API improvements
API availability for client users
The API is now accessible to client users, enabling automation of their assessment processes for improved efficiency.
To enable this feature, navigate to 'General Settings' from the main menu, proceed to the 'Functionality' tab, and under the 'Client Users' section, switch on 'Clients have API access'. Once activated, the API documentation becomes available to client users through the main menu for easy access.
API Wrapper update
The API wrapper has received a significant upgrade to include the latest endpoints to simplify your integration processes. It is now officially tagged as version 1.0 🎉. Using PyPI for distribution, we make it effortlessly simple for you to bring our wrapper into your projects: https://pypi.org/project/securityreporter/. For a deeper dive into what's new, swing by our GitHub page: https://github.com/dongit-org/python-reporter.
Future Integration: Zapier Support
Preparation is underway to introduce Zapier support, aimed at enhancing workflow integration capabilities with our platform.
Heads up! Breaking API changes
- Uploading a document for a model now requires the API token to have write permissions for that model.
- Downloading a document of a model now requires the API token to have read permissions for that model.
Private comments in assessment sections
For improved collaboration, it is now possible to add private comments to assessment sections. This functionality will be expanded in future releases to integrate fully into the assessment review flow.
Other Improvements
- Finding metadata in reports is now fully customizable via the Theme Editor under the tab 'Metadata'.
- Support for checkboxes (markdown task lists) has been added to the markdown editor. For more information, visit https://www.markdownguide.org/extended-syntax/#task-lists.
- Document margins can now be adjusted within the Theme Editor for enhanced layout control.
- Page numbering can now include total pages (e.g., '3 of 40') and can be configured in the Theme Editor. The format of the string is customizable through the translations feature to adopt different formats, such as 'Page 3/40'.
- A 'Versions' button has been added to finding retests when there are at least two versions, facilitating easier navigation through version history.
- Added a placeholder for the language of the report.
- Adding an image to a markdown field now inserts
[Caption_here]with an underscore, enabling double-click selection.
Bugfixes
- Fixed several bugs related to the PDF report, such as:
- Corrected scaling of colored severity circles in results tables to match font size.
- Ensured check marks align properly with text in results tables.
- Resolved full-width tables extending beyond the right margins.
- Fixed fields not being prefilled as expected.
- Corrected a glitch in the action plan table that previously resulted in an unnecessary empty line when titles or actions were on the verge of not fitting.
- Fixed an issue where tagged users in assessment would not always receive an email notification.