• [docs] Add Apollo script @paulOsinski (#13734)
• fix(helm): Missing annotation for "master-into-..." @kiblik (#13722)
• feat(renovate): Do not split updates for renovate @kiblik (#13723)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 implement certfr vulnid @manuel-sommer (#13730)

🚀 API features and enhancements

• Add choice fields for business criticality, platform, lifecycle, and origin @Maffooch (#13740)

2.52.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.52.1

• Qualys parser add CVEs to Vulnerability Ids for xml files @Jino-T (#13710)
• feat(helm): Relocate docs/schema hints @kiblik (#13698)
• [docs] typo fixes @paulOsinski (#13709)
• 🐛 fix finding closed with a provided mitigated date #13699 @manuel-sommer (#13700)
• 🎉 Add pwn sast fix_available field @manuel-sommer (#13702)
• 🐛 fix DD_EDITABLE_MITIGATED_DATA close finding internal server error #13699 @manuel-sommer (#13701)
• reimport: support pro compute hash code method @valentijnscholten (#13680)
• fix(helm/renovate/dependabot): Commit changes & fix condition format @kiblik (#13695)
• feat(renovate): Wait 2 days to use latest k8s @kiblik (#13694)
• 🎉 Add Kubeaudit fix_available field @manuel-sommer (#13684)
• 🎉 implement new threatmapper file format #13639 @manuel-sommer (#13655)
• 🐛 fix debug mode in logging #13659 @manuel-sommer (#13662)
• 🐛 fix nancy severity calculation #13656 @manuel-sommer (#13657)
• 🎉 add Dawnscanner fix_available field. @manuel-sommer (#13660)
• 🎉 Advance ibm app parser with fix_available @manuel-sommer (#13663)
• 💄 beautify drheader jsonfiles @manuel-sommer (#13672)
• feat(renovate): track oldest maintained k8s @kiblik (#13670)
• 🐛 harden jfrog xray unified file parsing #13628 @manuel-sommer (#13632)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Add VA vulnid @manuel-sommer (#13675)

🚀 API features and enhancements

• 🐛 add user mention notifications in note creation for Engagement, Finding, and Tests @Maffooch (#13696)

2.52.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.52.0

• Improve tag handling in importers and add tests for tag imports @Maffooch (#13650)
• [docs] SLAs for Pro @paulOsinski (#13652)
• 💄 Nancy parser docs: fix tool link @manuel-sommer (#13633)
• fix(helm): Fix PVC templating after #13210 @kiblik (#13619)
• 🐛 fix nancy file format update #12860 @manuel-sommer (#13634)
• SLA Calculations: Remove product grade calculation and consolidate task handlers @Maffooch (#13630)
• fix(helm/dependabot/renovate): Fix broken automatic update @kiblik (#13613)
• 🐛 fix TestForms date validation #13623 @manuel-sommer (#13624)
• [docs] moving Parser Docs to new index @paulOsinski (#13528)
• 🐛 calender: Fix incorrect end dates for engagements and tests #13593 @manuel-sommer (#13595)
• feat(renovate): Update renovate only weekly @kiblik (#13611)
• 🐛 Catch AuthTokenError in middleware @manuel-sommer (#13608)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Make social auth exceptions configurable @manuel-sommer (#13596)

🧰 Maintenance

• chore(deps): bump django from 5.1.13 to 5.1.14 @dependabot (#13631)

