From a0de8d0ac7c0939a9dec231ceaf64fb4d6cb9dde Mon Sep 17 00:00:00 2001 From: Vanessa Fotso Date: Fri, 25 Aug 2023 16:37:14 -0400 Subject: [PATCH] v2.1.4 Signed-off-by: Vanessa Fotso --- .github_changelog_generator | 10 + CHANGELOG.md | 363 ++++++++++++++++-------- VERSION | 2 +- app/helpers/application_helper.rb | 4 +- app/views/devise/sessions/new.html.haml | 2 +- package.json | 2 +- 6 files changed, 263 insertions(+), 120 deletions(-) create mode 100644 .github_changelog_generator diff --git a/.github_changelog_generator b/.github_changelog_generator new file mode 100644 index 00000000..137d3f2d --- /dev/null +++ b/.github_changelog_generator @@ -0,0 +1,10 @@ +user=mitre +project=vulcan +future-release=v2.1.4 +since-tag=v2.0.0 +release-branch=master +add-sections={"dependencies":{"prefix":"**Dependencies updates:**","labels":["dependencies"]}} +enhancement-labels=enhancement,Enhancement,Type: Enhancement,feature request +http-cache=false +filter-by-milestone=false +issues-of-open-milestones=false diff --git a/CHANGELOG.md b/CHANGELOG.md index ec9922e7..61da1feb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,115 +1,248 @@ -## Vulcan v2.1.3 - -#### Exciting New Features 🎉 - -* VULCAN-551: Enabling SMTP feature to send emails via ActionMailer by @smarlaku820 in -* VULCAN-570: Control View Only and Edit Mode UX refactor by @vanessuniq in - -#### Other Changes - -* VULCAN-579: Fix project update logic for detecting name changes correctly by @smarlaku820 in -* VULCAN-581: Enhance Import from Spreadsheet workflow by @vanessuniq in - -## Vulcan v2.1.2 - -#### Exciting New Features 🎉 - -* VULCAN-563: Export/Import inspec control body by @vanessuniq in -* Enabled editing component STIG ID prefix by @vanessuniq in - -#### Other Changes - -* Group histories with the same name, created_at, and comment; add tooltip for rule status by @vanessuniq in -* Adding the option to group/sort controls by SrG ID by @vanessuniq in -* VULCAN- 565: Add latest release version tag to Navbar component by @vanessuniq in -* VULCAN-559: Support for Multiple CCIs by @vanessuniq in - -## vulcan v2.1.1 - -#### 👒 Dependencies - -* Bump rack from 2.2.6.3 to 2.2.6.4 by @dependabot in -* Bump nokogiri from 1.14.2 to 1.14.3 by @dependabot in - -#### Other Changes - -* VULCAN-348: Aternative testing by @vanessuniq in -* Customized parser to not interpret character/html entity by @vanessuniq in -* VULCAN-372: Add additional component question of url type by @freddyfeelgood in -* Up to deep linking by @vanessuniq in -* Use title for description if description blank by @rlakey in - -## Vulcan v2.1.0 - -#### Exciting New Features 🎉 - -* Enable XCCDF export of a single component by @vanessuniq in -* VULCAN-496: Completed #496 by @vanessuniq in -* Added Filtering capability to SRG dropdown by @freddyfeelgood in : -* Feature DISA Export Excel complete with tests by @smarlaku820 in -* Disallow new project creation if not admin by default by @smarlaku820 in -* Created an ENV variable for controlling USER registrations on Vulcan app (Enabled by Default) by @smarlaku820 in -* Added OIDC Integration capability for Vulcan by @smarlaku820 in -* VULCAN-389: Integrate Slack With Vulcan by @smarlaku820 in - -#### 👒 Dependencies - -* Bump nokogiri from 1.13.4 to 1.13.5 by @dependabot in -* Bump nokogiri from 1.13.5 to 1.13.6 by @dependabot in -* Bump rack from 2.2.3 to 2.2.3.1 by @dependabot in -* Bump eventsource from 1.1.0 to 1.1.1 by @dependabot in -* Bump rails-html-sanitizer from 1.4.2 to 1.4.3 by @dependabot in -* Bump terser from 4.8.0 to 4.8.1 by @dependabot in -* Bump moment from 2.29.2 to 2.29.4 by @dependabot in -* Bump omniauth from 1.9.1 to 1.9.2 by @dependabot in -* Bump express from 4.17.1 to 4.18.2 by @dependabot in -* Bump nokogiri from 1.13.6 to 1.13.10 by @dependabot in -* Bump minimatch from 3.0.4 to 3.1.2 by @dependabot in -* Bump loader-utils from 1.4.0 to 1.4.2 by @dependabot in -* Bump loofah from 2.18.0 to 2.19.1 by @dependabot in -* Bump decode-uri-component from 0.2.0 to 0.2.2 by @dependabot in -* Bump rails-html-sanitizer from 1.4.3 to 1.4.4 by @dependabot in -* Bump globalid from 1.0.0 to 1.0.1 by @dependabot in -* Bump json5 from 1.0.1 to 1.0.2 by @dependabot in -* Bump rack from 2.2.4 to 2.2.6.2 by @dependabot in -* Bump omniauth and gitlab_omniauth-ldap by @dependabot in -* Bump omniauth-rails_csrf_protection Gem by @smarlaku820 in -* Bump rack from 2.2.6.2 to 2.2.6.3 by @dependabot in - -#### Other Changes - -* VULCAN-429: Fix deleting a control prevents the deleting of the component by @timwongj in -* VULCAN-433: Modify rules_count to exclude deleted rules by @timwongj in -* VULCAN-414: Sort displayed components by @timwongj in -* VULCAN-301: Display loading... when uploading SRG by @timwongj in -* VULCAN-298: SRG page enhancements by @timwongj in -* VULCAN-362: Account for controls marked as duplicate on existing SRG content import by @timwongj in -* VULCAN-419: Sort Inspec tags by @timwongj in -* fix add new control by @timwongj in -* VULCAN-454: Implement find and replace by @timwongj in -* VULCAN-410: Swap diff view comparison by @sgober in -* VULCAN-415: Show version and release for overlaid components suggestions by @timwongj in -* VULCAN-445: Title box visibility by @timwongj in -* VULCAN-449: Fix mark as duplicate for proj/comp admin/authors by @timwongj in -* VULCAN-457: Add tooltip for mark as duplicate by @timwongj in -* VULCAN-447: Enable context-aware popover help icons, depending on Status field by @timwongj in -* VULCAN-448: Add concept of compensating controls and POA&M statuses to Applicable - Does Not Meet status by @timwongj in -* VULCAN-452: Review workflow improvements by @timwongj in -* VULCAN-448: mitigations are always shown by @timwongj in -* VULCAN-470: change the color of the mark as duplicate button by @vanessuniq in -* VULCAN-475: fixes #475 by @wdower in -* Add GitHub logo to README by @ChrisHinchey in -* Fix GitHub logo in README by @ChrisHinchey in -* Update push-to-docker.yml by @vanessuniq in -* Debugged: added the missing currentUserId prop to RuleEditorHeader co… by @vanessuniq in -* VULCAN-501: copy component fails when selecting a newer srg version and a control has been previously deleted in the source component by @vanessuniq in -* VULCAN-495: export to excel does not work if components have the same name by @vanessuniq in -* VULCAN-517: update SRG info on control view by @rlakey in -* VULCAN-315: added toggle for stig id to srg id by @rlakey in -* Properly using #dup method for expected behavior: by @vanessuniq in -* VULCAN-524: fix answer cloning issue by @rlakey in -* VULCAN-530: populate gid and rid in inspec body data by @rlakey in -* VULCAN-531: fix for copy comp w new srg for vuln disc by @rlakey in -* Sorted excel output and misc bug fixes by @rlakey in - -## Vulcan v2.0.0 +# Changelog + +## [v2.1.4](https://github.com/mitre/vulcan/tree/v2.1.4) (2023-08-25) + +[Full Changelog](https://github.com/mitre/vulcan/compare/v2.1.3...v2.1.4) + +**Implemented enhancements:** + +- Constrain the selectable list to allow only Apllicable - Configurable controls to be satisfied by other [\#586](https://github.com/mitre/vulcan/pull/586) ([vanessuniq](https://github.com/vanessuniq)) +- Constrain requirement for locking Applicable -Does Not Meet and Applicable - Inherently Meets controls [\#587](https://github.com/mitre/vulcan/pull/587) ([vanessuniq](https://github.com/vanessuniq)) +- Notifications: Slack notification and SMTP Enhancement [\#594](https://github.com/mitre/vulcan/pull/594) ([vanessuniq](https://github.com/vanessuniq)) +- New Feature: Enable setting up Project visibility and Requesting access to a project [\#595](https://github.com/mitre/vulcan/pull/595) ([vanessuniq](https://github.com/vanessuniq)) +- STIG & Related Rules workflow [\#599](https://github.com/mitre/vulcan/pull/599) ([vanessuniq](https://github.com/vanessuniq)) + +**Fixed bugs:** + +- VULCAN-528: Fix component admin on component cards [\#588](https://github.com/mitre/vulcan/pull/588) ([vanessuniq](https://github.com/vanessuniq)) +- If null data just return for related info [\#602](https://github.com/mitre/vulcan/pull/602) ([freddyfeelgood](https://github.com/freddyfeelgood)) +- Fix: Capture STIG Name on Upload [\#603](https://github.com/mitre/vulcan/pull/603) ([vanessuniq](https://github.com/vanessuniq)) +- Fix Related Rules Grouping [\#604](https://github.com/mitre/vulcan/pull/604) ([vanessuniq](https://github.com/vanessuniq)) + +**Dependencies updates:** + +- Bump audited from 5.0.2 to 5.3.3 [\#568](https://github.com/mitre/vulcan/pull/568) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump semver from 5.7.1 to 5.7.2 [\#596](https://github.com/mitre/vulcan/pull/596) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump word-wrap from 1.2.3 to 1.2.4 [\#597](https://github.com/mitre/vulcan/pull/597) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump puma from 4.3.12 to 5.6.7 by [\#601](https://github.com/mitre/vulcan/pull/601) ([dependabot[bot]](https://github.com/apps/dependabot)) + +**Closed issues:** + +- Give admins the ability to mark a project as 'open' [\#590](https://github.com/mitre/vulcan/issues/590) +- Add constraint to satisfies workflow for configurable only requirements. [\#585](https://github.com/mitre/vulcan/issues/585) +- Have Vulcan automatically list all available STIGs/SRGs [\#480](https://github.com/mitre/vulcan/issues/480) +- Fix component\_admin on component cards [\#528](https://github.com/mitre/vulcan/issues/528) +- Extend email notifications to alert users when their role changes. [\#593](https://github.com/mitre/vulcan/issues/593) +- Enable users to provide their own Slack user ID if they would like to receive Slack DMs \(e.g. when added/removed from a project, role changes, review requests, etc\). [\#592](https://github.com/mitre/vulcan/issues/592) +- Enable users \(admins\) to provide the Slack channel they want to use for each project or component. This can be provided on project/component creation or edited in the project/component metadata. [\#591](https://github.com/mitre/vulcan/issues/591) +- The Mitigation field must be populated if the requirement Status is 'Applicable - Does Not Meet' [\#578](https://github.com/mitre/vulcan/issues/578) +- Artifact Description is required and should only be visible in Status - Applicable - Inherently Meets [\#577](https://github.com/mitre/vulcan/issues/577) +- Look into backup options for heroku deployment [\#458](https://github.com/mitre/vulcan/issues/458) + +## [v2.1.3](https://github.com/mitre/vulcan/tree/v2.1.3) (2023-06-01) + +[Full Changelog](https://github.com/mitre/vulcan/compare/v2.1.2...v2.1.3) + +**Implemented enhancements:** + +- Implementing ActionMailer for sending email notifications [\#551](https://github.com/mitre/vulcan/issues/551) +- Enabling SMTP feature to send emails via ActionMailer [\#584](https://github.com/mitre/vulcan/pull/584) ([smarlaku820](https://github.com/smarlaku820)) +- Control View Only and Edit Mode UX refactor [\#583](https://github.com/mitre/vulcan/pull/583) ([vanessuniq](https://github.com/vanessuniq)) + +**Fixed bugs:** + +- Import From a SpreadSheet does not work as expected when contains a rule that is satisfied by more than one other rules [\#581](https://github.com/mitre/vulcan/issues/581) +- Bug: Vulcan project metadata update triggers project\_rename slack notification [\#579](https://github.com/mitre/vulcan/issues/579) +- VULCAN-581: Enhance Import from Spreadsheet workflow [\#582](https://github.com/mitre/vulcan/pull/582) ([vanessuniq](https://github.com/vanessuniq)) +- fix project update logic for detecting name changes correctly [\#580](https://github.com/mitre/vulcan/pull/580) ([smarlaku820](https://github.com/smarlaku820)) + +**Closed