3.18.0

3.18.0 [Oct 21st, 2021]:

• Remove attachments in vulns filter endpoint
• Add open and confirmed vulns in workspace stats
• Add user id to session API endpoint
• Add cve to vulnerability model
• Change funcs to views
• FIX report import
• Add last_run_agent_date field to workspace endpoint
• Fix cve parsing in vulnerability create and bulk create
• Fix order_by in filters api
• Fix 500 status code with invalid executor arguments

v3.17.1

3.17.1 [Aug 20th, 2021]:

• FIX bug when starting the server, creates a pool for reporting that breaks.

v3.17.0

3.17.0 [Aug 10th, 2021]:

• ADD --data parameter to faraday-manage settings
• MOD Process report files in a separate process
• MOD Make bulk_create requests asynchronous

v3.16.1

• MOD only show settings of this version in faraday-manage settings
• FIX update minimum version of click dependency

v3.16.0

• BREAKING CHANGE: API V2 discontinued
• BREAKING CHANGE: Changed minimum version of python to 3.7
• ADD agent parameters has types (protocol with agent and its APIs)
• ADD move settings from server.in to a db model
• ADD (optional) query logs
• MOD new threads management
• MOD vulnerabilities' endpoint no longer loads evidence unless requested with get_evidence=true
• FIX now it is not possible to create workspace of name "filter"
• FIX bug with dates in the future
• FIX bug with click 8
• FIX bug using --port command
• FIX endpoints returning 500 as status code
• REMOVE the need tom CSRF token from evidence upload api

v3.15.0

• ADD Basic Auth support
• ADD support for GET method in websocket_tokens, POST will be deprecated in the future
• ADD CVSS(String), CWE(String), CVE(relationship) columns to vulnerability model and API
• ADD agent token's API says the renewal cycling duration
• MOD Improve database model to be able to delete workspaces fastly
• MOD Improve code style and uses (less flake8 exceptions, py3 super style, Flask app as singleton, etc)
• MOD workspaces' names regex to verify they cannot contain forward slash (/)
• MOD Improve bulk create logs
• FIX Own schema breaking Marshmallow 3.11.0+
• UPD flask_security_too to version 4.0.0+

v3.14.4

3.14.4 [Apr 15th, 2021]:

• Updated plugins package, which update appscan plugin

v3.14.3

3.14.3 [Mar 30th, 2021]:

• MOD MAYOR Breaking change: Use frontend from other repository
• ADD last_run to executors and agents
• ADD ignore info vulns option (from faraday-plugins 1.4.3)
• ADD invalid logins are registered in audit.log
• ADD agent registration tokens are now 6-digit short and automatically regenerated every 30 seconds
• MOD Fix logout redirect loop
• REMOVE support for native SSL

v3.14.2

3.14.2 [Feb 26th, 2021]:

• ADD New plugins:
  • microsoft baseline security analyzer
  • nextnet
  • openscap
• FIX old versions of Nessus plugins bugs

v3.14.1

3.14.1 [Feb 17th, 2021]:

• ADD forgot password
• ADD update services by bulk_create
• ADD FARADAY_DISABLE_LOGS varibale to disable logs to filesystem
• ADD security logs in audit.log file
• UPD security dependency Flask-Security-Too v3.4.4
• MOD rename total_rows field in filter host response
• MOD improved Export cvs performance by reducing the number of queries
• MOD sanitize the content of vulns' request and response
• MOD dont strip new line in description when exporting csv
• MOD improved threads management on exception
• MOD improved performance on vulnerability filter
• MOD improved API documentation
• FIX upload a report with invalid custom fields
• ADD beta v3 API, which includes:
  • All endpoints ends without /
  • PATCH {model}/id endpoints
  • Bulk update via PATCH {model} endpoints
  • Bulk delete via DELETE {model} endpoints
  • Endpoints removed:
    • /v2/ws/<workspace_id>/activate/
    • /v2/ws/<workspace_id>/change_readonly/
    • /v2/ws/<workspace_id>/deactivate/
    • /v2/ws/<workspace_name>/hosts/bulk_delete/
    • /v2/ws/<workspace_name>/vulns/bulk_delete/
  • Endpoints updated:
    • /v2/ws/<workspace_name>/vulns/<int:vuln_id>/attachments/ =>
      /v3/ws/<workspace_name>/vulns/<int:vuln_id>/attachment