2.52.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.51.0

• [docs] Prioritization Engine adjustments @paulOsinski (#13581)
• Handle missing severity field in CycloneDX parser @Maffooch (#13583)
• Fix recipient handling in create_notification method @dorkdiaries9 (#13548)
• docker compose: switch to Valkey as message broker @valentijnscholten (#13331)
• Update package versions for consistency by removing caret (^) @Maffooch (#13543)
• Added more details to the run-unittest.sh help text @Jino-T (#13557)
• Added handling for abnormal wazuh severity values @Jino-T (#13522)
• [docs] Integrators/Connectors updates @paulOsinski (#13549)
• docs: correct LDAP authentication instructions for Alpine-based Dockerfiles @yuwwx (#13544)
• chore: update notify-pr-reviewers-action to always use the latest version @Maffooch (#13567)
• fix(HELM): Add "artifacthub.io/changes" for renovate & dependabot @kiblik (#13520)
• feat(GHA): Replace ShellCheck @kiblik (#13519)
• feat(helm): Do not allow multiple celery beats @kiblik (#13527)
• fix(renovate): Clean records @kiblik (#13509)
• unittests: disable webhook notifications in unrelated tests @valentijnscholten (#13515)
• [docs] add MCP server documentation @paulOsinski (#13529)
• reimplement favicons, update theme @paulOsinski (#13502)
• docs: fix unique_id_or_hash_code docs @valentijnscholten (#13501)
• Implement authorization for class Risk_Acceptance @pablosnt (#13469)
• docs: Add note about postgresql18 path change to v2.51 upgrade notes. @pageinsec (#13498)
• feat(helm): Improve description about images/tags @kiblik (#13473)
• github action: allow detect merge conflicts to fail @valentijnscholten (#13465)
• Add tests and documentation for deduplication algorithms @valentijnscholten (#13464)
• Add more deduplication unit tests for importers @valentijnscholten (#13463)
• deduplication: log HASH_CODE_FIELDS_ALWAYS @valentijnscholten (#13462)
• Fix incorrect (inflated) numbers in top 10 metrics @valentijnscholten (#13453)
• Add Anchore Connector documentation @paulOsinski (#13455)
• Pro changelog: 2.51.0/1 and minor docs maintenance @paulOsinski (#13454)
• feat(helm): Add descriptions @kiblik (#13407)
• Replace webhook state transition diagram with PNG instead of rendering with kroki @Maffooch (#13456)
• auto_create_context: make engagement creation atomic @valentijnscholten (#13444)
• fix-loop-duplicates: optimize query @valentijnscholten (#13445)
• fix(helm): Fix renovate/dependabot helper @kiblik (#13438)
• tag based filtering: avoid duplicate rows in results @valentijnscholten (#13442)
• Downgrade django-tagulous to 2.1.0 @valentijnscholten (#13441)
• Downgrade django-tagulous to 2.1.0 @valentijnscholten (#13440)
• feat(helm): Split image locations+tags, allow digest pinning @kiblik (#13370)
• fix(renovate): Drop Bitnami @kiblik (#13403)
• feat(renovate): Add support for versioning less standard value locations @kiblik (#13406)
• fix(helm): re-add annotation hint @kiblik (#13424)
• fix(helm): Test oldest supported k8s version @kiblik (#13376)
• fix(helm): Drop initialDelaySeconds if empty @kiblik (#13398)
• fix: handle broken endpoints when includes a port number in Acunetix XML parser @Irfan-Mohd (#13371)
• add unit tests to test importer deduplication @valentijnscholten (#13372)
• feat(helm): Add support for automountServiceAccountToken @kiblik (#13375)
• feat(helm): DRY cloudsql-proxy @kiblik (#13369)
• feat(helm): Hint for correct "artifacthub.io/changes" syntax @kiblik (#13397)
• feat(gha): Help Renovate + Dependabot to update HELM docs @kiblik (#13366)
• feat(helm): Simplify k8s-tests.yml @kiblik (#13379)
• feat(helm): Make release commits more verbose @kiblik (#13367)
• fix upload error when finding groups disabled @valentijnscholten (#13334)
• importers: defend against parsers returning None @valentijnscholten (#13335)
• watson middleware: skip logging if no instances updated @valentijnscholten (#13363)
• skip duplicates: remove obsolete references @valentijnscholten (#13327)
• JIRA instance config: improve error handling on open/close status ids @valentijnscholten (#13326)
• ⬆️ Bump ruff from 0.13.2 to 0.14.0 @manuel-sommer (#13337)
• fix: add missing resources, securityContext and env entries @fernandezcuesta (#13210)
• fix(helm): Fix checker of HELM chart change @kiblik (#13310)
• fix(gha): Run Release-Nightly only once a day @kiblik (#13329)

💣 Breaking changes

• UNIQUE_ID_OR_HASH_CODE: dont stop after one candidate @valentijnscholten (#13513)

