nightly-dev 🌈

Run the release drafter to populate the release notes.

2.58.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.1

• [docs] locations (pro feature), maintenance @paulOsinski (#14834)
• Update changelog for May 2026 release (v2.58.0) @Maffooch (#14807)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add ksa security advisory @manuel-sommer (#14809)

🚀 API features and enhancements

• Use a dedicated permission class for BurpRawRequestResponseViewSet @Maffooch (#14838)

🧰 Maintenance

• chore(deps): bump gitpython from 3.1.49 to 3.1.50 @dependabot (#14845)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14846)
• chore(deps): bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in /docs @dependabot (#14844)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14843)

2.58.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.0

• endpoint: optimize eq via product_id @valentijnscholten (#14806)
• Fix broken links @paulOsinski (#14802)

2.58.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• perf test: cover unsaved tags and vulnerability_ids @valentijnscholten (#14796)
• async delete: remove obsolete outside scope delete @valentijnscholten (#14798)
• fix(sonarqube): mdDesc fallback @samiat4911 (#14770)
• Jira webhook: stop mis-mitigating findings on non-"done" issues @paulOsinski (#14716)
• Fix #14623: Add created and updated date filters to ApiRiskAcceptance… @NasorHidar (#14754)
• add OS + Pro Engagement articles @dangoelz (#14583)
• fix(coverity-api): add support for RESOURCE_LEAK quality findings @Jino-T (#14749)
• add Test docs for OS and Pro @dangoelz (#14750)
• test: extend and consolidate tag inheritance tests into test_tag_inheritance.py @valentijnscholten (#14771)
• Bulk delete findings: extension hook @valentijnscholten (#14740)
• docs(pro changelog): add 2.57.3 entry @Maffooch (#14768)
• [pro] add DD-Orchestrator upgrade instructions for on-prem customers @paulOsinski (#14747)
• Fix Dependency Track parser missing vulnerability IDs when aliases is empty @valentijnscholten (#14748)
• ci: auto-label release PRs with release-management @Maffooch (#14744)
• 🐛 fix KeyError raised on Engineer Metrics #14737 @manuel-sommer (#14741)
• Fix Contrast parser collapsing findings with the same rule name @Jino-T (#14714)
• docs: global component deduplication @paulOsinski (#14717)
• docs(pro changelog): add 2.57.1 and 2.57.2 entries @Maffooch (#14736)
• docs optimization: use defer instead of async @paulOsinski (#14715)
• chore: reorganize dedupe code @valentijnscholten (#14641)
• perf: bulk-apply parser-supplied per-finding tags during import @valentijnscholten (#14701)
• docs: add CLAUDE.md with module reorganization playbook @Maffooch (#14705)
• 🎉 add fix_available and fix_version to govulncheck @manuel-sommer (#14681)
• Change to reactivating risk accepted findings @Jino-T (#14633)
• Use RBAC for accept_risks API endpoints @Jino-T (#14632)
• Added ssrf utils file to check urls and applied it to risk recon parser @Jino-T (#14631)
• Update dependency renovatebot/renovate from 43.110.14 to v43.112.1 (.github/workflows/renovate.yaml) @renovate (#14674)
• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• Remove pickle from forms and Celery serializer @Maffooch (#14791)
• fix cascade delete bug and restore default duplicate cluster reconfigure on delete @valentijnscholten (#14772)
• feat(parsers): add Qualys VMDR CSV parser @skywalke34 (#14453)
• refactor: consolidate audit-log code into dojo/auditlog/ package @Maffooch (#14763)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: consolidate GitHub integration into dojo/github/ package @Maffooch (#14766)
• 🎉 add watchguard security advisory @manuel-sommer (#14742)
• move MAX_ZIP_* to settings @fopina (#14730)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🚩 Database migration

• Locations performance improvements @dogboat (#14718)

🚀 API features and enhancements

• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Dispatch create-path notifications async to fix slow POST latency @Maffooch (#14731)
• Validate consistency between ID-based and name-based identifiers in import/reimport @Jino-T (#14636)
• Add permission checks for moving engagements between products @Jino-T (#14634)

