nightly-dev 🌈

Run the release drafter to populate the release notes.

2.57.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🖌 Updates in UI

• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): bump django from 5.2.12 to 5.2.13 @dependabot (#14664)
• chore(deps): bump cryptography from 46.0.6 to 46.0.7 @dependabot (#14660)
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /docs @dependabot (#14651)
• chore(deps): bump lodash from 4.17.23 to 4.18.1 in /docs @dependabot (#14648)

2.57.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.0

• Fixing header for broken unit test @rossops (#14644)
• AWS Inspector 2 Line number bug + other changes @Jino-T (#14616)
• async search index: run async instead of sync @valentijnscholten (#14639)
• Reimport: batch-refresh finding status fields in close_old_findings @valentijnscholten (#14638)
• [docs] Improve Invicti parser documentation with enterprise usage guidance @balaakasam (#14605)
• update sarif documentation @paulOsinski (#14635)
• fix: clear reverse M2M through tables before cascade deletion @valentijnscholten (#14630)
• fix(reimport): do not update finding tags on reimport for matched findings @valentijnscholten (#14627)
• [docs] changelog, maintenance @paulOsinski (#14614)
• chore(deps): bump ruff from 0.15.7 to 0.15.8 @manuel-sommer (#14624)
• when deleting a URL via API, perform_delete should call delete on the… @dogboat (#14612)
• Migration endpoints to locations fix @dogboat (#14625)
• fix(dedupe): prevent duplicate test processing in batch dedupe command @valentijnscholten (#14601)
• Add scan_date to import settings if overridden @Maffooch (#14502)
• perf(importers): batch endpoint creation and status updates during import/reimport @valentijnscholten (#14489)
• Add exact_title filter to findings API @brammie15 (#14597)
• feat: add PluggableContextTask for settings-based celery task context managers @valentijnscholten (#14572)
• fix: handle missing status_finding_non_special prefetch in reimporter @seantechco (#14569)
• Standardize CI tests on Debian AMD64 and document supported image variants @Maffooch (#14593)
• (feat) gosec parser: parse cwe_id and swap references if possible @maxi-bee (#14581)
• add semi large sample for jfrog xray unified and acunetix 360 @valentijnscholten (#14570)
• chore(deps): update dependency renovatebot/renovate from 43.76.4 to v43.91.2 (.github/workflows/renovate.yaml) @renovate (#14568)
• Parse Twistlock packagePath so that we can record where the CVE is found @coheigea (#14549)
• Fix deterministic ordering for async_dupe_delete when duplicate dates tie @valentijnscholten (#14562)
• Add upgrade guidance for existing PostgreSQL 18 volumes after PGDATA path change @DarkR0ast (#14561)
• Change dependabot and renovate to weekly on Wednesdays @Maffooch (#14552)
• [doc] various updates @paulOsinski (#14484)
• (perf) Batch duplicate marking part 2 @valentijnscholten (#14516)
• Exclude async_user from celery task @coheigea (#14506)
• Dependency Track: Support CVSS4 and also import CVSS vectors, references and publish date. @AndreVirtimo (#14498)
• fix(awssecurityhub): extract CVSS v3/v4 scores from Inspector findings @samiat4911 (#14481)
• Update PR template to reflect Ruff code compliance @valentijnscholten (#14507)
• Locations V3: add import performance test and autocorrect counts @valentijnscholten (#14501)
• docs: document BuildKit as a prerequisite for Docker Compose builds @valentijnscholten (#14503)
• chore: normalize line endings to LF (CRLF -> LF) @valentijnscholten (#14515)
• [docs] march pro changelog, Iriusrisk Connector documentation @paulOsinski (#14499)
• prefetching locations when building dedupe candidate scope queryset @dogboat (#14483)
• remove libtiff install from Dockerfiles @dogboat (#14485)
• fix: risk acceptance proof download throws 500 @valentijnscholten (#14478)
• bugfix(metrics): closed findings counter always shows 0 when no new findings are imported @vvpoglazov (#14464)
• fix(tests): prevent tag inheritance tests from polluting dev Celery queue @valentijnscholten (#14493)
• fix: endpoints not removable from finding via Edit Finding form @valentijnscholten (#14460)
• perf(fp-history): batch false positive history processing @valentijnscholten (#14449)
• [docs] append "pro" and "open source" to article names @paulOsinski (#14432)
• perf: batch duplicate marking in batch deduplication @valentijnscholten (#14458)
• feat: run single integration tests from dev mode @valentijnscholten (#14486)
• add lychee: ci test for 404s in docs @paulOsinski (#14440)
• chore: add .gitattributes to enforce LF line endings @valentijnscholten (#14448)
• Update sample data @github-actions (#14441)
• minor: use django.conf.settings over dojo.settings everywhere @fopina (#14434)
• disable group post signal default user for any social provider @fopina (#14425)
• Run dependabot so it doesnt interfere with release ops @rossops (#14477)
• use tags.add() instead of tags.set() on reimport @paulOsinski (#14459)
• fixture-updater: change missed in conflict resolution @fopina (#14433)
• [docs] split SSO config up, fix CSS issue @paulOsinski (#14431)
• Add documentation for OS Calendar feature @dangoelz (#14430)
• error message when viewing non-URL @dogboat (#14421)
• fix(sonarqube): handle missing service_key_1 in test_product_connection @samiat4911 (#14412)
• [docs] expand deduplication / reimport documentation @paulOsinski (#14392)

