Releases: MaibornWolff/SecObserve
Releases · MaibornWolff/SecObserve
1.22.0
Breaking changes
- Due to a library change, the
OCSF (Open Cybersecurity Schema Framework)parser now only supports reports from Prowler 4.5.0 and above.
Features
Fixes
- fix: do not show empty license field in product header by @StefanFl in #2136
- fix: correct dev_deps links per ecosystem by @StefanFl in #2137
- fix: encoded null value in description can cause SQL exception by @StefanFl in #2142
- fix: authorization groups couldn't be edited by admins by @StefanFl in #2158
- fix: accidental change of startup script for unittests by @StefanFl in #2160
- fix: get licenses by name as well from CycloneDX files by @StefanFl in #2163
- fix: support for Prowler 4.5 by @StefanFl in #2164
Chores
- chore: documentation for authorization groups in license management by @StefanFl in #2166
- chore: prepare for release 1.22.0 by @StefanFl in #2167
- chore: merge to main for release 1.22.0 by @StefanFl in #2168
Dependencies
- chore(deps): update keycloak/keycloak docker tag to v26.0.4 by @renovate in #2133
- fix(deps): update dependency mermaid to v11.4.0 by @renovate in #2134
- chore(deps): update dependency @types/node to v22.8.5 by @renovate in #2135
- chore(deps): update dependency mkdocs-material to v9.5.43 by @renovate in #2138
- fix(deps): update react-admin monorepo to v5.3.2 by @renovate in #2139
- fix(deps): update dependency werkzeug to v3.1.0 by @renovate in #2140
- chore(deps): update dependency @types/node to v22.8.6 by @renovate in #2141
- chore(deps): update keycloak/keycloak docker tag to v26.0.5 by @renovate in #2143
- fix(deps): update dependency cvss to v3.3 by @renovate in #2144
- fix(deps): update dependency werkzeug to v3.1.1 by @renovate in #2146
- fix(deps): update dependency drf-spectacular-sidecar to v2024.11.1 by @renovate in #2145
- chore(deps): update eslint monorepo to v9.14.0 by @renovate in #2147
- fix(deps): update dependency types-pymysql to v1.1.0.20241103 by @renovate in #2148
- chore(deps): update dependency @types/node to v22.8.7 by @renovate in #2149
- chore(deps): update dependency globals to v15.12.0 by @renovate in #2151
- fix(deps): update dependency werkzeug to v3.1.2 by @renovate in #2152
- chore(deps): update typescript-eslint monorepo to v8.13.0 by @renovate in #2153
- chore(deps): update dependency @types/node to v22.9.0 by @renovate in #2154
- fix(deps): update dependency django to v5.1.3 by @renovate in #2156
- fix(deps): update dependency jsonpickle to v3.4.0 by @renovate in #2157
- fix(deps): update dependency jsonpickle to v3.4.1 by @renovate in #2159
- chore(deps): update dependency mkdocs-material to v9.5.44 by @renovate in #2161
- fix(deps): update react-router monorepo to v6.28.0 by @renovate in #2165
- chore(deps): lock file maintenance by @renovate in #2150
Full Changelog: v1.21.0...v1.22.0
Contributors
renovate and StefanFl
Assets 7
1.21.0
Breaking changes
- There was a typo in severities, where there was a missing "n" in "Unknown". This has been fixed in the code as well as in the data. If you use the severity
Unknownin API calls, you need to change it fromUnkowntoUnknown.
Notable changes
- This release introduces license management. Licenses of components can be imported via CycloneDX SBOMs and evaluated with flexible license policies. For more information see https://maibornwolff.github.io/SecObserve/usage/license_management
Features
- feat: license management by @StefanFl in #2068
- feat: ui improvements for license management by @StefanFl in #2092
- feat: apply license policy to its products by @StefanFl in #2093
- feat: component types can be ignored in license policies by @StefanFl in #2095
- feat: export of license components by @StefanFl in #2103
- feat: more ui improvements for license management by @StefanFl in #2105
- feat: set default branch as default for list of license components by @StefanFl in #2110
- feat: created, last_seen, last_change dates for license components by @StefanFl in #2121
Fixes
- fix: internal users are allowed to copy license groups and policies by @StefanFl in #2073
- fix: internal users can copy public groups and policies by @StefanFl in #2075
- fix: change "unkown" to "unknown" in code and data by @StefanFl in #2088
- fix: URL for deps.dev for components with namespace by @StefanFl in #2097
- fix: show correct resource in empty embedded lists by @StefanFl in #2099
- fix: ignore observation logs with just comments for CSAF/OpenVEX by @dervoeti in #2122
- fix: compare CSAF components based on id by @dervoeti in #2124
- fix: add all component relationships in CSAF document by @dervoeti in #2125