🚩 Changes to settings.dist.py / local_settings.py

• 🐛 Robustify create_user to handle None value @manuel-sommer (#13572)
• 🎉 Add mal vulnid @manuel-sommer (#13588)
• 🐛 add middleware to handle social auth provider unavailability gracefully @manuel-sommer (#13523)
• watson: lower async threshold from 100 to 10 @valentijnscholten (#13518)
• 🎉 Implement msrc vulnid @manuel-sommer (#13487)
• Split Github Vulnerability Scan into separate SCA & SAST parsers @Logicmn (#12773)
• Added the definition of the SOCIAL_AUTH_LOGIN_REDIRECT_URL variable @rseleven (#13428)
• feat(session): Single user session @kiblik (#13416)
• 🔨 Merge the MobSF scanner @manuel-sommer (#12501)

🚩 Database migration

• endpoint import optimize @valentijnscholten (#13521)
• jira_integration: changes risk acceptance expiration date to a better default @maxi-bee (#13488)

🚀 API features and enhancements

• Remove prefetched tags in FindingViewSet @Maffooch (#13568)
• Added Ability to Edit found_by value in API @Jino-T (#13542)
• findings-report-api: fix 404 errors @valentijnscholten (#13446)
• Fix DojoGroupSerializer to handle empty permissions list @Maffooch (#13447)
• Ruff: Fix PLC2701 + merge PLC @kiblik (#13436)
• apiv2: fix schema for engagements endpoint @valentijnscholten (#13336)

🐛 Bug Fixes

• deduplication logic: add cross scanner unique_id tests and fix bug @valentijnscholten (#13499)

🖌 Updates in UI

• 🐛 fix similiar findings severity color #13551 @manuel-sommer (#13586)
• scan_added_empty.tpl: fix symlink problem @valentijnscholten (#13514)
• fix: ui must not overwrite service field from parser @valentijnscholten (#13517)
• Show unique id from tool together with hash_code in title elements @valentijnscholten (#13460)
• report builder: ensure at least one section is present @valentijnscholten (#13443)
• pghistory improvements: backfill and "empty" changes @valentijnscholten (#13383)
• user mentioning: diplay author instead of recipient @valentijnscholten (#13332)
• engagement: allow unlinking of JIRA epic @valentijnscholten (#13333)

🔧 Improved code quality with linters

• Ruff: PT - simplify rules @kiblik (#13435)
• Ruff: Fix N805 @kiblik (#13437)
• Ruff: Add and merge safe rules (B,S) @kiblik (#13430)
• Ruff: Fix PLC2701 + merge PLC @kiblik (#13436)
• feat(docker): Use Python 3.13 in docker images @kiblik (#13022)

