Skip to content

Releases: faloker/purify

v1.2.0

14 Feb 12:02
f5b3b92
Compare
Choose a tag to compare
  • Minor bug fixes
  • Minor UI updates

v1.1.3

01 Nov 21:50
126d762
Compare
Choose a tag to compare

🐛 Bug fixes

  • The default severity has been changed to Informative. If no severity is provided, Purify will set an Informative risk level for findings. #115

v1.1.2

25 Oct 18:10
658dec1
Compare
Choose a tag to compare

🐛 Bug fixes

  • minor bug fixes

v1.1.1

25 Oct 17:37
4c7c540
Compare
Choose a tag to compare

🚀 New features

🐛 Bug fixes

  • fix bug when comparison might be wrong due to special characters

v1.1.0

24 Oct 21:21
7763a7d
Compare
Choose a tag to compare

🚀 New features

  • More useful navigation #102
  • Export / Import templates #103
    Screenshot 2020-10-25 at 00 18 33
    Screenshot 2020-10-25 at 00 17 57
  • Custom title for issue fields #91
    Screenshot 2020-10-25 at 00 19 31

v1.0.1

27 Sep 18:38
4ef8a18
Compare
Choose a tag to compare

🐛 Bug fixes

  • Merging issue #97
  • User creation issue #95

🚀 New features

  • You can now navigate to a specific project from the Projects Management page by clicking on the project name in the table #96

Special thanks to @ylorgat for reporting many issues.

v1.0.0

20 Sep 18:17
53139b4
Compare
Choose a tag to compare
v1.0.0 Pre-release
Pre-release

👀 Pre-amble

Before continuing, please take a moment read the following:

The goal of this project is to make it easy to manage the results of your toolbox no matter what tools you use. But with great concept, Purify really lacked many of the must-have features for real-world use.

Since the last release, I have made many changes to Purify's architecture and user interface to create a robust and extensible system that covers most of the management needs in terms of security findings. If the concept and purpose remain the same, everything around it has changed a lot.

Some features from version 0.x.x are not preserved, for example, Active Directory authentication is no longer supported. Others, not yet carried over due to all the architecture changes, for example, "Oneshots" are disabled for now.

There will be a few minor releases that will clean up all of this and introduce some small changes, but the most important thing is to get any feedback on the new look and feel and what features you'd like to see in Purify. Thanks!

💥 Release Introduction

Welcome to the official 1.0.0 release! After several month I'm proud to bring the next version of the Purify. This release contains uncountable number of changes including bug fixes, performance improvements, awesome features and tremendous UI and UX changes. Under the hood, the entire codebase has been successfully ported to TypeScript, and the Vue.js frontend has been rewritten to support the upcoming release of Vue 3 and vue-composition-api, which means Purify is ready to keep up with all future changes with virtually zero effort.

If you have any problems upgrading to version 1.0.0 (in fact, it is quite possible) or questions, please use the official Discord channel. The list of issues is for bug reporting and feature requests only.

I hope that you enjoy the 🎊 v1.0.0 release and thank you for using Purify!

⚡ New Components & Features

The next version of Purify is chalked full of new features, improvements, and bug fixes. Below is a summary of the more prominent changes.

👥 User management and access control

The old way to manage access via registration was removed, now all users accounts should be provisioned by the Owner. But who is the Owner? Well, this is a person who can do anything, like create other users. With upgrade to 1.0.0 the initial Owner account [email protected] will be created with password secret.

Screenshot 2020-09-20 at 20 55 09

All existing users will become Admins. Owners can create, edit and delete users. Also, Owners can reset passwords for users. Below the quick breakdown of roles:

switch (roleModel.value) {
  case 'Owner':
    return 'Has access to all features, can edit all projects, and can make changes to user accounts.';
  case 'Admin':
    return 'Can invite new users and create units for specific projects.';
  case 'User':
    return 'Can edit issues, create templates and upload reports for specific projects.';
  case 'Observer':
    return 'Can view data for specific projects.';
}

Now you can control access not only to Purify itself, but also to projects!

Screenshot 2020-09-15 at 17 12 44

Also, now users can change their passwords if you use a local authentication or if a user has SSO Bypass flag set.

🔔 Activity feed

In order to keep up-to-date with changes and work inside Purify, events were introduced. With events you will have a clear understanding of who did what and when. Right now it supports the following events:

'project_created'
'project_deleted'
'user_created'
'user_deleted'
'ticket_created'
'issue_resolved'
'comment_created'

Screenshot 2020-09-15 at 17 12 02

🔑 API Access Keys

Previously, to get access to the API you have to use CLI and it was poor UX to be honest. In the new version your can manage your API Access Keys in the convenient way via UI. Moreover, you can see when the particular token was used, from what IP address and what User-Agent this request had. Now you have a complete control over API Access Keys.
Screenshot 2020-09-15 at 17 07 12

🐛 Issues / Findings

Here we have several changes, most of them aimed to improve your UX of managing incoming findings. The first thing, on the overview page, near activity feed there is a new view to display the recent findings. What is the recent findings? It is findings which were uploaded in the last 24 hours. Now you have an ability be fast and jump into new finding right away!

The second thing is about the Issue review process. The old UI was simple and not very informative, with the new version the Issue appearance changed significantly. Check it out!

Screenshot 2020-09-15 at 17 09 15

Screenshot 2020-09-15 at 17 05 38

Screenshot 2020-09-15 at 17 04 20

And more thing, now each issue has a link, so it can be referenced directly. Caution, for now it will work only for open issues. Consider it as WIP, but it's already usable.

📊 Metrics

The old metrics, aka Dashboard were lame, that’s they were removed. To replace them and be cool, metrics become a part of a project information. Now when you're visiting project page you will be welcomed by fresh metrics for this project. You can change display metrics for particular unit or change a time range from a list of predefined values. Currently, the following metrics are available:

  • Created VS Resolved
  • Reports Volume
  • Risk Chart
  • Templates Chart

If you know any other kind of chart that can be useful, let me know.

Screenshot 2020-09-15 at 17 06 06

⚡ Fast navigation

With new features it's become clear, that the old way to show the projects page first does not make sense anymore. In order to overcome it, the first page after login is Overview. This page handles the recent information which can be helpful to navigate you.

Screenshot 2020-09-20 at 21 08 15

But what about projects? Now you have the "Project Picker". With this component you can access a particular project at any page at any time!

project-picker

For the project management a new page was introduced - "Projects". On this page you can edit, create, delete projects and manage permissions.

📃 Reports

Before this release the only way to upload reports was through the CLI. But now you can upload reports via UI as well. The new button resides on Reports page.

Screenshot 2020-09-15 at 16 54 46

v0.4.4

19 Jul 20:38
b44ecff
Compare
Choose a tag to compare

What's new

  • Changes to the toast/snackbar appearance
  • Move to the Node 14

Bug fixes

  • #70
  • Minor fixes related to updating dependencies

v0.4.3

15 Jul 14:21
0e9b0b4
Compare
Choose a tag to compare
v0.4.3 Pre-release
Pre-release

Bug fixes

  • Fixed API launch issue due to lack of environment variables (#60)

v0.4.2

15 Jul 09:32
d1d2a0d
Compare
Choose a tag to compare
v0.4.2 Pre-release
Pre-release

Bug fixes

  • Fixed an issue with template slug