Update 1.16 release notes (#3195)

Co-authored-by: Jan Klopper <[email protected]>

docs/source/release_notes/1.16.rst

@@ -1,54 +1,65 @@
 ============================================
-[DRAFT for: v1.15.1...67f18e3] OpenKAT 1.16
+OpenKAT 1.16
 ============================================
 
-This release includes some big optimizations in the new reporting functionality
-that was introduced in 1.14. Measurements show that generating a report on 100
-objects is approximately 20 times faster. The reports in general also got a lot
-of improvements and bugfixes.
+This release adds saving of reports. When completing the reporting workflow the
+report will be saved and can be viewed later. This is a big step towards being
+able to schedule automatically generated reports. The reporting also has had a
+lot of improvements and fixes.
+
+Support for running custom OCI images using only a boefje definition
+(boefje.json) has been added. This has been applied to nmap and dnssec boefjes.
+The boefje.json still needs live in the OpenKAT code directory in this release,
+but this is a big step towards being able to add custom boefjes.
 
 New Features
 ============
 
-* Add xtdb-cli tool to Octopoes
-* Update several plugins: Wappalizer, dns-records, ssl-certificates, pdio_subfinder and remove the many-ports-open boefje/normalizer
-* Add backup scripts
-* Introduce importing/exporting capabilities in xtdb-multinode-tool
+* Add xtdb-cli tool to Octopoes. This can be used to easily interact with XTDB
+  and doing importing/exporting.
+* The onboarding workflow uses the new reporting system.
+* Add a warning to the CSP validator for 'self' on script-src directives. Ignore
+  missing CSP if the page is not XSS capable.
+* Add bit that checks for disallowed domains in the CSP header.
+* Update several plugins: Wappalizer, dns-records, ssl-certificates, pdio_subfinder, nuclei
+* The many-ports-open boefje/normalizer has been removed.
+* Backup scripts to backup container data when using the development setup. Thanks to @TobiasBDO for contributing the scripts.
 * More Octopoes Query support for complex path queries
+* Optimize queries executed when running bits
 * Introduce support for running custom built OCI images using only a boefje definition (boefje.json), applied to nmap.
-* Improvements of the design, plugin overview and Report titles.
-* Improvements of several Reports in terms of performance, styling, OOI selection and configuration.
-* More documentation on: Reports, the new OCI image functionality and architecture, IPv6 support in Docker and Octopoes Models.
+* Improvements of several reports in terms of performance, styling, OOI selection and configuration.
+* Improved documentation about reports, the new OCI image functionality and architecture, IPv6 support in Docker and Octopoes models.
+* Added documentation on how to make a boefje, normalizer, model, bit and report with examples. Thanks to @Souf149 for contributing some of these improvements.
+* Frysk has been added to the selectable list of languages. Over 30% of OpenKAT has been translated due to the amazing and hard work of `Wim Benes <https://www.linkedin.com/in/wimbenes/>`_. Tige tank!
 
 Bug fixes
 =========
 
-* Fix OOI Add/Edit form
-* Fix version handling when no version is present.
-* Fix aggregate plugin overview table
-* Fix task api status code response for malformed id in the scheduler
-* Fix select all OOIs
-* Fix openssl boefje being stuck on port 80
-* Fix pdf alignment
-* Fix critical vulnerability counter
-* Fix in System Specific Reports
-* fix schema errors on empty / missing schemas
-* Fix improve error handling
-* Fix missing cipher csv in Debian package
-* Fix Update nuclei
-* Fix and improve running boefjes/normalizer
-* Fix the KATalogus plugin API limit
+* Fix OOI add/edit form
+* Fix version handling when no version is present in wappalyzer normalizer.
+* Error handling has been improved in a lot of places.
+* Fixed schema errors when plugin schema is empty or missing.
+* Fix and improve manually running a boefjes/normalizer.
+* The KATalogus plugin API doesn't have a hardcoded limit anymore.
+* Missing titles in FastAPI API's have been added.
+* Added workaround for broken links to OOIs in the normalizer task list.
+* Fix Snyk boefje creating empty CVE ids.
 
 Upgrading
 =========
 
-It is no longer needed to seed the KATalogus database using `python -m boefjes.seed` on upgrades.
-This is because v1.16.0 phases out the `repository` database model in the KATalogus.
-The migration could potentially not be backward compatible for each install,
-So please read the following carefully before triggering an upgrade.
+It is no longer needed to seed the KATalogus database using `python -m
+boefjes.seed` on installation or upgrades. This is because v1.16.0 phases out
+the `repository` database model in the KATalogus. The migration could
+potentially not be backward compatible for each install, so please read the
+following carefully before triggering an upgrade.
+
+All bits all need to be rerun because of model changes. This can be done on the
+organization settings page.
 
 Checking the KATalogus Migration
 ================================
+
 If you are using OpenKAT as a regular user and never called APIs or tweaked the database manually,
 you can move forward with the normal instructions of upgrading :ref:`Debian packages<Upgrading Debian>`
 or upgrading :ref:`containers <Upgrading_Containers>`.

docs/source/release_notes/index.rst

@@ -5,6 +5,7 @@ Release notes
    :maxdepth: 1
    :caption: Releases
 
+   1.16
    1.15
    1.14
    1.13