Chores:
- chore: use AWS ECR for Trivy by @StefanFl in #2071
- chore: authentication and authorization tests for license management by @StefanFl in #2077
- chore: more unittests for license management by @StefanFl in #2085
- chore: documentation for license management by @StefanFl in #2087
- chore: scan licenses for dev by @StefanFl in #2106
- chore: prepare for release 1.21.0 by @StefanFl in #2130
- chore: merge to main for release 1.21.0 by @StefanFl in #2131
##Dependencies
- chore(deps): update dependency poetry to v1.8.4 by @renovate in #2043
- chore(deps): update dependency vite to v5.4.9 by @renovate in #2044
- chore(deps): update github/codeql-action action to v3.26.13 by @renovate in #2045
- chore(deps): update typescript-eslint monorepo to v8.9.0 by @renovate in #2046
- chore(deps): update dependency mkdocs-material to v9.5.41 by @renovate in #2048
- chore(deps): update mysql docker tag to v8.4.3 by @renovate in #2050
- fix(deps): update dependency chart.js to v4.4.5 by @renovate in #2049
- chore(deps): update dependency @types/node to v20.16.12 by @renovate in #2053
- chore(deps): update keycloak/keycloak docker tag to v26.0.1 by @renovate in #2054
- chore(deps): update typescript-eslint monorepo to v8.10.0 by @renovate in #2056
- chore(deps): update dependency @types/node to v20.16.13 by @renovate in #2061
- chore(deps): update python:3.12.7-alpine docker digest to 38e179a by @renovate in #2060
- fix(deps): update dependency react-hook-form to v7.53.1 by @renovate in #2059
- chore(deps): update eslint monorepo to v9.13.0 by @renovate in #2058
- chore(deps): update dependency @eslint/compat to v1.2.1 by @renovate in #2057
- chore(deps): update dependency @vitejs/plugin-react to v4.3.3 by @renovate in #2062
- chore(deps): update dependency mkdocs-material to v9.5.42 by @renovate in #2064
- fix(deps): update dependency coverage to v7.6.4 by @renovate in #2065
- chore(deps): update typescript-eslint monorepo to v8.11.0 by @renovate in #2067
- chore(deps): update dependency @types/node to v20.16.14 by @renovate in #2069
- chore(deps): update dependency @playwright/test to v1.48.1 by @renovate in #2051
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.48.1 by @renovate in #2052
- fix(deps): update dependency packageurl-python to v0.16.0 by @renovate in #2070
- fix(deps): update react-admin monorepo to v5.3.0 by @renovate in #2055
- chore(deps): update github/codeql-action action to v3.27.0 by @renovate in #2076
- chore(deps): update actions/cache action to v4.1.2 by @renovate in #2074
- chore(deps): update dependency eslint-plugin-react to v7.37.2 by @renovate in #2078
- chore(deps): update actions/checkout action to v4.2.2 by @renovate in #2084
- chore(deps): update dependency vite to v5.4.10 by @renovate in #2083
- chore(deps): update dependency @types/react to v18.3.12 by @renovate in #2082
- chore(deps): update dependency @types/node to v20.17.0 by @renovate in #2081
- chore(deps): remove jest from dev dependencies by @StefanFl in #2086
- chore(deps): update actions/setup-python action to v5.3.0 by @renovate in #2091
- chore(deps): update actions/setup-node action to v4.1.0 by @renovate in #2090
- chore(deps): update keycloak/keycloak docker tag to v26.0.2 by @renovate in #2089
- fix(deps): update dependency werkzeug to v3.0.5 by @renovate in #2094
- fix(deps): update react-admin monorepo to v5.3.1 by @renovate in #2098
- chore(deps): update dependency @types/node to v20.17.1 by @renovate in #2096
- chore(deps): update dependency @playwright/test to v1.48.2 by @renovate in #2100
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.48.2 by @renovate in #2102
- fix(deps): update dependency werkzeug to v3.0.6 by @renovate in #2101
- chore(deps): update maibornwolff/secobserve_actions_templates digest to 6eefe40 by @renovate in #2072
- fix(deps): update dependency django-stubs to v5.1.1 by @renovate in #2104
- chore(deps): update actions/setup-node action to v4.1.0 by @renovate in #2109
- chore(deps): update actions/checkout action to v4.2.2 by @renovate in #2108
- chore(deps): update maibornwolff/secobserve_actions_templates digest to 6eefe40 by @renovate in #2107
- chore(deps): lock file maintenance by @renovate in #2066
- fix(deps): update dependency whitenoise to v6.8.0 by @renovate in #2112
- fix(deps): update dependency whitenoise to v6.8.1 by @renovate in #2113
- fix(deps): update dependency chart.js to v4.4.6 by @renovate in #2111
- chore(deps): update dependency @eslint/compat to v1.2.2 by @renovate in #2114
- chore(deps): update traefik docker tag to v3.2.0 by @renovate in #2115
- chore(deps): upd...