🖌 Updates in UI

• Remove 'safe' filter from description output @Maffooch (#14789)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• Fix planned remediation version appearing under Reviewers in findings list @valentijnscholten (#14773)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Improve SLA breach notification format and display @Maffooch (#14746)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• fix css overflow issue - reports @paulOsinski (#14666)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• Clean up endpoint template rendering for user fields @Maffooch (#14682)
• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): update release-drafter/release-drafter action from v7.2.0 to v7.2.1 (.github/workflows/release-drafter.yml) @renovate (#14785)
• chore(deps): bump gitpython from 3.1.47 to 3.1.49 @dependabot (#14783)
• chore(deps): bump python-gitlab from 8.2.0 to 8.3.0 @dependabot (#14781)
• chore(deps): bump pyopenssl from 26.0.0 to 26.1.0 @dependabot (#14777)
• chore(deps): bump postcss from 8.5.6 to 8.5.12 in /docs @dependabot (#14759)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14774)
• Update openapitools/openapi-generator-cli Docker tag from v7.21.0 to v7.22.0 (Dockerfile.integration-tests-debian) @renovate (#14776)
• chore(deps): bump ruff from 0.15.11 to 0.15.12 @dependabot (#14778)
• chore(deps): bump datatables.net from 2.3.7 to 2.3.8 in /components @dependabot (#14780)
• chore(deps): bump vulners from 3.1.8 to 3.1.9 @dependabot (#14782)
• chore(deps): bump social-auth-core from 4.8.6 to 4.8.7 @dependabot (#14784)
• Update dependency renovatebot/renovate from 43.139.4 to v43.141.6 (.github/workflows/renovate.yaml) @renovate (#14751)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14753)
• chore(deps): bump social-auth-app-django from 5.6.0 to 5.8.0 @dependabot (#14724)
• Update dependency node from 24.14.1 to v24.15.0 (.github/workflows/validate_docs_build.yml) @renovate (#14738)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14725)
• Update valkey Docker tag from 0.19.0 to v0.20.0 (helm/defectdojo/Chart.yaml) @renovate (#14739)
• Update actions/setup-node action from v6.3.0 to v6.4.0 (.github/workflows/validate_docs_build.yml) @renovate (#14734)
• Update dependency kubernetes/kubernetes from v1.35.3 to v1.35.4 (.github/workflows/k8s-tests.yml) @renovate (#14733)
• Update dependency kubernetes from 1.33.10 to v1.33.11 (.github/workflows/k8s-tests.yml) @renovate (#14728)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14727)
• chore(deps): bump ruff from 0.15.10 to 0.15.11 @dependabot (#14726)
• chore(deps): bump social-auth-core from 4.8.5 to 4.8.6 @dependabot (#14723)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14721)
• Update postgres:18.3-alpine Docker digest from 18.3 to 18.3-alpine (docker-compose.yml) @renovate (#14720)
• chore(deps): bump lxml from 6.0.2 to 6.1.0 @dependabot (#14719)
• Update dependency renovatebot/renovate from 43.112.1 to v43.139.4 (.github/workflows/renovate.yaml) @renovate (#14709)
• Update mccutchen/go-httpbin Docker tag from 2.21.0 to v2.22.1 (docker-compose.override.dev.yml) @renovate (#14697)
• Update softprops/action-gh-release action from v2.6.2 to v3 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14702)
• Update actions/github-script action from v8.0.0 to v9 (.github/workflows/release-3-master-into-dev.yml) @renovate (#14700)
• Update release-drafter/release-drafter action from v7.1.1 to v7.2.0 (.github/workflows/release-drafter.yml) @renovate (#14699)
• chore(deps): bump lxml from 6.0.2 to 6.0.4 @dependabot (#14692)
• Update valkey Docker tag from 0.18.0 to v0.19.0 (helm/defectdojo/Chart.yaml) @renovate (#14696)
• Update docker/build-push-action action from v7.0.0 to v7.1.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14695)
• chore(deps): bump django-dbbackup from 5.2.0 to 5.3.0 @dependabot (#14694)
• Update softprops/action-gh-release action from v2.6.1 to v2.6.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14693)
• Update peter-evans/create-pull-request action from v8.1.0 to v8.1.1 (.github/workflows/update-sample-data.yml) @renovate (#14691)
• chore(deps): bump ruff from 0.15.9 to 0.15.10 @dependabot (#14690)
• chore(deps): bump pygithub from 2.9.0 to 2.9.1 @dependabot (#14689)
• chore(deps): bump drf-spectacular-sidecar from 2026.4.1 to 2026.4.14 @dependabot (#14688)
• Update actions/upload-artifact action from v7.0.0 to v7.0.1 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14686)
• Update actions/cache action from v5.0.4 to v5.0.5 (.github/workflows/validate_docs_build.yml) @renovate (#14685)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14684)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14683)
• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot...