issues:** + +- Move user button in Find and Replace to top of the modal [\#576](https://github.com/mitre/vulcan/issues/576) +- Update Find and Replace to search all fields [\#575](https://github.com/mitre/vulcan/issues/575) +- Update Find and Replace to add case sensitive and non-sensitive [\#574](https://github.com/mitre/vulcan/issues/574) +- Expose Requirement Satellites Nesting in Form feels and UX [\#571](https://github.com/mitre/vulcan/issues/571) +- Refactor 'Mark As Duplicate' into original design of nested elements [\#570](https://github.com/mitre/vulcan/issues/570) + +## [v2.1.2](https://github.com/mitre/vulcan/tree/v2.1.2) (2023-05-08) + +[Full Changelog](https://github.com/mitre/vulcan/compare/v2.1.1...v2.1.2) + +**Implemented enhancements:** + +- Add version info to UI [\#565](https://github.com/mitre/vulcan/issues/565) +- Add description text to xccdf exports [\#556](https://github.com/mitre/vulcan/issues/556) +- VULCAN- 565: Add latest release version tag to Navbar component [\#567](https://github.com/mitre/vulcan/pull/567) ([vanessuniq](https://github.com/vanessuniq)) +- Adding the option to group/sort controls by SrG ID [\#566](https://github.com/mitre/vulcan/pull/566) ([vanessuniq](https://github.com/vanessuniq)) +- VULCAN-563: Export/Import inspec control body [\#564](https://github.com/mitre/vulcan/pull/564) ([vanessuniq](https://github.com/vanessuniq)) +- Group histories with the same name, created\_at, and comment; add tooltip for rule status [\#562](https://github.com/mitre/vulcan/pull/562) ([vanessuniq](https://github.com/vanessuniq)) +- Enabled editing component STIG ID prefix [\#558](https://github.com/mitre/vulcan/pull/558) ([vanessuniq](https://github.com/vanessuniq)) + +**Fixed bugs:** + +- Support multiple cci's [\#559](https://github.com/mitre/vulcan/issues/559) +- VULCAN-559: Support for Multiple CCIs [\#569](https://github.com/mitre/vulcan/pull/569) ([vanessuniq](https://github.com/vanessuniq)) + +**Closed issues:** + +- Export/Import InSpec Control Body [\#563](https://github.com/mitre/vulcan/issues/563) + +## [v2.1.1](https://github.com/mitre/vulcan/tree/v2.1.1) (2023-04-13) + +[Full Changelog](https://github.com/mitre/vulcan/compare/v2.1.0...v2.1.1) + +**Implemented enhancements:** + +- Add additional component question of URL type. [\#372](https://github.com/mitre/vulcan/issues/372) +- 348 alternative testing [\#546](https://github.com/mitre/vulcan/pull/546) ([vanessuniq](https://github.com/vanessuniq)) + +**Fixed bugs:** + +- customized parser to not interpret character/html entity [\#550](https://github.com/mitre/vulcan/pull/550) ([vanessuniq](https://github.com/vanessuniq)) + +**Dependencies updates:** + +- Bump nokogiri from 1.14.2 to 1.14.3 [\#554](https://github.com/mitre/vulcan/pull/554) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rack from 2.2.6.3 to 2.2.6.4 [\#548](https://github.com/mitre/vulcan/pull/548) ([dependabot[bot]](https://github.com/apps/dependabot)) + +**Merged pull requests:** + +- use title for description if description blank [\#557](https://github.com/mitre/vulcan/pull/557) ([rlakey](https://github.com/rlakey)) +- 372 add additional component question of url type [\#553](https://github.com/mitre/vulcan/pull/553) ([freddyfeelgood](https://github.com/freddyfeelgood)) +- Up to deep linking [\#552](https://github.com/mitre/vulcan/pull/552) ([vanessuniq](https://github.com/vanessuniq)) + +## [v2.1.0](https://github.com/mitre/vulcan/tree/v2.1.0) (2023-03-29) + +[Full Changelog](https://github.com/mitre/vulcan/compare/v2.0.0...v2.1.0) + +**Implemented enhancements:** + +- Add option to restrict project creation [\#538](https://github.com/mitre/vulcan/issues/538) +- Populate gid/rid in InSpec body data [\#530](https://github.com/mitre/vulcan/issues/530) +- Add "DISA Excel Export" option [\#527](https://github.com/mitre/vulcan/issues/527) +- Add