🧰 Maintenance

• chore(deps): bump boto3 from 1.40.62 to 1.40.63 @dependabot (#13579)
• chore(deps): bump ruff from 0.14.2 to 0.14.3 @dependabot (#13577)
• chore(deps): update dependency renovatebot/renovate from 41.165.7 to v41.168.0 (.github/workflows/renovate.yaml) @renovate (#13576)
• chore(deps): update dependency django-debug-toolbar from 6.0.0 to v6.1.0 (requirements-dev.txt) @renovate (#13575)
• chore(deps): update dependency renovatebot/renovate from 41.165.5 to v41.165.7 (.github/workflows/renovate.yaml) @renovate (#13574)
• chore(deps): bump python-gitlab from 6.5.0 to 7.0.0 @dependabot (#13570)
• chore(deps): bump boto3 from 1.40.60 to 1.40.62 @dependabot (#13569)
• chore(deps): update dependency renovatebot/renovate from 41.163.7 to v41.165.5 (.github/workflows/renovate.yaml) @renovate (#13559)
• chore(deps): update dependency node from 24.10.0 to v24.11.0 (.github/workflows/validate_docs_build.yml) @renovate (#13560)
• chore(deps): update dependency renovatebot/renovate from 41.163.6 to v41.163.7 (.github/workflows/renovate.yaml) @renovate (#13558)
• chore(deps): update dependency renovatebot/renovate from 41.163.1 to v41.163.6 (.github/workflows/renovate.yaml) @renovate (#13556)
• chore(deps): bump boto3 from 1.40.58 to 1.40.60 @dependabot (#13554)
• chore(deps): bump bleach from 6.2.0 to 6.3.0 @dependabot (#13553)
• chore(deps): bump redis from 7.0.0 to 7.0.1 @dependabot (#13552)
• chore(deps): update dependency node from 22.21.0 to v24 (.github/workflows/validate_docs_build.yml) @renovate (#13550)
• Bump psycopg[c] from 3.2.11 to 3.2.12 @dependabot (#13535)
• chore(deps): update dependency renovatebot/renovate from 41.159.4 to v41.163.1 (.github/workflows/renovate.yaml) @renovate (#13533)
• chore(deps): update dependency vite from 7.1.11 to v7.1.12 (docs/package.json) @renovate (#13532)
• chore(deps): update github artifact actions (.github/workflows/rest-framework-tests.yml) (major) @renovate (#13531)
• Bump redis from 6.4.0 to 7.0.0 @dependabot (#13510)
• chore(deps): update dependency vite from 7.1.9 to v7.1.11 [security] @renovate (#13480)
• chore(deps): update postgres:18.0-alpine docker digest from 18.0 to 18.0-alpine (docker-compose.yml) @renovate (#13503)
• Bump boto3 from 1.40.55 to 1.40.58 @dependabot (#13524)
• Bump ruff from 0.14.1 to 0.14.2 @dependabot (#13525)
• chore(deps): update dependency renovatebot/renovate from 41.146.8 to v41.159.4 (.github/workflows/renovate.yaml) @renovate (#13507)
• chore(deps): update node.js from v22.20.0 to v22.21.0 (docs/package.json) @renovate (#13508)
• chore(deps): update dependency renovatebot/renovate from 41.146.0 to v41.146.8 (.github/workflows/renovate.yaml) @renovate (#13484)
• Bump psyco...

2.51.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.51.2

• fix(renovate): Clean records @kiblik (#13509)
• unittests: disable webhook notifications in unrelated tests @valentijnscholten (#13515)
• [docs] add MCP server documentation @paulOsinski (#13529)
• reimplement favicons, update theme @paulOsinski (#13502)
• docs: fix unique_id_or_hash_code docs @valentijnscholten (#13501)
• Implement authorization for class Risk_Acceptance @pablosnt (#13469)
• docs: Add note about postgresql18 path change to v2.51 upgrade notes. @pageinsec (#13498)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Implement msrc vulnid @manuel-sommer (#13487)

🐛 Bug Fixes

• deduplication logic: add cross scanner unique_id tests and fix bug @valentijnscholten (#13499)

2.51.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.51.1

• github action: allow detect merge conflicts to fail @valentijnscholten (#13465)
• Add tests and documentation for deduplication algorithms @valentijnscholten (#13464)
• Add more deduplication unit tests for importers @valentijnscholten (#13463)
• deduplication: log HASH_CODE_FIELDS_ALWAYS @valentijnscholten (#13462)
• Fix incorrect (inflated) numbers in top 10 metrics @valentijnscholten (#13453)
• Add Anchore Connector documentation @paulOsinski (#13455)
• Pro changelog: 2.51.0/1 and minor docs maintenance @paulOsinski (#13454)
• Replace webhook state transition diagram with PNG instead of rendering with kroki @Maffooch (#13456)
• fix-loop-duplicates: optimize query @valentijnscholten (#13445)
• fix(helm): Fix renovate/dependabot helper @kiblik (#13438)
• tag based filtering: avoid duplicate rows in results @valentijnscholten (#13442)
• Downgrade django-tagulous to 2.1.0 @valentijnscholten (#13440)
• fix(renovate): Drop Bitnami @kiblik (#13403)
• feat(renovate): Add support for versioning less standard value locations @kiblik (#13406)
• fix(helm): re-add annotation hint @kiblik (#13424)
• fix(helm): Drop initialDelaySeconds if empty @kiblik (#13398)

🚀 API features and enhancements

• findings-report-api: fix 404 errors @valentijnscholten (#13446)
• Fix DojoGroupSerializer to handle empty permissions list @Maffooch (#13447)

