Follow the usual steps to upgrade as described above.
BEFORE UPGRADING
AFTER UPGRADING
python manage.py migrate
) try to migrate all endpoints to new format and merge duplicates.docker-compose exec uwsgi ./manage.py endpoint_migration --dry-run
docker-compose exec uwsgi ./manage.py endpoint_migration
We decided to name this version 2.0.0 because we did some big cleanups in this release:
Remove API v1 (#4413)
Remove setup.bash installation method (#4417)
Rename Finding.is_Mitigated field to Finding.is_mitigated (#3854)
Remove everything related to the old tagging library (#4419)
Remove S0/S1/S2../S5 severity display option (#4415)
Refactor EndPoint handling/formatting (#4473)
Upgrade to Django 3.x (#3632)
PDF Reports removed (#4418)
Hashcode calculation logic has changed. To update existing findings run:
./manage.py dedupe --hash_code_only
.
If you’re using docker:
docker-compose exec uwsgi ./manage.py dedupe --hash_code_only
.
This can take a while depending on your instance size.
python manage.py migrate
) tries to migrate all endpoints to new format and merge duplicates.docker-compose exec uwsgi ./manage.py endpoint_migration --dry-run
docker-compose exec uwsgi ./manage.py endpoint_migration
The new authorization system for Products and Product Types based on roles is the default now. The fields for authorized users are not available anymore, but you can assign roles as described in Permissions. Users are migrated automatically, so that their permissions are as close as possible to the previous authorization:
AUTHORIZED_USERS_ALLOW_STAFF
is True
, the user will get the Owner role for the respective Product or Product Type.AUTHORIZED_USERS_ALLOW_CHANGE
or AUTHORIZED_USERS_ALLOW_DELETE
is True
, the user will get the Writer role for the respective Product or Product Type.The new authorization is active for both UI and API. Permissions set via authorized users or via the Django Admin interface are no longer taken into account.
Please review the roles for your users after the upgrade to avoid an unintended permissions creep.