Contributors
renovate, StefanFl, and dervoeti
Assets 7
1.20.0
Features
- feat: show products (groups) for users and authorization groups by @StefanFl in #2027
- feat: zoom buttons for dependency graph by @dervoeti in #2030
- feat: authorization groups creatable and editable by internal users by @StefanFl in #2035
- feat: configurable rules for password validation by @StefanFl in #2037
- feat: button to toggle theme (light/dark) in the app bar by @StefanFl in #2038
Fixes
Chores
- chore: reactivate end-2-end tests by @StefanFl in #2005
- chore: documentation for Trivy secrets scanning by @StefanFl in #2023
- chore: small ui changes by @StefanFl in #2029
- chore: prepare for release 1.20.0 by @StefanFl in #2040
- chore: merge to main for release 1.20.0 by @StefanFl in #2041
Dependencies
- chore(deps): update docker/setup-buildx-action action to v3.7.1 by @renovate in #1993
- chore(deps): update keycloak/keycloak docker tag to v26 by @renovate in #1995
- fix(deps): update dependency react-oidc-context to v3.2.0 by @renovate in #1999
- chore(deps): update node.js to v20.18.0 by @renovate in #2002
- chore(deps): update dependency @eslint/compat to v1.2.0 by @renovate in #1998
- chore(deps): update eslint monorepo to v9.12.0 by @renovate in #2001
- chore(deps): update actions/cache action to v4.1.0 by @renovate in #2000
- fix(deps): update dependency pre-commit to v4 by @renovate in #2003
- chore(deps): update actions/checkout action to v4.2.1 by @renovate in #2007
- chore(deps): update actions/upload-artifact action to v4.4.1 by @renovate in #2006
- chore(deps): update github/codeql-action action to v3.26.12 by @renovate in #2008
- chore(deps): update typescript-eslint monorepo to v8.8.1 by @renovate in #2009
- fix(deps): update dependency black to v24.10.0 by @renovate in #2010
- chore(deps): update dependency @types/node to v20.16.11 by @renovate in #2011
- fix(deps): update dependency django to v5.1.2 by @renovate in #2013
- fix(deps): update dependency pre-commit to v4.0.1 by @renovate in #2014
- chore(deps): update actions/cache action to v4.1.1 by @renovate in #2017
- chore(deps): update actions/upload-artifact action to v4.4.2 by @renovate in #2019
- chore(deps): update dependency @playwright/test to v1.48.0 by @renovate in #2015
- chore(deps): update dependency typescript to v5.6.3 by @renovate in #2020
- fix(deps): update dependency query-string to v9.1.1 by @renovate in #2021
- chore(deps): update dependency globals to v15.11.0 by @renovate in #2022
- fix(deps): update dependency coverage to v7.6.2 by @renovate in #2024
- chore(deps): update actions/upload-artifact action to v4.4.3 by @renovate in #2025
- chore(deps): update traefik docker tag to v3.1.6 by @renovate in #2026
- chore(deps): update maibornwolff/secobserve_actions_templates digest to 70451f5 by @renovate in #2018
- chore(deps): update dependency mkdocs-material to v9.5.40 by @renovate in #2028
- fix(deps): update dependency pylint-django to v2.6.1 by @renovate in #2031
- chore(deps): update dependency @types/react-dom to v18.3.1 by @renovate in #2032
- fix(deps): update react-admin monorepo to v5.2.3 by @renovate in #2033
- fix(deps): update react-router monorepo to v6.27.0 by @renovate in #2034
- fix(deps): update dependency django-cors-headers to v4.5.0 by @renovate in #2036
- fix(deps): update dependency coverage to v7.6.3 by @renovate in #2039
- chore(deps): lock file maintenance by @renovate in #2004
Full Changelog: v1.19.0...v1.20.0
Contributors
renovate, StefanFl, and dervoeti
Assets 7
1.19.0
Features
Fixes
- fix: current version for sca_scan by @StefanFl in #1942
- fix: generate SBOM without metadata/component/components by @StefanFl in #1952
Chores
- chore: prepare pylint update by @StefanFl in #1939
- chore: remove message for Bandit and Semgrep by @StefanFl in #1941
- chore: reorganise dependencies by @StefanFl in #1946
- chore: move product group settings analog to products by @StefanFl in #1953
- chore: documentation for API imports by @StefanFl in #1987
- chore: add branch to observation dashboard list by @StefanFl in #1990
- chore: prepare for release 1.19.0 by @StefanFl in #1991
- chore: merge to main for release 1.19.0 by @StefanFl in #1992
Dependencies
- chore(deps): update github/codeql-action action to v3.26.8 by @renovate in #1930
- chore(deps): update actions/setup-node action to v4.0.4 by @renovate in #1931
- chore(deps): update keycloak/keycloak docker tag to v25.0.6 by @renovate in #1932
- chore(deps): update traefik docker tag to v3.1.4 by @renovate in #1933
- chore(deps): update dependency @types/react to v18.3.8 by @renovate in #1934
- chore(deps): update dependency vite to v5.4.7 by @renovate in #1935
- chore(deps): update dependency @playwright/test to v1.47.2 by @renovate in #1937
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.47.2 by @renovate in #1938
- fix(deps): update dependency pylint to v3.3.0 by @renovate in #1936
- chore(deps): update dependency mkdocs-material to v9.5.36 by @renovate in #1940
- fix(deps): update material-ui monorepo to v6 (major) by @renovate in #1845