🚩 Changes to settings.dist.py / local_settings.py

• fix(github_sast): set unique_id_from_tool for dedup @samiat4911 (#14591)
• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• fix: Add file_path based detail mode for Anchore Grype parser @Kasyap7 (#14592)
• perf: replace per-object async delete with SQL cascade walker @valentijnscholten (#14566)
• fix: remove django-linear-migrations @valentijnscholten (#14571)
• feat: Add JFrog Xray API Summary Artifact Scan configuration @Arthur-DTAG (#14548)
• feat(parsers): add IriusRisk threat model CSV parser @skywalke34 (#14384)
• feat(parsers): add Orca Security CSV and JSON parser @skywalke34 (#14450)

🚩 Database migration

• fix: remove django-linear-migrations @valentijnscholten (#14571)
• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Drop System_Settings "credentials" field @dogboat (#14551)
• Notifications: Clean up duplicate system notification entries @Maffooch (#14488)

🚀 API features and enhancements

• Add deprecation notices for Credential Manager and Stub Findings @Maffooch (#14613)
• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Enhance engagement close/reopen actions with permission checks @Maffooch (#14517)
• Add authorization check to link_engagement action @Maffooch (#14504)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• api: load jira custom_fields as json @paulOsinski (#14494)
• add notes endpoint to RiskAcceptanceViewSet @paulOsinski (#14487)
• Quick verify in menu and keyboard shortcuts to verify/close findings @fopina (#14318)

🖌 Updates in UI

• feat: add System Status page with Celery queue monitoring and purge @valentijnscholten (#14349)
• Fix finding title HTML encoding inconsistency in All Findings view fi… @tejas0077 (#14524)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• fix: wrap markdown_styles in CSSSanitizer for bleach.clean() @valentijnscholten (#14479)
• feat: add additional_banners support to base template @Maffooch (#14492)
• feat: add Remove from Finding bulk action on View Finding page @valentijnscholten (#14461)
• show social provider label in groups @fopina (#14457)
• Quick verify in menu and keyboard shortcuts to verify/close findings @fopina (#14318)

🧰 Maintenance

• chore(deps): bump cryptography from 46.0.5 to 46.0.6 @dependabot (#14619)
• chore(deps): bump celery from 5.6.2 to 5.6.3 @dependabot (#14621)
• chore(deps): bump python-gitlab from 8.1.0 to 8.2.0 @dependabot (#14622)
• chore(deps): bump requests from 2.32.5 to 2.33.1 @dependabot (#14618)
• chore(deps): bump django-permissions-policy from 4.28.0 to 4.29.0 @dependabot (#14617)
• chore(deps): update dependency renovatebot/renovate from 43.91.2 to v43.102.8 (.github/workflows/renovate.yaml) @renovate (#14603)
• chore(deps): bump cryptography from 46.0.5 to 46.0.6 @dependabot (#14602)
• chore(deps): bump brace-expansion in /docs @dependabot (#14600)
• chore(deps): bump yaml from 2.8.2 to 2.8.3 in /docs @dependabot (#14599)
• chore(deps): update dependency kubernetes/kubernetes from v1.35.2 to v1.35.3 (.github/workflows/k8s-tests.yml) @renovate (#14563)
• chore(deps): bump requests from 2.32.5 to 2.33.0 @dependabot (#14598)
• chore(deps): bump djangorestframework from 3.17.0 to 3.17.1 @dependabot (#14588)
• chore(deps): bump picomatch in /docs @dependabot (#14595)
• chore(deps): update actions/configure-pages action from v5.0.0 to v6 (.github/workflows/gh-pages.yml) @renovate (#14594)
• chore(deps): bump redis from 7.3.0 to 7.4.0 @dependabot (#14589)
• chore(deps): update dependency node from 24.14.0 to v24.14.1 (.github/workflows/validate_docs_build.yml) @renovate (#14587)
• chore(deps): update openapitools/openapi-generator-cli docker tag from v7.20.0 to v7.21.0 (dockerfile.integration-tests-debian) @renovate (#14585)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14578)
• chore(deps): update losisin/helm-values-schema-json-action action from v2.4.1 to v2.5.0 (.github/workflows/test-helm-chart.yml) @renovate (#14576)
• chore(deps): update losisin/helm-docs-github-action action from v1.7.1 to v1.8.0 (.github/workflows/test-helm-chart.yml) @renovate (#14575)
• chore(deps): bump pygithub from 2.8.1 to 2.9.0 @dependabot (#14574)
• chore(deps): update azure/setup-helm action from v4.3.1 to v5 (.github/workflows/test-helm-chart.yml) @renovate (#14586)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14536)
• chore(deps): u...

