2024.58

• Fix API token authentication in community edition

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

2024.57

• Fix set assignee in notes, findings and sections
• Fix error when setting note checkboxes
• Suggest values used in other findings in combobx fields
• Navigate through images in enlarged markdown image preview dialog

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

2024.55

• Allow commenting finding and section fields and markdown text
• Create backups via web interface
• Show backup history in web interface
• Store last usage date for API tokens
• Allow duplicating findings
• Compress PDFs to reduce file sizes
• Use redis as channels layer instead of postgres for collaborative editing
• Fix template pagination error for templates without CVSS score
• Fix multiple bugs in collaborative editing over websockets
• UI: Add button to copy confirm text in delete confirm dialogs
• UI: Fix create finding dialog searchbar cleared on click outside
• UI: Sticky toolbar in markdown editor

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

2024.49

• Enable fontconfig cache in docker container
• Respect verbosity option in backup and restorebackup commands
• Immediately create new templates in API to allow image uploads on first editing
• Fix importing of non-empty note assignees
• Collaborative editing: Sync pending changes on reconnect
• Fix collaborative editing updates applied out-of-order because of MDE update throttling
• Set Secure flag for cookies when setting SECURE_SSL_REDIRECT=on

2024.43

• Add sorting options to projects, templates, designs and users lists
• Collaborative editing in project history diff views
• Project history diff views: add revert changes button to markdown editor
• Send update_text events with text diff when updating text fields via API instead of overwriting the whole text
• Fix MDE preview layout break on zoom out
• Throttle MDE update events to prevent browser from hanging
• Fix elastic APM tracing middleware always enabled

2024.40

• Collaborative editing in project findings and sections
• Collaborative editing: update notes list when import new notes
• Collaborative editing: HTTP fallback if no WebSocket connection can be established
• Fix slot data items .length property undefined <list-of-figures>, <list-of-tables> and <table-of-contents> components
• Fix vulnerability for WebSocket connections (CVE-2024-36076)
• Introduce ALLOWED_HOSTS setting for request host and origin validation

2024.30

This is a security release. We recommend to not install previous versions.

• Update dependencies to fix request-smuggling vulnerabilities in gunicorn (CVE-2024-1135)

2024.28

• Collaborative editing in notes
• Show cursor position and selection of other users for collaborative editing in notes
• Remember "Encrypt PDF" setting in browser's local storage
• Fix force change design API request not sent
• Add Content Security Policy directive form-action
• Strengthen Content Security Policy: remove script-src unsafe-inline
• Fix API token expiring today shown as expired in UI
• Fix squished buttons on publishing project page
• Markdown editor: Improve vue template variable handling
• Markdown editor: Allow escaping curly braces

2024.20

• Fix PDF rendering hanging on headless chromium startup

2024.19

• Allow configuring the PDF rendering timeout (applies only when a separate worker is used)
• Add filename in markdown editor for uploaded files
• Move cursor after uploaded file/image in markdown editor
• Prevent cutting off spellcheck error underlines in string fields
• Add more language variants for spellcheck
• Allow duplicating finding templates
• Fix error in periodic task for automatic project archiving