- fix(deps): update dependency @textea/json-viewer to v4 by @renovate in #1926
- chore(deps): revert mui and json-viewer by @StefanFl in #1943
- fix(deps): update react-admin monorepo to v5.2.1 by @renovate in #1948
- chore(deps): update typescript-eslint monorepo to v8.7.0 by @renovate in #1949
- fix(deps): update dependency django-stubs to v5.1.0 by @renovate in #1950
- chore(deps): update dependency @types/node to v20.16.6 by @renovate in #1951
- fix(deps): update dependency pylint to v3.3.1 by @renovate in #1954
- chore(deps): update dependency @types/react to v18.3.9 by @renovate in #1955
- chore(deps): update github/codeql-action action to v3.26.9 by @renovate in #1956
- chore(deps): update dependency @types/node to v20.16.7 by @renovate in #1957
- chore(deps): update dependency vite to v5.4.8 by @renovate in #1958
- chore(deps): update dependency mkdocs-material to v9.5.37 by @renovate in #1959
- fix(deps): update dependency huey to v2.5.2 by @renovate in #1961
- chore(deps): update dependency @types/node to v20.16.9 by @renovate in #1960
- chore(deps): update actions/checkout action to v4.2.0 by @renovate in #1962
- chore(deps): update dependency mkdocs-material to v9.5.38 by @renovate in #1963
- chore(deps): update dependency eslint-plugin-react to v7.37.0 by @renovate in #1964
- chore(deps): upgrade to Django 5.1.1 by @StefanFl in #1966
- chore(deps): update docker/build-push-action action to v6.8.0 by @renovate in #1965
- chore (deps): upgrade eslint to 9.11.1 by @StefanFl in #1969
- chore(deps): update dependency @types/node to v20.16.10 by @renovate in #1967
- chore(deps): update dependency @types/react to v18.3.10 by @renovate in #1968
- chore(deps): update maibornwolff/secobserve_actions_templates digest to cca1b2f by @renovate in #1970
- chore(deps): update dependency mkdocs-material to v9.5.39 by @renovate in #1971
- chore(deps): update python to 3.12.6 by @StefanFl in #1972
- fix(deps): update dependency psycopg to v3.2.3 by @renovate in #1974
- chore(deps): update dependency @vitejs/plugin-react to v4.3.2 by @renovate in #1973
- chore(deps): update docker/build-push-action action to v6.9.0 by @renovate in #1975
- chore(deps): update github/codeql-action action to v3.26.10 by @renovate in #1976
- chore(deps): update typescript-eslint monorepo to v8.8.0 by @renovate in #1977
- chore(deps): update dependency eslint-plugin-react to v7.37.1 by @renovate in #1978
- fix(deps): update react-admin monorepo to v5.2.2 by @renovate in #1979
- chore(deps): update dependency globals to v15.10.0 by @renovate in #1980
- chore(deps): update dependency @types/react to v18.3.11 by @renovate in #1981
- chore(deps): update traefik docker tag to v3.1.5 by @renovate in #1982
- chore(deps): update docker/setup-buildx-action action to v3.7.0 by @renovate in #1983
- fix(deps): update dependency mermaid to v11.3.0 by @renovate in #1985
- chore(deps): update github/codeql-action action to v3.26.11 by @renovate in #1986
- fix(deps): update dependency oidc-client-ts to v3.1.0 by @renovate in #1988
- chore(deps): update python to 3.12.7 by @StefanFl in #1989
- chore(deps): lock file maintenance by @renovate in #1947
Full Changelog: v1.18.1...v1.19.0
Contributors
renovate and StefanFl
Assets 7
1.18.1
Fixes
- fix: no trimming of component names anymore for Mermaid graph in Firefox by @StefanFl in #1921
- fix: don't show dependencies in expand view by @StefanFl in #1924
Chores
- chore: prepare for release 1.18.1 by @StefanFl in #1927
- chore: merge to main for release 1.18.1 by @StefanFl in #1928
Dependencies
- fix(deps): update dependency psycopg to v3.2.2 by @renovate in #1911
- chore(deps): update dependency @types/react to v18.3.6 by @renovate in #1913
- fix(deps): update react-admin monorepo to v5.2.0 by @renovate in #1914
- fix(deps): update dependency mermaid to v11.2.1 by @renovate in #1917
- chore(deps): update dependency eslint to v8.57.1 by @renovate in #1915
- chore(deps): update dependency @types/prop-types to v15.7.13 by @renovate in #1916
- chore(deps): update typescript-eslint monorepo to v8.6.0 by @renovate in #1918
- chore(deps): update dependency vite to v5.4.6 by @renovate in #1919
- chore(deps): update traefik docker tag to v3.1.3 by @renovate in #1920
- chore(deps): update dependency @types/react to v18.3.7 by @renovate in #1922
- fix(deps): update dependency react-oidc-context to v3.1.1 by @renovate in #1923
- chore(deps): update dependency mkdocs-material to v9.5.35 by @renovate in #1925
- chore(deps): lock file maintenance by @renovate in #1912
Full Changelog: v1.18.0...v1.18.1
Contributors
renovate and StefanFl
Assets 7
1.18.0
Breaking changes
- The Prowler parser has been renamed to Prowler 3, because it supports only Prowler up to version 3. For Prowler version 4 and above use the OCSF (Open Cybersecurity Schema Framework) parser.
- Component dependencies are now shown as a diagram. To do this, the format of the dependencies in the database had to be changed. The migration to the new format is not completely lossless and might loose some information. With the next import of observations, the dependencies will be complete again.
