2.48.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.48.0

• twistlock: parse compliances @valentijnscholten (#12772)
• [docs] Add deduplication hashcode fields to parser descriptions @paulOsinski (#12648)
• allow users with edit user permission to force password resets @valentijnscholten (#12761)
• Zap: Add test case with more request/response pairs @valentijnscholten (#12733)
• docs: Pro changelog update 2.47.3 / 2.47.4 @paulOsinski (#12746)
• add risk acceptance: display more fields in findings dropdown @valentijnscholten (#12745)
• include vuln_id_from_tool in group_by @LeoOMaia (#12744)

🚩 Changes to settings.dist.py / local_settings.py

🚩 Database migration

🚀 API features and enhancements

🖌 Updates in UI

2.48.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.47.0

• endpoint metrics test: ignore order @valentijnscholten (#12736)
• finding groups: filter by product if applicable @valentijnscholten (#12711)
• add management command to import all unit test sample scans @valentijnscholten (#12700)
• unittests: import query/task count capture @valentijnscholten (#12716)
• Mend Parser change - redundant field removed @testaccount90009 (#12685)
• fix import_scan open mode in closeold test @fopina (#12725)
• dev: hot reloading improvements celery/html/tpl @valentijnscholten (#12714)
• post processing: check for finding being None @valentijnscholten (#12713)
• integration tests: sync suite between GHA and entrypoint @valentijnscholten (#12703)
• Delete tests/local-integration-tests.sh/.bat @valentijnscholten (#12702)
• cobalt api: add note about v1 api keys only @valentijnscholten (#12646)
• Async Delete: Correct instances of multiple audit log entries for delete @Maffooch (#12650)
• twistlock json: safely get fields @valentijnscholten (#12701)
• trivy: map status field @valentijnscholten (#12686)
• Update Fixture-Updater binary to use latest Go version (1.24.4) @svader0 (#12704)
• metrics filters: improve handling when nothing matches the filters @valentijnscholten (#12687)
• Import EPSS data from Anchore Grype scans @bwt-sloanj (#12639)
• login next param: set default for sso redirects @valentijnscholten (#12677)
• checkmarx: close files used in unit tests @valentijnscholten (#12647)
• [docs] update pro changelog 2.47.2, remove redundant content @paulOsinski (#12649)
• ReversingLabs SpectraAssure rl-json parser for DefectDojo @rl-maartenb (#12579)
• Change CLI tool reference in docs @Jino-T (#12619)
• docs maintenance - priority @paulOsinski (#12623)
• Simple metrics closed per month query improvement @valentijnscholten (#12599)
• PR template: adjust freeze wording @valentijnscholten (#12608)
• remove outdated (mysql) test database instructions @valentijnscholten (#12609)
• add postgres 17 upgrade steps to 2.39.0 upgrade notes @valentijnscholten (#12585)
• feat(docker): Depends_on based on initializer @kiblik (#12584)
• 🐛 Nmap parser: Add url info to description #12411 @manuel-sommer (#12466)
• 💄 pretty print cargo audit test file @manuel-sommer (#12590)
• simple metrics: count closed findings not opened in current month @valentijnscholten (#12595)
• JIRA helper: respect simple/full risk acceptance on webhook processiing @valentijnscholten (#12594)
• 💄 restructure coverity scan test files @manuel-sommer (#12559)
• Changelog + Minor Docs Maintenance @paulOsinski (#12551)
• Pro Feature - Deduplication tuning documentation update @skywalke34 (#12471)
• Checkov report parsing enhanced @shodanwashere (#12398)

🚩 Changes to settings.dist.py / local_settings.py

• jira: truncate description if max length exceeded @valentijnscholten (#12732)
• 🎉 Add JVNDB vulnid @manuel-sommer (#12724)
• 🎉 Add Lenovo vulnid @manuel-sommer (#12696)
• 🎉 Add Tailscale vulnid @manuel-sommer (#12645)
• Burp Enterprise renamed to Burp DAST @valentijnscholten (#12604)
• 🎉 Implement Cycognito parser @manuel-sommer (#12558)
• 🎉 Add EUVD vulnid @manuel-sommer (#12589)
• 🎉 Add Go vulnid @manuel-sommer (#12564)

🚩 Database migration

• rebase migrations @valentijnscholten (#12726)
• remove actual_time and estimated_time fields @valentijnscholten (#12712)
• add fields for kev-related data to finding model @dogboat (#12678)
• Improve cvssv3 validation @valentijnscholten (#12440)
• Clarify JIRA accepted and false positives mappings @valentijnscholten (#12593)