2.56.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.3

• fix(dedupe): prevent duplicate test processing in batch dedupe command @valentijnscholten (#14601)
• Add scan_date to import settings if overridden @Maffooch (#14502)
• feat: add PluggableContextTask for settings-based celery task context managers @valentijnscholten (#14572)
• fix: handle missing status_finding_non_special prefetch in reimporter @seantechco (#14569)
• Standardize CI tests on Debian AMD64 and document supported image variants @Maffooch (#14593)
• add semi large sample for jfrog xray unified and acunetix 360 @valentijnscholten (#14570)

🚩 Changes to settings.dist.py / local_settings.py

• perf: replace per-object async delete with SQL cascade walker @valentijnscholten (#14566)
• fix: remove django-linear-migrations @valentijnscholten (#14571)
• feat: Add JFrog Xray API Summary Artifact Scan configuration @Arthur-DTAG (#14548)

🚩 Database migration

• fix: remove django-linear-migrations @valentijnscholten (#14571)

🧰 Maintenance

• chore(deps): bump requests from 2.32.5 to 2.33.0 @dependabot (#14598)
• chore(deps): bump picomatch in /docs @dependabot (#14595)
• chore(deps): bump pyopenssl from 25.3.0 to 26.0.0 @dependabot (#14578)

2.56.3 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.2

• Parse Twistlock packagePath so that we can record where the CVE is found @coheigea (#14549)
• Fix deterministic ordering for async_dupe_delete when duplicate dates tie @valentijnscholten (#14562)
• Add upgrade guidance for existing PostgreSQL 18 volumes after PGDATA path change @DarkR0ast (#14561)
• Change dependabot and renovate to weekly on Wednesdays @Maffooch (#14552)
• [doc] various updates @paulOsinski (#14484)
• Exclude async_user from celery task @coheigea (#14506)

🚩 Database migration

• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)
• Drop System_Settings "credentials" field @dogboat (#14551)

🚀 API features and enhancements

• Fix import-languages 500 errors and optimize DB performance @Maffooch (#14553)

2.56.2 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.1

• Update PR template to reflect Ruff code compliance @valentijnscholten (#14507)
• Locations V3: add import performance test and autocorrect counts @valentijnscholten (#14501)
• docs: document BuildKit as a prerequisite for Docker Compose builds @valentijnscholten (#14503)
• chore: normalize line endings to LF (CRLF -> LF) @valentijnscholten (#14515)
• [docs] march pro changelog, Iriusrisk Connector documentation @paulOsinski (#14499)
• prefetching locations when building dedupe candidate scope queryset @dogboat (#14483)
• remove libtiff install from Dockerfiles @dogboat (#14485)
• fix: risk acceptance proof download throws 500 @valentijnscholten (#14478)
• bugfix(metrics): closed findings counter always shows 0 when no new findings are imported @vvpoglazov (#14464)
• fix(tests): prevent tag inheritance tests from polluting dev Celery queue @valentijnscholten (#14493)
• fix: endpoints not removable from finding via Edit Finding form @valentijnscholten (#14460)
• [docs] append "pro" and "open source" to article names @paulOsinski (#14432)
• feat: run single integration tests from dev mode @valentijnscholten (#14486)
• add lychee: ci test for 404s in docs @paulOsinski (#14440)
• chore: add .gitattributes to enforce LF line endings @valentijnscholten (#14448)
• Run dependabot so it doesnt interfere with release ops @rossops (#14477)

🚩 Database migration

• Notifications: Clean up duplicate system notification entries @Maffooch (#14488)