Features
- feat: ocsf parser (Open Cybersecurity Schema Framework) and support Prowler 4 by @StefanFl in #1848
- feat: return to previous location after forced logout for oidc users by @StefanFl in #1858
- feat: visualize dependency tree using Mermaid charts by @dervoeti in #1891
- feat: automated API import by @StefanFl in #1897
Fixes
- fix: group background settings by @StefanFl in #1846
- fix: set theme for oidc users correctly by @StefanFl in #1859
- fix: maintainers are not allowed to downgrade owners by @StefanFl in #1864
- fix: refresh after product member delete by @StefanFl in #1865
- fix: code quality and layout issues for dependency graph by @StefanFl in #1896
- fix: remove wrong release number by @StefanFl in #1909
Chores
- chore: check build for frontend by @StefanFl in #1851
- chore: remove defaultProps to get rid of warning messages by @StefanFl in #1855
- chore: migration of origin_component_dependencies by @StefanFl in #1899
- chore: make link color darker for light scheme by @StefanFl in #1900
- chore: change deprecated parameters for trivy by @StefanFl in #1906
- chore: prepare for release 1.18.0 by @StefanFl in #1907
- chore: merge to main for release 1.18.0 by @StefanFl in #1908
Dependencies
- chore(deps): update dependency mkdocs-material to v9.5.33 by @renovate in #1837
- fix(deps): update dependency axios to v1.7.5 by @renovate in #1838
- chore(deps): update github/codeql-action action to v3.26.5 by @renovate in #1839
- fix(deps): update dependency react-hook-form to v7.53.0 by @renovate in #1840
- fix(deps): update dependency mypy to v1.11.2 by @renovate in #1841
- chore(deps): update typescript-eslint monorepo to v8.3.0 by @renovate in #1843
- fix(deps): update dependency @textea/json-viewer to v3.5.0 by @renovate in #1844
- chore(deps): update dependency @types/node to v20.16.2 by @renovate in #1847
- chore(deps): update github/codeql-action action to v3.26.6 by @renovate in #1849
- chore(deps): update actions/setup-python action to v5.2.0 by @renovate in #1850
- chore(deps): update dependency @types/react to v18.3.5 by @renovate in #1853
- fix(deps): update react-admin monorepo to v5.1.3 by @renovate in #1854
- chore(deps): update actions/upload-artifact action to v4.4.0 by @renovate in #1856
- fix(deps): update dependency axios to v1.7.6 by @renovate in #1857
- fix(deps): update dependency pylint to v3.2.7 by @renovate in #1860
- chore(deps): update dependency mkdocs-material to v9.5.34 by @renovate in #1861
- fix(deps): update dependency axios to v1.7.7 by @renovate in #1862
- chore(deps): update dependency @types/node to v20.16.3 by @renovate in #1863
- fix(deps): update dependency jsonpickle to v3.3.0 by @renovate in #1866
- chore(deps): update typescript-eslint monorepo to v8.4.0 by @renovate in #1867
- chore(deps): update dependency eslint-plugin-react to v7.35.2 by @renovate in #1868
- fix(deps): update dependency django to v5.0.9 by @renovate in #1869
- chore(deps): update dependency vite to v5.4.3 by @renovate in #1870
- fix(deps): update dependency validators to v0.34.0 by @renovate in #1871
- chore(deps): update dependency @types/node to v20.16.4 by @renovate in #1872
- fix(deps): update dependency tss-react to v4.9.13 by @renovate in #1873
- chore(deps): update dependency @types/node to v20.16.5 by @renovate in #1875
- chore(deps): update dependency @playwright/test to v1.47.0 by @renovate in #1876
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.47.0 by @renovate in #1877
- fix(deps): update react-admin monorepo to v5.1.4 by @renovate in #1878
- chore(deps): update nginx:stable-alpine-slim docker digest to e471a76 by @renovate in #1879
- chore(deps): update node.js to 4c92ca0 by @renovate in #1880
- chore(deps): update nginx:stable-alpine-slim docker digest to 8bb58ff by @renovate in #1881
- chore(deps): update nginx:stable-alpine-slim docker digest to 6a3378d by @renovate in #1882
- chore(deps): update node.js to 20b2360 by @renovate in #1883
- fix(deps): update dependency cvss to v3.2 by @renovate in #1884
- fix(deps): update dependency inflect to v7.4.0 by @renovate in #1885
- fix(deps): update react-router monorepo to v6.26.2 by @renovate in #1886
- chore(deps): update dependency typescript to v5.6.2 by @renovate in #1887
- chore(deps): update typescript-eslint monorepo to v8.5.0 by @renovate in #1888
- chore(deps): update keycloak/keycloak docker tag to v25.0.5 by @renovate in #1889
- chore(deps): update dependency vite to v5.4.4 by @renovate in #1890
- fix(deps): update dependency djangorestframework-stubs to v3.15.1 by @renovate in #1892
- chore(deps): update dependency eslint-plugin-react to v7.36.1 by @renovate in #1893
- chore(deps): update dependency @types/jest to v29.5.13 by @renovate in #1894
- chore(deps): update dependency vite to v5.4.5 by @renovate in #1895
- chore(deps): update github/codeql-action action to v3.26.7 by @renovate in #1898
- fix(deps): update react-admin monorepo to v5.1.5 by @renovate in #1901
- chore(deps): update dependency @playwright/test to v1.47.1 by @renovate in #1902
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.47.1 by @renovate in #1903
- chore(deps): lock file maintenance by @renovate in #1842
Full Changelog: v1.17.0...v1.18.0
Contributors
renovate, StefanFl, and dervoeti
Assets 7
1.17.0
SecObserve is now Kubernetes-ready. With the Trivy Operator Prometheus parser (#1514) by @JuLiaN47V, vulnerabilities can be retrieved directly from the Docker images deployed in a Kubernetes cluster.