🚀 API features and enhancements

• Improve cvssv3 validation @valentijnscholten (#12440)
• API: Allow filtering users on last_login/date_joined @valentijnscholten (#12640)
• API: prevent duplicate saves of taggable entities or when pushing to JIRA @valentijnscholten (#12607)

🖌 Updates in UI

• 🎉 Add JVNDB vulnid @manuel-sommer (#12724)
• Finding Groups: Respect minimum severity and active/verified rules when pushing to JIRA @valentijnscholten (#12475)
• Datatables.net package updates @devospice (#12682)
• Optimize queryset annotations & prefetches to cut DB time for test / finding / product views (issue #12575) @DenysMoskalenko (#12603)
• Feature/asvs 5.0 benchmark @ivhorodko (#12669)
• Fix Finding_Text @9alexx3 (#12628)
• SAML Login: Respect next parameter @Maffooch (#12560)
• Session Warning: Prevent timeout overflow for large session ages @Maffooch (#12547)

🔧 Improved code quality with linters

• 💄 Restructure Ruff rules according to documentation @manuel-sommer (#12552)

🧰 Maintenance

• Bump boto3 from 1.39.0 to 1.39.1 @dependabot (#12734)
• Bump drf-spectacular-sidecar from 2025.6.1 to 2025.7.1 @dependabot (#12729)
• Bump pillow from 11.2.1 to 11.3.0 @dependabot (#12728)
• Bump boto3 from 1.38.46 to 1.39.0 @dependabot (#12727)
• Bump boto3 from 1.38.44 to 1.38.46 @dependabot (#12723)
• Bump python-gitlab from 6.0.0 to 6.1.0 @dependabot (#12720)
• Bump nginx from 1.27.5-alpine3.21 to 1.28.0-alpine3.21 @dependabot (#12719)
• Bump openapitools/openapi-generator-cli from v7.13.0 to v7.14.0 @dependabot (#12718)
• Bump lxml from 5.4.0 to 6.0.0 @dependabot (#12709)
• Bump ruff from 0.12.0 to 0.12.1 @dependabot (#12708)
• Bump boto3 from 1.38.44 to 1.38.45 @dependabot (#12707)
• Bump social-auth-core from 4.6.1 to 4.7.0 @dependabot (#12706)
• Update dependency prettier from 3.6.1 to v3.6.2 (docs/package.json) @renovate (#12705)
• Bump django-auditlog from 3.1.2 to 3.2.0 @dependabot (#12697)
• Bump django-prometheus from 2.4.0 to 2.4.1 @dependabot (#12698)
• Bump boto3 from 1.38.43 to 1.38.44 @dependabot (#12699)
• chore(deps): update node.js from v22.16.0 to v22.17.0 (docs/package.json) @renovate (#12688)
• chore(deps): update dependency prettier from 3.6.0 to v3.6.1 (docs/package.json) @renovate (#12689)
• Bump boto3 from 1.38.42 to 1.38.43 @dependabot (#12692)
• Update dependency vite from 6.3.5 to v7 (docs/package.json) @renovate (#12680)
• Bump boto3 from 1.38.41 to 1.38.42 @dependabot (#12679)
• Bump django-tagulous from 2.1.0 to 2.1.1 @dependabot (#12672)
• Bump boto3 from 1.38.40 to 1.38.41 @dependabot (#12673)
• Update dependency prettier from 3.5.3 to v3.6.0 (docs/package.json) @renovate (#12671)
• Bump django-prometheus from 2.3.1 to 2.4.0 @dependabot (#12636)
• Bump urllib3 from 2.4.0 to 2.5.0 @dependabot (#12637)
• Bump markdown from 3.8 to 3.8.2 @dependabot (#12642)
• Bump boto3 from 1.38.38 to 1.38.40 @dependabot (#12643)
• Update docker/setup-buildx-action action from v3.11.0 to v3.11.1 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#12626)
• Bump ruff from 0.11.13 to 0.12.0 @dependabot (#12630)
• Bump boto3 from 1.38.37 to 1.38.38 @dependabot (#12629)
• Update docker/setup-buildx-action action from v3.10.0 to v3.11.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#12614)
• Bump boto3 from 1.38.36 to 1.38.37 @dependabot (#12621)
• Update mccutchen/go-httpbin Docker tag from 2.18.2 to v2.18.3 (docker-compose.override.unit_tests_cicd.yml) @renovate (#12605)
• Bump boto3 from 1.38.35 to 1.38.36 @dependabot (#12600)
• Bump boto3 from 1.38.34 to 1.38.35 @dependabot (#12597)
• Update stefanzweifel/git-auto-commit-action action from v6.0.0 to v6.0.1 (.github/workflows/release-3-master-into-dev.yml) @renovate (#12592)
• Bump boto3 from 1.38.33 to 1.38.34 @dependabot (#12591)
• Update mccutchen/go-httpbin Docker tag from 2.18.1 to v2.18.2 (docker-compose.override.unit_tests_cicd.yml) @renovate (#12588)
• Update softprops/action-gh-release action from v2.3.0 to v2.3.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#12586)
• Update stefanzweifel/git-auto-commit-action action from v5.2.0 to v6 (.github/workflows/release-3-master-into-dev.yml) @renovate (#12587)
• Bump requests from 2.32.3 to 2.32.4 @dependabot (#12582)
• Bump requests from 2.32.3 to 2.32.4 @dependabot (#12578)
• Bump boto3 from 1.38.32 to 1.38.33 @dependabot (#12581)
• Bump cryptography from 45.0.3 to 45.0.4 @dependabot (#12580)
• Update softprops/action-gh-release action from v2.2.2 to v2.3.0 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#12577)
• Update postgres:17.5-alpine Docker digest from 17.5 to 17.5-alpine (docker-compose.yml) @renovate (#12576)
• Bump packageurl-python from 0.17.0 to 0.17.1 @dependabot (#12568)
• Bump boto3 from 1.38.31 to 1.38.32 @dependabot (#12569)
• Bump ruff from 0.11.12 to 0.11.13 @dependabot (#12562)
• Bump boto3 from 1.38.30 to 1.38.31 @dependabot (#12563)
• Update redis Docker tag from 7.2.8 to v7.2.9 (docker-compose.yml) @renovate (#12529)
• Bump boto3 from 1.38.29 to 1.38.30 @dependabot (#12557)
• Bump packageurl-python from 0.16.0 to 0.17.0 @dependabot (#12556)
• Bump boto3 from 1.38.28 to 1.38.29 @dependabot (#12554)
• Bump python-gitlab from 5.6.0 to 6.0.0 @dependabot (#12553)
• Bump redis from 5.2.1 to 6.2.0 @dependabot (#12523)
• Update postgres:17.5-alpine Docker digest from 17.5 to 17.5-alpine (docker-compose.yml) @renovate (#12546)
• Bump uwsgi from 2.0.29 to 2.0.30 @dependabot (#12549)
• Bump boto3 from 1.38.27 to 1.38.28 @dependabot (#12548)
• Bump argon2-cffi from 23.1.0 to 25.1.0 @dependabot (#12550)
• Update dependency @tabler/icons from 3.33.0 to v3.34.0 (docs/package.json) @renovate (#12545)
• Bump drf-spectacular-sidecar from 2025.5.1 to 2025.6.1 @dependabot (#12537)
• Bump celery from 5.5.2 to 5.5.3 @dependabot (#12535)