🚀 API features and enhancements

• Enhance engagement close/reopen actions with permission checks @Maffooch (#14517)
• Add authorization check to link_engagement action @Maffooch (#14504)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• api: load jira custom_fields as json @paulOsinski (#14494)
• add notes endpoint to RiskAcceptanceViewSet @paulOsinski (#14487)

🖌 Updates in UI

• Fix finding title HTML encoding inconsistency in All Findings view fi… @tejas0077 (#14524)
• feat: allow sorting endpoints by active findings count @valentijnscholten (#14462)
• fix: wrap markdown_styles in CSSSanitizer for bleach.clean() @valentijnscholten (#14479)
• feat: add additional_banners support to base template @Maffooch (#14492)
• feat: add Remove from Finding bulk action on View Finding page @valentijnscholten (#14461)

🧰 Maintenance

• chore(deps): bump pyjwt from 2.11.0 to 2.12.0 @dependabot (#14518)
• chore(deps): bump pdfmake from 0.3.5 to 0.3.6 in /components @dependabot (#14495)

2.56.1 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.56.0

• use tags.add() instead of tags.set() on reimport @paulOsinski (#14459)
• [docs] split SSO config up, fix CSS issue @paulOsinski (#14431)
• Add documentation for OS Calendar feature @dangoelz (#14430)
• [docs] expand deduplication / reimport documentation @paulOsinski (#14392)
• Release: Merge back 2.56.0 into bugfix from: master-into-bugfix/2.56.0-2.57.0-dev @github-actions[bot] (#14428)

🧰 Maintenance

• chore(deps): bump django from 5.2.11 to 5.2.12 @dependabot[bot] (#14443)

2.56.0 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.55.0

• Refactor zip handling with safe_open_zip and safe_read_all_zip @Maffooch (#14408)
• feat(trivy_operator): add remediation, messages, category, and publishedDate mappings @SergK (#14360)
• fix: slight textual changes to update-sample-data workflow @valentijnscholten (#14401)
• Reimport: Do not reactivate endpoint statuses with special statuses @Maffooch (#14402)
• Update sample data @github-actions (#14400)
• [docs] scheduling for rules engine @paulOsinski (#14413)
• Set unique_id_from_tool from matrix field in Dependency Track parser @samiat4911 (#14380)
• Updates Documentation Site @devGregA (#14357)
• feat(parsers): add fix_version support to Generic Findings Import @vvpoglazov (#14307)
• [docs] add Connectors documentation, 2.55.4 changelog @paulOsinski (#14381)
• fix typo in pro demo @paulOsinski (#14378)
• Update sample data @github-actions (#14389)
• Fix DataError when Finding_Group name exceeds 255 chars @valentijnscholten (#14376)
• fix(trivy_operator): fix compliance severity logic and checkID comparison @SergK (#14359)
• Fix webp issues with Dev deployments @paulOsinski (#14377)
• Also update defect_dojo_sample_data_locations.json in sample data workflow @valentijnscholten (#14391)
• fix: Add support to parse CVSSV4 findings for the Trivy parser @coheigea (#14379)
• Create Surveys and Questionnaires documentation @dangoelz (#14394)
• Refactor get_object_or_404 calls for Engagement and Engagement_Presets @Maffooch (#14375)
• Fix update-sample-data workflow pushing to protected master branch @valentijnscholten (#14374)
• Update Quick Start guide in README for Docker Compose @Maffooch (#14335)
• Remove dead sync_process_findings / determine_process_method / process_results scaffolding @valentijnscholten (#14351)
• Fixes, expands, and modifies E2E tests @devGregA (#14329)
• fix: dedupe management command FieldError with only("id") and select_related @valentijnscholten (#14350)
• Refactor fixture-updater to python @fopina (#14336)
• Fix PGDATA path to make postgres data durable (fixes #14358) @valentijnscholten (#14362)
• Skip dispatching endpoint/location tasks when lists are empty @valentijnscholten (#14361)
• Fix release workflow: ensure helm chart is uploaded before release-drafter @valentijnscholten (#14364)
• [docs] feb release notes @paulOsinski (#14341)
• update finding_status_definitions @paulOsinski (#14356)
• fix for ms defender parser: use endpoint instead of url when not v3 @dogboat (#14343)
• Support sync kwarg in process_findings for inline post-processing @valentijnscholten (#14309)
• Propagate async_user via crum.impersonate in DojoAsyncTask base class @valentijnscholten (#14308)
• fix username logging in uwsgi for requests with TokenAuthentication @fopina (#14322)
• chore(deps): bump ruff from 0.15.0 to 0.15.1 @manuel-sommer (#14316)

