Release notes for Canopy 3.10

Upgrading steps.

3.10.3 (2024-02-23)

The patch release addresses a few minor bugs and upgrading is recommended.


  • [CAN-3494] Some UI components sometimes fail with “Maximum update depth exceeded”

  • [CAN-3501] Tool importer removes anchor tags

  • [CAN-3502] Remote User authentication fails when creating users

  • [CAN-3503] Frontend exception occurs when editing cvss3 field without cvss version string

  • [CAN-3505] Missing distribution list in SoW XML

  • [CAN-3507] Upgrading is very slow during Version Foreign key cache generation step

  • [CAN-3508] Correct sorting order of findings where cvss scores were reversed


  • [CAN-3510] Examples are set to output in reports by default

3.10.2 (2023-12-20)

The patch release addresses a number of bugs introduced during front-end improvements that were made in 3.10. Upgrading is recommended.

This patch release also contains a schema migration. However, it only affects Oracle users.


  • [CAN-3490] Existing examples cannot be saved

  • [CAN-3491] Field configurations are not applied to finding view

  • [CAN-3492] custom_rating_sum field type change fails on Oracle

  • [CAN-3493] Missing translations from new finding view

  • [CAN-3496] Comments cannot be resolved as tech managers

3.10.1 (2023-12-07)

Canopy 3.10.1 is a patch release that incorporates the changes from Canopy 3.9.3, see Release notes for Canopy 3.9. Upgrading is recommended.

Canopy 3.9.3 had two notable changes:

  • XLSX templates preserve existing formulas

  • Project/Phase/Report deletion was removed from their list views. Deletion is of those objects are now only possible via their primary views.

Additionally, the following Canopy 3.10.x specific issue was also addressed:


  • [CAN-3486] Pastes are reverted in Rich Text elements

3.10.0 (2023-11-10)

Canopy 3.10.0 is a small feature release.

We are continuing our theme of improvements around QA and collaboration. This release sees the addition of Threaded Commenting. Threaded comments allows users to have a conversation, rather than simply leaving one-off comments. This will help improve the QA process on teams.

Canopy’s installation process now offers the creation of the initial admin user via the UI. This is another step in making the onboarding process simpler for new Canopy deployments. Existing users will not be affected by this change.

We have also added improved health checks for the /health endpoint. The default config values are:



These can be overridden in /etc/canopy/canopy.ini if required.

We changed the custom_rating_sum field to support decimal values, this might improve the sorting accuracy for clients using custom rating systems.


  • [CAN-3429] Threaded commenting


  • [CAN-3330] Integrate forked marrow mailer

  • [CAN-3461] Expand health endpoint checks to include disk space and free memory


  • [CAN-3203] History endpoint fails on invalid custom_rating_sum values

  • [CAN-3426] Non-nullable fields with blank=True bypass initial validation

  • [CAN-3478] Download template fails under report templates


  • [CAN-3435] Allow the user to create an admin user via the UI if no users exist.

Older releases