Release 4.12.0
Published: October 5, 2023Last updated: March 25, 2024
- Rudimentary support for supplier agreements
- Various minor updates
- The Ciso logo has been updated.
- Closed risks are now shown (in a separate tab) in risk analyses.
- Redundant links in the top right user dropdown have been removed.
- Security enhancements
- Swagger UI and the OpenAPI specification are now restricted to authenticated users.
- The lifetime of API tokens has been limited to four years.
- Passwords now require 12 characters by default.
- New passwords are now checked with haveibeenpwned.com by default.
- Changing the email or phone number of the active user now requires re-identification.
- Bugfixes
- A few aesthetic issues with the lower left settings interface have been fixed.
- Clicking on a security requirement category item in the table of security requirements now (correctly) opens that category.
- Form buttons that were missing when attempting to create a new person with a certain combination of permissions are now shown.