v1.18.0rc1

https://docs.openkat.nl/release-notes/1.18.html

What's Changed

• Feature: improve settings and environment logic and phase out redundant environment keys by @Donnype in #3384
• feat: adds notification styling and icons by @HeleenSG in #3461
• Hotfix for normalizer API bug by @Donnype in #3475
• fix: toggle styling by @HeleenSG in #3449
• Bump cryptography from 42.0.8 to 43.0.1 in /bytes by @dependabot in #3473
• Dont yield all snyk findings when no version was found by @noamblitz in #3431
• Make the "name" field for plugins mandatory by @Donnype in #3471
• Handle empty normalizer results by @Donnype in #3482
• Fix enabling normalizers from Rocky by @Donnype in #3481
• Feature/upload multiple files at once to bytes by @Donnype in #3476
• Add report scheduler functionality to scheduler by @jpbruinsslot in #3352
• Fix report types selection not being overriden by @Rieven in #3436
• Add json download to report export by @Rieven in #3460
• Add new Boefje by @madelondohmen in #3400
• feat: multi select dropdown by @HeleenSG in #3446
• Fix hanging upload of large files by @noamblitz in #3489
• Add timezone to valid time by @noamblitz in #3429
• Check if the task is still running according to the scheduler before changing the status by @Donnype in #3506
• Exclude OOIs creation from the OOI add form by OOI-types by @Rieven in #3490
• Use the right variable name in the template's if-statement by @Donnype in #3519
• Add regex pattern check to PORTS setting of nmap-ports by @Donnype in #3516
• Update xtdb-http-multinode to the latest version by @dekkers in #3523
• Updated findings in the findings database by @stephanie0x00 in #3427
• remove unneeded column from filtered plugin table view by @underdarknl in #3515
• Also delete self-affirming or self-infered objects by @originalsouth in #3498
• Support valid_time and the like for queries in xtdb tools by @originalsouth in #3430
• Chore: use only Pytest in the boefjes by @Donnype in #3536
• Invert findings, add source URLs. by @stephanie0x00 in #3538
• Fix JSON line logging by @ammar92 in #3511
• Fix xtdb-cli by @originalsouth in #3543
• Create boefje variant by @madelondohmen in #3456
• make session commit less chatty by @underdarknl in #3544
• Fix duplicate OOI references in result in origin by @originalsouth in #3531
• a bit more detailed erroring in the scheduler client. by @underdarknl in #3546
• Update docs for creating a new Boefje by @madelondohmen in #3540
• Show proper error message instead of stacktrace if boefje API is unreachable by @dekkers in #3550
• Fix headings by @madelondohmen in #3528
• Feat/bit domain ownership pending by @underdarknl in #3290
• Improve boefje runner error messages on container failure by @dekkers in #3548
• Fix/pin pydicom dependency and revert irrelevant version bumps by @Donnype in #3553
• Translations update from Hosted Weblate by @weblate in #3567
• Clean more stale origins by @originalsouth in #3561
• Update Packages by @ammar92 in #3563
• Fix Pydantic warnings by @ammar92 in #3557
• Prevent race conditions between Octopoes' event manager and the scheduler from recreating already deleted OOIs through affirmations by @originalsouth in #3564
• burpsuite fix by @underdarknl in #3381
• Fix boefje schema on Boefje Setup page by @madelondohmen in #3574
• Set default findingtype risk in model instead of in bit by @noamblitz in #3562
• Add permission that grants access to all organizations by @dekkers in #3532
• Add unique constraint to database plugin names by @Donnype in #3556
• Feature/add boefje scheduling fields by @Donnype in #3555
• Refactor and fix faulty save_origin exception code by @originalsouth in #3577
• Dont show manual tasks in normalizer list by @noamblitz in #3580
• Add descriptions to katalogus by @stephanie0x00 in #3545
• Update a Boefje by @madelondohmen in #3521
• Explicitely use the fork context for multiprocessing to fix running boefjes on macOS by @Donnype in #3576
• fix: button style by @HeleenSG in #3565
• Use stdlib instead of dateutil to parse ISO datetime by @dekkers in #3590
• Do not store the hypothetically produced mime-types always by @Donnype in #3583
• Remove old Findings Report by @madelondohmen in #3560
• Add 'set start date' functionality to scheduler by @jpbruinsslot in #3589
• Make API usable by non-admin users and check specific permissions by @dekkers in #3571
• fix: button styling by @HeleenSG in #3591
• Add interval to Boefje by @madelondohmen in #3579
• Add boefje interval and cron check for deadline in scheduler by @jpbruinsslot in #3529
• Always redirect to katalogus when enabling plugins by @noamblitz in #3584
• Fixes notification alignment by @HeleenSG in #3522
• REST API to recalculate bits and clone katalogus settings by @dekkers in #3572
• fix: form styling by @HeleenSG in #3588
• Remove an erroneously generated request body from an object history GET call in Octopoes' router by @originalsouth in #3605
• RFD 0002: Code of Conduct: Code Reviews by @jpbruinsslot in #3425
• Fix grace period is being used instead of interval for boefjes that have interval specified in scheduler by @jpbruinsslot in #3602
• Use identifiers on modal triggers and modal component instead of integral trigger by @TwistMeister in #3541
• Refactoring for Report Recipe, Report Task Runner and Scheduling by @Rieven in #3597
• Handle existing Boefje name by @madelondohmen in #3573
• Update boefje interval texts to make functionality more clear by @stephanie0x00 in #3609
• Translations update from Hosted Weblate by @weblate in #3610
• Update development tutorial documentation by @allan-firelay in #3611
• Feature/sort ooi type clearance level by @HeleenSG in #3300
• Feature/report runner integration by @Donnype in #3607
• Report Schedules List by @Rieven in #3608
• Add s3 functionality in Bytes by @Souf149 in https://github.com/minvws/nl-kat-coordination/pu...