Features
- feat: allow filtering by 'has pending assessment' by @dervoeti in #1786
- feat: make oidc scope configurable by @StefanFl in #1790
- feat: filter by PURL type by @dervoeti in #1784
- feat: expand observation lists by @StefanFl in #1811
- feat: review tab for product groups by @StefanFl in #1813
- feat: configurable columns in observation list by @StefanFl in #1820
- feat: trivy prometheus parser by @JuLiaN47V in #1514
- feat: flexible product observation list by @StefanFl in #1826
- feat: kubernetes origin attributes by @StefanFl in #1831
- feat: support DLA links by @StefanFl in #1833
Fixes
- fix: make formatting of exceptions more robust by @StefanFl in #1793
- fix: make csaf current_release_date match initial_release_date on creation by @dervoeti in #1801
- fix: make vex last_updated match timestamp on creation by @StefanFl in #1804
- fix: avoid temporary volume for dev frontend by @StefanFl in #1805
- fix: only select existing services for manual observations by @StefanFl in #1830
- fix: missing cloud fields in observation create by @StefanFl in #1832
Chores
- chore: refactor generation of SBOMs by @StefanFl in #1789
- chore: set proper name for frontend application sbom by @StefanFl in #1791
- chore: populate purl_type by @StefanFl in #1800
- chore: population of purl_type with pagination by @StefanFl in #1803
- chore: move Parser to import_observations by @StefanFl in #1767
- chore: prepare for release 1.17.0 by @StefanFl in #1834
- chore: merge to main for release 1.17.0 by @StefanFl in #1835
Dependencies
- chore(deps): update postgres docker tag to v15.8 by @renovate in #1782
- chore(deps): update docker/build-push-action action to v6.6.1 by @renovate in #1779
- chore(deps): update dependency gunicorn to v23 by @renovate in #1788
- chore(deps): update dependency @types/node to v20.14.15 by @renovate in #1787
- fix(deps): update material-ui monorepo to v5.16.7 by @renovate in #1783
- chore(deps): update dependency vite to v5.4.0 by @renovate in #1781
- chore(deps): update typescript-eslint monorepo to v8.0.1 by @renovate in #1769
- chore(deps): update typescript-eslint monorepo to v8.1.0 by @renovate in #1792
- chore(deps): update docker/build-push-action action to v6.7.0 by @renovate in #1794
- chore(deps): update github/codeql-action action to v3.26.1 by @renovate in #1795
- fix(deps): update dependency axios to v1.7.4 by @renovate in #1796
- fix(deps): update react-router monorepo to v6.26.1 by @renovate in #1799
- chore(deps): update dependency vite to v5.4.1 by @renovate in #1798
- chore(deps): update github/codeql-action action to v3.26.2 by @renovate in #1797
- chore(deps): update nginx:stable-alpine-slim docker digest to 28967af by @renovate in #1802
- chore(deps): update dependency @types/node to v20.15.0 by @renovate in #1808
- chore(deps): update dependency @playwright/test to v1.46.1 by @renovate in #1806
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.46.1 by @renovate in #1807
- chore(deps): update dependency @types/node to v20.16.0 by @renovate in #1809
- fix(deps): update dependency markdown-to-jsx to v7.5.0 by @renovate in #1810
- chore(deps): update dependency @types/node to v20.16.1 by @renovate in #1812
- chore(deps): update keycloak/keycloak docker tag to v25.0.4 by @renovate in #1814
- chore(deps): update dependency mkdocs-material to v9.5.32 by @renovate in #1815
- chore(deps): update github/codeql-action action to v3.26.3 by @renovate in #1817
- chore(deps): update maibornwolff/secobserve_actions_templates digest to 817460e by @renovate in #1819
- fix(deps): update react-admin monorepo to v5.1.2 by @renovate in #1816
- chore(deps): update typescript-eslint monorepo to v8.2.0 by @renovate in #1818
- chore(deps): update dependency vite to v5.4.2 by @renovate in #1821
- chore(deps): update dependency @types/react to v18.3.4 by @renovate in #1822
- fix(deps): update dependency chart.js to v4.4.4 by @renovate in #1823
- fix(deps): update dependency @emotion/react to v11.13.3 by @renovate in #1824
- fix(deps): update dependency react-hook-form to v7.52.2 by @renovate in #1825
- chore(deps): update github/codeql-action action to v3.26.4 by @renovate in #1827
- fix(deps): update dependency werkzeug to v3.0.4 by @renovate in #1828
- chore(deps): update node docker tag to v20.17.0 by @renovate in #1829
- chore(deps): lock file maintenance by @renovate in #1687
New Contributors
- @JuLiaN47V made their first contribution in #1514
Full Changelog: v1.16.2...v1.17.0
Contributors
renovate, StefanFl, and 2 other contributors
Assets 7
1.16.2
This minor release fixes three security issues in the Django framework, see Django 5.0.8 release notes
Features
Fixes
- fix: some UI layout fixes by @StefanFl in #1693
- fix: place wordbreaks more strategically by @StefanFl in #1695
- fix: occasional IntegrityError for potential duplicates by @StefanFl in #1704
Chores
- chore: unittests for VEX import by @StefanFl in #1691
- chore: remove some docker warnings by @StefanFl in #1692
- chore: prepare for release 1.16.2 by @StefanFl in #1777
- chore: merge to main for release 1.16.2 by @StefanFl in #1778
Dependencies
- fix(deps): update material-ui monorepo to v5.16.1 by @renovate in #1681
- chore(deps): update dependency coverage to v7.6.0 by @renovate in #1682
- chore(deps): update github/codeql-action action to v3.25.12 by @renovate in #1683