2.47.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.47.3

• Delete tests/local-integration-tests.sh/.bat @valentijnscholten (#12702)
• cobalt api: add note about v1 api keys only @valentijnscholten (#12646)
• Async Delete: Correct instances of multiple audit log entries for delete @Maffooch (#12650)
• twistlock json: safely get fields @valentijnscholten (#12701)
• trivy: map status field @valentijnscholten (#12686)
• metrics filters: improve handling when nothing matches the filters @valentijnscholten (#12687)
• login next param: set default for sso redirects @valentijnscholten (#12677)
• checkmarx: close files used in unit tests @valentijnscholten (#12647)
• [docs] update pro changelog 2.47.2, remove redundant content @paulOsinski (#12649)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Add Lenovo vulnid @manuel-sommer (#12696)
• 🎉 Add Tailscale vulnid @manuel-sommer (#12645)

🚩 Database migration

• add fields for kev-related data to finding model @dogboat (#12678)

2.47.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.47.2

• Change CLI tool reference in docs @Jino-T (#12619)
• docs maintenance - priority @paulOsinski (#12623)
• Simple metrics closed per month query improvement @valentijnscholten (#12599)
• PR template: adjust freeze wording @valentijnscholten (#12608)
• remove outdated (mysql) test database instructions @valentijnscholten (#12609)

