CHANGELOG

[v#.#.#] ([month] [YYYY])
  - Welcome Kit:
    - Add HTML report template
    - Add Issue and evidence templates
    - Update OWASP Top 10 methodology to latest version (2021)
  - Upgraded gems:
    - rexml
  - Bugs fixes:
    - [entity]:
      - [future tense verb] [bug fix]
    - Bug tracker items:
      - [item]
  - New integrations:
    - [integration]
  - Integration enhancements:
    - [integration]:
      - [future tense verb] [integration enhancement]
      - [integration bug fixes]:
        - [future tense verb] [integration bug fix]
  - Reporting enhancements:
    - [report type]:
      - [future tense verb] [reporting enhancement]
  - REST/JSON API enhancements:
    - [API entity]:
      - [future tense verb] [API enhancement]
  - Security Fixes:
    - High: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
    - Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
    - Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

v4.14.0 (October 2024)
  - Kit Import: Use file name sequencing when a template file with the same name exists
  - Upgraded gems:
    - puma, rails, rexml

v4.13.0 (July 2024)
  - Attachments: Copy attachments when moving an evidence/note
  - Liquid: Make project-level collections available for Liquid syntax
  - Upgraded gems: nokogiri, rails, redcloth, rexml
  - Bugs fixes:
    - Navigation: Restore functionality of native browser back/forward buttons
  - Security Fixes:
    - Medium: Authenticated (author) horizontal privilege escalation affecting attachments

v4.12.0 (May 2024)
  - Attachments: Add size, created_at, and download link to the API
  - Mappings: Map fields from scanner integrations to Dradis fields
  - Upgraded gems:
    - nokogiri, rails
  - Bugs fixes:
    - Projects: Fix redirection when updating an issue or content block
    - Sidebar: Prevent version number from overlapping listed records
  - New integrations:
    - Pentera
  - Security Fixes:
    - High: Authenticated author path traversal

v4.11.0 (January 2024)
  - Assets: Add importmap-rails to handle js libraries
  - Liquid: Add LiquidAssignsService
  - Revision history: Improve version history for content with carriage return
  - Tylium: Show liquid content in editor preview
  - Web-server: Replace unicorn with puma in production
  - Note: Enable ActiveSupport load hooks
  - Upgraded gems:
    - rails
  - Bugs fixes:
    - Evidence: Prevent loading old Evidence template content at the Issue level
    - Methodologies: validate presence of content
  - Integration enhancements:
    - Burp: Change nokogiri search to xpath to support nokogiri >= 1.15
    - Nexpose:
      - Add port/protocol to evidences
      - Use the details in <os> as the OS node property
      - Import `vulnerability.risk_score` as a new Issue field
      - Allow multiple evidence with the same test id & node address
    - Qualys: Add support for the output for Qualys WAS API 3.13 and later
  - Security Fixes:
    - Low: Authenticated (author) information disclosure
      - After a user has been removed from a project, they may still get 
        notifications for Issues they were subscribed to, resulting in the
        disclosure of Issue titles.
    - Low: Authenticated (author) information disclosure in the output console of upload manager

v4.10.0 (September 2023)
  - Tylium: 
    - Consolidate sidebars
    - Add issue.author to liquid issue drop
  - Upgraded gems:
    - font-awesome-sass, nokogiri, puma, rails, sanitize, selenium-webdriver
  - Bugs fixes:
    - QA: Enable @mentions and formatting toolbar for comments in QA show views
  - REST/JSON API enhancements:
    - Boards, Lists, Cards: add initial implementation
  - Security Fixes:
    - Medium: Authenticated (author) broken access control: read access to system files

v4.9.0 (June 2023)
  - Tylium: Extend support for Liquid Dynamic Content
  - QA: Show state changes in activity feed
  - Upgraded gems:
    - bootstrap, popper_js, simple_form
  - Bugs fixes:
    - QA: Redirect to correct view when changing states on QA edit views
  - Integration enhancements:
    - Acunetix: Parse inline code, not just code blocks
    - Burp: Adds strong and code tags parsing
    - CSV: Fix CSV Upload for files with special characters
    - Nessus:
      - Parse code tags as inline code
      - Add plugin_type as an available Issue field
    - Nexpose:
      - Parse inline code, not just code blocks
      - Wrap ciphers in the `ssl-weak-message-authentication-code-algorithms` finding
    - Qualys: Adds Request/Response Evidence fields for Web Application Scans (WAS)