v1.17.0

https://docs.openkat.nl/release-notes/1.17.html

What's Changed

• Bump docker/build-push-action from 5 to 6 by @dependabot in #3164
• Fix/sonarcloud https redirect dockerfiles by @underdarknl in #3185
• Remove non standard header findings and add deprecated headers findings by @noamblitz in #3127
• Update 1.16 release notes by @dekkers in #3195
• Better default list of world writable domains in CSP checker by @underdarknl in #3165
• Update Dockerfile, fix Sonarcloud issue by @underdarknl in #3180
• Update to Django 5.0 by @dekkers in #2939
• Add pluginToggler.js to Aggregate Report by @madelondohmen in #3202
• Updated certifi by @ammar92 in #3209
• Feature/boefje normalizer config models by @Donnype in #3118
• Updated zipp by @ammar92 in #3215
• Updated Django by @ammar92 in #3217
• Use more concise regexes by @underdarknl in #3181
• Recalculate bit when a config object changes by @originalsouth in #3206
• cve-2024-6387 from RickGeex by @noamblitz in #3194
• Add observation data to observation table in OOI detail page by @underdarknl in #3186
• Gather BIT metrics [implementation] by @originalsouth in #3122
• Implement structlog by @ammar92 in #3175
• Fix filtering on plugin_id for normalizers by @jpbruinsslot in #3226
• Refactor Task List and filters with error handlers for Scheduler by @Rieven in #1957
• RPKI Improvements by @noamblitz in #2759
• Hotfix: boefje config migration should check the SQLAlchemy session by @Donnype in #3227
• Remove action buttons on example boefjes at onboarding by @Rieven in #3236
• Implement logging format configuration by @ammar92 in #3216
• Feature/create dialog modal component by @TwistMeister in #3022
• Upgrade packages by @ammar92 in #3259
• Update mixins.py, unroll loops, dont re-init bytes/katalogus client by @underdarknl in #3229
• Fix: add related objects crash by @Rieven in #3268
• RFC3161HashRepository accepts rfc3161_provider only as a string and Pydantic URLs are not strings anymore by @Donnype in #3281
• Add XTDB list and rename method in origin tool by @originalsouth in #3234
• Fix rocky logging by @dekkers in #3288
• Bump sphinx from 7.4.6 to 7.4.7 by @dependabot in #3265
• feat: Updated color scheme by @HeleenSG in #3241
• Fix broken token auth when 2FA is enabled by @dekkers in #3260
• Raise Timeout Exception when only timeouts from DNS server by @underdarknl in #3264
• Refactor/ooi details by @underdarknl in #3275
• Workaround setuptools 72 removing test command by @dekkers in #3304
• Feat/human readable dates by @underdarknl in #3231
• Record the user who last changed the Scan Profile by @originalsouth in #3296
• Catch valid DNSSEC signed SERVFAIL answers by @underdarknl in #3271
• Give report a name by @madelondohmen in #3258
• Fix CSRF error in API with token auth by @dekkers in #3313
• Restructure scheduler storage module by @jpbruinsslot in #3294
• Translations update from Hosted Weblate by @weblate in #3179
• Add user id to OOI by @originalsouth in #3305
• fix: Button height by @HeleenSG in #3316
• Add audit logging to CRUD actions using Django signals by @dekkers in #3314
• Fix new boefjes issue for scheduler by @jpbruinsslot in #3297
• Restructure scheduler server module by @jpbruinsslot in #3295
• Change report flow to POST requests by @Rieven in #3174
• Restructure scheduler development scripts by @jpbruinsslot in #3293
• Updated Django and opentelemetry packages by @ammar92 in #3324
• Fix Garbage collection and disappearing ports issue by @Donnype in #3214
• Raw upload with Scan OOIS by @noamblitz in #3169
• Basic audit trails via logging by @ammar92 in #3317
• Limit the number of Celery workers that Octopoes can start #3232 by @ammar92 in #3337
• Allow MuteFindings to expire by a user specified datetime by @originalsouth in #3343
• Add geo OOI type and Maxmind geoip boefje by @noamblitz in #3238
• Flexible scheduling by @jpbruinsslot in #2786
• Fix async code calling blocking sync code by @dekkers in #3342
• Fix rocky/tests/objects/test_objects_add.py by @originalsouth in #3360
• Feature/3310 update description for external database boefje by @originalsouth in #3359
• Add mention of other http client to docs by @stephanie0x00 in #3365
• Set timezone to UTC in SQLAlchemy when connecting to PostgreSQL by @dekkers in #3363
• Remove workaround for setuptools bug by @dekkers in #3371
• feat: Dropdownlist options by @HeleenSG in #3340
• Package Updates by @ammar92 in #3374
• Small flexible scheduling fixups by @dekkers in #3354
• Fix generate findings report from ooi detail by @Rieven in #3369
• feat: 🔨 Add indemnification level from external DB by @zcrt in #3311
• Add more handling of external services responses in scheduler by @jpbruinsslot in #3372
• Fix no certificate bug by @noamblitz in #3382
• Support setting a custom JSON schema for copied boefjes by @Donnype in #3344
• Implement boefje details modal in report config flow by @TwistMeister in #3348
• Add create schedule functionality to scheduler api by @jpbruinsslot in #3353
• Search and sorting OOIs by @noamblitz in #3262
• Generic Finding normalizer by @noamblitz in #3383
• feat: 📈 default katalogus view to boefje by @zcrt in #3394
• 📌 add subfinder settings by @zcrt in #3385
• Implement subreport rename form in table and remove it from dialog by @TwistMeister in #3338
• Styling fixes within filters, hierarchy fix on organisation members b… by @HeleenSG in #3322
• Use better paginator for finding list by @noamblitz in #3407
• Generic tasks view refactor by @zcrt in #3389
• feat: 📝 improve pagination by @zcrt in #3393
• Bump myst-parser from 3.0.1 to 4.0.0 by @dependabot in #3346
  ...