- chore(deps): update dependency prettier to v3.3.3 by @renovate in #1684
- chore(deps): update dependency eslint-plugin-react to v7.34.4 by @renovate in #1685
- chore(deps): update dependency mkdocs-material to v9.5.29 by @renovate in #1686
- fix(deps): update dependency validators to v0.33.0 by @renovate in #1688
- fix(deps): update dependency packageurl-python to v0.15.4 by @renovate in #1689
- chore(deps): update docker/build-push-action action to v6.4.0 by @renovate in #1690
- chore(deps): update typescript-eslint monorepo to v7.16.1 by @renovate in #1694
- chore(deps): update traefik docker tag to v3.1.0 by @renovate in #1696
- chore(deps): update dependency @playwright/test to v1.45.2 by @renovate in #1697
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.45.2 by @renovate in #1699
- chore(deps): update dependency vite to v5.3.4 by @renovate in #1698
- fix(deps): update material-ui monorepo to v5.16.4 by @renovate in #1700
- fix(deps): update react-router monorepo to v6.25.0 by @renovate in #1701
- fix(deps): update font awesome to v6.6.0 by @renovate in #1702
- chore(deps): update dependency @types/node to v20.14.11 by @renovate in #1703
- chore(deps): update docker/build-push-action action to v6.4.1 by @renovate in #1705
- fix(deps): update react-router monorepo to v6.25.1 by @renovate in #1706
- chore(deps): update keycloak/keycloak docker tag to v25.0.2 by @renovate in #1707
- fix(deps): update emotion monorepo to v11.12.0 by @renovate in #1708
- fix(deps): update react-admin monorepo to v5.0.5 by @renovate in #1709
- chore(deps): update github/codeql-action action to v3.25.13 by @renovate in #1710
- chore(deps): update dependency mypy to v1.11.0 by @renovate in #1711
- chore(deps): update dependency eslint-plugin-react to v7.35.0 by @renovate in #1712
- fix(deps): update emotion monorepo to v11.13.0 by @renovate in #1713
- chore(deps): update maibornwolff/secobserve_actions_templates digest to 27ab715 by @renovate in #1714
- chore(deps): update dependency pylint to v3.2.6 by @renovate in #1715
- chore(deps): update docker/build-push-action action to v6.5.0 by @renovate in #1716
- chore(deps): update docker/login-action action to v3.3.0 by @renovate in #1717
- chore(deps): update docker/setup-buildx-action action to v3.5.0 by @renovate in #1718
- chore(deps): update docker/setup-qemu-action action to v3.2.0 by @renovate in #1719
- fix(deps): update dependency query-string to v9.1.0 by @renovate in #1720
- chore(deps): update typescript-eslint monorepo to v7.17.0 by @renovate in #1721
- chore(deps): update dependency @playwright/test to v1.45.3 by @renovate in #1722
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.45.3 by @renovate in #1723
- chore(deps): update nginx:stable-alpine-slim docker digest to 6bbbdad by @renovate in #1724
- chore(deps): update dependency typescript to v5.5.4 by @renovate in #1725
- chore(deps): update mysql docker tag to v8.4.2 by @renovate in #1726
- chore(deps): update node.js to 9521a34 by @renovate in #1727
- chore(deps): update node.js to 9230bd6 by @renovate in #1728
- chore(deps): update dependency mkdocs-material to v9.5.30 by @renovate in #1729
- chore(deps): update nginx:stable-alpine-slim docker digest to 63ce1a1 by @renovate in #1730
- chore(deps): update dependency @types/node to v20.14.12 by @renovate in #1731
- chore(deps): update nginx:stable-alpine-slim docker digest to a207f82 by @renovate in #1732
- fix(deps): update dependency packageurl-python to v0.15.5 by @renovate in #1735
- chore(deps): update node.js to v20.16.0 by @renovate in #1736
- chore(deps): update nginx:stable-alpine-slim docker digest to 154e108 by @renovate in #1733
- chore(deps): update dependency vite to v5.3.5 by @renovate in #1737
- chore(deps): update github/codeql-action action to v3.25.14 by @renovate in #1738
- fix(deps): update dependency packageurl-python to v0.15.6 by @renovate in #1739
- fix(deps): update material-ui monorepo to v5.16.5 by @renovate in #1740
- fix(deps): update react-admin monorepo to v5.1.0 by @renovate in #1741
- chore(deps): update github/codeql-action action to v3.25.15 by @renovate in #1742
- fix(deps): update dependency tss-react to v4.9.11 by @renovate in #1743
- chore(deps): update ossf/scorecard-action action to v2.4.0 by @renovate in #1744
- chore(deps): update dependency django-stubs to v5.0.3 by @renovate in #1745
- chore(deps): update dependency @types/node to v20.14.13 by @renovate in #1746
- chore(deps): update dependency django-stubs to v5.0.4 by @renovate in #1747
- chore(deps): update dependency pre-commit to v3.8.0 by @renovate in #1748
- chore(deps): update docker/setup-buildx-action action to v3.6.1 by @renovate in #1749
- chore(deps): update typescript-eslint monorepo to v7.18.0 by @renovate in #1750
- chore(deps): update traefik docker tag to v3.1.1 by @renovate in #1751
- fix(deps): update material-ui monorepo to v5.16.6 by @renovate in #1752
- chore(deps): update dependency mypy to v1.11.1 by @renovate in #1753
- fix(deps): update dependency tss-react to v4.9.12 by @renovate in #1755
- fix(deps): update dependency pyjwt to v2.9.0 by @renovate in #1756
- fix(deps): update react-router monorepo to v6.26.0 by @renovate in #1757
- fix(deps): update dependency axios to v1.7.3 by @renovate in https://github.com/MaibornWolff/SecObse...
