Skip to content

3.1.0 🌈

Latest

Choose a tag to compare

@github-actions github-actions released this 06 Jul 22:11
5ddac02

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 3.0.0

🚩 Changes to settings.dist.py / local_settings.py

🚩 Database migration

  • feat: allow import/reimport to wait for deduplication to complete @valentijnscholten (#15007)
  • feat: allow disabling and dismissing the open source message banner @devGregA (#15089)
  • perf(finding): add sla_expiration_date index for global finding list @rossops (#15103)
  • perf(jira,product): fix finding-group push N+1 and add case-insensitive product-name index @Maffooch (#15122)
  • Renumber #15058 migration and move release notes to 3.1.x @Maffooch (#15108)
  • Modernize Tool Config credential encryption to AES-256-GCM @Maffooch (#15058)
  • Ree/perf indexes @rossops (#15095)
  • Add partial indexes for authorized finding-list queries @rossops (#15064)
  • perf(migrations): bulk backfill in 0268 release_authorization_to_pro @Maffooch (#15044)
  • fix(findings): normalize blank components to NULL (SC-13073) @Maffooch (#15038)

🚀 API features and enhancements

🐛 Bug Fixes

  • fix(filters): don't auto-open the filter panel when only sorting a column @skywalke34 (#15082)

🖌 Updates in UI

  • feat: allow import/reimport to wait for deduplication to complete @valentijnscholten (#15007)
  • Fix: right-aligned dropdown menus overflow off the right edge of the page @stevewallone (#15137)
  • feat(ui): animate collapse panels in the new UI @ksitton58 (#15116)
  • feat(ui): smooth and tidy the filter category accordion in the new UI @ksitton58 (#15106)
  • feat: allow disabling and dismissing the open source message banner @devGregA (#15089)
  • PDF Report: Show vulnerability IDs @samiat4911 (#15115)
  • fix(ui): stop client/server sort flash on asset & finding-group lists @skywalke34 (#15084)
  • fix(filters): don't auto-open the filter panel when only sorting a column @skywalke34 (#15082)
  • fix(metrics): prevent 500 on Critical Asset Metrics page when no critical products exist @valentijnscholten (#15057)
  • refactor(ui): use design tokens instead of hardcoded colors on new lo… @ksitton58 (#14998)
  • fix(ui): use brand color tokens instead of hardcoded hex in new UI @ksitton58 (#14999)
  • fix(ui): add missing "solid" keyword to disclaimer border in new UI @ksitton58 (#15001)
  • feat(ui): fold Finding Groups under Findings in the sidebar @ksitton58 (#15040)
  • perf(importers): batch BurpRawRequestResponse inserts + re-enable perf tests @valentijnscholten (#14969)
  • Added global required fields notice for WCAG H90 compliance @sym9 (#14962)