v4.8.0 (April 2023)
  - Sessions: Store :secret_key_base in encrypted configuration file
  - Quality Assurance: Review/approve Issues and Content Blocks before including them in reports
  - Upgraded gems:
    - nokogiri, rack, rails, time

v4.7.0 (February 2023)
  - Rubocop CI:
    - disable EnforcedShorthandSyntax rule under Style/HashSyntax cop
  - Issues: Display the results from importers in a datatable
  - Tylium:
    - Add breadcrumbs to Revision History view
    - Add secondary sidebar toggling functionality
    - Remove `Recent Activity` tabs and add `View History` link to the dots menu
    - Tags: Add tag management
  - Integration enhancements:
    - Burp: Add support for large base64 response
    - Nessus: Clean up code tags in description fields
    - Netsparker: Add issue.classification_owasp2021 as a new avaiable field
  - Upgraded gems:
    - nokogiri, pg, rails, rails-html-sanitizer, sanitize, sinatra
  - Bugs fixes:
    - Methodologies: Ensure params are validated when moving list/card
  - REST/JSON API enhancements:
    - Author: Add author field for notes, issues, and evidence

v4.6.0 (November 2022)
  - Kit Import: allow import of kit with no templates
  - Notes: remove category selection from form UI.
  - Rubocop: lint changed files since previous commit
  - Upgraded gems:
    - nokogiri
  - Bugs fixes:
    - Comments: Align comment header content in Safari
  - New integrations:
    - Core Impact
    - Veracode

v4.5.0 (August 2022)
  - Upgraded Dradis to run on ruby 3.1.2
  - Upgraded gems: acts_as_tree, bootsnap, bundler-audit, factory_bot, paper_trail, rails, rails-html-sanitizer, timecop, thor, unicorn
  - Bugs fixes:
    - Attachments: Fix attachments not showing or being validated correctly
    - Evidence:
      - Add validation for creating evidences in the issue view
      - Set correct localStorage key to prevent pre-populating incorrect content at the issue level
    - Nodes: Prevent evidence labels linking to external resources
  - New integrations:
    - CSV Importer
  - Integration enhancements:
    - Qualys: Wrap ciphers in code blocks for the Vuln Importer
  - Reporting enhancements:
    - CSV Export: Rename integration to dradis-csv_export
    - HTML Export: Add :rtp plugins feature
  - Security Fixes:
    - Medium: Authenticated author broken access control: read access to issue content

v4.4.0 (June 2022)
  - Login View: Design update
  - Tylium:
    - Improve mobile experience
    - Show the resource title in the header when viewing a resource
  - Upgraded gems:
    - nokogiri, rack, sinatra
  - Bugs fixes:
    - Cards: Prevent adding 'card' class to card comments
  - Integration enhancements:
    - Nikto: Make references available as an issue field

v4.3.0 (April 2022)
  - Setup Wizard: Add option to pre-populate sample data
  - Uploads: Allow subsequent file uploads from the same scanner without needing to re-select the scanner
  - Upgraded gems: nokogiri, puma, rails
  - Bugs fixes:
    - Editor:
      - Add keyboard shortcut support for windows and linux
      - Allow text selection expansion using shift-click
    - Subscriptions: Show correct Subscribe/Unsubscribe link after a new comment is posted
    - Tables: Prevent columns state from resetting after 2 hours
  - Integration enhancements:
    - Openvas: Update Node label parsing. Include :hostname and :asset_id properties

v4.2.1 (February 2022)
  - Bug fixes: Fix issue default fields appearing in the evidence table

