Skip to content

1.5.3

Latest
Latest
Compare
Choose a tag to compare
@cd-rite cd-rite released this 04 Feb 19:09
· 9 commits to main since this release
1.5.3
953637c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • (API/UI/DB) The Collection Grants system has been significantly reworked to allow for more dynamic and flexible Grant management. The new Grant system also allows for "Read Only" access to Collection Reviews. Details of the new Role-Based Access Control system are found in the STIG Manager documentation.
  • (API/UI/DB) New User Groups feature.
  • (UI) The Collection Review Workspace has been reworked to give more room to Checklist statistics columns and enable future expansion. The display should now be significantly less constrained, especially when viewing extra columns that are usually hidden by default.
  • (OAS/API) Updates to the OpenAPI definition.
  • (API) Refactoring of API token validation processing.
  • (Docs) Updated sphinx and other documentation build dependencies.
  • (Build) Fixed issue preventing binary versions from creating POA&M.
  • (Workflows) Automated testing of linux binaries.

NOTES:

  • This release includes a database migration to support new features.
  • This release changes the minimum required MySQL version from 8.0.21 => 8.0.24
  • This migration will convert any existing "Asset-STIG" style assignments for Restricted Users to the equivalent Access Control List style Grants under the new system. After migration, you may want to remove the granular Access Control Rules and create new ones with the more flexible system (for example, creating one Access Control Rule granting access to an entire Asset, rather than each individual Asset-STIG).
  • This release introduces "breaking" changes to the API and STIG Manager OpenAPI definition. If you have custom integrations or clients that rely on the STIG Manager API, you may need to update them to accommodate these changes. Check the rbac v2 implementation Pull Request for details of the changes to the API with this release.

STIGMan Watcher

  • STIGMan Watcher 1.5.1 has been released with changes to accommodate the new Grant system introduced in STIGMan v1.5.3.
    Watcher 1.5.1 is backwards compatible with older API releases >=1.2.7, so feel free to update Watcher first.

Full Changelog: 1.5.2...1.5.3

Assets 6
Loading