v1.17.0rc1

https://docs.openkat.nl/release_notes/1.17.html

What's Changed

• Bump docker/build-push-action from 5 to 6 by @dependabot in #3164
• Fix/sonarcloud https redirect dockerfiles by @underdarknl in #3185
• Remove non standard header findings and add deprecated headers findings by @noamblitz in #3127
• Update 1.16 release notes by @dekkers in #3195
• Better default list of world writable domains in CSP checker by @underdarknl in #3165
• Update Dockerfile, fix Sonarcloud issue by @underdarknl in #3180
• Update to Django 5.0 by @dekkers in #2939
• Add pluginToggler.js to Aggregate Report by @madelondohmen in #3202
• Updated certifi by @ammar92 in #3209
• Feature/boefje normalizer config models by @Donnype in #3118
• Updated zipp by @ammar92 in #3215
• Updated Django by @ammar92 in #3217
• Use more concise regexes by @underdarknl in #3181
• Recalculate bit when a config object changes by @originalsouth in #3206
• cve-2024-6387 from RickGeex by @noamblitz in #3194
• Add observation data to observation table in OOI detail page by @underdarknl in #3186
• Gather BIT metrics [implementation] by @originalsouth in #3122
• Implement structlog by @ammar92 in #3175
• Fix filtering on plugin_id for normalizers by @jpbruinsslot in #3226
• Refactor Task List and filters with error handlers for Scheduler by @Rieven in #1957
• RPKI Improvements by @noamblitz in #2759
• Hotfix: boefje config migration should check the SQLAlchemy session by @Donnype in #3227
• Remove action buttons on example boefjes at onboarding by @Rieven in #3236
• Implement logging format configuration by @ammar92 in #3216
• Feature/create dialog modal component by @TwistMeister in #3022
• Upgrade packages by @ammar92 in #3259
• Update mixins.py, unroll loops, dont re-init bytes/katalogus client by @underdarknl in #3229
• Fix: add related objects crash by @Rieven in #3268
• RFC3161HashRepository accepts rfc3161_provider only as a string and Pydantic URLs are not strings anymore by @Donnype in #3281
• Add XTDB list and rename method in origin tool by @originalsouth in #3234
• Fix rocky logging by @dekkers in #3288
• Bump sphinx from 7.4.6 to 7.4.7 by @dependabot in #3265
• feat: Updated color scheme by @HeleenSG in #3241
• Fix broken token auth when 2FA is enabled by @dekkers in #3260
• Raise Timeout Exception when only timeouts from DNS server by @underdarknl in #3264
• Refactor/ooi details by @underdarknl in #3275
• Workaround setuptools 72 removing test command by @dekkers in #3304
• Feat/human readable dates by @underdarknl in #3231
• Record the user who last changed the Scan Profile by @originalsouth in #3296
• Catch valid DNSSEC signed SERVFAIL answers by @underdarknl in #3271
• Give report a name by @madelondohmen in #3258
• Fix CSRF error in API with token auth by @dekkers in #3313
• Restructure scheduler storage module by @jpbruinsslot in #3294
• Translations update from Hosted Weblate by @weblate in #3179
• Add user id to OOI by @originalsouth in #3305
• fix: Button height by @HeleenSG in #3316
• Add audit logging to CRUD actions using Django signals by @dekkers in #3314
• Fix new boefjes issue for scheduler by @jpbruinsslot in #3297
• Restructure scheduler server module by @jpbruinsslot in #3295
• Change report flow to POST requests by @Rieven in #3174
• Restructure scheduler development scripts by @jpbruinsslot in #3293
• Updated Django and opentelemetry packages by @ammar92 in #3324
• Fix Garbage collection and disappearing ports issue by @Donnype in #3214
• Raw upload with Scan OOIS by @noamblitz in #3169
• Basic audit trails via logging by @ammar92 in #3317
• Limit the number of Celery workers that Octopoes can start #3232 by @ammar92 in #3337
• Allow MuteFindings to expire by a user specified datetime by @originalsouth in #3343
• Add geo OOI type and Maxmind geoip boefje by @noamblitz in #3238
• Flexible scheduling by @jpbruinsslot in #2786
• Fix async code calling blocking sync code by @dekkers in #3342
• Fix rocky/tests/objects/test_objects_add.py by @originalsouth in #3360
• Feature/3310 update description for external database boefje by @originalsouth in #3359
• Add mention of other http client to docs by @stephanie0x00 in #3365
• Set timezone to UTC in SQLAlchemy when connecting to PostgreSQL by @dekkers in #3363
• Remove workaround for setuptools bug by @dekkers in #3371
• feat: Dropdownlist options by @HeleenSG in #3340
• Package Updates by @ammar92 in #3374
• Small flexible scheduling fixups by @dekkers in #3354
• Fix generate findings report from ooi detail by @Rieven in #3369
• feat: 🔨 Add indemnification level from external DB by @zcrt in #3311
• Add more handling of external services responses in scheduler by @jpbruinsslot in #3372
• Fix no certificate bug by @noamblitz in #3382
• Support setting a custom JSON schema for copied boefjes by @Donnype in #3344
• Implement boefje details modal in report config flow by @TwistMeister in #3348
• Add create schedule functionality to scheduler api by @jpbruinsslot in #3353
• Search and sorting OOIs by @noamblitz in #3262
• Generic Finding normalizer by @noamblitz in #3383
• feat: 📈 default katalogus view to boefje by @zcrt in #3394
• 📌 add subfinder settings by @zcrt in #3385
• Implement subreport rename form in table and remove it from dialog by @TwistMeister in #3338
• Styling fixes within filters, hierarchy fix on organisation members b… by @HeleenSG in #3322
• Use better paginator for finding list by @noamblitz in #3407
• Generic tasks view refactor by @zcrt in #3389
• feat: 📝 improve pagination by @zcrt in #3393
• Bump myst-parser from 3.0.1 to 4.0.0 by @dependabot in #3346
  ...

