CHANGELOG

v4.10.0 (September 2023)

Tylium:

• Consolidate sidebars
• Add issue.author to liquid issue drop

Upgraded gems:

• font-awesome-sass, nokogiri, puma, rails, sanitize, selenium-webdriver

Bugs fixes:

• QA: Enable @mentions and formatting toolbar for comments in QA show views

REST/JSON API enhancements:

• Boards, Lists, Cards: add initial implementation

Security Fixes:

• Medium: Authenticated (author) broken access control: read access to system files

v4.9.0 (June 2023)

• Tylium: Extend support for Liquid Dynamic Content
• QA: Show state changes in activity feed

Upgraded gems:

• bootstrap, popper_js, simple_form

Bugs fixes:

• QA: Redirect to correct view when changing states on QA edit views

Integration enhancements:

• Acunetix: Parse inline code, not just code blocks
• Burp: Adds strong and code tags parsing
• CSV: Fix CSV Upload for files with special characters
• Nessus:
• Parse code tags as inline code
• Add plugin_type as an available Issue field
• Nexpose:
• Parse inline code, not just code blocks
• Wrap ciphers in the `ssl-weak-message-authentication-code-algorithms` finding
• Qualys: Adds Request/Response Evidence fields for Web Application Scans (WAS)

v4.8.0 (April 2023)

• Sessions: Store :secret_key_base in encrypted configuration file
• Quality Assurance: Review/approve Issues and Content Blocks before including them in reports

Upgraded gems:

• nokogiri, rack, rails, time

v4.7.0 (February 2023)

Rubocop CI:

• disable EnforcedShorthandSyntax rule under Style/HashSyntax cop
• Issues: Display the results from importers in a datatable

Tylium:

• Add breadcrumbs to Revision History view
• Add secondary sidebar toggling functionality
• Remove `Recent Activity` tabs and add `View History` link to the dots menu
• Tags: Add tag management

Integration enhancements:

• Burp: Add support for large base64 response
• Nessus: Clean up code tags in description fields
• Netsparker: Add issue.classification_owasp2021 as a new avaiable field

Upgraded gems:

• nokogiri, pg, rails, rails-html-sanitizer, sanitize, sinatra

Bugs fixes:

• Methodologies: Ensure params are validated when moving list/card

REST/JSON API enhancements:

• Author: Add author field for notes, issues, and evidence

v4.6.0 (November 2022)

• Kit Import: allow import of kit with no templates
• Notes: remove category selection from form UI.
• Rubocop: lint changed files since previous commit

Upgraded gems:

• nokogiri

Bugs fixes:

• Comments: Align comment header content in Safari

New integrations:

• Core Impact
• Veracode

v4.5.0 (August 2022)

• Upgraded Dradis to run on ruby 3.1.2
• Upgraded gems: acts_as_tree, bootsnap, bundler-audit, factory_bot, paper_trail, rails, rails-html-sanitizer, timecop, thor, unicorn

Bugs fixes:

• Attachments: Fix attachments not showing or being validated correctly
• Evidence:
• Add validation for creating evidences in the issue view
• Set correct localStorage key to prevent pre-populating incorrect content at the issue level
• Nodes: Prevent evidence labels linking to external resources

New integrations:

• CSV Importer

Integration enhancements:

• Qualys: Wrap ciphers in code blocks for the Vuln Importer

Reporting enhancements:

• CSV Export: Rename integration to dradis-csv_export
• HTML Export: Add :rtp plugins feature

Security Fixes:

• Medium: Authenticated author broken access control: read access to issue content

v4.4.0 (June 2022)

• Login View: Design update

Tylium:

• Improve mobile experience
• Show the resource title in the header when viewing a resource

Upgraded gems:

• nokogiri, rack, sinatra

Bugs fixes:

• Cards: Prevent adding 'card' class to card comments

Integration enhancements:

• Nikto: Make references available as an issue field

v4.3.0 (April 2022)

• Setup Wizard: Add option to pre-populate sample data
• Uploads: Allow subsequent file uploads from the same scanner without needing to re-select the scanner
• Upgraded gems: nokogiri, puma, rails

Bugs fixes:

• Editor:
  • Add keyboard shortcut support for windows and linux
  • Allow text selection expansion using shift-click
• Subscriptions: Show correct Subscribe/Unsubscribe link after a new comment is posted
• Tables: Prevent columns state from resetting after 2 hours