SRG version \(release/version\) to SRG info on controls [\#517](https://github.com/mitre/vulcan/issues/517) +- Output Vulcan logs to stdout [\#514](https://github.com/mitre/vulcan/issues/514) +- Add button to component card to download a single component as an XCCDF file [\#499](https://github.com/mitre/vulcan/issues/499) +- Allow export to excel for non-released components [\#496](https://github.com/mitre/vulcan/issues/496) +- Add an icon to indicate a control has children [\#490](https://github.com/mitre/vulcan/issues/490) +- Diff view swap comparison [\#410](https://github.com/mitre/vulcan/issues/410) +- Diff comparison pulling in non-released components [\#408](https://github.com/mitre/vulcan/issues/408) +- OIDC identity provider support to remove login friction with username/password. [\#390](https://github.com/mitre/vulcan/issues/390) +- 389 Integrate Slack With Vulcan [\#389](https://github.com/mitre/vulcan/issues/389) +- Account for controls marked as duplicate on existing SRG content import [\#362](https://github.com/mitre/vulcan/issues/362) +- Fix search on 'New Component' Dropdown [\#352](https://github.com/mitre/vulcan/issues/352) +- Show 'loading' when uploading a new SRG [\#350](https://github.com/mitre/vulcan/issues/350) +- Add deep linking to controls [\#348](https://github.com/mitre/vulcan/issues/348) +- Add option to disable registration [\#338](https://github.com/mitre/vulcan/issues/338) +- Add option to toggle sidebar between STIG ID and SRG ID [\#315](https://github.com/mitre/vulcan/issues/315) +- Include version as part of the SRG Title on the “Create a New Component” page. [\#306](https://github.com/mitre/vulcan/issues/306) +- Check if date in “release-info” is consistent across all SRGs [\#305](https://github.com/mitre/vulcan/issues/305) +- When uploading an SRG the application should show “Loading…” in place of the Upload Button [\#304](https://github.com/mitre/vulcan/issues/304) +- SRG page enhancements [\#298](https://github.com/mitre/vulcan/issues/298) +- Add support for upgrading between versions of SRGs [\#82](https://github.com/mitre/vulcan/issues/82) +- 389 Integrate Slack With Vulcan [\#549](https://github.com/mitre/vulcan/pull/549) ([smarlaku820](https://github.com/smarlaku820)) +- Added OIDC Integration capability for Vulcan [\#540](https://github.com/mitre/vulcan/pull/540) ([smarlaku820](https://github.com/smarlaku820)) +- Disallow new project creation if not admin by default [\#539](https://github.com/mitre/vulcan/pull/539) ([smarlaku820](https://github.com/smarlaku820)) +- Feature DISA Export Excel complete with tests [\#529](https://github.com/mitre/vulcan/pull/529) ([smarlaku820](https://github.com/smarlaku820)) +- Completed \#496 [\#523](https://github.com/mitre/vulcan/pull/523) ([vanessuniq](https://github.com/vanessuniq)) +- Enable XCCDF export of a single component [\#511](https://github.com/mitre/vulcan/pull/511) ([vanessuniq](https://github.com/vanessuniq)) +- 470 change the color of the mark as duplicate button [\#482](https://github.com/mitre/vulcan/pull/482) ([vanessuniq](https://github.com/vanessuniq)) + +**Fixed bugs:** + +- Export to excel not sorted by SRG ID [\#536](https://github.com/mitre/vulcan/issues/536) +- Mitigation text for DNM controls is not copied over on a copy component workflow with new SRG [\#531](https://github.com/mitre/vulcan/issues/531) +- Copy/Duplicate Component creates additional\_answers in the source component if they exist [\#524](https://github.com/mitre/vulcan/issues/524) +- Copy Component corrupts SRG data when updating SRG version of the new SRG [\#515](https://github.com/mitre/vulcan/issues/515) +- Copy Component fails when selecting a newer SRG version and a control has been previously deleted in the source component [\#501](https://github.com/mitre/vulcan/issues/501) +- Export to Excel does not work if Components have the same name [\#495](https://github.com/mitre/vulcan/issues/495) +- Troubleshoot editing a control [\#491](https://github.com/mitre/vulcan/issues/491) +- Fix the display of the Github logo on the documentation page [\#483](https://github.com/mitre/vulcan/issues/483) +- A user with the author role cannot revoke a review request they initiated. [\#479](https://github.com/mitre/vulcan/issues/479) +- Change the color of the "mark as duplicate" button [\#470](https://github.com/mitre/vulcan/issues/470) +- Project/Component authors and admins cannot mark/unmark controls as duplicates [\#449](https://github.com/mitre/vulcan/issues/449) +- Project page component card control counts include deleted controls [\#433](https://github.com/mitre/vulcan/issues/433) +- Deleting a control prevents the deleting of the component [\#429](https://github.com/mitre/vulcan/issues/429) +- Sort tags in InSpec metadata [\#419](https://github.com/mitre/vulcan/issues/419) +- Add Version and Release info when importing a released component into a project [\#415](https://github.com/mitre/vulcan/issues/415) +- Sort Project Components by Name then Version/Release [\#414](https://github.com/mitre/vulcan/issues/414) +- Some SRG XCCDF files fail to load [\#351](https://github.com/mitre/vulcan/issues/351) +- 524 fix answer cloning issue [\#525](https://github.com/mitre/vulcan/pull/525) ([rlakey](https://github.com/rlakey)) +- Properly using \#dup method for expected behavior: [\#522](https://github.com/mitre/vulcan/pull/522) ([vanessuniq](https://github.com/vanessuniq)) +- 495 export to excel does not work if components have the same name [\#505](https://github.com/mitre/vulcan/pull/505) ([vanessuniq](https://github.com/vanessuniq)) +- 501 copy component fails when selecting a newer srg version and a control has been previously deleted in the source component [\#503](https://github.com/mitre/vulcan/pull/503) ([vanessuniq](https://github.com/vanessuniq)) +- Debugged: added the missing currentUserId prop to RuleEditorHeader co… [\#486](https://github.com/mitre/vulcan/pull/486) ([vanessuniq](https://github.com/vanessuniq)) + +**Dependencies updates:** + +- Bump omniauth-rails\_csrf\_protection Gem [\#542](https://github.com/mitre/vulcan/issues/542) +- Bump rack from 2.2.6.2 to 2.2.6.3 [\#545](https://github.com/mitre/vulcan/pull/545) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump omniauth-rails\_csrf\_protection Gem [\#543](https://github.com/mitre/vulcan/pull/543) ([smarlaku820](https://github.com/smarlaku820)) +- Bump omniauth and gitlab\_omniauth-ldap [\#541](https://github.com/mitre/vulcan/pull/541) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump globalid from 1.0.0 to 1.0.1 [\#521](https://github.com/mitre/vulcan/pull/521) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rack from 2.2.4 to 2.2.6.2 [\#520](https://github.com/mitre/vulcan/pull/520) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump json5 from 1.0.1 to 1.0.2 [\#513](https://github.com/mitre/vulcan/pull/513) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rails-html-sanitizer from 1.4.3 to 1.4.4 [\#510](https://github.com/mitre/vulcan/pull/510) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump loofah from 2.18.0 to 2.19.1 [\#509](https://github.com/mitre/vulcan/pull/509) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump nokogiri from 1.13.6 to 1.13.10 [\#508](https://github.com/mitre/vulcan/pull/508) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump minimatch from 3.0.4 to 3.1.2 [\#507](https://github.com/mitre/vulcan/pull/507) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump express from 4.17.1 to 4.18.2 [\#506](https://github.com/mitre/vulcan/pull/506) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump decode-uri-component from 0.2.0 to 0.2.2 [\#502](https://github.com/mitre/vulcan/pull/502) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump loader-utils from 1.4.0 to 