v1.16.0

https://docs.openkat.nl/release-notes/1.16.html

What's Changed

• Upgrade GitHub actions by @ammar92 in #2235
• Add note about Debian packages to 1.14 release notes by @dekkers in #2234
• Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
• Updated deploy-pages action by @ammar92 in #2251
• Fix environment page in docs by @ammar92 in #2257
• Fix export buttons report by @Rieven in #2259
• Translations update from Hosted Weblate by @weblate in #2261
• Fixed invalid type usage in get_rabbit_channel and close_rabbit_channel by @ammar92 in #2280
• Translations update from Hosted Weblate by @weblate in #2279
• List item behaviour by @HeleenSG in #2281
• fix zero division by @noamblitz in #2298
• Updated template file to respect environment prefixes in docs by @ammar92 in #2317
• Remove preselection from multireport flow by @noamblitz in #2318
• Fix/upgrade jinja2 by @ammar92 in #2326
• Fix multiple Debian issues by @dekkers in #2283
• Add max fds ulimit to octopoes api worker by @originalsouth in #2327
• add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
• Remove smartphone from bug report template by @dekkers in #2334
• More ulimits for buggy celery by @originalsouth in #2338
• Remove icons from compliance issue table by @madelondohmen in #2340
• Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
• Chore/update pr template with comments by @Donnype in #2305
• Translations update from Hosted Weblate by @weblate in #2311
• Remove IPs with zero vulnerabilities by @madelondohmen in #2319
• Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
• Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
• Add hrefs to Basic Security overview by @madelondohmen in #2330
• Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
• Check for sudo in install and update script by @dekkers in #2360
• Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
• Add token authentication by @dekkers in #2349
• Update dependencies by @ammar92 in #2348
• Error handling for Generate Report by @madelondohmen in #2274
• Remove debian11 packages by @dekkers in #2358
• Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
• Prevent double github actions by @dekkers in #2374
• Remove uWSGI by @dekkers in #2366
• Convert docker-compose to docker compose by @originalsouth in #2341
• Rename invalid rpki finding to expired by @noamblitz in #2377
• Show created at and data from in reports by @noamblitz in #2370
• Update RabbitMQ to the latest version by @dekkers in #2392
• Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
• Update dependencies by @ammar92 in #2396
• Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
• Feat/more csp checks by @underdarknl in #2025
• Remove everything related to old crux by @dekkers in #2403
• Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
• Bump actions/cache from 3 to 4 by @dependabot in #2417
• Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
• Fix usage of SPAN_EXPORT_GRPC_ENDPOINT variable by @ammar92 in #2420
• Fix mail report json by @noamblitz in #2426
• Fix open ports report by @noamblitz in #2430
• minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
• use oois instead of references by @noamblitz in #2433
• Update fastapi by @ammar92 in #2444
• fix wordpress check by @noamblitz in #2445
• Allow creation of declared scan profiles through normalizers by @Donnype in #2428
• Update DNS report by @madelondohmen in #2413
• upgrade forcediphttpsadapter by @noamblitz in #2453
• Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
• Hotfix for default arg by @Donnype in #2458
• Feature/report benchmarks by @Donnype in #2447
• Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
• Add mypy and application bootstrap test to boefjes by @Donnype in #2460
• Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
• Add timeouts to CVE API downloader by @dekkers in #2455
• Select all OOIS for Aggregate Reports by @Rieven in #2222
• Update Starlette, FastAPI and Django by @dekkers in #2480
• Do not log an error on token refresh in bytes client by @dekkers in #2469
• Enable ruff bandit checks by @dekkers in #2465
• Fix kat_dns settings by @originalsouth in #2459
• Ignore certificate errors in security txt boefje by @dekkers in #2487
• Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
• minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
• Remove support for Python 3.8 and 3.9 by @dekkers in #2470
• Update scheduler architecture documentation by @jpbruinsslot in #2387
• Revert fastapi and starlette downgrade by @dekkers in #2489
• Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
• Make rtest fail less than 1 in 20 by @originalsouth in #2441
• Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
• Health page accessable during onboarding by @Rieven in #2499
• Fix/systems report domain count by @noamblitz in #2490
• Skip or hide section on Plugin Page by @madelondohmen in #2461
• remove duplicate oois from report by @noamblitz in #2504
• Rename list method to prevent conflict with builtin by @dekkers in #2498
• Fix bug get_selection that is now an imported met...

v1.16.0rc2

https://docs.openkat.nl/release_notes/1.16.html

What's Changed

• Add pluginToggler.js to Aggregate Report (1.16) by @dekkers in #3203
• Updated certifi (1.16) #3209 by @ammar92 in #3212
• Updated Django (1.16) by @ammar92 in #3218
• Backport: update nmap udp image as well by @Donnype in #3233
• cve-2024-6387 from RickGeex (#3194) by @noamblitz in #3237