Integration enhancements:

• Openvas: Update Node label parsing. Include :hostname and :asset_id properties

v4.2.1 (February 2022)

• Bug fixes: Fix issue default fields appearing in the evidence table

v4.2.0 (February 2022)

• Editor: Support fields with the same name in the Fields View
• Increased table loading performance on Issues, Evidence, and Notes for projects with *a lot* of issues, evidence, or notes

Issues:

• Display evidence in a table
• Load evidence tab content asynchronously
• Multi-delete evidence at the issue level
• Update evidence content while creating evidence records at the issue-level

Setup:

• Add Setup Wizard
• Avoids hard-coding "../../shared/"
• Store gem dependencies under ./vendor/bundle/

Tylium:

• Import CSS manifests from addons
• Move '...' (more actions) menu closer to the content affected by the actions of the menu
• Move the 'Edit' action out of the '...' (more actions) menu for issues, evidence, notes, etc.
• Remove extra left padding from the first line of content in a code block
• Remove height restriction from code blocks
• Simplify issues table columns
• Updates focus state outline color

Upgraded gems:

• mini_racer, puma, rails

Bugs fixes:

• Comments: Show sticky toolbar when adding long comments
• Tables: Prevents the select all button from selecting filtered out rows when a filter is been applied
• Subscriptions: Fixes a caching issue preventing users from subscribing or unsubscribing after the first cache was stored
• Issues: Send To menu updates when new plugins are installed

Integration enhancements:

• Dradis Projects:
• Fixes missing parent nodes during template and package imports
• Fixes missing nodes for attachments during template and package imports
• Nexpose:
• Add the Hostname Node property from the `name` rather than `site-name` tag
• Nipper:
• Add Nipperv1 fields to issues
• PDF Export:
• Add Thor task for console export
• Add view hook for Export#index
• Qualys:
• Add 'element.qualys_collection' as issue field
• Add Qualys Web Application Scanner (WAS) support

v4.1.2 (December 2021)

Upgraded gems:

• rails

Security Fixes:

• High: Authenticated author path traversal

v4.1.0 (November 2021)

Editor:

• Insert an appropriate single or multiline tag for blockquotes and codeblocks
• Limit the content height for easier access to the Create/Update button
• Quote text from comments and resource content (cards, evidence, issues, notes, etc)

Evidence:

• Create a new issue (optionally) when creating new evidence
• Move evidence across nodes

Tables:

• Add selector to change the number of records displayed

Tylium:

• Import CSS manifests from addons
• Remove extra left padding from the first line of content in a code block
• Remove height restriction from code blocks

Upgraded gems:

• nokogiri, puma, rails

Bugs fixes:

• Conflict resolver:
• Apply the correct warning when a conflict happens on edit
• Methodologies:
• Ensure boards don't nest when the instance has been inactive
• Tables:
• Prevent columns state from resetting

Integration enhancements:

• CVSS Calculator:
• Settings: show/hide the calculator in the Issues view
• Toggle between CVSSv3.0 and CVSSv3.1
• Dread Calculator:
• Settings: show/hide the calculator in the Issues view
• Nessus:
• Add product_coverage & cvss3_impact_score as available Issue fields
• Nexpose
• Update HTML tag cleanup to better cover UnorderedList and URLLink tags in the solution field
• Qualys
• Add <dd>, <dt> support
• Remove orphaned <b> tags

Security Fixes:

• High: Authenticated author broken access control: read access to issue content
• Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
• Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

v4.0.0 (July 2021)

• Dynamic content across the app
• Upgraded gems: capybara, jquery-rails, rails, rdoc, resque-status, rubocop, nokogiri, papertrail, puma

Bugs fixed:

• Fix uploading of attachments with names that have newlines

REST/JSON API enhancements:

• Add pagination support

v3.22.0 (April 2021)

• Added the ability to import Configuration Kits
• Comments
• Add alt text to any linked images
• Add screen reader only text to forms
• Adjustments to font and element contrast to meet at minimum Level AA WCAG 2.0 standards.
• Fix any broken Aria references
• Update element label association & add missing labels
• Kit upload CLI command update
• Replace deprecated font-awesome-sass gem with vendor asset files
• Subscriptions
  • Load feed asynchronously
  • Load feed asynchronously

