This post references an older release of Dradis Pro. You can find the most current version here:
Email Notifications
Now you can have your notifications emailed to you when you aren’t working in a Dradis project. Each user can adjust their notification settings to receive them individually as they happen, in a daily digest, or not at all. Get started using email notifications by configuring the mail server on your Dradis Pro instance.
A few @mention enhancements are in this release, including loading an @mentioned user’s profile photo or gravatar so you quickly spot who is in the conversation.
Burp Suite Issue severity
The way that Burp Suite handles severity is different than other integrations. Burp assigns severity to each instance of an issue as evidence and doesn’t assign severity to the issue directly. As a result, this was leading to several pieces of evidence with different severity levels for an issue with no assigned severity in Dradis. Now, Dradis will assign the issue severity using the highest evidence severity level.
Table Sorting
Finding the information you are looking for in a long table is easier with table sorting. Tables in Dradis can be sorted by any column. Click on the column heading of your choice and presto, change-o the table is sorted.
Release Notes
- Email notifications
- Add notification settings to decide how often to get email notifications
- Add a smtp.yml config file to handle the SMTP configuration
- Preserve SMTP configuration on updates
- Various mention related improvements:
- Enhance the mentions box in comments to close when it is open and the page is scrolled.
- Fix bug that prevents the mentions dialog from appearing after navigating through the app.
- Fix elongated avatar images so they are round once again.
- Added avatar images to mentions in comments.
- Load Gravatars for users whose email has been set up with gravatar.
- Add and update methodology download links to Dradis Portal
- Enhancement when adding new nodes to copy node label data between the single and multiple node forms.
- All tables can be sorted by column
- Bugs fixed:
- Fix handling of pipe character in node property tables
- Fix projects count not updating in teams view
- Fix error on team page when showing primary team
- Fix overflow issue where the content would expand out of view
- Fix page jump when issues list is collapsed
- Fix conflicting version message when updating records with ajax
- Fix hamburger dropdown menu functionality.
- Fix node merging bug when `services_extras` properties are present
- Fix cross-project info rendering
- Prevent content block group names to be whitespaces only
- Fix displaying of content blocks with no block groups
- Limit project name length when viewing a project
- Removed bullet style in node modals
- Validate parent node project
- Integration enhancements:
- Burp: Make `issue.severity` available at the Issue level
- Nessus: Fixed bullet points formatting to handle internal text column widths
- Nexpose: Wrap ciphers in code blocks
- Netsparker: Fix link parsing of issue.external_references
- Jira: Loading custom (required) fields from JIRA by IssueType and Project
- REST/JSON API enhancements:
- Fix disappearing owner when assigning authors to a Project using the API
- Set the “by” attribute for item revisions when using the API
- Security Fixes:
- Medium: Authenticated author mentioning an existing user outside of the project will subscribe that user to the note/issue/evidence
- High: Authenticated author was able to access unauthorized projects using the API
- Upgraded gems: nokogiri (CVE-2019-13117)