Full Changelog: v1.16.0rc1...v1.16.0rc2

v1.16.0rc1

https://docs.openkat.nl/release_notes/1.16.html

What's Changed

• Bump weasyprint from 61.0 to 61.2 in /rocky by @dependabot in #2625
• Fix setting clearence level on plugin detail page by @noamblitz in #2623
• Refactor onboarding wizard to use Generate Report flow to create a DNS report by @Rieven in #2561
• Update tabler icons to v3.01 by @Rieven in #2640
• New Rocky Paginator by @Rieven in #2627
• Makefile .env-default typo by @noamblitz in #2647
• Replace requests with httpx by @ammar92 in #2576
• Fix missing apt update in keiko github action by @dekkers in #2668
• Textual changes by @HeleenSG in #2676
• Remove unnecessary loop in FilterRequest in scheduler by @jpbruinsslot in #2684
• fix: openssl boefje stuck on port 80 by @tobiasBDO in #2600
• Remove superfluous curly bracket open from graph view template by @originalsouth in #2700
• Improvements of Aggregate Report by @madelondohmen in #2643
• refactor the leakix normalizer to be less one giant method. by @underdarknl in #2363
• Add fix-byte-order-marker and pretty-format-json to pre-commit by @dekkers in #2634
• Fix pdf alignment by @HeleenSG in #2674
• Fix critical vulnerability counter by @madelondohmen in #2712
• Improve generate report by @madelondohmen in #2633
• Fix #1739 by @originalsouth in #2705
• Upgrade pre-commit hooks by @ammar92 in #2729
• Remove Docker Compose: "version" by @originalsouth in #2718
• Undo project-directory in Rocky by @originalsouth in #2734
• Feat stepper design v2 by @HeleenSG in #2704
• Plugins overview in appendix not showing any plugins by @Rieven in #2694
• Fix in System Specific by @madelondohmen in #2732
• Query non-reference fields and subclass-specific fields through path queries by @Donnype in #2662
• Feature/boefjes to oci images by @Donnype in #2709
• Dont report vulnerabilites without version info of the software for snyk by @noamblitz in #2730
• Add xtdb-cli tool to Octopoes by @originalsouth in #2733
• Bump actions/configure-pages from 4 to 5 by @dependabot in #2745
• Remove octopoes coverage workflow by @dekkers in #2755
• Updated phonenumbers and django-phonenumber-field by @ammar92 in #2757
• fix schema errors on empty / missing schemas by @underdarknl in #2744
• OOI selection at Aggregate report does not remember changed selection by @Rieven in #2619
• Fix static files for container images/Debian packages when DEBUG is on by @dekkers in #2742
• Upgrade pillow by @ammar92 in #2783
• Replace black with ruffs formatter by @ammar92 in #2762
• Feature/disallowed domains in csp by @noamblitz in #2624
• Add 127.0.0.1 to allowed hosts in Debian package by @dekkers in #2758
• Replace Wappalyzer by @ammar92 in #2727
• Add why container stdout/stderr can't be used for boefjes output by @dekkers in #2673
• Fix/2721 improve error handling by better exception aggregation v2 by @originalsouth in #2795
• Set katalogus limit to 200 by @dekkers in #2798
• Use public cryptography API in SSL certificate normalizer by @dekkers in #2796
• More improvements for reports by @madelondohmen in #2722