Improve accessibility:

• Truncate long hostnames when viewing evidence in an issue
• Upgraded gems: Rails

Bugs fixed:

• Placeholder gravatars appear if gravatar is not available

3.21.0 (February 2021)

• Upgraded DradisPro to run on Ruby 2.7.2 and Rails 6.1.1
• Add view hooks for the export view
• Increase secondary sidebar width for medium viewports
• Upgraded gems: bundler, papertrail, rails

Bugs fixed:

• Add a default user during Welcome setup
• Correct position of sticky editor toolbar in fullscreen source view

v3.20.0 (January 2021)

Main sidebar improvements:

• Labels added under icons
• Nodes can be added in collapsed state
• Removed animations and transitions while expanding and collapsing
• Update logo assets
• Navbar dropdown menu's are no longer locked to the right side of the browser
• Upgraded gems: rails

Bugs fixed:

• Editor drag and drop, and copy paste inserts attachments at the cursor position instead of at the end of the textarea.
• Fixed redirect when canceling editing evidence from the issue level

New integrations:

• Nipper

v3.19.0 (September 2020)

• Auto upload attachments and screenshots without requiring the use of the staging area
• Cards, Evidence, Issues, and Notes now have their own attachment support
• Displays a notification badge in the browser tab when there are unread notifications
• Editor: Allow drag & drop, copy & paste, and direct image uploading
• Increase the node properties column size by changing it to LONGTEXT
• Layout: Breadcrumbs have a fixed position
• Link to our support site on the styles help page
• Long dropdown menus are vertically scrollable
• Bugs fixed:
• Use absolute send times in notification emails instead of relative

v3.18.0 (July 2020)

• Add all activity view
• Render markup inside table columns
• Update top navigation link styles and collapsed menu
• Upgraded gems: rack, sanitize, sassc

Bugs fixed:

• Fix `edit` link available while editing
• Fix comment borders remaining after deleting comments
• Long unbroken table cell text in textile elements overflows
• Secondary-sidebar long header names over-lapping icons
• Select element text overflowing on to select arrows

v3.17.1 (Jun 2020)

• Upgraded gems: websocket-extensions

v3.17 (May 2020)

• Add author to evidence and notes views
• Adjust Uploads layout to provide more visibility to the output console
• Boards can be renamed and deleted through their dots menu

Card improvements:

• Activity Feed now shows board name and link
• No mandatory due date
• Redirects to new url if the card has changed lists
• Card, Evidence, Issue, and Note form data will not be lost even if the form is not saved
• Form data will be cleared when the "Cancel" link is clicked
• Removed prompt to restore data

Comments

• Added Textile markup
• Comment changes will not be lost even if the comment is not saved
• Update comments feed to show author's name instead of email
• Display note and evidence titles in breadcrumbs

Editor improvements:

• New form-view to edit each field individually
• Formatting toolbar to help with markup
• Side-by-side editor preview that auto-updates
• Link to Methodology from project summary chart
• Move resource action links to dots-menu in breadcrumbs
• Navigation sidebar in projects can be kept open while navigating across views
• Dots-menu available in any view
• Remove tag color from issue titles in issue summary
• Update code element style
• Use shared noscript partial
• Use user model reference for activities instead of user email
• Upgraded gems: kaminari, puma, rack, rails, sass-rails

Bugs fixed:

• bin/setup creating folders outside dradis-ce/
• bin/setup error if the attachments directory already exists
• Board partial broken structure
• ItemsTable extra whitespace causing unnecessary vertical scrolling
• Fix bug with v3 board templates not uploading
• Fix textile preview not showing on issues with very long text
• Long items_table dropdown menus not scrollable
• Long project names interfering with search bar expansion
• Repetative prompt when images are pasted after navigating multiple views.
• Report 'Download' button becoming a disabled 'Processing...' button once clicked
• SemVer pre-release appending character
• Set :author when creating Evidence from an Issue
• Sidebar items not showing active state
• Textile preview not showing on issues with very long text
• Bug tracker items: #560

New integrations:

• [new integration #1]

Integration enhancements:

• Nexpose: better cipher wrapping coverage
• Nikto: support new nested format

Reporting enhancements:

• HTML reports now use main app's markup rendering

REST/JSON API enhancements:

