Skip to content

Version 2.35.1#655

Merged
ELDiablO59152 merged 8 commits into
masterfrom
release/2.35.1
Mar 18, 2026
Merged

Version 2.35.1#655
ELDiablO59152 merged 8 commits into
masterfrom
release/2.35.1

Conversation

@frikilax

@frikilax frikilax commented Mar 6, 2026

Copy link
Copy Markdown
Member

Added

  • [API_PARSER] Add api_collector parameters in the returned representation of Frontends through APIs

Changed

  • [APPLICATIONS] [LOGOMHIREDIS] Use new raw_message_nolf template to send logs without newline added
  • [DEPENDENCIES]
    • aiohappyeyeballs 2.4.4 -> 2.6.1
    • aiohttp 3.10.5 -> 3.13.3
    • aiosignal 1.3.1 -> 1.4.0
    • botocore 1.34.55 -> 1.34.162
    • cryptography 44.0.2 -> 44.0.3
    • django 4.2.26 -> 4.2.28
    • pillow 10.3.0 -> 12.1.1
    • propcache (added) 0.4.1
    • pyasn1 0.5.1 -> 0.6.2
    • pyasn1-modules 0.3.0 -> 0.4.2
    • sqlparse 0.5.3 -> 0.5.5
    • urllib3 2.0.7 -> 2.6.3
    • yarl 1.9.4 -> 1.22.0
    • python-ldap 3.4.4 -> 3.4.5
    • werkzeug 3.1.3 -> 3.1.5

Fixed

  • [NETWORK] Improve rc.conf networking lines' parsing patterns
  • [GUI] [JS] Avoid DOM-based XSS (and silence JS scanner's false positives...)
  • [API_PARSER] Fix a bug preventing to create/update frontend through APIs
  • [API_PARSER] Fix possibility of multiple running instances of a collector

frikilax and others added 8 commits February 16, 2026 14:18
@frikilax
chore(dependencies): Upgrade requirements
74688d2 
- aiohappyeyeballs 2.4.4 -> 2.6.1
- aiohttp 3.10.5 -> 3.13.3
- aiosignal 1.3.1 -> 1.4.0
- botocore 1.34.55 -> 1.34.162
- cryptography 44.0.2 -> 44.0.3
- django 4.2.26 -> 4.2.28
- pillow 10.3.0 -> 12.1.1
- propcache (added) 0.4.1
- pyasn1 0.5.1 -> 0.6.2
- pyasn1-modules 0.3.0 -> 0.4.2
- sqlparse 0.5.3 -> 0.5.5
- urllib3 2.0.7 -> 2.6.3
- yarl 1.9.4 -> 1.22.0
- python-ldap 3.4.4 -> 3.4.5
- werkzeug 3.1.3 -> 3.1.5
@ELDiablO59152 @frikilax
fix(net2mongo): parsing of legacy netmask configuration (#648)
97eef22 
### Fixed
- [NETWORK] Improve rc.conf networking lines' parsing patterns

See: #623

---------

Co-authored-by: Théo Bertin <theo.bertin@advens.fr>
@0xanalog @frikilax
feat(static/js): Sanitize dynamic html injection through vulture-gui …
0a1a27c 
…DOM using DOMPurify lib (avoiding CWE-79) (#652)

**[STATIC] [JS]** Sanitize dynamic html injection through vulture-gui DOM using DOMPurify lib (avoiding CWE-79)

---------

Co-authored-by: Théo Bertin <theo.bertin@advens.fr>
@ELDiablO59152 @frikilax
change(logomhiredis): use raw_message_nolf template
ffe3b9a
@ELDiablO59152 @frikilax
fix(collectors): improperly set JSONFields due to a djongo bug (#651)
4ca0db8 
### Added
- [API_PARSER] Add api_collector parameters in the returned representation of Frontends through APIs
### Fixed
- [API_PARSER] Fix a bug preventing to create/update frontend through APIs

---------

Co-authored-by: Théo Bertin <theo.bertin@advens.fr>
@KGuillemot @frikilax
fix(api_parser): Do not delete redis key if collector is already running
7c97aac
@ELDiablO59152
fix(static/js): don't sanitize datatables plugin
63e8196
@frikilax
doc(CHANGELOG): Version 2.35.1
9256703
@ELDiablO59152 ELDiablO59152 merged commit 9256703 into master Mar 18, 2026
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ELDiablO59152 ELDiablO59152 ELDiablO59152 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@frikilax @ELDiablO59152 @0xanalog @KGuillemot