• Prevent confusing errors from leaking into the general logs by @originalsouth in #2815
• Fix wrong type in save_raw and list_origin_parameters httpx params by @dekkers in #2819
• Update performance of Findings Report by @madelondohmen in #2799
• Change titles to meet configuration page design by @madelondohmen in #2818
• Updated idna package by @ammar92 in #2845
• Fix missing cipher csv in Debian package by @dekkers in #2850
• Add 1.15 release name by @dekkers in #2854
• Bump sqlparse from 0.4.4 to 0.5.0 in /rocky by @dependabot in #2856
• Update dnspython by @ammar92 in #2861
• Bump aiohttp from 3.9.3 to 3.9.4 in /boefjes by @dependabot in #2867
• Add new boefjes and normalizers cover images to KAT-alogus by @Rieven in #2859
• Update and fix nuclei by @noamblitz in #2865
• Add some additional exception handling to the scheduler by @jpbruinsslot in #2814
• Use qualified image URLs in docker-compose by @dekkers in #2869
• Introduce importing/exporting capabilities in Octopoes/xtdb-multinode-tool (addressing #2761) by @originalsouth in #2855
• Don't show records of the nameservers of chosen hostnames in DNS report by @noamblitz in #2809
• Styling Report Types names by @Rieven in #2791
• Backup scripts from TobiasBDO by @ring-ring-ring in #1794
• Plugin overview table by @madelondohmen in #2804
• Add some additional exception handling to the scheduler by @jpbruinsslot in #2878
• Fixed image reference in pdio_subfinder plugin by @ammar92 in #2860
• Implement Octopoes Models documentation by @ammar92 in #2858
• Updated some packages by @ammar92 in #2891
• Add stepper to report configuration by @madelondohmen in #2868
• Translations update from Hosted Weblate by @weblate in #2792
• Build nmap OCI image that handles both nmap-tcp and nmap-udp using a new oci_arguments field by @Donnype in #2832
• Fix and improve running boefjes/normalizer by hand by @dekkers in #2802
• Docs update on OCI image building from current Python/Docker boefjes by @Donnype in #2827
• Specify bit in the answer raw file instead of as mimetype by @dekkers in #2900
• Add a warning to the CSP validator for 'self' on script-src directives. by @underdarknl in #2672
• Replace old plugin in Vulnerability Report by @madelondohmen in #2910
• Update jinja2 and tqdm by @ammar92 in #2919
• Add wappalyzer software to weburl instead of hostname by @noamblitz in #2912
• Set no limit by default in the KATalogus plugin API by @Donnype in #2921
• Replace python-jose with pyjwt by @Donnype in #2925
• Fixes in OOI Add/ Edit form by @ammar92 in #2906
• Update required and suggested plugin section in report configuration by @madelondohmen in #2897
• Remove many new ports open boefje/normalizer by @dekkers in https://github.com/minvws/nl-kat-coord...

v1.15.1

What's Changed

• Add wappalyzer software to weburl instead of hostname (1.15) by @dekkers in #2938
• Replace old plugin in Vulnerability Report (1.15) by @dekkers in #2937
• Add workaround for Granian HTTP/2 bug (1.15) by @dekkers in #2936
• Dependency security updates (1.15) by @dekkers in #2995