• Add tags to the Issues API

Security Fixes:

• Medium: Authenticated (author) persistent comments cross-site scripting

v3.16 (February 2020)

• Update app to new Tylium layout
• Upgrade to Rails 5.2.4.1
• Add revision history for cards
• Remove mysql2 gem dependency

Bugs fixed:

• Fix errors on content overwrite flash messages
• Fail and redirect to login instead of raising an error when attempting to log in as a user that has been removed
• Fix Cancel link path for the Note Edit page

v3.15 (November 2019)

Methodologies v2:

• Kanban-style boards replaced the checklists
• Tasks can move between lists
• Assign tasks to different team members
• Keep Notes and information on each task
• Export Methodology details into your reports

Email notifications:

• Add notification settings to decide how often to get email notifications
• Add an smtp.yml config file to handle the SMTP configuration

Various mention related improvements:

• Enhance the mentions box in comments to close when it is open and the page is scrolled
• Fix bug that prevents the mentions dialog from appearing after navigating through the app
• Fixed elongated avatar images so they are round once again
• Added avatar images to mentions in comments
• Load gravatars for users who's email has been setup with gravatar
• Enhancement when adding new nodes to copy node label data between the single and multiple node forms
• All tables can be sorted by column

Bugs fixed:

• Fix handling of pipe character in node property tables
• Fix overflow issue where content would expand out of view
• Fix page jump when issues list is collapsed
• Fix conflicting version message when updating records with ajax
• Fix hamburger dropdown menu functionality
• Fix node merging bug when `services_extras` properties are present
• Fix cross-project info rendering
• Prevent content block group names to be whitespaces only
• Fix displaying of content blocks with no block groups
• Limit project name length when viewing a project
• Removed bullet style in node modals
• Validate parent node project

Integration enhancements:

• Burp: Make `issue.severity` available at the Issue level
• Nessus: Fixed bullet points formatting to handle internal text column widths
• Nexpose: Wrap ciphers in code blocks
• Netsparker: Fix link parsing of issue.external_references
• Jira: Loading custom (required) fields from JIRA by IssueType and Project

REST/JSON API enhancements:

• Fix disappearing owner when assigning authors to a Project using the API
• Set the "by" attribute for item revisions when using the API

Security Fixes:

• Medium: Authenticated author mentioning an existing user outside of the project will subscribe that user to the note/issue/evidence
• Upgraded gems: nokogiri (CVE-2019-13117)

v3.14 (August 2019)

• Highlight code snippets
• Collapsable sidebar in issues
• Added Node merging feature

v3.13 (June 2019)

• User-provided content takes priority over default local fields.
• Fix subnodes disappearing when moved
• Add auto-save JS that uses localStorage on textarea textchange events
• Better welcome content

v3.12 (April 2019)

• Using ajax in comments
• Fixed nodes sidebar header margin
• Added bold font to improve bold text visibility
• Fix links display in Textile fields
• Fix redirection destinations after edit/delete evidence
• Refactoring cache keys in pages with comments
• Disable turbolinks cache when displaying flash messages
• Sort attachments in alphabetical ASCII order
• Fix methodology checklist edit error

v3.11.1 (February 2019)

• Fix blockcode vulnerability in Textile formatting

v3.11 (November 2018)

• Added comments, subscriptions and notifications to notes
• Added comments, subscriptions and notifications to evidence
• Fix blockcode characters displaying incorrectly
• Fix red dot still being displayed on the first visit to the page that caused the single unread notification
• Upgraded some ruby gems (nokogiri, unicorn, ffi, rubyzip)
• Fix wrong 'There are no comments' message
• Escape html in comments
• Track activities when multiple-creating evidence
• Revert validating email format
• Fix usage of set_property to use set_service in nexpose plugin
• Note and evidence comments in export/import in dradis-projects

v3.10 (August 2018)

• Add comments for issues
• Add notifications for comments
• Add subscriptions for issues in a project
• Nest the dradis elements under the project scope
• Add 'Send to...' menu for issues
• Add better handling of the Services table
• Use puma for the development and test server
• Remove resque dependency
• Improve redirect on Evidence#edit
• Fix password reset
• Fix XSS issue in Textile textarea inputs
• Bugs fixed: #102, #118, #321

v3.9 (January 2018)