v4.2.0 (February 2022)
  - Editor: Support fields with the same name in the Fields View
  - Increased table loading performance on Issues, Evidence, and Notes for
    projects with *a lot* of issues, evidence, or notes
  - Issues:
    - Display evidence in a table
    - Load evidence tab content asynchronously
    - Multi-delete evidence at the issue level
    - Update evidence content while creating evidence records at the issue-level
  - Setup:
    - Add Setup Wizard
    - Avoids hard-coding "../../shared/"
    - Store gem dependencies under ./vendor/bundle/
  - Tylium:
    - Import CSS manifests from addons
    - Move '...' (more actions) menu closer to the content affected by the actions of the menu
    - Move the 'Edit' action out of the '...' (more actions) menu for issues, evidence, notes, etc.
    - Remove extra left padding from the first line of content in a code block
    - Remove height restriction from code blocks
    - Simplify issues table columns
    - Updates focus state outline color
  - Upgraded gems:
    - mini_racer, puma, rails
  - Bugs fixes:
    - Comments: Show sticky toolbar when adding long comments
    - Tables: Prevents the select all button from selecting filtered out rows when a filter is been applied
    - Subscriptions: Fixes a caching issue preventing users from subscribing or
      unsubscribing after the first cache was stored
    - Issues: Send To menu updates when new plugins are installed
  - Integration enhancements:
    - Dradis Projects:
      - Fixes missing parent nodes during template and package imports
      - Fixes missing nodes for attachments during template and package imports
    - Nexpose:
      - Add the Hostname Node property from the `name` rather than `site-name` tag
    - Nipper:
      - Add Nipperv1 fields to issues
    - PDF Export:
      - Add Thor task for console export
      - Add view hook for Export#index
    - Qualys:
      - Add 'element.qualys_collection' as issue field
      - Add Qualys Web Application Scanner (WAS) support

v4.1.2 (December 2021)
  - Upgraded gems:
    - rails
  - Security Fixes:
    - High: Authenticated author path traversal

v4.1.0 (November 2021)
  - Editor:
    - Insert an appropriate single or multiline tag for blockquotes and codeblocks
    - Limit the content height for easier access to the Create/Update button
    - Quote text from comments and resource content (cards, evidence, issues, notes, etc)
  - Evidence:
    - Create a new issue (optionally) when creating new evidence
    - Move evidence across nodes
  - Tables:
    - Add selector to change the number of records displayed
  - Tylium:
    - Import CSS manifests from addons
    - Remove extra left padding from the first line of content in a code block
    - Remove height restriction from code blocks
  - Upgraded gems:
    - nokogiri, puma, rails
  - Bugs fixes:
    - Conflict resolver
      - Apply the correct warning when a conflict happens on edit
    - Methodologies:
      - Ensure boards don't nest when the instance has been inactive
    - Tables
      - Prevent columns state from resetting
  - Integration enhancements:
    - CVSS Calculator:
      - Settings: show/hide the calculator in the Issues view
      - Toggle between CVSSv3.0 and CVSSv3.1
    - Dread Calculator:
      - Settings: show/hide the calculator in the Issues view
    - Nessus:
      - Add product_coverage & cvss3_impact_score as available Issue fields
    - Nexpose
      - Update HTML tag cleanup to better cover UnorderedList and URLLink tags in the solution field
    - Qualys
      - Add <dd>, <dt> support
      - Remove orphaned <b> tags
  - Security Fixes:
    - High: Authenticated author broken access control: read access to issue content
    - Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
    - Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

v4.0.0 (July 2021)
  * Dynamic content across the app
  * Upgraded gems: capybara, jquery-rails, rails, rdoc, resque-status, rubocop, nokogiri, papertrail, puma,
  * Bugs fixed:
    - Fix uploading of attachments with names that have newlines
  * REST/JSON API enhancements:
    - Add pagination support

v3.22.0 (April 2021)
  * Added the ability to import Configuration Kits
  * Comments
    - Load feed asynchronously
  * Improve accessibility:
    - Add alt text to any linked images
    - Add screen reader only text to forms
    - Adjustments to font and element contrast to meet at minimum Level AA WCAG 2.0 standards.
    - Fix any broken Aria references
    - Update element label association & add missing labels
  * Kit upload CLI command update
  * Replace deprecated font-awesome-sass gem with vendor asset files
  * Subscriptions
    - Load feed asynchronously
  * Truncate long hostnames when viewing evidence in an issue
  * Upgraded gems: Rails
  * Bugs fixed:
    - Placeholder gravatars appear if gravatar is not available