Full Changelog: v1.15.0...v1.15.1

v1.15.0

https://docs.openkat.nl/release-notes/1.15.html

What's Changed

• Upgrade GitHub actions by @ammar92 in #2235
• Add note about Debian packages to 1.14 release notes by @dekkers in #2234
• Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
• Updated deploy-pages action by @ammar92 in #2251
• Fix environment page in docs by @ammar92 in #2257
• Fix export buttons report by @Rieven in #2259
• Translations update from Hosted Weblate by @weblate in #2261
• Fixed invalid type usage in get_rabbit_channel and close_rabbit_channel by @ammar92 in #2280
• Translations update from Hosted Weblate by @weblate in #2279
• List item behaviour by @HeleenSG in #2281
• fix zero division by @noamblitz in #2298
• Updated template file to respect environment prefixes in docs by @ammar92 in #2317
• Remove preselection from multireport flow by @noamblitz in #2318
• Fix/upgrade jinja2 by @ammar92 in #2326
• Fix multiple Debian issues by @dekkers in #2283
• Add max fds ulimit to octopoes api worker by @originalsouth in #2327
• add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
• Remove smartphone from bug report template by @dekkers in #2334
• More ulimits for buggy celery by @originalsouth in #2338
• Remove icons from compliance issue table by @madelondohmen in #2340
• Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
• Chore/update pr template with comments by @Donnype in #2305
• Translations update from Hosted Weblate by @weblate in #2311
• Remove IPs with zero vulnerabilities by @madelondohmen in #2319
• Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
• Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
• Add hrefs to Basic Security overview by @madelondohmen in #2330
• Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
• Check for sudo in install and update script by @dekkers in #2360
• Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
• Add token authentication by @dekkers in #2349
• Update dependencies by @ammar92 in #2348
• Error handling for Generate Report by @madelondohmen in #2274
• Remove debian11 packages by @dekkers in #2358
• Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
• Prevent double github actions by @dekkers in #2374
• Remove uWSGI by @dekkers in #2366
• Convert docker-compose to docker compose by @originalsouth in #2341
• Rename invalid rpki finding to expired by @noamblitz in #2377
• Show created at and data from in reports by @noamblitz in #2370
• Update RabbitMQ to the latest version by @dekkers in #2392
• Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
• Update dependencies by @ammar92 in #2396
• Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
• Feat/more csp checks by @underdarknl in #2025
• Remove everything related to old crux by @dekkers in #2403
• Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
• Bump actions/cache from 3 to 4 by @dependabot in #2417
• Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
• Fix usage of SPAN_EXPORT_GRPC_ENDPOINT variable by @ammar92 in #2420
• Fix mail report json by @noamblitz in #2426
• Fix open ports report by @noamblitz in #2430
• minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
• use oois instead of references by @noamblitz in #2433
• Update fastapi by @ammar92 in #2444
• fix wordpress check by @noamblitz in #2445
• Allow creation of declared scan profiles through normalizers by @Donnype in #2428
• Update DNS report by @madelondohmen in #2413
• upgrade forcediphttpsadapter by @noamblitz in #2453
• Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
• Hotfix for default arg by @Donnype in #2458
• Feature/report benchmarks by @Donnype in #2447
• Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
• Add mypy and application bootstrap test to boefjes by @Donnype in #2460
• Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
• Add timeouts to CVE API downloader by @dekkers in #2455
• Select all OOIS for Aggregate Reports by @Rieven in #2222
• Update Starlette, FastAPI and Django by @dekkers in #2480
• Do not log an error on token refresh in bytes client by @dekkers in #2469
• Enable ruff bandit checks by @dekkers in #2465
• Fix kat_dns settings by @originalsouth in #2459
• Ignore certificate errors in security txt boefje by @dekkers in #2487
• Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
• minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
• Remove support for Python 3.8 and 3.9 by @dekkers in #2470
• Update scheduler architecture documentation by @jpbruinsslot in #2387
• Revert fastapi and starlette downgrade by @dekkers in #2489
• Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
• Make rtest fail less than 1 in 20 by @originalsouth in #2441
• Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
• Health page accessable during onboarding by @Rieven in #2499
• Fix/systems report domain count by @noamblitz in #2490
• Skip or hide section on Plugin Page by @madelondohmen in #2461
• remove duplicate oois from report by @noamblitz in #2504
• Rename list method to prevent conflict with builtin by @dekkers in #2498
• Fix bug get_selection that is now an imported met...