🚩 Changes to settings.dist.py / local_settings.py

• Burp Enterprise renamed to Burp DAST @valentijnscholten (#12604)

🚀 API features and enhancements

• API: Allow filtering users on last_login/date_joined @valentijnscholten (#12640)

🖌 Updates in UI

• Fix Finding_Text @9alexx3 (#12628)

2.47.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.47.1

• add postgres 17 upgrade steps to 2.39.0 upgrade notes @valentijnscholten (#12585)
• 🐛 Nmap parser: Add url info to description #12411 @manuel-sommer (#12466)
• 💄 pretty print cargo audit test file @manuel-sommer (#12590)
• simple metrics: count closed findings not opened in current month @valentijnscholten (#12595)
• JIRA helper: respect simple/full risk acceptance on webhook processiing @valentijnscholten (#12594)
• 💄 restructure coverity scan test files @manuel-sommer (#12559)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 Add EUVD vulnid @manuel-sommer (#12589)
• 🎉 Add Go vulnid @manuel-sommer (#12564)

🧰 Maintenance

• Bump requests from 2.32.3 to 2.32.4 @dependabot (#12578)

2.47.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.47.0

• Changelog + Minor Docs Maintenance @paulOsinski (#12551)
• Pro Feature - Deduplication tuning documentation update @skywalke34 (#12471)

🖌 Updates in UI

• SAML Login: Respect next parameter @Maffooch (#12560)
• Session Warning: Prevent timeout overflow for large session ages @Maffooch (#12547)

2.47.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.46.0

• Fix helm chart for nightly-dev builds @valentijnscholten (#12504)
• remove google sheets leftovers @valentijnscholten (#12509)
• push to jira: check for existing jira issue inside celery task @valentijnscholten (#12508)
• Fixing linter issue @rossops (#12519)
• fix: add CVSSv4 support to auditjs parser and improve error handling @Haralishev77 (#12391)
• Include CVSS score in finding when using OpenVAS csv parser @jostaub (#12472)
• ms defender: do not cache parsed findings @valentijnscholten (#12493)
• legacy reimport: make matching on title case-insensitive @valentijnscholten (#12487)
• Checkmarx one doc update @skywalke34 (#12408)
• Updated Nexpose XML (Rapid7) Parser Documentation @skywalke34 (#12409)
• Add new "evaluations" format support to Anchorectl parser @cosmel-dojo (#12425)
• bugfix cyberwatch parser @AmineHazi (#12480)
• [docs] pro changelog 2.46.0- 2.46.3 @paulOsinski (#12484)
• 🐛 fix missing CWE in HCL Appscan #12468 @manuel-sommer (#12469)
• Update contributors in README.md @Maffooch (#12485)
• docs maintenance @paulOsinski (#12455)
• cvssv3: backport tests @valentijnscholten (#12457)
• excel export: enhance handling of finding groups, better logging @valentijnscholten (#12435)
• docs: Add non-parser Test Types to product hierarchy documentation @skywalke34 (#12419)
• defender: fix no vulnerabilities check @valentijnscholten (#12448)
• [docs] Add FAQ + minor maintenance changes @paulOsinski (#12417)
• [docs] Pro dashboards and metrics @paulOsinski (#12416)
• Managed Files: Sanitized file name before downloading @Maffooch (#12406)
• feat(helm): Drop support for postgresql-ha @kiblik (#12319)
• anchorectl: add format check @valentijnscholten (#12375)
• fix(nighly): Avoid forks @kiblik (#12396)
• Update Burp Enterprise HTML Parser Documentation @skywalke34 (#12407)
• Update Docs For Asynchronous Import Feature Removal @Jino-T (#12410)
• tags: prevent validation from removing tags @valentijnscholten (#12400)
• helm chart publisher: use proper ref for checkout @valentijnscholten (#12392)
• jira push: log inactive/verified message to debug @valentijnscholten (#12376)
• Minor Semgrep connector docs tweaks @cneill (#12373)

🚩 Changes to settings.dist.py / local_settings.py

• Bugfix @rossops (#12541)
• Product Announcements: Add messages to relevant features @Maffooch (#12525)
• ♻️ Remove async import @manuel-sommer (#12042)
• Implement ELA vulnid @manuel-sommer (#12510)
• Implement ALEA vulnid @manuel-sommer (#12500)
• Store fingerprint from bearer in unique_id_from_tool @wolframite (#12346)
• unique_id_from_tool: clarify values and usage @valentijnscholten (#12463)
• Alibaba Cloud Linux 3 Security Advisory @manuel-sommer (#12465)
• feat(helm): allow to use an external serviceAccount @NitriKx (#12441)
• Celery Logging: Respect CELERY_LOG_LEVEL @Maffooch (#12464)
• Session timeout notification 2 @kevin-vuong99 (#12225)