v3.21.0 (February 2021)
  * Upgraded DradisPro to run on Ruby 2.7.2 and Rails 6.1.1
  * Add view hooks for the export view
  * Increase secondary sidebar width for medium viewports
  * Upgraded gems: bundler, papertrail, rails
  * Bugs fixed:
    - Add a default user during Welcome setup
    - Correct position of sticky editor toolbar in fullscreen source view

v3.20.0 (January 2021)
  * Main sidebar improvements:
    - Labels added under icons
    - Nodes can be added in collapsed state
    - Removed animations and transitions while expanding and collapsing
  * Update logo assets
  * Navbar dropdown menu's are no longer locked to the right side of the browser
  * Upgraded gems: rails
  * Bugs fixed:
    - Editor drag and drop, and copy paste inserts attachments at the cursor
      position instead of at the end of the textarea.
    - Fixed redirect when canceling editing evidence from the issue level
  * New integrations:
    - Nipper

v3.19.0 (September 2020)
  * Auto upload attachments and screenshots without requiring the use of the staging area
  * Cards, Evidence, Issues, and Notes now have their own attachment support
  * Displays a notification badge in the browser tab when there are unread notifications
  * Editor: Allow drag & drop, copy & paste, and direct image uploading
  * Increase the node properties column size by changing it to LONGTEXT
  * Layout: Breadcrumbs have a fixed position
  * Link to our support site on the styles help page
  * Long dropdown menus are vertically scrollable
  * Bugs fixed:
    - Use absolute send times in notification emails instead of relative

v3.18.0 (July 2020)
  * Add all activity view
  * Render markup inside table columns
  * Update top navigation link styles and collapsed menu
  * Upgraded gems: rack, sanitize, sassc
  * Bugs fixed:
    - Comments:
      - Fix `edit` link available while editing
      - Fix comment borders remaining after deleting comments
    - Long unbroken table cell text in textile elements overflows
    - Secondary-sidebar long header names over-lapping icons
    - Select element text overflowing on to select arrows

v3.17.1 (Jun 2020)
  * Upgraded gems: websocket-extensions

v3.17 (May 2020)
  * Add author to evidence and notes views
  * Adjust Uploads layout to provide more visibility to the output console
  * Boards can be renamed and deleted through their dots menu
  * Card improvements:
    - Activity Feed now shows board name and link
    - No mandatory due date
    - Redirects to new url if the card has changed lists
  * Card, Evidence, Issue, and Note form data will not be lost even if the form is not saved
    - Form data will be cleared when the "Cancel" link is clicked
    - Removed prompt to restore data
  * Comments
    - Added Textile markup
    - Comment changes will not be lost even if the comment is not saved
    - Update comments feed to show author's name instead of email
  * Display note and evidence titles in breadcrumbs
  * Editor improvements:
    - New form-view to edit each field individually
    - Formatting toolbar to help with markup
    - Side-by-side editor preview that auto-updates
  * Link to Methodology from project summary chart
  * Move resource action links to dots-menu in breadcrumbs
  * Navigation sidebar in projects can be kept open while navigating across views
  * Dots-menu available in any view
  * Remove tag color from issue titles in issue summary
  * Update code element style
  * Use shared noscript partial
  * Use user model reference for activities instead of user email
  * Upgraded gems: kaminari, puma, rack, rails, sass-rails
  * Bugs fixed:
    - bin/setup creating folders outside dradis-ce/
    - bin/setup error if the attachments directory already exists
    - Board partial broken structure
    - ItemsTable extra whitespace causing unnecessary vertical scrolling
    - Fix bug with v3 board templates not uploading
    - Fix textile preview not showing on issues with very long text
    - Long items_table dropdown menus not scrollable
    - Long project names interfering with search bar expansion
    - Repetative prompt when images are pasted after navigating multiple views.
    - Report 'Download' button becoming a disabled 'Processing...' button once clicked
    - SemVer pre-release appending character
    - Set :author when creating Evidence from an Issue
    - Sidebar items not showing active state
    - Textile preview not showing on issues with very long text
    - Bug tracker items: #560
  * New integrations:
    - [new integration #1]
  * Integration enhancements:
    - Nexpose: better cipher wrapping coverage
    - Nikto: support new nested <niktoscan> format
  * Reporting enhancements:
    - HTML reports now use main app's markup rendering
  * REST/JSON API enhancements:
    - Add tags to the Issues API
  * Security Fixes:
    - Medium: Authenticated (author) persistent comments cross-site scripting