v1.15.0rc1

https://docs.openkat.nl/release_notes/1.15.html

What's Changed

• Upgrade GitHub actions by @ammar92 in #2235
• Add note about Debian packages to 1.14 release notes by @dekkers in #2234
• Bump msgpackr from 1.6.1 to 1.10.1 in /rocky by @dependabot in #2219
• Updated deploy-pages action by @ammar92 in #2251
• Fix environment page in docs by @ammar92 in #2257
• Fix export buttons report by @Rieven in #2259
• Translations update from Hosted Weblate by @weblate in #2261
• Fixed invalid type usage in get_rabbit_channel and close_rabbit_channel by @ammar92 in #2280
• Translations update from Hosted Weblate by @weblate in #2279
• List item behaviour by @HeleenSG in #2281
• fix zero division by @noamblitz in #2298
• Updated template file to respect environment prefixes in docs by @ammar92 in #2317
• Remove preselection from multireport flow by @noamblitz in #2318
• Fix/upgrade jinja2 by @ammar92 in #2326
• Fix multiple Debian issues by @dekkers in #2283
• Add max fds ulimit to octopoes api worker by @originalsouth in #2327
• add meta / cache hash for rpki boefje to raw output by @underdarknl in #2255
• Remove smartphone from bug report template by @dekkers in #2334
• More ulimits for buggy celery by @originalsouth in #2338
• Remove icons from compliance issue table by @madelondohmen in #2340
• Sector report summary - Best and worst scoring security checks by @madelondohmen in #2312
• Chore/update pr template with comments by @Donnype in #2305
• Translations update from Hosted Weblate by @weblate in #2311
• Remove IPs with zero vulnerabilities by @madelondohmen in #2319
• Add IPv6 config to docker-compose.yml by @stephanie0x00 in #2256
• Render dicts and list ooi attrs as jsonfield by @noamblitz in #2355
• Add hrefs to Basic Security overview by @madelondohmen in #2330
• Feat/normalizer mimetype upload deeplink by @underdarknl in #2220
• Check for sudo in install and update script by @dekkers in #2360
• Adds CAA records to the model, boefje, normalizer, adds a check bit and a finding by @underdarknl in #2315
• Add token authentication by @dekkers in #2349
• Update dependencies by @ammar92 in #2348
• Error handling for Generate Report by @madelondohmen in #2274
• Remove debian11 packages by @dekkers in #2358
• Fix WEASYPRINT_BASEURL default value and change ports in docker-compose.yml by @dekkers in #2373
• Prevent double github actions by @dekkers in #2374
• Remove uWSGI by @dekkers in #2366
• Convert docker-compose to docker compose by @originalsouth in #2341
• Rename invalid rpki finding to expired by @noamblitz in #2377
• Show created at and data from in reports by @noamblitz in #2370
• Update RabbitMQ to the latest version by @dekkers in #2392
• Fix/394 Introduce clearance level control for objects imported by CSV by @originalsouth in #2390
• Update dependencies by @ammar92 in #2396
• Use --diff-filter=U instead of --staged in fix-poetry-merge-conflict by @dekkers in #2398
• Feat/more csp checks by @underdarknl in #2025
• Remove everything related to old crux by @dekkers in #2403
• Fix normalizer filtering on tasks endpoint by @jpbruinsslot in #2414
• Bump actions/cache from 3 to 4 by @dependabot in #2417
• Bump dorny/paths-filter from 2 to 3 by @dependabot in #2418
• Fix usage of SPAN_EXPORT_GRPC_ENDPOINT variable by @ammar92 in #2420
• Fix mail report json by @noamblitz in #2426
• Fix open ports report by @noamblitz in #2430
• minor speedup, Return immediately on the first disabled plugin for report check by @underdarknl in #2434
• use oois instead of references by @noamblitz in #2433
• Update fastapi by @ammar92 in #2444
• fix wordpress check by @noamblitz in #2445
• Allow creation of declared scan profiles through normalizers by @Donnype in #2428
• Update DNS report by @madelondohmen in #2413
• upgrade forcediphttpsadapter by @noamblitz in #2453
• Fix argument order and hence avoid the octopoes factory by @Donnype in #2454
• Hotfix for default arg by @Donnype in #2458
• Feature/report benchmarks by @Donnype in #2447
• Add traces for pop and push to queue in scheduler by @jpbruinsslot in #2467
• Add mypy and application bootstrap test to boefjes by @Donnype in #2460
• Fix/normalizer produces, list was empty. is now populated and links to object page by @underdarknl in #2411
• Add timeouts to CVE API downloader by @dekkers in #2455
• Select all OOIS for Aggregate Reports by @Rieven in #2222
• Update Starlette, FastAPI and Django by @dekkers in #2480
• Do not log an error on token refresh in bytes client by @dekkers in #2469
• Enable ruff bandit checks by @dekkers in #2465
• Fix kat_dns settings by @originalsouth in #2459
• Ignore certificate errors in security txt boefje by @dekkers in #2487
• Add unit tests for vulnerability report and fix first_seen by @dekkers in #2462
• minimal / maximal number of required checboxes checked functionality by @underdarknl in #2375
• Remove support for Python 3.8 and 3.9 by @dekkers in #2470
• Update scheduler architecture documentation by @jpbruinsslot in #2387
• Revert fastapi and starlette downgrade by @dekkers in #2489
• Do not show an error in tasks stats if no tasks have run yet by @dekkers in #2486
• Make rtest fail less than 1 in 20 by @originalsouth in #2441
• Bump python-multipart from 0.0.6 to 0.0.7 in /bytes by @dependabot in #2494
• Health page accessable during onboarding by @Rieven in #2499
• Fix/systems report domain count by @noamblitz in #2490
• Skip or hide section on Plugin Page by @madelondohmen in #2461
• remove duplicate oois from report by @noamblitz in #2504
• Rename list method to prevent conflict with builtin by @dekkers in #2498
• Fix bug get_selection that is now an imported met...

v1.14.2

What's Changed

• Add pool size config and logs postgresql connections by @zcrt in #2584
• Set a timeout on hanging test ssl container by @noamblitz in #2583
• Update django for upstream security fix by @dekkers in #2589

Full Changelog: v1.14.1...v1.14.2