2.57.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.2

• [pro] add DD-Orchestrator upgrade instructions for on-prem customers @paulOsinski (#14747)
• Fix Dependency Track parser missing vulnerability IDs when aliases is empty @valentijnscholten (#14748)
• ci: auto-label release PRs with release-management @Maffooch (#14744)
• 🐛 fix KeyError raised on Engineer Metrics #14737 @manuel-sommer (#14741)
• Fix Contrast parser collapsing findings with the same rule name @Jino-T (#14714)
• docs: global component deduplication @paulOsinski (#14717)
• docs(pro changelog): add 2.57.1 and 2.57.2 entries @Maffooch (#14736)
• docs optimization: use defer instead of async @paulOsinski (#14715)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add watchguard security advisory @manuel-sommer (#14742)

🚀 API features and enhancements

• Dispatch create-path notifications async to fix slow POST latency @Maffooch (#14731)

🖌 Updates in UI

• Improve SLA breach notification format and display @Maffooch (#14746)

🧰 Maintenance

• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot[bot] (#14753)
• chore(deps): bump lxml from 6.0.2 to 6.1.0 @dependabot[bot] (#14719)

2.57.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.1

• docs: add CLAUDE.md with module reorganization playbook @Maffooch (#14705)
• 🎉 add fix_available and fix_version to govulncheck @manuel-sommer (#14681)
• Change to reactivating risk accepted findings @Jino-T (#14633)
• Use RBAC for accept_risks API endpoints @Jino-T (#14632)
• Added ssrf utils file to check urls and applied it to risk recon parser @Jino-T (#14631)

🚩 Changes to settings.dist.py / local_settings.py

• Add centralized banner system with OS messaging support @Maffooch (#14708)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)

🚀 API features and enhancements

• Validate consistency between ID-based and name-based identifiers in import/reimport @Jino-T (#14636)
• Add permission checks for moving engagements between products @Jino-T (#14634)

🖌 Updates in UI

• Add centralized banner system with OS messaging support @Maffooch (#14708)
• fix css overflow issue - reports @paulOsinski (#14666)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• Clean up endpoint template rendering for user fields @Maffooch (#14682)

🧰 Maintenance

• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot (#14680)

2.57.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🖌 Updates in UI

• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): bump django from 5.2.12 to 5.2.13 @dependabot (#14664)
• chore(deps): bump cryptography from 46.0.6 to 46.0.7 @dependabot (#14660)
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /docs @dependabot (#14651)
• chore(deps): bump lodash from 4.17.23 to 4.18.1 in /docs @dependabot (#14648)

