Github Action Version 2.5.0

Changes in this Release

• now all environment variables are passed to the client
• proxy support added for client download (#4060)
• the output of the SecHub client is now visible again (not only in debug mode)
• internal improvement: caching greatly improved
• internal improvement: upload size optimized
• enhancements for action development

For more details please look at Milestone 185

web-ui frontend Version 0.6.0

Changes in this Release

• Profile IDs Display: The WebUI now shows profile IDs for projects, improving visibility and management (#4067).
• Configurable Contact Information: Users can now configure the mail address and support website directly in the WebUI, enhancing customization and support options (#3888).
• Background Image Issue: Fixed a regex rule that was blocking the background image under /login/static, ensuring a smoother visual experience (#4081).
• Report Viewing: Added functionality to view SecHub reports directly within the WebUI, streamlining access to important information (#4014).

For more details please look at Milestone 193

Xray Wrapper Version 1.1.0

Changes in this Release

• default image name for pds-xray
• Some minor changes on Xray Wrapper implementation

For more details please look at Milestone 123

Prepare Wrapper Version 1.1.0

Changes in this Release

• Improve Prepare wrapper rc and validate Azure tokens

For more details please look at Milestone 155

OWASP-ZAP Wrapper Version 1.10.1

Changes in this Release

• Perform the authentication earlier to ensure an authenticated session when interacting with the target URL (e.g. for a swagger.yaml)

For more details please look at Milestone 191

web-ui frontend Version 0.5.0

Changes in this Release

• Project Management: Introduced a project settings dialog with the ability to change the project owner.
• User Identification: WebUI now displays user IDs for project owners and assigned users.
• File Upload: Enabled simple file upload functionality.
• Environment Configuration: Refactored HOST ENV settings for better configuration management.
• Redirect Improvements:
  • Fixed redirect behavior to ensure smoother navigation.
  • Updated redirect conditions for the login page.
  • Implemented a solution to redirect to the login page when session cookies are missing.
• Error Handling: Avoided HTTP 404 errors on deep links.
• Security Enhancements:
  • NGINX configuration updated to prevent version disclosure.
  • Excluded web-ui files from the apply-headers.sh script for enhanced security.
• Deployment: Various deployment fixes to streamline the update process.

For more details please look at Milestone 183

Server Version 2.9.0

Changes in this Release

• Server Helm chart: Added possibility to grant access from internal sources
• Project ownership: Owners can now transfer ownership to other users
• Web-UI: Login template is now customizable
• Security logs: Improved logging output format for better clarity
• User assignment: Enhanced handling of user assignments during project ownership changes
• Project access: Owners of newly created projects can access their projects seamlessly
• Documentation: Auto documentation now supports ConfigurationProperties

For more details please look at Milestone 188

Server Version 2.8.0

Changes in this Release

• job cancelling improved: works now also for not yet started jobs
• asset and template handling improved
• new logout section for DAST scanning
• email-verification feature for web-ui
• improvements in documentation

For more details please look at Milestone 186

PDS Version 2.2.0

Changes in this Release

• logging improved

For more details please look at Milestone 174

OWASP-ZAP Wrapper Version 1.10.0

Changes in this Release

• Update to latest ZAP upstream version
• zap-wrapper now reports amount of re-logins to indicate configuration problems
• added more resilience and try to avoid logouts
• testing possibilities improved
• other improvements

For more details please look at Milestone 181