sysreptor releases

• Security: implement multiple hardening measures and code quality improvements
• SSO: make the user identifier claim configurable (https://docs.sysreptor.com/users/oidc-generic/)
• SSO: add require_email_verified setting to OIDC config
• SSO: migrate Entra ID and Google SSO settings to OIDC_AUTHLIB_OAUTH_CLIENTS setting
• Warning about non-members in project user fields
• Markdown editor: syntax highlight autolinks

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Security: Fix personal note sharing permissions (https://github.com/Syslifters/sysreptor/security/advisories/GHSA-pcpr-q2qj-3v43)
• Image editor: add pixelation tool
• MDE: support toggling task list checkboxes in markdown preview
• MDE: support frontmatter highlighting
• MDE: prevent undo/redo while image editor is open

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Highlight findings by CVSS if severity field is empty
• Fix web worker hangs when rendering large markdown previews
• Show database version in license info page
• Support multi select and bulk actions in list views
• Support bulk moving in notes tree
• UI: Redesign list view header
• UI: Add today button to date picker
• UI: add autocomplete hints to input fields
• AI agent: add field labels to context
• Add design for HTB COAE certification

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Add upgrade_postgres.sh script to update database
• Allow enabling auto-updates in install.sh
• Allow starting PDF download while preview is loading
• Scroll to current note in tree on navigate
• Scroll to current note in tree after searching
• PDF viewer: switch to pdf.js legacy mode

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Markdown editor: Add image editor (https://docs.sysreptor.com/reporting/image-editor/)
• AI agent: rework prompts and tool descriptions
• AI agent: add write_todos tool and subagents
• Fix missing reauth redirect in UI for edit user pages
• Fix window title not updated when notification count changes

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Allow configuring filenames of PDF reports (https://docs.sysreptor.com/designer/filenames/)
• Disable browsable API by default
• Fix comment update error when list item gets deleted
• Markdown editor: Fix SVGs not rendered in math preview
• Add design for HTB CWPE certification
• Enable virtual scrolling in notes tree to improve performance with large number of notes
• Plugin jira: Export findings to Jira issues (https://github.com/Syslifters/sysreptor/tree/main/plugins/jira#readme)
• Plugin rendersections: Render single sections to PDF (https://github.com/Syslifters/sysreptor/tree/main/plugins/rendersections#readme)
• Plugin scanimport: Allow importing OWASP ZAP scans as findings

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Support sharing personal notes
• Markdown editor: Fix scroll sync not scrolling to preview position
• Fix chart rendering in PDFs

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Markdown editor: Support LaTeX math expressions (http://localhost:9090/reporting/markdown-features/#math-expressions)
• AI agent: Add Mistral AI provider
• Increase resolution of charts and mermaid diagrams in PDFs
• Support images in excalidraw notes
• Allow deleting users who are project members
• Fix missing space after references in weasyprint PDF rendering

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Fix server worker timeout not respected after max requests were reached

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Duplicate fields in report/finding field editor
• Allow creating custom notifications in django admin
• Fix error when formatting risk score in AI agent
• Refactor file handling for plugins

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Fix AI agent responses without reasoning content not displayed correctly
• Use explicit types instead of "any" in AI agent tool definitions

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• AI agent chat for report writing assistance (https://docs.sysreptor.com/setup/configuration/#ai-agent)
• Allow configuring allowed status transitions (https://docs.sysreptor.com/setup/configuration/#custom-statuses)
• Fix setting headers of file and image responses
• UI: Save comment texts with Enter, add newlines with Shift+Enter
• Markdown editor: Add toolbar button for inline code
• Plugin customizetheme: Allow customizing the header logo height

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Allow generating QR codes during PDF rendering (https://docs.sysreptor.com/designer/formatting-utils/#qr-codes)
• Fix error on navigate to shared sub-note via URL
• Fix scroll to comment landing on offset position
• Plugin customizetheme: Allow customizing the header logo
• Plugin scanimport: Fix sslyze import error if scan_result is null

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Add comment to shared note/link
• Add copy buttons for restoring archived projects
• Fix Bitwarden auto-fill on login form
• Fix spellcheck disabled when settings are not loaded yet
• Fix excalidraw notes content not copied when copying notes

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Fix remote notification disappearing after refetch
• Improve finding grouping in design preview data
• Add retest status indicator to finding list
• Update OffSec designs
• Markdown editor: Improve scroll sync for nested lists
• Markdown editor: Sticky header in nested fields
• Markdown editor: Make insert finding reference searchable
• Support generating accessible PDF/UA files via config GENERATE_ACCESSIBLE_PDFS
• Improve warning location reporting during PDF rendering
• Fix selected finding not highlighted in report sidebar

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Suggest previously used tags in filters, projects, designs and templates
• Plugin scanimport: Prevent errors on incompatible finding field types
• Prevent excalidraw update errors on delete note
• Do not include pdfviewer in every plugin frontend build
• Enforce read only flag for is_project_admin

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Fix error when opening design notes page

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Add excalidraw notes to SysReptor core
• Deprecate excalidraw plugin
• Case sensitive todo marker parsing
• Allow importing notes to design default note structure
• Allow using a custom PostgreSQL schema via DATABASE_SCHEMA
• Auto-complete usernames in comments
• Update HTB CBBH design to HTB CWES
• Fix CSP errors related to strict-dynamic directive

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Plugin scanimport: Import scan results from various tools
• Fix date field empty value not saved as null
• Fix outbound connection established during PDF rendering
• Markdown editor: fix pasted images not inserted correctly in some cases
• Markdown editor: do not format as markdown when pasting into code blocks
• Update executive summary section in HTB CBBH design
• Require email address for user creation
• Require a different password when changing passwords
• Improve setting proxy variables
• Use nonce instead of hash for CSP script-src

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Replace deprecated bitnami redis docker image with official redis image
• Plugin markdownexport: Export reports as Markdown documents in ZIP format
• Fix out of memory bug in StreamingHttpResponseAsync
• Fix crypto stream errors logged on cleanup
• Fix run_in_background after asgiref update
• Fix custom CA certificates not loaded for commands
• Log backup started and finished times
• Restore backup: bulk insert DB objects
• PDF viewer: add stricter postMessage validation to prevent errors on unexpected messages
• Allow collapsing plugin menu

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Plugin excalidraw: Integrate Excalidraw in SysReptor
• Allow customizing finding/section statuses (https://docs.sysreptor.com/setup/configuration/#custom-statuses)
• Limit publicly accessible settings in API responses
• restorebackup command: add option to skip restoring files
• Improve markdown editor toolbar responsive layout on sidebar width change
• PDF viewer: add PDF outline view
• PDF viewer: fix single-letter shortcuts applied when typing in searchbar input
• PDF viewer: fix message overlay covers footer
• Markdown editor: fix scroll sync to wrong position on HTML blocks starting with <br> tags
• Markdown editor: convert HTML (e.g. Excel tables, Word, etc.) to markdown on paste
• Markdown editor: add blockquote button toolbar
• Markdown editor: fix dropping files below last line

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/

• Incremental parsing in markdown editor
• Add user setting to disable local login
• Provide parent CWEs in PDF rendering
• Allow copying notes
• Bulk delete and bulk export notes
• UI: allow multi-select in notes tree
• UI: fix UI not updated after finish and reactivate project
• UI: fix version history sidebar behind comment sidebar
• UI: fix search text reset on click outside of CreateFindingDialog
• PDF viewer: disable auto-linking

Click here to go to the update instructions: https://docs.sysreptor.com/setup/updates/