🚩 Database migration

• unique_id_from_tool: clarify values and usage @valentijnscholten (#12463)

🚀 API features and enhancements

• Product Announcements: Add messages to relevant features @Maffooch (#12525)
• Dojo Meta: Migrate to filterset_class + Add case Insensitive filters @Maffooch (#12528)
• Tags: Add support for comma separation for multipart forms (import/reimport) @Maffooch (#12434)
• Ruff: Add and autofix PERF401 @kiblik (#12370)

🖌 Updates in UI

• Bugfix @rossops (#12541)
• Implement ELA vulnid @manuel-sommer (#12510)
• Escape javascript breaking on backlash or special characters in finding title @c-goosen (#12514)
• Bugfix: fix gap between component header and filter body @jostaub (#12503)
• Update Support Messaging @Maffooch (#12495)
• Bugfix: fixed wrong panel-footer margin in detailed metrics @jostaub (#12494)
• Forced-contrast mode adjustments for better accessibility @littlesvensson (#12342)
• Alibaba Cloud Linux 3 Security Advisory @manuel-sommer (#12465)
• feat(helm): allow to use an external serviceAccount @NitriKx (#12441)
• easymde: enable native/browser spell checker @valentijnscholten (#12377)
• UI Pagination: Reduce the options to more reasonable numbers @Maffooch (#12439)
• ui: fix "retrieve my username" typo @jfyuen (#12368)
• Session timeout notification 2 @kevin-vuong99 (#12225)

🗣 Updates in localization

• ui: fix "retrieve my username" typo @jfyuen (#12368)

🔧 Improved code quality with linters

• feat(helm): allow to use an external serviceAccount @NitriKx (#12441)
• Replace Review Bot with Centralized Action @Maffooch (#12451)
• Ruff: Add PLC0206 @manuel-sommer (#12426)
• Ruff: Add and autofix PERF401 @kiblik (#12370)
• Ruff: Add and autofix PERF403 @kiblik (#12371)
• Ruff: Add PLR1730 and PLR2044 @manuel-sommer (#12380)

🧰 Maintenance

• Bump ruff from 0.11.11 to 0.11.12 @dependabot (#12532)
• Bump boto3 from 1.38.24 to 1.38.25 @dependabot (#12527)
• Bump vulners from 2.3.6 to 2.3.7 @dependabot (#12526)
• chore(deps): update docker/build-push-action action from v6.17.0 to v6.18.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#12518)
• Bump boto3 from 1.38.23 to 1.38.24 @dependabot (#12522)
• Bump cryptography from 44.0.3 to 45.0.3 @dependabot (#12505)
• Bump boto3 from 1.38.22 to 1.38.23 @dependabot (#12506)
• Bump boto3 from 1.38.21 to 1.38.22 @dependabot (#12497)
• Bump ruff from 0.11.10 to 0.11.11 @dependabot (#12498)
• chore(deps): update node.js from v22.15.1 to v22.16.0 (docs/package.json) @renovate (#12490)
• Bump boto3 from 1.38.20 to 1.38.21 @dependabot (#12492)
• Bump boto3 from 1.38.19 to 1.38.20 @dependabot (#12489)
• Bump django-polymorphic from 3.1.0 to 4.1.0 @dependabot (#12488)
• Bump boto3 from 1.38.18 to 1.38.19 @dependabot (#12486)
• Bump pyopenssl from 25.0.0 to 25.1.0 @dependabot (#12479)
• Bump boto3 from 1.38.17 to 1.38.18 @dependabot (#12477)
• fix(deps): update dependency @tabler/icons from 3.31.0 to v3.33.0 (docs/package.json) @renovate (#12467)
• Bump boto3 from 1.38.16 to 1.38.17 @dependabot (#12460)
• Bump ruff from 0.11.9 to 0.11.10 @dependabot (#12461)
• chore(deps): update node.js from v22.15.0 to v22.15.1 (docs/package.json) @renovate (#12450)
• Bump sqlalchemy from 2.0.40 to 2.0.41 @dependabot (#12452)
• Bump boto3 from 1.38.15 to 1.38.16 @dependabot (#12453)
• chore(deps): update docker/build-push-action action from v6.16.0 to v6.17.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#12456)
• Bump psycopg[c] from 3.2.8 to 3.2.9 @dependabot (#12444)
• Bump boto3 from 1.38.13 to 1.38.15 @dependabot (#12443)
• chore(deps): update mikefarah/yq action from v4.45.3 to v4.45.4 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#12424)
• Bump ruff from 0.11.8 to 0.11.9 @dependabot (#12427)
• Bump psycopg[c] from 3.2.7 to 3.2.8 @dependabot (#12428)
• Bump boto3 from 1.38.12 to 1.38.13 @dependabot (#12429)
• Bump django-dbbackup from 4.2.1 to 4.3.0 @dependabot (#12430)
• chore(deps): update mikefarah/yq action from v4.45.2 to v4.45.3 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#12421)
• chore(deps): update postgres docker tag from 17.4 to v17.5 (docker-compose.yml) @renovate (#12418)
• chore(deps): update helm release postgresql from 16.6.7 to ~16.7.0 (helm/defectdojo/chart.yaml) @renovate (#12414)
• Bump pdfmake from 0.2.19 to 0.2.20 in /components @dependabot (#12422)
• Bump boto3 from 1.38.11 to 1.38.12 @dependabot (#12423)
• Bump boto3 from 1.38.10 to 1.38.11 @dependabot (#12412)
• Bump boto3 from 1.38.9 to 1.38.10 @dependabot (#12395)
• Bump boto3 from 1.38.8 to 1.38.9 @dependabot (#12390)
• chore(deps): update mikefarah/yq action from v4.45.1 to v4.45.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#12374)
• chore(deps): update dependency vite from 6.3.4 to v6.3.5 (docs/package.json) @renovate (#12379)
• Bump cryptography from 44.0.2 to 44.0.3 @dependabot (#12382)
• Bump boto3 from 1.38.7 to 1.38.8 @dependabot (#12383)