🖌 Updates in UI

• Show unique id from tool together with hash_code in title elements @valentijnscholten (#13460)
• report builder: ensure at least one section is present @valentijnscholten (#13443)

2.51.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.51.0

• fix: handle broken endpoints when includes a port number in Acunetix XML parser @Irfan-Mohd (#13371)
• add unit tests to test importer deduplication @valentijnscholten (#13372)
• feat(helm): Add support for automountServiceAccountToken @kiblik (#13375)
• feat(helm): Hint for correct "artifacthub.io/changes" syntax @kiblik (#13397)
• feat(gha): Help Renovate + Dependabot to update HELM docs @kiblik (#13366)
• feat(helm): Make release commits more verbose @kiblik (#13367)
• watson middleware: skip logging if no instances updated @valentijnscholten (#13363)
• skip duplicates: remove obsolete references @valentijnscholten (#13327)
• JIRA instance config: improve error handling on open/close status ids @valentijnscholten (#13326)
• fix(gha): Run Release-Nightly only once a day @kiblik (#13329)

🖌 Updates in UI

• pghistory improvements: backfill and "empty" changes @valentijnscholten (#13383)

🧰 Maintenance

• Bump django from 5.1.12 to 5.1.13 @dependabot (#13353)

2.51.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.50.0

• Refactor vulnerability ID and endpoint retrieval in Finding model @Maffooch (#13324)
• upgrade notes: explain performance improvements 2.51 @valentijnscholten (#13287)
• twistlock: defend against compliances being null @valentijnscholten (#13318)
• bugfix search results: enable bulk adding of tags and notes @valentijnscholten (#13297)
• ui import: allow providing test title @valentijnscholten (#13299)
• [docs] Pro changelog oct 3 @paulOsinski (#13315)
• Add CVSS details extraction to AWS Inspector2 parser @Maffooch (#13305)
• GitHub chores: Automatically close issues labelled as pending-closure @valentijnscholten (#13298)
• requested review: add data to notification title @valentijnscholten (#13284)
• Reduce and optimize number of product grading calls using a Chord @valentijnscholten (#12914)
• 🐛 Fix tenable CWE #13245 @manuel-sommer (#13252)
• Bug Fix: improve Kiuwan SCA parser to support multi component findings @mwager (#12753)
• Added Line Field for SonarQube Scan and SonarQube Scan Detailed Scan Types @Jino-T (#13256)
• [docs] update changelog 2.50.3 @paulOsinski (#13269)
• Add an Engagement's branch_tag in Jira Epic's description @Jino-T (#13270)
• product grade logging fix @valentijnscholten (#13268)
• Fix duplicated tags (everywhere) @fopina (#13250)
• feat(helm): Add docs for more variables @kiblik (#13224)
• jira webhook: add comment detection test @valentijnscholten (#13232)
• Refactor warning handling for blackduck import @Maffooch (#13229)
• do not build/start unused services in unit test docker compose files @fopina (#13220)
• feat(helm): Make API test more verbose @kiblik (#13208)
• 🎉 Add fix_available information to blackduck binary analysis parser @manuel-sommer (#13236)
• make sonarqube hotspots sync work @dshafranskiy-r7 (#13206)
• debug toolbar: disable by default @valentijnscholten (#13227)
• k8s-tests: bump k8s and minukube @valentijnscholten (#13231)
• fix(helm): apiVersion overrides not needed in tests @kiblik (#13207)
• fix(helm): Update annotations during releasing @kiblik (#13197)
• Tags: Remove duplicates in edit forms @Maffooch (#13228)
• feat(helm): Add ArtifactHub Linter @kiblik (#13199)
• [docs] changelog 2.50.2, minor changes @paulOsinski (#13226)
• bulk edit: update under_review flag @valentijnscholten (#13179)
• ⬆️ Bump ruff from 0.13.0 to 0.13.1 @manuel-sommer (#13223)
• Unit Tests: Ignore deprecation Warning from BlackDuck pypi package @Maffooch (#13225)
• dockerfiles: drop wheels from layers @fopina (#13209)
• 🎉 Add fix_available information to blackduck component risk #12633 @manuel-sommer (#13201)