v3.16 (February 2020)
  * Update app to new Tylium layout
  * Upgrade to Rails 5.2.4.1
  * Add revision history for cards
  * Remove mysql2 gem dependency
  * Bugs fixed:
    - Fix errors on content overwrite flash messages
    - Fail and redirect to login instead of raising an error when attempting to log in as a user that has been removed
    - Fix Cancel link path for the Note Edit page

v3.15 (November 2019)
 - Methodologies v2:
   - Kanban-style boards replaced the checklists
   - Tasks can move between lists
   - Assign tasks to different team members
   - Keep Notes and information on each task
   - Export Methodology details into your reports
 - Email notifications
 - Add notification settings to decide how often to get email notifications
 - Add an smtp.yml config file to handle the SMTP configuration
 - Various mention related improvements:
   - Enhance the mentions box in comments to close when it is open and the page is
   scrolled
   - Fix bug that prevents the mentions dialog from appearing after navigating
   through the app
   - Fixed elongated avatar images so they are round once again
   - Added avatar images to mentions in comments
   - Load gravatars for users who's email has been setup with gravatar
 - Enhancement when adding new nodes to copy node label data between the single
   and multiple node forms
 - All tables can be sorted by column
 - Bugs fixed:
   - Fix handling of pipe character in node property tables
   - Fix overflow issue where content would expand out of view
   - Fix page jump when issues list is collapsed
   - Fix conflicting version message when updating records with ajax
   - Fix hamburger dropdown menu functionality
   - Fix node merging bug when `services_extras` properties are present
   - Fix cross-project info rendering
   - Prevent content block group names to be whitespaces only
   - Fix displaying of content blocks with no block groups
   - Limit project name length when viewing a project
   - Removed bullet style in node modals
   - Validate parent node project
 - Integration enhancements:
   - Burp: Make `issue.severity` available at the Issue level
   - Nessus: Fixed bullet points formatting to handle internal text column widths
   - Nexpose: Wrap ciphers in code blocks
   - Netsparker: Fix link parsing of issue.external_references
   - Jira: Loading custom (required) fields from JIRA by IssueType and Project
 - REST/JSON API enhancements:
   - Fix disappearing owner when assigning authors to a Project using the API
   - Set the "by" attribute for item revisions when using the API
 - Security Fixes:
   - Medium: Authenticated author mentioning an existing user outside of the
     project will subscribe that user to the note/issue/evidence
   - Upgraded gems: nokogiri (CVE-2019-13117)

v3.14 (August 2019)
 - Highlight code snippets
 - Collapsable sidebar in issues
 - Added Node merging feature

v3.13 (June 2019)
 - User-provided content takes priority over default local fields.
 - Fix subnodes disappearing when moved
 - Add auto-save JS that uses localStorage on textarea textchange events
 - Better welcome content

v3.12 (April 2019)
 - Using ajax in comments
 - Fixed nodes sidebar header margin
 - Added bold font to improve bold text visibility
 - Fix links display in Textile fields
 - Fix redirection destinations after edit/delete evidence
 - Refactoring cache keys in pages with comments
 - Disable turbolinks cache when displaying flash messages
 - Sort attachments in alphabetical ASCII order
 - Fix methodology checklist edit error

v3.11.1 (February 2019)
 - Fix blockcode vulnerability in Textile formatting

v3.11 (November 2018)
 - Added comments, subscriptions and notifications to notes
 - Added comments, subscriptions and notifications to evidence
 - Fix blockcode characters displaying incorrectly
 - Fix red dot still being displayed on the first visit to the page that
   caused the single unread notification
 - Upgraded some ruby gems (nokogiri, unicorn, ffi, rubyzip)
 - Fix wrong 'There are no comments' message
 - Escape html in comments
 - Track activities when multiple-creating evidence
 - Revert validating email format
 - Fix usage of set_property to use set_service in nexpose plugin
 - Note and evidence comments in export/import in dradis-projects

v3.10 (August 2018)
 - Add comments for issues
 - Add notifications for comments
 - Add subscriptions for issues in a project
 - Nest the dradis elements under the project scope
 - Add 'Send to...' menu for issues
 - Add better handling of the Services table
 - Use puma for the development and test server
 - Remove resque dependency
 - Improve redirect on Evidence#edit
 - Fix password reset
 - Fix XSS issue in Textile textarea inputs
 - Bugs fixed: #102, #118, #321