2.46.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.46.3

• fix: add CVSSv4 support to auditjs parser and improve error handling @Haralishev77 (#12391)
• ms defender: do not cache parsed findings @valentijnscholten (#12493)
• legacy reimport: make matching on title case-insensitive @valentijnscholten (#12487)
• Add new "evaluations" format support to Anchorectl parser @cosmel-dojo (#12425)
• bugfix cyberwatch parser @AmineHazi (#12480)
• [docs] pro changelog 2.46.0- 2.46.3 @paulOsinski (#12484)
• 🐛 fix missing CWE in HCL Appscan #12468 @manuel-sommer (#12469)
• Update contributors in README.md @Maffooch (#12485)

🚩 Changes to settings.dist.py / local_settings.py

• Implement ALEA vulnid @manuel-sommer (#12500)
• unique_id_from_tool: clarify values and usage @valentijnscholten (#12463)
• Alibaba Cloud Linux 3 Security Advisory @manuel-sommer (#12465)
• Celery Logging: Respect CELERY_LOG_LEVEL @Maffooch (#12464)

🚩 Database migration

• unique_id_from_tool: clarify values and usage @valentijnscholten (#12463)

🖌 Updates in UI

• Update Support Messaging @Maffooch (#12495)
• Bugfix: fixed wrong panel-footer margin in detailed metrics @jostaub (#12494)
• Alibaba Cloud Linux 3 Security Advisory @manuel-sommer (#12465)

2.46.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.46.2

• docs maintenance @paulOsinski (#12455)
• cvssv3: backport tests @valentijnscholten (#12457)
• excel export: enhance handling of finding groups, better logging @valentijnscholten (#12435)
• defender: fix no vulnerabilities check @valentijnscholten (#12448)

🚀 API features and enhancements

• Tags: Add support for comma separation for multipart forms (import/reimport) @Maffooch (#12434)

🖌 Updates in UI

• UI Pagination: Reduce the options to more reasonable numbers @Maffooch (#12439)

🔧 Improved code quality with linters

• Replace Review Bot with Centralized Action @Maffooch (#12451)

2.46.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.46.1

• [docs] Add FAQ + minor maintenance changes @paulOsinski (#12417)
• [docs] Pro dashboards and metrics @paulOsinski (#12416)
• Managed Files: Sanitized file name before downloading @Maffooch (#12406)
• anchorectl: add format check @valentijnscholten (#12375)
• fix(nighly): Avoid forks @kiblik (#12396)