• fix(helm): Empty string values propagated as strings (not as null) @kiblik (#13200)
• feat(helm): Better explanation for failing GHA @kiblik (#13198)
• feat(helm): Trigger update of Helm docs when version is changed @kiblik (#13191)
• 💄 Update Wazuh v4.8 @manuel-sommer (#13184)
• fix(helm): Set correct icon link @kiblik (#13195)
• debugtoolbar: fix for requirements-dev.txt @valentijnscholten (#13183)
• Fix naive datetime warnings/errors @valentijnscholten (#13170)
• feat(helm): Improve docs, add schema @kiblik (#12984)
• product grade: only update product if grade has changed @valentijnscholten (#13123)
• Github Vulnerability Parser: Update docs to generate correct schema @Maffooch (#13166)
• [docs] Changelog 2.50.1 @paulOsinski (#13167)
• bulk edit: add None check on JIRA sync check @valentijnscholten (#13168)
• Generic parser update @mykhailo-sindieiev (#13139)
• 🎉 Add fix_available information to jfrogondemand #12633 @manuel-sommer (#13124)
• 🎉 Add fix_available information to wpscan #12633 @manuel-sommer (#13153)
• fortify fpr_parser: allow optional fields to be optional @fopina (#13160)
• fix(helm): Drop bitnami repo reference @kiblik (#13125)
• 🎉 Add fix_available information to mend #12633 @manuel-sommer (#13142)
• [docs] add new opensource page @paulOsinski (#13151)
• Update to Django 5.1.12 @valentijnscholten (#13148)
• fix(helm): uwsgi tuning @kiblik (#13146)
• docker: remove dev dependencies from release images @valentijnscholten (#13095)
• fix default order to finding_groups @LeoOMaia (#13127)
• 🐛 Fix finding_group view @manuel-sommer (#13119)
• ruff fixes @valentijnscholten (#13122)
• feat: improve Helm chart @fernandezcuesta (#12691)
• 🎉 Add fix_available information to jfrog xray unified parser #12633 @manuel-sommer (#13105)
• 🎉 Add fix_available information to jfrog @manuel-sommer (#13115)
• 🐛 Implement Wazuh v4.8 @manuel-sommer (#12739)
• semgrep pro parser @valentijnscholten (#12848)
• Update changelog 2.50 @paulOsinski (#13121)
• Update the Qualys Hacker Guardian parser to be compatible with larger CSV files @Jino-T (#13120)
• fix(product): Drop import_scan_results_prod @kiblik (#13041)
• uwsgi: default to 4 processes x 4 threads @valentijnscholten (#13080)
• Import performance: reduce number of finding.save() calls @valentijnscholten (#12900)
• 🎉 Add fix_available information to aqua parser #12633 @manuel-sommer (#13106)
• System settings: correct page title/breadcrumbs @valentijnscholten (#13083)
• fix(docker): Docker Debian upgrade to Trixie @kiblik (#13054)
• 🎉 Add fix_available to KrakenDAudit @manuel-sommer (#13055)

🚩 Changes to settings.dist.py / local_settings.py

• Update default audit log type to django-auditlog @Maffooch (#13321)
• make SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL configurable @valentijnscholten (#13301)
• Auditlog: Add django-pghistory as audit log (optional for now) @valentijnscholten (#13169)
• performance optimization: add tags in bulk @valentijnscholten (#13285)
• Snyk Issue Api Scan "sca" import implementation @dshafranskiy-r7 (#13263)
• Introduce text labels for v3 @dogboat (#13155)
• GitHub Secrets Detection Report Parser @Logicmn (#13286)
• Add AWS security bulletins to vulnid @manuel-sommer (#13272)
• Import history optimize @valentijnscholten (#13182)
• OpenVAS parser improvments @jostaub (#13214)
• Drop django-tagging as dependency @fopina (#13216)
• NN vulnid @manuel-sommer (#13180)
• watson: perform async index updates @valentijnscholten (#13152)
• Ruff: Add PLC1901 @manuel-sommer (#13157)
• feat(social): Add SOCIAL_AUTH_OIDC_LOGIN_BUTTON_TEXT @kiblik (#13150)
• Allow enabling Django Debug Toolbar via env variable @valentijnscholten (#12921)
• 🎉 Add OXAS-ADV- vulnid @manuel-sommer (#13129)
• 🎉 add VAR vulnid @manuel-sommer (#13096)
• Ruff: Preparation for G004 @manuel-sommer (#13076)

