- Add Dark mode theme
9564911 - Update CVSS calculation
5cb9661- Use First roundup function for impact and exploitability subscores
- Add temporal colors for template
- Add environmental colors for template
- Add environmental impact and exploitability subscores
- Update sorting with Environmental and Temporal scores
- Removed cvssScore and cvssSeverity from models since now they are always calculated based on the vector string
- Update websockets to reconnect after a disconnect
0813945- Updated socket.io to last version
- If server connection is lost websockets for Audit menu will reconnect automatically
- Add dynamic check for backend connection
2673749- If websocket disconnect then a loading message appear until it reconnects
- Remove user deletion to prevent missing references
6e3de55- Deleting users breaked their links to different objects like audits.
- It's better to use the recent disable feature to avoid orphan objects
- Added a short name to companies and included it on reports
cd72648 - Create filter to sort findings in document
a551379 - Add i18n fr-FR translation
260f5dc - i18n de-DE: Adding German Interface Translation
48dad91 - Add 'Disable user' feature
a8d6d49
- Correctly reject promise when wrong password on profile
711dbf1 - Fix client selection issue (#242)
f8e6c27
@nobox910
-
Update Default Template
5764df8 -
Fix template count function
31b6577- Close #237
-
Fix numbering issue in ooxml conversion
cb9883c- Close #236
- Update convertDateLocale filter
876b96d- Changed numeric to 2-digit to have 2021/08/01 instead of 2021/8/1
- Update default template
51e48ed- Removed some {-w:p} tags that could cause errors with images
- Handle Categories order in findings
08748f2- Fix Categories order using their position in Custom Data
- Add "categories" data available in report template to generate findings dynamically by Category:
categories: {categoryName:<name>, categoryFindings:<[Array of Findings]>}
- Add Caption feature in HTML Editor
f93fbdd- Caption labels are dynamic and can be added in the
Settingspage (Default will beFigure) - Caption can be added anywhere in the Editor
- It will render
<label> 1 - xxxin Word generated document (select all + F9 to update numbering in Word) - The style in the generated report can be customised by creating/editing the
Captionstyle in the Word template
- Caption labels are dynamic and can be added in the
- Update CVSS calculator
9baf6ef- Update to version 3.1
- Add Temporal and environmental scores
- Add impact and exploitability scores
- Add tooltips description
- Add translation for report data
88d89f0- Dictionary files can be used to translate some data automatically depending on audit language
- A dictionary draft for French can be found in
backend/src/translate - The name of the folder should correspond to the name of the locale defined in
Data > Custom Data > Languages - Angular expression can be directly used in report template:
{input | translate:'locale'} - The following data will be automatically translated based on the audit language:
- cvssObj
- auditType
- findings[i].vulnType
- findings[i].category
- sections[i].name
- Add Category creation on vulnerabilities import
0e97ffc- When importing vulnerabilities, if a Category does not exist it will be created
- Add Internationalization for Frontend
a239bb6- Language can be changed in
Settingspage - Currently supported languages:
en-USandzh-CN
- Language can be changed in
- Add TOTP feature
c1aaf12- TOTP can be enabled in the user profile page
- Add Sub-Templating
21e583b- Add sub templating with delimiter
{_{xxx}_}for exemple if you put{_{client.firstname}_}in description during the generation it will be replace with the client firstname. If var not found/undefined the system will replace{_{client.firstname}_}by nothing
- Add sub templating with delimiter
- Update python to python3 in apk repo
efcbc51 - Add Email and Phone fields for Collaborators
9a0ab63
- Update : python no longer existe in apk repo now it's python3
91d10f4 - Fix issues related to sub-templating
631bc0a
- Changes to CVSS data require to update Word templates to avoid report generation errors
- Replace
{cvssv3}by{cvss.vectorString} - Replace
{cvssScore}by{cvss.baseMetricScore} - Replace
{cvssSeverity}by{cvss.baseSeverity} - Replace
{@cvssColor}by{@cvss.cellColor}
findings[i]: //before { cvssv3 cvssScore cvssSeverity cvssColor } findings[i]: // now { cvss: { vectorString baseMetricScore baseSeverity temporalMetricScore temporalSeverity environmentalMetricScore environmentalSeverity baseImpact baseExploitability cellColor } } - Replace
- Update JWT generation
15f3dc0- JWT is now dynamically generated
- config files moved to on location
- Update Session management using refresh token
ff1b868- A refresh token has been introduced allowing to request for a new token
- Token is now valid for 15min and refreshtoken for 7days
- So now when updating a user (role or remove) it will take maximum 15min (or page refresh) to invalidate the old token
- Each refresh token is associated with a sessionId allowing to have multiple sessions on different devices
- Add different options to sort Audit findings
32dd337- The automatic sorting parameter can now be customized for each vulnerability category
- Custom fields can be used as sorting parameter (input, date, radio and select)
- Default sorting can be set in Custom data > Vulnerability Categories
- Manual sorting of findings is also possible now with drag&drop
- Add Audit reviews and approval feature
02d144d. Thanks@lm-secand@alexandre-lavoie- Add a new process (disabled by default) to handle Audit approbation
- Update Settings
- Add readonly visual on Audits when user cannot edit
- Fix issue in HTML editor
63c6359- Toolbar styles could be applied by using their HTML tags directly in the editor resulting in visual bugs
- Fix issue in textarea-array component
dd5b51f- Removed trim function since it caused issues with resetting cursor at end of input when deleting and reaching a space. It is taken care of by the trim option in mongoose
- Fix database compatibility issue
361cd0a- Fix the mongodb version to avoid compatibility issue with newer versions for now
- After updating, Settings will be reset to default
- Add Settings feature with image border
74cb76c- It is now possible to enable and manage color of border on images generated in the report
- Add Trim to all strings saved in database
011d9d2- Avoid issues like additionnal spaces in titles
- Add Company creation directly from Audit General
1b28a21- Update select with input filtering
- If Company does not exist it will be created upon saving in Audit General section (make sure to tap enter to add the company)
- Add creator to new vulnerability from finding
5173b07- Like for vulnerablities updates, creator is now visible when editing newly created vulnerability
- Fix editor affix issue in vulnerabilities modals
9e5d0c- Disable affix to avoid issues
- Add new Custom Field Components
972641f- Checkbox
- Date
- Radio
- Select
- Select Multiple
- Add new customFields to report generation data
404420d - Add affix by default for all HTML editors
6d50b13
- Remove Audit Section create and delete
30a1563- Not needed anymore since automatically handled by Audit Type
- Fix custom-fields rules validation on multiple options
8d6edeb - Fix Audits List search filter
e254603- Language match is fixed
- Company is changed to an exact match
- Doc Update: Detailed how to import a network scan
#115
- Update Audit Types and Audit Creation
1de6353- Audit Types are now linked to Templates and Sections
- An Audit can then be customized depending on its Audit Type
- Template selection when creating an Audit is now replaced by Audit Type
- Sections are automatically added when creating the Audit based on the Audit Type
- Add Section Customization
7225972- Sections are now entirely made of Custom Fields allowing complete customization
- Each Section can be customized in the
Custom Fieldstab - Default Text can be set for each Custom Field for all languages available
- Manually adding sections in an Audit has been removed
- Languages for Audit Types and Custom Sections have been removed
- Old Default Text in
Custom Sectionstab won't be available anymore. Back it up before updating - Since Sections can't be added manually anymore, any Audit in progress should be finished or Sections added to them before updating