• Fixed issues multi delete
• Added notes and evidence tab to node view
• Fixed project show turbolinks
• Restyle secondary navbar
• Update CE theme with a green palette
• Add paper_trail author metadata
• Upgrade to Rails 5.1 and Ruby 2.4
• Bugs fixed: #128, #130, #134, #173, #349
• Add Node properties to Acunetix plugin
• Add Node properties to Qualys plugin
• Add metric-specific fields to the CVSS calculator
• Add fields and Node properties to Burp plugin
• Add Issues, Evidence and Node properties to Nikto plugin
• Validate parent node (if present) on nodes
• Improved pool parameter definition in database.yml.template file
• Fixed local_time gem usage
• Updated nokogiri gem

v3.7 (July 2017)

• Fix dradis:reset thor task.
• Bugs fixed: #119
• Fix 'before_filter is deprecated' warning
• Updated README with 'Community Projects' section
• Updated 'poltergeist' (browser specs) configuration
• Fix a bug that may cause duplicates in Node#issues
• Upgraded Nokogiri (xml/html parsing library)
• Fixed bug when search results had multiple pages
• Fixed error in 'dradis:reset' thor task
• Fixed error in 'dradis:backup' thor task
• Refactored nodes tree behaviour (parents with children)
• Refactored loading a note template

v3.6 (Mar 2017)

• Simpler framework <> add-on interface.
• Combine multiple issues.
• More efficient Search.
• HTTP API for Attachments.
• Better sidebar styling + direct edit / delete links.
• Upgrade to Rails 5.
• Fix select all issues bug.
• Fix XSS in Issues diff view.

v3.2 (Sep 2016)

• Nodes only show :expand when they have children
• Add multiple-nodes
• Always display :services as table
• Bugs fixed: #334
• Updated Rails framework

v3.1 (Mar 2016)

• Issue tags
• Testing methodologies
• Node properties
• New add-ons: Brakeman, Metasploit, etc.
• Millions of bug fixes

v2.10

• New drag'n'drop file uploads with preview
• Updated NeXpose plugin: add NeXpose-Full support
• Feature requests implemented: #2312560, #2332708, #2706007
• Bugs fixed: #55, #67, #72
• Updated to Rails 3.2.3

v2.9.0 (1st of Feb 2012)

New plugins

• Retina Network Security Scanner upload plugin
• Zed Attack Proxy upload plugin

Updated plugins

• Nessus upload plugin is orders of magnitude faster
• Nikto upload plugin is orders of magnitude faster
• Nmap upload plugin is orders of magnitude faster
• VulnDB import plugin (to support VulnDB HQ integration)

Internals

• Updated First Time User's Wizard
• Updated to Rails 3.2

v2.8.0 (10th of Oct 2011)

• Cleaner three-column layout
• Smarter Ajax polling and auto-updating
• New version of the Nmap upload plugin
• New version of the Nessus upload plugin
• ./verify.sh now checks that libxml2 is installed
• Bugs fixed: #17, #31, #37, #43, #48

v2.7.2 (1st of Aug 2011)

• Improved startup scripts
• Bugs fixed: #5, #9, #13, #14, #15, #16, #19, #20
• Update Rails to 3.0.9

v2.7.1 (24th of May 2011)

Server component:

• Improved note editor: more space, less Ajax
• Bugs fixed: #3, #4, #6, #7, #8, #10

v2.7 (19th of April 2011)

Server component:

• Improved command line API with Thor (thor -T to view all commands)
• New Configuration Manager
• New Upload Manager
• New plugins:
  • Metasploit import
  • NeXpose (.xml) upload
  • OpenVAS (.xml) upload
  • SureCheck (.sc) upload
  • w3af (.xml) upload
  • Web Exploitation Framework (wXf) upload
• Updated plugins:
  • Nessus plugin supports .nessus v2
  • Vuln::DB import updated to support the latest release
• Bugs fixed: #2888332, #2973256
• Update Rails to 3.0.6

v2.6.1 (11th of February 2011)

Server component:

• Fixed a 'back slash' vs 'forward slash' issue in start.sh
• Smarten up verify.sh to find the Bundler binary
• Deal with Burp Scanner's opinionated handling of null bytes
• SSL certificate updated for 2011 / 2012
• Updated libraries RedCloth 4.2.6 and Rails 3.0.4

v2.6 (2nd of December 2010)