🚩 Database migration

• Auditlog: Add django-pghistory as audit log (optional for now) @valentijnscholten (#13169)
• Drop django-tagging as dependency @fopina (#13216)

🚀 API features and enhancements

• finding api: fix hash_code for vulnerability_ids @valentijnscholten (#13304)
• enhance/normalize EDITABLE_MITIGATED_DATA handling @valentijnscholten (#13303)
• Introduce text labels for v3 @dogboat (#13155)
• close finding: sync api and ui behaviour @valentijnscholten (#13230)
• make close_old_findings tooltip clearer when service is not set @fopina (#13211)
• Ruff: Add PLC0415 @manuel-sommer (#13156)
• Ruff: Preparation for G004 @manuel-sommer (#13076)
• Password Reset: Disable for SSO users @Maffooch (#13079)

🖌 Updates in UI

• findings list: support ordering by more fields @valentijnscholten (#13300)
• Auditlog: Add django-pghistory as audit log (optional for now) @valentijnscholten (#13169)
• Similar Findings: Restrict to Product Scope @Maffooch (#13271)
• Introduce text labels for v3 @dogboat (#13155)
• feat(finding list): Add planned_remediation_version @kiblik (#13261)
• Ruff: Add PLC1901 @manuel-sommer (#13157)
• Ruff: Add PLC0415 @manuel-sommer (#13156)
• feat(social): Add SOCIAL_AUTH_OIDC_LOGIN_BUTTON_TEXT @kiblik (#13150)
• Rename duplicate 'Dashboard' to 'Finding Groups' @testaccount90009 (#13140)
• 🎉 Add number of fix_available information to test view @manuel-sommer (#13109)
• msteams: Support Power Automate Workflows via Adaptive Card format @valentijnscholten (#13082)

🔧 Improved code quality with linters

• ⬆️ Bump ruff from 0.13.1 to 0.13.2 @manuel-sommer (#13267)
• Ruff: Add SIM115 @manuel-sommer (#13219)
• Ruff: Add PLC1901 to dojo/models @manuel-sommer (#13178)
• Ruff: Add PLC0415 to dojo/models @manuel-sommer (#13165)
• Ruff: Add PLC1901 @manuel-sommer (#13157)
• Ruff: Add PLC0415 @manuel-sommer (#13156)
• feat(docker): Use Python 3.12 in docker images @kiblik (#10473)
• Ruff: Add PLW @manuel-sommer (#13104)
• Ruff: Add PLW0603 @manuel-sommer (#13097)

🧰 Maintenance

• Update redis Docker tag from 7.2.10 to v7.2.11 (docker-compose.yml) @renovate (#13320)
• Update actions/stale action from v10.0.0 to v10.1.0 (.github/workflows/close-stale.yml) @renovate (#13317)
• Update softprops/action-gh-release action from v2.3.3 to v2.3.4 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#13316)
• ⬆️ Bump boto3 from 1.40.43 to 1.40.44 @dependabot (#13308)
• Update dependency vite from 7.1.8 to v7.1.9 (docs/package.json) @renovate (#13306)
• Update postgres:18.0-alpine Docker digest from 18.0 to 18.0-alpine (docker-compose.yml) @renovate (#13302)
• ⬆️ Bump boto3 from 1.40.42 to 1.40.43 @dependabot (#13295)
• Update dependency vite from 7.1.7 to v7.1.8 (docs/package.json) @renovate (#13294)
• Update postgres:18.0-alpine Docker digest from 18.0 to 18.0-alpine (docker-compose.yml) @renovate (#13291)
• ⬆️ Bump boto3 from 1.40.41 to 1.40.42 @dependabot (#13288)
• ⬆️ Bump drf-spectacular-sidecar from 2025.9.1 to 2025.10.1 @dependabot (...