2.57.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.0

• Fixing header for broken unit test @rossops (#14644)
• AWS Inspector 2 Line number bug + other changes @Jino-T (#14616)
• async search index: run async instead of sync @valentijnscholten (#14639)
• Reimport: batch-refresh finding status fields in close_old_findings @valentijnscholten (#14638)
• [docs] Improve Invicti parser documentation with enterprise usage guidance @balaakasam (#14605)
• update sarif documentation @paulOsinski (#14635)
• fix: clear reverse M2M through tables before cascade deletion @valentijnscholten (#14630)
• fix(reimport): do not update finding tags on reimport for matched findings @valentijnscholten (#14627)
• [docs] changelog, maintenance @paulOsinski (#14614)
• chore(deps): bump ruff from 0.15.7 to 0.15.8 @manuel-sommer (#14624)
• when deleting a URL via API, perform_delete should call delete on the… @dogboat (#14612)
• Migration endpoints to locations fix @dogboat (#14625)
• fix(dedupe): prevent duplicate test processing in batch dedupe command @valentijnscholten (#14601)
• Add scan_date to import settings if overridden @Maffooch (#14502)
• perf(importers): batch endpoint creation and status updates during import/reimport @valentijnscholten (#14489)
• Add exact_title filter to findings API @brammie15 (#14597)
• feat: add PluggableContextTask for settings-based celery task context managers @valentijnscholten (#14572)
• fix: handle missing status_finding_non_special prefetch in reimporter @seantechco (#14569)
• Standardize CI tests on Debian AMD64 and document supported image variants @Maffooch (#14593)
• (feat) gosec parser: parse cwe_id and swap references if possible @maxi-bee (#14581)
• add semi large sample for jfrog xray unified and acunetix 360 @valentijnscholten (#14570)
• chore(deps): update dependency renovatebot/renovate from 43.76.4 to v43.91.2 (.github/workflows/renovate.yaml) @renovate (#14568)
• Parse Twistlock packagePath so that we can record where the CVE is found @coheigea (#14549)
• Fix deterministic ordering for async_dupe_delete when duplicate dates tie @valentijnscholten (#14562)
• Add upgrade guidance for existing PostgreSQL 18 volumes after PGDATA path change @DarkR0ast (#14561)
• Change dependabot and renovate to weekly on Wednesdays @Maffooch (#14552)
• [doc] various updates @paulOsinski (#14484)
• (perf) Batch duplicate marking part 2 @valentijnscholten (#14516)
• Exclude async_user from celery task @coheigea (#14506)
• Dependency Track: Support CVSS4 and also import CVSS vectors, references and publish date. @AndreVirtimo (#14498)
• fix(awssecurityhub): extract CVSS v3/v4 scores from Inspector findings @samiat4911 (#14481)
• Update PR template to reflect Ruff code compliance @valentijnscholten (#14507)
• Locations V3: add import performance test and autocorrect counts @valentijnscholten (#14501)
• docs: document BuildKit as a prerequisite for Docker Compose builds @valentijnscholten (#14503)
• chore: normalize line endings to LF (CRLF -> LF) @valentijnscholten (#14515)
• [docs] march pro changelog, Iriusrisk Connector documentation @paulOsinski (#14499)
• prefetching locations when building dedupe candidate scope queryset @dogboat (#14483)
• remove libtiff install from Dockerfiles @dogboat (#14485)
• fix: risk acceptance proof download throws 500 @valentijnscholten (#14478)
• bugfix(metrics): closed findings counter always shows 0 when no new findings are imported @vvpoglazov (#14464)
• fix(tests): prevent tag inheritance tests from polluting dev Celery queue @valentijnscholten (#14493)
• fix: endpoints not removable from finding via Edit Finding form @valentijnscholten (#14460)
• perf(fp-history): batch false positive history processing @valentijnscholten (#14449)
• [docs] append "pro" and "open source" to article names @paulOsinski (#14432)
• perf: batch duplicate marking in batch deduplication @valentijnscholten (#14458)
• feat: run single integration tests from dev mode @valentijnscholten (#14486)
• add lychee: ci test for 404s in docs @paulOsinski (#14440)
• chore: add .gitattributes to enforce LF line endings @valentijnscholten (#14448)
• Update sample data @github-actions (#14441)
• minor: use django.conf.settings over dojo.settings everywhere @fopina (#14434)
• disable group post signal default user for any social provider @fopina (#14425)
• Run dependabot so it doesnt interfere with release ops @rossops (#14477)
• use tags.add() instead of tags.set() on reimport @paulOsinski (#14459)
• fixture-updater: change missed in conflict resolution @fopina (#14433)
• [docs] split SSO config up, fix CSS issue @paulOsinski (#14431)
• Add documentation for OS Calendar feature @dangoelz (#14430)
• error message when viewing non-URL @dogboat (#14421)
• fix(sonarqube): handle missing service_key_1 in test_product_connection @samiat4911 (#14412)
• [docs] expand deduplication / reimport documentation @paulOsinski (#14392)

🚩 Changes to settings.dist.py / local_settings.py

• fix(github_sast): set unique_id_from_tool for dedup @samiat4911 (#14591)
• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• fix: Add file_path based detail mode for Anchore Grype parser @Kasyap7 (#14592)
• perf: replace per-object async delete with SQL cascade walker @valentijnscholten (#14566)
• fix: remove django-linear-migrations @valentijnscholten (#14571)
• feat: Add JFrog Xray API Summary Artifact Scan configuration @Arthur-DTAG (#14548)
• feat(parsers): add IriusRisk threat model CSV parser @skywalke34 (#14384)
• feat(parsers): add Orca Security CSV and JSON parser @skywalke34 (#14450)

🚩 Database migration

• fix: remove django-linear-migrations @valentijnscholten (#14571)
• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Drop System_Settings "credentials" field @dogboat (#14551)
• Notifications: Clean up duplicate system notification entries @Maffooch (#14488)

🚀 API features and enhancements

• Add deprecation notices for Credential Manager and Stub Findings @Maffooch (#14613)
• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Enhance engagement close/reopen actions with permission checks @Maffooch (#14517)
• Add authorization check to link_engagement action @Maffooch (#14504)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• api: load jira custom_fields as json @paulOsinski (#14494)
• add notes endpoint to RiskAcceptanceViewSet @paulOsinski (#14487)
• Quick verify in menu and keyboard shortcuts to verify/close findings @fopina (#14318)

🖌 Updates in UI

• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• Fix finding title HTML encoding inconsistency in All Findings view fi… @tejas0077 (#14524)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• fix: wrap markdown_styles in CSSSanitizer for bleach.clean() @valentijnscholten (#14479)
• feat: add additional_banners support to base template @Maffooch (#14492)
• feat: add Remove from Finding bulk action on View Finding page @valentijnscholten (#14461)
• show social provider label in groups @fopina (#14457)
• Quick verify in menu and keyboard shortcuts to verify/close findings @fopina (#14318)