1.4.2 [\#500](https://github.com/mitre/vulcan/pull/500) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump omniauth from 1.9.1 to 1.9.2 [\#466](https://github.com/mitre/vulcan/pull/466) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump moment from 2.29.2 to 2.29.4 [\#451](https://github.com/mitre/vulcan/pull/451) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump terser from 4.8.0 to 4.8.1 [\#450](https://github.com/mitre/vulcan/pull/450) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rails-html-sanitizer from 1.4.2 to 1.4.3 [\#446](https://github.com/mitre/vulcan/pull/446) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump eventsource from 1.1.0 to 1.1.1 [\#440](https://github.com/mitre/vulcan/pull/440) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump rack from 2.2.3 to 2.2.3.1 [\#439](https://github.com/mitre/vulcan/pull/439) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump nokogiri from 1.13.5 to 1.13.6 [\#437](https://github.com/mitre/vulcan/pull/437) ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump nokogiri from 1.13.4 to 1.13.5 [\#435](https://github.com/mitre/vulcan/pull/435) ([dependabot[bot]](https://github.com/apps/dependabot)) + +**Closed issues:** + +- Typos [\#475](https://github.com/mitre/vulcan/issues/475) +- Enable login via MITRE SSO [\#463](https://github.com/mitre/vulcan/issues/463) +- Improve visibility of mark as duplicate feature [\#457](https://github.com/mitre/vulcan/issues/457) +- Implement find and replace for rules across components [\#454](https://github.com/mitre/vulcan/issues/454) +- Add concept of compensating controls and POA&M statuses to Applicable - Does Not Meet status [\#448](https://github.com/mitre/vulcan/issues/448) +- Enable context-aware popover help icons, depending on Status field [\#447](https://github.com/mitre/vulcan/issues/447) +- Title Box Visibility [\#445](https://github.com/mitre/vulcan/issues/445) +- Adding new control should duplicate CCI-000366 [\#444](https://github.com/mitre/vulcan/issues/444) +- Copy component timeout error [\#442](https://github.com/mitre/vulcan/issues/442) +- Fix Heroku Deployment [\#425](https://github.com/mitre/vulcan/issues/425) + +**Merged pull requests:** + +- Sorted excel output and misc bug fixes [\#537](https://github.com/mitre/vulcan/pull/537) ([rlakey](https://github.com/rlakey)) +- Created an ENV variable for controlling USER registrations on Vulcan app \(Enabled by Default\) [\#535](https://github.com/mitre/vulcan/pull/535) ([smarlaku820](https://github.com/smarlaku820)) +- 530 populate gid and rid in inspec body data [\#533](https://github.com/mitre/vulcan/pull/533) ([rlakey](https://github.com/rlakey)) +- 531 fix for copy comp w new srg for vuln disc [\#532](https://github.com/mitre/vulcan/pull/532) ([rlakey](https://github.com/rlakey)) +- Added Filtering capability to SRG dropdown [\#526](https://github.com/mitre/vulcan/pull/526) ([freddyfeelgood](https://github.com/freddyfeelgood)) +- 517 update SRG info on control view [\#519](https://github.com/mitre/vulcan/pull/519) ([rlakey](https://github.com/rlakey)) +- 315 added toggle for stig id to srg id [\#516](https://github.com/mitre/vulcan/pull/516) ([rlakey](https://github.com/rlakey)) +- Update push-to-docker.yml [\#489](https://github.com/mitre/vulcan/pull/489) ([vanessuniq](https://github.com/vanessuniq)) +- Fix GitHub logo in README [\#485](https://github.com/mitre/vulcan/pull/485) ([ChrisHinchey](https://github.com/ChrisHinchey)) +- Add GitHub logo to README [\#481](https://github.com/mitre/vulcan/pull/481) ([ChrisHinchey](https://github.com/ChrisHinchey)) +- fixes \#475 [\#477](https://github.com/mitre/vulcan/pull/477) ([wdower](https://github.com/wdower)) +- VULCAN-448: mitigations are always shown [\#465](https://github.com/mitre/vulcan/pull/465) ([timwongj](https://github.com/timwongj)) +- VULCAN-452: Review workflow improvements [\#464](https://github.com/mitre/vulcan/pull/464) ([timwongj](https://github.com/timwongj)) +- VULCAN-448: Add concept of compensating controls and POA&M statuses to Applicable - Does Not Meet status [\#462](https://github.com/mitre/vulcan/pull/462) ([timwongj](https://github.com/timwongj)) +- VULCAN-447: Enable context-aware popover help icons, depending on Status field [\#461](https://github.com/mitre/vulcan/pull/461) ([timwongj](https://github.com/timwongj)) +- VULCAN-449: Fix mark as duplicate for proj/comp admin/authors [\#460](https://github.com/mitre/vulcan/pull/460) ([timwongj](https://github.com/timwongj)) +- VULCAN-457: Add tooltip for mark as duplicate [\#459](https://github.com/mitre/vulcan/pull/459) ([timwongj](https://github.com/timwongj)) +- VULCAN-445: Title box visibility [\#456](https://github.com/mitre/vulcan/pull/456) ([timwongj](https://github.com/timwongj)) +- VULCAN-454: Implement find and replace [\#455](https://github.com/mitre/vulcan/pull/455) ([timwongj](https://github.com/timwongj)) +- fix add new control [\#443](https://github.com/mitre/vulcan/pull/443) ([timwongj](https://github.com/timwongj)) +- VULCAN-410: Swap diff view comparison [\#441](https://github.com/mitre/vulcan/pull/441) ([sgober](https://github.com/sgober)) +- VULCAN-415: Show version and release for overlaid components suggestions [\#438](https://github.com/mitre/vulcan/pull/438) ([timwongj](https://github.com/timwongj)) +- VULCAN-433: Modify rules\_count to exclude deleted rules [\#436](https://github.com/mitre/vulcan/pull/436) ([timwongj](https://github.com/timwongj)) +- VULCAN-414: Sort displayed components [\#434](https://github.com/mitre/vulcan/pull/434) ([timwongj](https://github.com/timwongj)) +- VULCAN-419: Sort Inspec tags [\#432](https://github.com/mitre/vulcan/pull/432) ([timwongj](https://github.com/timwongj)) +- VULCAN-301: Display loading... when uploading SRG [\#431](https://github.com/mitre/vulcan/pull/431) ([timwongj](https://github.com/timwongj)) +- VULCAN-429: Fix deleting a control prevents the deleting of the component [\#430](https://github.com/mitre/vulcan/pull/430) ([timwongj](https://github.com/timwongj)) +- VULCAN-298: SRG page enhancements [\#428](https://github.com/mitre/vulcan/pull/428) ([timwongj](https://github.com/timwongj)) +- VULCAN-362: Account for controls marked as duplicate on existing SRG content import [\#427](https://github.com/mitre/vulcan/pull/427) ([timwongj](https://github.com/timwongj)) + + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/VERSION b/VERSION index 535b2f4d..b02bebf0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v2.1.3 +v2.1.4 diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 87bff07b..4291bd9d 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -31,11 +31,11 @@ def latest_release_details File.open(changelog_path, 'r') do |file| line = file.gets while line - if line.start_with?('## Vulcan v') + if line.start_with?('## [v') # Found the beginning of a release, start reading details release_details = line line = file.gets - while line && !line.start_with?('## Vulcan v') + while line && !line.start_with?('## [v') release_details += line line = file.gets end diff --git a/app/views/devise/sessions/new.html.haml b/app/views/devise/sessions/new.html.haml index 0aa9d6ba..579ff86b 100644 --- a/app/views/devise/sessions/new.html.haml +++ b/app/views/devise/sessions/new.html.haml @@ -5,7 +5,7 @@ .col-md-12 %h1 Welcome to Vulcan %br/ -.row.align-items-center.h-100 +.row .col-md-5.order-2.order-md-1 = render 'devise/shared/what_is_vulcan' .col-md.offset-md-0.offset-lg-1.order-1.order-md-2 diff --git a/package.json b/package.json index 8e9238e8..bb68ce11 100644 --- a/package.json +++ b/package.json @@ -22,7 +22,7 @@ "vue-template-compiler": "^2.6.11", "vue-turbolinks": "^2.1.0" }, - "version": "2.1.3", + "version": "2.1.4", "devDependencies": { "eslint": "^8.25.0", "eslint-config-prettier": "^8.3.0",