v3.9 (January 2018)
 - Fixed issues multi delete
 - Added notes and evidence tab to node view
 - Fixed project show turbolinks
 - Restyle secondary navbar
 - Update CE theme with a green palette
 - Add paper_trail author metadata
 - Upgrade to Rails 5.1 and Ruby 2.4
 - Bugs fixed: #128, #130, #134, #173, #349
 - Add Node properties to Acunetix plugin
 - Add Node properties to Qualys plugin
 - Add metric-specific fields to the CVSS calculator
 - Add fields and Node properties to Burp plugin
 - Add Issues, Evidence and Node properties to Nikto plugin
 - Validate parent node (if present) on nodes
 - Improved pool parameter definition in database.yml.template file
 - Fixed local_time gem usage
 - Updated nokogiri gem

v3.7 (July 2017)
 - Fix dradis:reset thor task.
 - Bugs fixed: #119
 - Fix 'before_filter is deprecated' warning
 - Updated README with 'Community Projects' section
 - Updated 'poltergeist' (browser specs) configuration
 - Fix a bug that may cause duplicates in Node#issues
 - Upgraded Nokogiri (xml/html parsing library)
 - Fixed bug when search results had multiple pages
 - Fixed error in 'dradis:reset' thor task
 - Fixed error in 'dradis:backup' thor task
 - Refactored nodes tree behaviour (parents with children)
 - Refactored loading a note template

v3.6 (Mar 2017)
 - Simpler framework <> add-on interface.
 - Combine multiple issues.
 - More efficient Search.
 - HTTP API for Attachments.
 - Better sidebar styling + direct edit / delete links.
 - Upgrade to Rails 5.
 - Fix select all issues bug.
 - Fix XSS in Issues diff view.

v3.2 (Sep 2016)
 - Nodes only show :expand when they have children
 - Add multiple-nodes
 - Always display :services as table
 - Bugs fixed: #334
 - Updated Rails framework

v3.1 (Mar 2016)
 - Issue tags
 - Testing methodologies
 - Node properties
 - New add-ons: Brakeman, Metasploit, etc.
 - Millions of bug fixes

.... sorry for the hiatus!

v2.10
 - New drag'n'drop file uploads with preview
 - Updated NeXpose plugin: add NeXpose-Full support
 - Feature requests implemented: #2312560, #2332708, #2706007
 - Bugs fixed: #55, #67, #72
 - Updated to Rails 3.2.3

v2.9 (1st of February 2012)
 - New Retina Network Security Scanner plugin
 - New Zed Attack Proxy upload plugin
 - Updated VulnDB import plugin
 - Faster Nikto upload plugin
 - Faster (60x times) Nessus upload plugin
 - Faster Nmap upload plugin (through ruby-nmap gem)
 - Updated First Time User's Wizard
 - Upgrade to Rails 3.2

v2.8 (10th of October 2011)
 - Cleaner three-column layout
 - Smarter Ajax polling and auto-updating
 - New version of the Nmap upload plugin
 - New version of the Nessus upload plugin
 - ./verify.sh now checks that libxml2 is installed
 - Bugs fixed: #17, #31, #37, #43, #48

v2.7.2 (1st of August 2011)
 - Updated to Rails 3.0.9
 - Improved startup scripts
 - Bugs fixed: #5, #9, #13, #14, #15, #16, #19, #20

v2.7.1 (24th of May 2011)
 - Improved note editor: more space, less Ajax
 - Bugs fixed: #3, #4, #6, #7, #8, #10

v2.7 (19th of April 2011)
 - Improved command line API with Thor (thor -T)
 - New Configuration Manager
 - New Upload Manager
 - New plugins:
   * Metasploit import
   * NeXpose (.xml) upload
   * OpenVAS (.xml) upload
   * SureCheck (.sc) upload
   * w3af (.xml) upload
   * Web Exploitation Framework (wXf) upload
 - Updated plugins:
   * Nessus plugin supports .nessus v2
   * Vuln::DB import plugin updated to work with the latest release
 - Bugs fixed: #2888332, #2973256
 - Updated to Rails 3.0.6

