Skip to content

Releases: NUWCDIVNPT/stig-manager

1.2.3

14 Feb 15:04
441426e
Compare
Choose a tag to compare

Changes:

  • (App) Trim white space from exported CSV values
  • (API) Include request body when logging at level 4
  • (App) Corrected web app logic for XCCDF imports

Commits:

1.2.2

07 Feb 19:23
9528efd
Compare
Choose a tag to compare

Changes:

  • Fix a UI regression that incorrectly hides the "Accept" button and disables the "Reject" feature
  • The experimental AppData feature now supports Review history items

Commits:

  • fix: accept button incorrectly hidden (#571)
  • feat: include review history in appdata export/import (#562)
  • remove: CORS proxy for OIDC (#558)
  • refactor: fetchStig/Scap logging (#557)
  • chore: Build updates (#556)
  • doc: remove videos from source and build

1.2.1

18 Jan 12:15
74e6477
Compare
Choose a tag to compare

Changes:

  • BREAKING API CHANGE: The OpenAPI schema for Collection was revised. Collection.workflow was removed. Collection.settings was introduced and is mandatory for POST/PUT requests.
  • Resolved a bug where Collection.description was not being saved (#547)
  • CI pipeline modified to detect bugs such as the above

Includes a MySQL migration that:

  • Drops column collection.workflow
  • Adds column collection.settings as type JSON
  • Sets the value of column settings for each record in table collection based on the value of metadata.fieldSettings if it exists, and metadata.statusSettings if it exists. If those values do not exist, then the default value of settings is used.
    {
      "fields": {
        "detail": {
          "enabled": "findings",
          "required": "findings"
        },
        "comment": {
          "enabled": "always",
          "required": "always"
        }
      },
      "status": {
        "canAccept": true,
        "minAcceptGrant": 3,
        "resetCriteria": "result"
      }
    }
  • Removes the keys fieldSettings and statusSettings from the value of column metadata for each record in table collection

We recommend backing up your database before updating to any release with a database migration.

Commits:

1.2.0

05 Jan 12:57
25bf469
Compare
Choose a tag to compare

Introduces:

  • structured logging output from the API as a JSON stream
  • build script to generate a minimized client distrubution
  • build script to generate signed binaries of the API for Windows and Linux
  • updates to the CD workflows
  • dependency updates which resolve recently reported security vulnerabilities
  • minor bug fixes

Commits:

  • 13e4d1a dev: api distribution build script (#541)
  • 434e984 refactor: remove client from event path (#540)
  • b1903c6 fix: register xtype for STIG revision grid (#539)
  • bb374d1 fix: escape quotes in Welcome title and message (#538)
  • 459ef3e refactor: JSON_EXTRACT() instead of JSON_VALUE() (#537)
  • 19892dc chore: increment copyright year (#536)
  • d93bb4d chore: update node modules (#535)
  • 7fad835 dev: client distribution build script (#534)
  • dff8a9e feat: JSON logging and supporting code (#530)
  • 3ac29a5 docs: updated Logging, Environment Variables, Setup and Deployment docs. (#524)

1.1.0

18 Nov 23:12
e9ab8cf
Compare
Choose a tag to compare

Commits:

  • ui: styling tweaks (#517)
  • docs: consolidated some redundant docs, added info about collection settings, updated screenshots (#514)
  • feat: update UI labels (#513)
  • feat: review status handling (#511)

Includes breaking changes to the OpenAPI definition that affect clients such as STIG Manager Watcher. Some properties of the schemas for Review... and ReviewHistory... have been changed, renamed or removed:

  • resultComment is renamed to detail
  • actionComment is renamed to comment
  • action is removed
  • status value can be either a string or an object. See the definition for details.

Includes a MySQL migration that changes the schema for tables review and reviewHistory.

  • The running time of the migration depends on the number of records in those tables.
  • The migration also drops the small, static table action.
  • We recommend backing up the database before updating to any release with a database migration.

1.0.42

04 Nov 19:55
5b3f72c
Compare
Choose a tag to compare
  • fix: CKL comments restored (#505)
  • oas: Various OAS changes to enable better response validation (#500)
  • fix: always sort Collection Review to top (#501)

1.0.41

01 Nov 13:26
c15453b
Compare
Choose a tag to compare
  • fix: filter grid on asset name (#498)
  • feat: UI support for STIG/revision delete (#491)
  • refactor: unhandled rejections (#490)
  • doc: Additional documentation updates, links. (#489)
  • doc: Added project security policy, security docs, docker trust public key, stigman sample .ckl (#486)
  • feat: choice to export mono- or multi-STIG CKLs (#480)
  • refactor: await _migrations table (#476)

1.0.40

14 Oct 12:22
4c66270
Compare
Choose a tag to compare

fix: allowReserved for office query param (#474)
deps: rm connect,compression, request; update xlsx-template (#473)
feat: STIG Library feature introduced (#472)
refactor: ui rendering (#471)
refactor: reduce web client smells (#470)
feat: column filters (#469)
chore: fictionalize appdata city (#468)
chore: remove unused client dockerfile (#467)
fix: encode office query param (#466)
feat: userObject.display tries username or servicename (#463)

1.0.0-beta.39

24 Sep 12:46
Compare
Choose a tag to compare
1.0.0-beta.39 Pre-release
Pre-release

This is the last release to have a beta designation. Several UI enhancements are introduced, including:

There is a database migration included in this release that moves the data in table stats_asset_stig to stig_asset_map.

  • feat: Welcome message enhancements (#461)
  • feat: experimental CORS proxy for OIDC (#460)
  • docs: updated screenshots, added care and feeding, autoresult, and CORS sections, updated terminology, many other small fixes. (#462)
  • feat: welcome widget icon/text can be customized (#458)
  • feat: UI support for rejectedCount, minTs, maxTs (#456)
  • feat: updated loading screen for the UI (#457)
  • feat: statusStats with rejectCount, minTs, maxTs (#454)
  • fix: query param inadvertently marked as path param in Asset/getChecklistByAsset (#453)
  • feat: GET /op/definition endpoint with JSONPath (#452)
  • feat: Web app updates (#442)
  • feat: relaxed CKL revision checks by default (#450)
  • deps: remove unused patch-package (#449)
  • test: limit bootstrap wait to 45 seconds (#448)
  • deps: updating jwks-rsa to 2.0.4 removes axios (#446)
  • refactor: move stats to stig_asset_map (#431)
  • refactor: reduce duplicated code for data migrations (#433)
  • feat: adds new review-history endpoints (#417)

1.0.0-beta.38

26 Aug 19:12
Compare
Choose a tag to compare
1.0.0-beta.38 Pre-release
Pre-release
  • fix: don't sort for history projection (#419)
  • doc: include build in Docker image and serve with express (#414)
  • fix: setting stig-asset access was generating 404 incorrectly (#416)
  • fix: don't sort reviews to workaround MySQL bug (#411)
  • feat: deleting a STIG updates related tables (#409)
  • feat: UI keeps tokens refreshed (#408)