Server component:

• New first-time repository content
• Upgraded libraries: ExtJS 3.3, Rails 3.0.3
• Improved performance through asset caching
• Bugs fixed: #3021312, #3030629, #3076709

v2.5.2 (18th of May 2010)

Server component:

• Bugs fixed: #2974460
• Security fixes

v2.5.1 (7th of March 2010)

Server component:

• Various improvements in the NotesBrowser
• Upgraded library: ExtJS 3.1.1
• Bugs fixed: #2964273, #2932569, #2963253

v2.5.0 (5th of February 2010)

• Improved Note editor: bigger, easier to use and supports formatting!
• New First Time User Wizard
• Keep track of all the activity with the built-in RSS feed
• Plugin improvements
  • New HTML Export reporting plugin.
  • New Burp Upload plugin so you can use Burp Scanner output.
  • New Nikto Upload plugin to use your Nikto scan results.
• Upgraded libraries: ExtJS 3.0, Rails 2.3.5
• Bugs fixed: #2936554, #2938593.

v2.4.1 (31st of October 2009)

Server component:

• Bugs fixed: #2881746, #2888245, #2889402.

Client component:

• Bugs fixed: #2888411.

v2.4 (10th of September 2009)

Server component:

• Plugin improvements
  • Nmap Upload is now using the Nmap::Parser library.
  • Featuring the new OSVDB Import plugin to query the largest independent and open source vulnerability database.
• Upload plugins. Better progress feedback. Improved error condition checking.
• Note drag'n'drop.
• New handy Rake tasks:
  • dradis:reset: When you are done with your project, use this task to start over. It clears the database and removes the uploaded files.
  • dradis:backup: If you want to create a backup of your current project, this is the right task for it.

Client component:

• Bugs fixed: #2848909.

v2.3 (5th of August 2009)

Server component:

• upload plugins. A new server plugin category: import into Dradis the contents of any file (nmap, nessus, etc.).
• refactor the WordExport plugin:
  • create templates using Word only
  • convert any document into a Dradis template in < 10 minutes
• project management plugin update:
  • create project templates for future re-use (read methodologies)
  • export project in .zip format (DB + attachments)
  • import projects/templates
  • checkout / commit project revisions from and to the meta-server
• enhanced nodes tree: filtering and quick actions buttons

Client component:

• new import extensions: Nessus and Qualys

Introducing the Meta-Server (beta) component:

• for multi-project management
• download the Meta-Server as a separate package from: https://dradis.com/ce/

v2.2 (11th of June 2009)

Server component:

• add attachments to nodes
• add 'refresh' buttons to the tree and the notes list
• force 'webrick' even if mongrel is installed (no SSL support in mongrel)
• centralise the framework version information.
• autoExpandColumn now works on IE
• Rails runs in "production" mode

Client component:

• Dradis can be used with wxRuby 2.0.0
• better error handling for REST web service communication errors
• easier REST credentials configuration in ./conf/dradis.xml

v2.1.1 (17th of April 2009)

• the version string was not properly updated across the different modules.

v2.1 (16th of April 2009)

Server component:

• import/export plugin architecture
• import/export plugin generators
• sample WordXML export plugin
• sample WikiMedia import plugin

Client component:

• import extention allows nmap output imports
• import note from plain text file
• more powerful add extension: add a note from the console

Dradis v2.0.1 (23rd of February 2009)

• smart command line parsing. The console client accepts multi-word parameters using quotes
• *add* extension allows adding nodes and categories
• add parameter description support to the extensions
• close bug 2572271: ruby 1.8.7 compatibility fix for wxWidgets interface
• first security patch
• minor bug fixes

Dradis v2.0 (29th of January 2009)

Server component:

• Forget Hosts, Services and Protocols. Embrace the freedom of Nodes.
• Forget SOAP, embrace REST
• Powered by Rails 2.0 and ExtJS 2.2 (http://www.extjs.com/)
• Now with security! (SSL transport and user authentication)

Client component:

• adapt the wxWidgets client to the new node-note structure of the server.
• forget SOAP, embrace REST web services to talk to the server.
• refactor of the *modules* component, now *extensions*.
• john's string encoding extension is built-in the Dradis client.
• the first building blocks of the service-oriented multiverse architecture have been laid out.