What's New:
This requires a (one-time) rebuild of the Django-Watson search index. Execute the django command from the defect dojo installation directory:
./manage.py buildwatson dojo.Finding
If you're using docker:
docker-compose exec uwsgi ./manage.py buildwatson dojo.Finding
What's New:
Upgrading to 1.5.0 requirements:
Back up your database first, ideally take the backup from production and test the upgrade on a staging server.
Edit the settings.py file which can be found in
django-DefectDojo/dojo/settings/settings.py
. Copy in the rest
framework configuration after the CSRF_COOKIE_SECURE = True:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.TokenAuthentication',
'rest_framework.authentication.BasicAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.DjangoModelPermissions',
),
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
),
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
'PAGE_SIZE': 25
}
Navigate to: LOGIN_EXEMPT_URLS and add the following after r'^%sfinding/image/(?P<token>[^/]+)$' % URL_PREFIX:
r'^%sfinding/image/(?P<token>[^/]+)$' % URL_PREFIX,
r'^%sapi/v2/' % URL_PREFIX,
Navigate to: INSTALLED_APPS and add the following after: 'multiselectfield',:
'multiselectfield',
'rest_framework',
'rest_framework.authtoken',
'rest_framework_swagger',
'dbbackup',
Navigate to: CELERY_TASK_IGNORE_RESULT = True and add the following after CELERY_TASK_IGNORE_RESULT line:
CELERY_RESULT_BACKEND = 'db+sqlite:///dojo.celeryresults.sqlite'
Save your modified settings file. For reference the modified file should look like the new 1.5.0 [settings](https://github.com/DefectDojo/django-DefectDojo/blob/master/dojo/settings/settings.dist.py) file, minus the environmental configurations. As an alternative this file can be used and the enviromental configurations from you environment can be copied into this file.
pip install -r requirements.txt --upgrade
Upgrade the database:
./manage.py makemigrations
./manage.py migrate
Collect the static files (Javascript, Images, CSS):
./manage.py collectstatic --noinput
Complete