🚩 Changes to settings.dist.py / local_settings.py

• Silence polymorphic.W001 and polymorphic.W002 system checks @Maffooch (#14393)
• Dependency Track parser: Store DT uuid into unique_id_from_tool instead of vuln_id_from_tool @AndreVirtimo (#14346)

🚩 Database migration

• LocationData for parsers @dogboat (#14395)
• Add 'Scheduled' status to engagement models @Maffooch (#14319)

🚀 API features and enhancements

• Updates Decorators with Certain Permission Models @devGregA (#14410)
• Optimize language import process with bulk creation and improved validation @Maffooch (#14403)
• fix: don't close old findings when reimport auto-creates a new test @valentijnscholten (#14396)
• Fix Jira integration error handling and type representation @Maffooch (#14320)

🖌 Updates in UI

• fix the way bulk update endpoints in finding view works in v3 @dogboat (#14411)

🧰 Maintenance

• chore(deps): update github artifact actions (.github/workflows/rest-framework-tests.yml) (major) @renovate (#14397)
• chore(deps): update valkey/valkey docker tag from 7.2.11 to v7.2.12 (docker-compose.yml) @renovate (#14383)
• chore(deps-dev): bump rollup from 4.57.1 to 4.59.0 in /docs @dependabot (#14398)
• chore(deps): update dependency node from 24.13.1 to v24.14.0 (.github/workflows/validate_docs_build.yml) @renovate (#14387)
• chore(deps): update python:3.13.12-slim-trixie docker digest from 3.13.12 to v (dockerfile.integration-tests-debian) @renovate (#14386)
• chore(deps): bump minimatch in /docs @dependabot (#14385)
• chore(deps): bump sqlalchemy from 2.0.46 to 2.0.47 @dependabot (#14388)
• chore(deps): bump pdfmake from 0.3.4 to 0.3.5 in /components @dependabot (#14370)
• chore(deps): bump django-polymorphic from 4.11.0 to 4.11.1 @dependabot (#14369)
• chore(deps): update dependency renovatebot/renovate from 43.24.0 to v43.31.7 (.github/workflows/renovate.yaml) @renovate (#14366)
• chore(deps): bump django-imagekit from 6.0.0 to 6.1.0 @dependabot (#14368)
• chore(deps): bump django-environ from 0.12.1 to 0.13.0 @dependabot (#14338)
• chore(deps): bump ruff from 0.15.1 to 0.15.2 @dependabot (#14355)
• chore(deps): update dependency kubernetes/minikube from v1.38.0 to v1.38.1 (.github/workflows/k8s-tests.yml) @renovate (#14352)
• chore(deps): bump django-pghistory from 3.9.1 to 3.9.2 @dependabot (#14340)
• chore(deps): bump redis from 7.1.1 to 7.2.0 @dependabot (#14331)
• chore(deps): update actions/stale action from v10.1.1 to v10.2.0 (.github/workflows/close-stale.yml) @renovate (#14330)
• chore(deps): bump psycopg[c] from 3.3.2 to 3.3.3 @dependabot (#14348)
• chore(deps): update postgres:18.2-alpine docker digest from 18.2 to 18.2-alpine (docker-compose.yml) @renovate (#14344)
• chore(deps): update valkey docker tag from 0.15.4 to v0.17.0 (helm/defectdojo/chart.yaml) @renovate (#14326)
• chore(deps): bump djangosaml2 from 1.11.1 to 1.12.0 @dependabot (#14339)
• chore(deps): update manusa/actions-setup-minikube action from v2.14.0 to v2.15.0 (.github/workflows/k8s-tests.yml) @renovate (#14312)
• chore(deps): update dependency renovatebot/renovate from 43.5.6 to v43.24.0 (.github/workflows/renovate.yaml) @renovate (#14323)
• chore(deps): bump django-environ from 0.12.0 to 0.12.1 @dependabot (#14327)
• Update openapitools/openapi-generator-cli Docker tag from v7.19.0 to v7.20.0 (Dockerfile.integration-tests-debian) @renovate (#14328)

2.55.4 🌈

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.55.3

• fix: dedupe management command FieldError with only("id") and select_related @valentijnscholten (#14350)
• Fix PGDATA path to make postgres data durable (fixes #14358) @valentijnscholten (#14362)
• Skip dispatching endpoint/location tasks when lists are empty @valentijnscholten (#14361)
• Fix release workflow: ensure helm chart is uploaded before release-drafter @valentijnscholten (#14364)
• [docs] feb release notes @paulOsinski (#14341)
• update finding_status_definitions @paulOsinski (#14356)
• fix for ms defender parser: use endpoint instead of url when not v3 @dogboat (#14343)

2.55.3 🌈

Run the release drafter to populate the release notes.