Breaking change for Docker Compose: Starting DefectDojo with Docker Compose now supports 2 databases (MySQL and PostgreSQL) and 2 celery brokers (RabbitMQ and Redis). To make this possible, docker-compose needs to be started with the parameters --profile
and --env-file
. You can get more information in Setup via Docker Compose - Profiles. The profile mysql-rabbitmq
provides the same configuration as in previous releases. With this the prerequisites have changed as well: Docker requires at least version 19.03.0 and Docker Compose 1.28.0.
Breaking change for Helm Chart: In one of the last releases we upgraded the redis dependency in our helm chart without renaming keys in our helm chart. We fixed this bug with this release, but you may want to check if all redis values are correct (Pull Request).
The flexible permissions for the configuration of DefectDojo are now active by default. With this, the flag Staff for users is not relevant and not visible anymore. The old behaviour can still be activated by setting the parameter FEATURE_CONFIGURATION_AUTHORIZATION
to False
. If you haven’t done so with the previous release, you can still run a migration script with ./manage.py migrate_staff_users
. This script:
AUTHORIZATION_STAFF_OVERRIDE
is set to True
.