🧰 Maintenance

• chore(deps): bump cryptography from 46.0.5 to 46.0.6 @dependabot (#14619)
• chore(deps): bump celery from 5.6.2 to 5.6.3 @dependabot (#14621)
• chore(deps): bump python-gitlab from 8.1.0 to 8.2.0 @dependabot (#14622)
• chore(deps): bump requests from 2.32.5 to 2.33.1 @dependabot (#14618)
• chore(deps): bump django-permissions-policy from 4.28.0 to 4.29.0 @dependabot (#14617)
• chore(deps): update dependency renovatebot/renovate from 43.91.2 to v43.102.8 (.github/workflows/renovate.yaml) @renovate (#14603)
• chore(deps): bump cryptography from 46.0.5 to 46.0.6 @dependabot (#14602)
• chore(deps): bump brace-expansion in /docs @dependabot (#14600)
• chore(deps): bump yaml from 2.8.2 to 2.8.3 in /docs @dependabot (#14599)
• chore(deps): update dependency kubernetes/kubernetes from v1.35.2 to v1.35.3 (.github/workflows/k8s-tests.yml) @renovate (#14563)
• chore(deps): bump requests from 2.32.5 to 2.33.0 @dependabot (#14598)
• chore(deps): bump djangorestframework from 3.17.0 to 3.17.1 @dependabot (#14588)
• chore(deps): bump picomatch in /docs @dependabot (#14595)
• chore(deps): update actions/configure-pages action from v5.0.0 to v6 (.github/workflows/gh-pages.yml) @renovate (#14594)
• chore(deps): bump redis from 7.3.0 to 7.4.0 @dependabot (#14589)
• chore(deps): update dependency node from 24.14.0 to v24.14.1 (.github/workflows/validate_docs_build.yml) @renovate (#14587)
• chore(deps): update openapitools/openapi-generator-cli docker tag from v7.20.0 to v7.21.0 (dockerfile.integration-tests-debian) @renovate (#14585)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14578)
• chore(deps): update losisin/helm-values-schema-json-action action from v2.4.1 to v2.5.0 (.github/workflows/test-helm-chart.yml) @renovate (#14576)
• chore(deps): update losisin/helm-docs-github-action action from v1.7.1 to v1.8.0 (.github/workflows/test-helm-chart.yml) @renovate (#14575)
• chore(deps): bump pygithub from 2.8.1 to 2.9.0 @dependabot (#14574)
• chore(deps): update azure/setup-helm action from v4.3.1 to v5 (.github/workflows/test-helm-chart.yml) @renovate (#14586)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14536)
• chore(deps): u...

2.56.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.3

• fix(dedupe): prevent duplicate test processing in batch dedupe command @valentijnscholten (#14601)
• Add scan_date to import settings if overridden @Maffooch (#14502)
• feat: add PluggableContextTask for settings-based celery task context managers @valentijnscholten (#14572)
• fix: handle missing status_finding_non_special prefetch in reimporter @seantechco (#14569)
• Standardize CI tests on Debian AMD64 and document supported image variants @Maffooch (#14593)
• add semi large sample for jfrog xray unified and acunetix 360 @valentijnscholten (#14570)

🚩 Changes to settings.dist.py / local_settings.py

• perf: replace per-object async delete with SQL cascade walker @valentijnscholten (#14566)
• fix: remove django-linear-migrations @valentijnscholten (#14571)
• feat: Add JFrog Xray API Summary Artifact Scan configuration @Arthur-DTAG (#14548)

🚩 Database migration

• fix: remove django-linear-migrations @valentijnscholten (#14571)

🧰 Maintenance

• chore(deps): bump requests from 2.32.5 to 2.33.0 @dependabot (#14598)
• chore(deps): bump picomatch in /docs @dependabot (#14595)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14578)

2.56.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.2

• Parse Twistlock packagePath so that we can record where the CVE is found @coheigea (#14549)
• Fix deterministic ordering for async_dupe_delete when duplicate dates tie @valentijnscholten (#14562)
• Add upgrade guidance for existing PostgreSQL 18 volumes after PGDATA path change @DarkR0ast (#14561)
• Change dependabot and renovate to weekly on Wednesdays @Maffooch (#14552)
• [doc] various updates @paulOsinski (#14484)
• Exclude async_user from celery task @coheigea (#14506)

🚩 Database migration

• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Drop System_Settings "credentials" field @dogboat (#14551)

🚀 API features and enhancements

• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)