v2.6.1 (11th of February 2011)
 - Fixed a 'back slash' vs 'forward slash' issue in start.sh
 - Smarten up verify.sh to find the Bundler binary
 - Deal with Burp Scanner's opinionated handling of null bytes
 - SSL certificate updated for 2011 / 2012
 - Updated libraries RedCloth 4.2.6 and Rails 3.0.4

v2.6 (2nd of December 2010)
 - New first-time repository content
 - New helper scripts to run and reset the environment
 - Upgraded libraries: ExtJS 3.3, Rails 3.0.3
 - Improved performance through asset caching
 - Bugs fixed: #3021312, #3030629, #3076709

v2.5.2 (18th of May 2010)
 - bugs fixed: #2974460
 - security patch

v2.5.1 (7th of March 2010)
 - The NotesBrowser does a better job of keeping track of the current node
 - New notes are no longer out of sync with the server
 - upgraded library: ExtJS 3.1.1
 - bugs fixed: #2964273, #2932569, #2963253


v2.5 (5th of February 2010)
 - improved Note editor (supports formatting)
 - new HTML export plugin to generate reports in HTML format
 - new Nikto Upload plugin: your favourite web server scanner output in Dradis.
 - new Burp Upload plugin: you can now import your Burp Scanner results.
 - improved 'First Time User Wizard' introduction
 - keep track of all the activity with the built-in RSS feed
 - new Rake task: dradis:backup
 - Rake dradis:reset now creates a backup of the project by default
 - Rake dradis:reset now clears the old log files
 - the Nmap Upload plugin organizes the nodes in a more structured way
 - upgraded libraries: ExtJS 3.0, Rails 2.3.5
 - bugs fixed: #2936554, #2938593

v2.4.1 (31st of October 2009)
 - bugs fixed: #2881746, #2888245, #2889402

v2.4 (10th of September 2009)
 - drag'n'drop your notes
 - new Rake tasks to backup the project, reset the environment, etc.
 - better upload plugin feedback in case of exception
 - new 'feedback' link in the top-right corner
 - Nmap Upload now uses the Nmap::Parser library
 - notification icon displayed in the attachments tab when a node has
   attachments
 - new plugin to import data from the OSVDB

v2.3 (5th of August 2009)
 - expand / collapse buttons in the tree
 - add a new node filtering facility to the tree
 - import from file functionality (nmap, nessus, etc.)
 - refactor the WordExport plugin:
     - create templates using Word only
     - convert any document into a dradis template in < 10 minutes
     - read more about it here:-
         http://dradisframework.org/WordExport_templates.html

 - project management plugin update:
     - create project templates (read 'methodologies')
     - export project in .zip format (DB + attachments)
     - import projects/templates
     - checkout / commit project revisions from and to the Meta-Server

 - "what's new in this version?" widget in the status bar to learn the latest
 features added to the framework.

v2.2 (11th of June 2009)
 - add attachments to nodes
 - add 'refresh' buttons to the tree and the notes list
 - force 'webrick' even if mongrel is installed (no SSL support in mongrel)
 - centralise the framework version information.
 - autoExpandColumn now works on IE
 - Rails runs in "production" mode

v2.1.1 (17th  of April 2009)
 - the version string was not properly updated across the different modules.

v2.1 (16th of April 2009)
 - import/export plugin architecture
 - import/export plugin generators
 - sample WordXML export plugin
 - sample WikiMedia import plugin

v2.0.1 (23rd of February 2009)
 - first security patch

v2.0 (29th of January 2009)
 - Forget Hosts, Services and Protocols. Embrace the freedom of Nodes.
 - Forget SOAP, embrace REST
 - Powered by Rails 2.0 and ExtJS 2.2 (http://www.extjs.com/)
 - Now with security! (SSL transport and user authentication)

v1.2 (4th of April 2008)
 - a slightly less annoying implementation of the web interface 'auto refresh'
 functionality.
 - the services added through the web interface can have a name now :)
 - simple prevention against embedded XSS.
 - the missing submit.png image is included in the release now.

v1.1 (29th of February 2008)
 - new web interface, the old summary is gone, the new one is much neater and
 ajax powered.