🧰 Maintenance

  • Update dependency kubernetes/kubernetes from v1.35.4 to v1.35.6 (.github/workflows/k8s-tests.yml) @renovate (#14892)
  • chore(deps): update stefanzweifel/git-auto-commit-action action from v7.1.0 to v7.2.0 (.github/workflows/release-3-master-into-dev.yml) @renovate (#15130)
  • Update actions/checkout action from v6.0.3 to v7 (.github/workflows/validate_docs_build.yml) @renovate (#15132)
  • chore(deps-dev): bump @tailwindcss/cli from 4.3.1 to 4.3.2 in /components @dependabot (#15131)
  • chore(deps): update docker/build-push-action action from v7.2.0 to v7.3.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#15138)
  • chore(deps-dev): bump tailwindcss from 4.3.1 to 4.3.2 in /components @dependabot (#15129)
  • chore(deps): bump ruff from 0.15.19 to 0.15.20 @dependabot (#15128)
  • chore(deps): bump humanize from 4.15.0 to 4.16.0 @dependabot (#15127)
  • chore(deps): bump django-permissions-policy from 4.31.0 to 4.32.0 @dependabot (#15126)
  • Update dependency kubernetes from 1.33.13 to v1.34.9 (.github/workflows/k8s-tests.yml) @renovate (#15121)
  • Update gcr.io/cloudsql-docker/gce-proxy Docker tag from 1.38.0 to v1.38.1 (helm/defectdojo/values.yaml) @renovate (#15119)
  • chore(deps): update actions/cache action from v6.0.0 to v6.1.0 (.github/workflows/validate_docs_build.yml) @renovate (#15120)
  • Update python:3.14.6-slim-trixie Docker digest from 3.14.6 to 3.14.6-slim-trixie (Dockerfile.integration-tests-debian) @renovate (#15118)
  • chore(deps): update dependency renovatebot/renovate from 43.240.0 to v43.248.0 (.github/workflows/renovate.yaml) @renovate (#15099)
  • chore(deps): bump python-gitlab from 8.3.0 to 8.4.0 @dependabot (#14956)
  • chore(deps): update release-drafter/release-drafter action from v7.3.1 to v7.5.1 (.github/workflows/release-drafter.yml) @renovate (#15083)
  • chore(deps): update actions/cache action from v5.0.5 to v6 (.github/workflows/validate_docs_build.yml) @renovate (#15085)
  • chore(deps): update openapitools/openapi-generator-cli docker tag from v7.22.0 to v7.23.0 (dockerfile.integration-tests-debian) @renovate (#15079)
  • chore(deps): update mccutchen/go-httpbin docker tag from 2.18.3 to v2.23.1 (docker-compose.override.integration_tests.yml) @renovate (#15078)
  • chore(deps): update dependency node from 24.16.0 to v24.18.0 (.github/workflows/validate_docs_build.yml) @renovate (#15077)
  • chore(deps): update actions/setup-python action from v6.2.0 to v6.3.0 (.github/workflows/test-helm-chart.yml) @renovate (#15076)
  • chore(deps): bump pdfmake from 0.3.10 to 0.3.11 in /components @dependabot (#15075)
  • chore(deps): bump redis from 8.0.0 to 8.0.1 @dependabot (#15074)
  • chore(deps): bump django-environ from 0.13.0 to 0.14.0 @dependabot (#15073)
  • chore(deps): bump ruff from 0.15.16 to 0.15.19 @dependabot (#15072)
  • chore(deps-dev): bump django-debug-toolbar from 6.3.0 to 7.0.0 @dependabot (#15071)
  • chore(deps): update softprops/action-gh-release action from v3.0.0 to v3.0.1 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#15070)
  • chore(deps): update python docker tag from 3.14.5 to v3.14.6 (dockerfile.integration-tests-debian) @renovate (#15069)
  • chore(deps): update dependency kubernetes from 1.33.12 to v1.33.13 (.github/workflows/k8s-tests.yml) @renovate (#15068)
  • chore(deps): update azure/setup-helm action from v5.0.0 to v5.0.1 (.github/workflows/test-helm-chart.yml) @renovate (#15067)
  • chore(deps): update valkey docker tag from 0.20.2 to v0.22.1 (helm/defectdojo/chart.yaml) @renovate (#14917)
  • chore(deps): update valkey/valkey docker tag from 9.0.4 to v9.1.0 (docker-compose.yml) @renovate (#14896)
  • chore(deps): update dependency renovatebot/renovate from 43.141.6 to v43.240.0 (.github/workflows/renovate.yaml) @renovate (#15048)
  • chore(deps): bump django-permissions-policy from 4.30.0 to 4.31.0 @dependabot (#15027)
  • chore(deps): bump json-log-formatter from 1.1.1 to 1.2.1 @dependabot (#14994)
  • chore(deps): update docker/setup-buildx-action action from v4.0.0 to v4.1.0 (.github/workflows/release-x-manual-tag-as-latest.yml) @renovate (#14991)
  • chore(deps-dev): bump vcrpy from 8.1.1 to 8.2.1 @dependabot (#15047)
  • chore(deps): bump vulners from 3.1.10 to 3.1.11 @dependabot (#15030)
  • chore(deps-dev): bump @tailwindcss/cli from 4.3.0 to 4.3.1 in /components @dependabot (#15031)
  • chore(deps): update losisin/helm-values-schema-json-action digest from v3.0.1 to v3 (.github/workflows/test-helm-chart.yml) @renovate (#15021)
  • chore(deps): bump sqlalchemy from 2.0.50 to 2.0.51 @dependabot (#15025)
  • chore(deps-dev): bump vcrpy from 8.1.1 to 8.2.1 @dependabot (#15028)
  • chore(deps): bump pdfmake from 0.3.8 to 0.3.10 in /components @dependabot (#14996)
  • chore(deps): bump ruff from 0.15.15 to 0.15.16 @dependabot (#14995)
  • chore(deps): update mccutchen/go-httpbin docker tag from 2.22.1 to v2.23.1 (docker-compose.override.dev.yml) @renovate (#14997)
  • chore(deps): update eps1lon/actions-label-merge-conflict action from v3.0.3 to v3.1.0 (.github/workflows/detect-merge-conflicts.yaml) @renovate (#14992)
  • chore(deps): update docker/login-action action from v4.1.0 to v4.2.0 (.github/workflows/release-x-manual-tag-as-latest.yml) @renovate (#14990)
  • Update postgres:18.4-alpine Docker digest from 18.4 to 18.4-alpine (docker-compose.yml) @renovate (#15022)
  • chore(deps): bump esbuild and vite in /docs @dependabot (#15004)