Contributors
renovate and StefanFl
Assets 7
1.16.1
This minor release fixes some security issues in the Django framework, see Django 5.0.7 release notes
Fixes
- fix: product_group url when showing rule by @StefanFl in #1672
- fix: compilation error for onClose by @StefanFl in #1677
Chores
- chore: upgrade to react-admin 5 by @StefanFl in #1675
- chore: prepare for release 1.16.1 by @StefanFl in #1678
- chore: merge to main for release 1.16.1 by @StefanFl in #1679
Dependencies
- fix(deps): update dependency validators to v0.31.0 by @renovate in #1665
- chore(deps): update typescript-eslint monorepo to v7.16.0 by @renovate in #1667
- fix(deps): update dependency packageurl-python to v0.15.3 by @renovate in #1668
- chore(deps): update actions/setup-node action to v4.0.3 by @renovate in #1669
- fix(deps): update dependency django to v5.0.7 by @renovate in #1670
- chore(deps): update node.js to v20.15.1 by @renovate in #1671
- fix(deps): update dependency validators to v0.32.0 by @renovate in #1673
- chore(deps): update actions/setup-python action to v5.1.1 by @renovate in #1674
- fix(deps): update react-admin monorepo to v5.0.4 by @renovate in #1676
Full Changelog: v1.16.0...v1.16.1
Contributors
renovate and StefanFl
Assets 7
1.16.0
Features
- feat: automatically determine internal and external users by @StefanFl in #1657
- feat: risk acceptance expiry by @StefanFl in #1661
Fixes
Chores
- chore: don't upgrade to MySQL 9 by @StefanFl in #1653
- chore: prepare for release 1.16.0 by @StefanFl in #1663
- chore: merge to main for release 1.16.0 by @StefanFl in #1664
Dependencies
- chore(deps): update dependency @types/node to v20.14.8 by @renovate in #1617
- chore(deps): update dependency coverage to v7.5.4 by @renovate in #1618
- chore(deps): update typescript-eslint monorepo to v7.14.1 by @renovate in #1620
- fix(deps): update react-router monorepo to v6.24.0 by @renovate in #1621
- chore(deps): update dependency mypy to v1.10.1 by @renovate in #1622
- chore(deps): update dependency @playwright/test to v1.45.0 by @renovate in #1623
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.45.0 by @renovate in #1624
- chore(deps): update node.js to v20.15.0 by @renovate in #1625
- chore(deps): update dependency @types/node to v20.14.9 by @renovate in #1626
- chore(deps): update node.js to 1bdec9c by @renovate in #1627
- chore(deps): update dependency pylint to v3.2.4 by @renovate in #1628
- chore(deps): update docker/build-push-action action to v6.2.0 by @renovate in #1629
- chore(deps): update dependency vite to v5.3.2 by @renovate in #1632
- chore(deps): update github/codeql-action action to v3.25.11 by @renovate in #1634
- chore(deps): update dependency pylint to v3.2.5 by @renovate in #1633
- fix(deps): update dependency openpyxl to v3.1.5 by @renovate in #1635
- fix(deps): update material-ui monorepo to v5.15.21 by @renovate in #1636
- chore(deps): update traefik docker tag to v3.1 by @renovate in #1637
- fix(deps): update dependency psycopg to v3.2.1 by @renovate in #1639
- fix(deps): update dependency drf-spectacular-sidecar to v2024.7.1 by @renovate in #1640
- chore(deps): update dependency typescript to v5.5.3 by @renovate in #1641
- chore(deps): update typescript-eslint monorepo to v7.15.0 by @renovate in #1642
- fix(deps): update dependency validators to v0.29.0 by @renovate in #1643
- fix(deps): update dependency inflect to v7.3.1 by @renovate in #1644
- chore(deps): update dependency mkdocs-material to v9.5.28 by @renovate in #1645
- chore(deps): update dependency @playwright/test to v1.45.1 by @renovate in #1646
- chore(deps): update mysql docker tag to v8.4.1 by @renovate in #1638
- chore(deps): update mcr.microsoft.com/playwright docker tag to v1.45.1 by @renovate in #1647
- chore(deps): update dependency vite to v5.3.3 by @renovate in #1649
- chore(deps): update docker/build-push-action action to v6.3.0 by @renovate in #1650
- fix(deps): update react-router monorepo to v6.24.1 by @renovate in #1651
- chore(deps): update docker/setup-qemu-action action to v3.1.0 by @renovate in #1652
- fix(deps): update dependency validators to v0.30.0 by @renovate in #1654
- chore(deps): update docker/setup-buildx-action action to v3.4.0 by @renovate in #1656
- fix(deps): update dependency packageurl-python to v0.15.2 by @renovate in #1655
- fix(deps): update material-ui monorepo to v5.16.0 by @renovate in #1658
- chore(deps): update actions/upload-artifact action to v4.3.4 by @renovate in #1659
- chore(deps): update dependency @types/node to v20.14.10 by @renovate in #1660
- chore(deps): lock file maintenance by @renovate in #1619
- chore(deps): lock file maintenance by @renovate in #1662
Full Changelog: v1.15.0...v1.16.0
Contributors
renovate and StefanFl