10 May 2021, v2.2.0


This release is the final version of v2.2.0 following feedback from v2.2.0-rc1.

New Features

  • From RC1: Added new filter_type filter to report templates (submitted by @5il with PR #152).

  • Introduced the new ReportData serializer. This is nearly invisible to users but is a huge efficiency and performance upgrade for the back-end. Changes to project data models will now automatically appear in the raw JSON reports and be accessible within DOCX reports.

  • The new serializer has modified some of the Jinja2 template expressions. View a JSON report to see everything available. For example, instead of writing {{ project_codename }}, you will access this project value with {{ project.codename }}.

  • Ghostwriter now handles dates differently to better support all international date formats. Dates displayed in the interface and dates within reports (e.g., report_date) will match the date locale set in your server settings (en-us by default).


  • From RC1: Updated broken POC contact edit URL on the client details page.

  • From RC1: Project assignment dates will no longer be improperly adjusted on updates.

  • From RC1: Template linter context now has entries for new RichText objects.

  • From RC1: Adjusted HTML parser to account for the possibility for empty fields following an update from one of the older versions of Ghostwriter (submitted by @Abstract-9 with PR #158).

  • From RC1: Adjusted Dockerfile files to fix potential filesystem issues with the latest Alpine Linux image (submitted by @studebacon with PR #143).

  • Added a missing field in the Report Template admin panel.

  • "Add to Report" on the finding details page now works.

  • Updated delete actions for operation logs to avoid an error that could prevent the deletion of entries when deleting an entire log.

  • Domain age calculations are now accurate.

  • An invalid value for domain purchase date no longer causes a server error during validation.

  • Constrained Twisted library to v20.3.0 to fix a potential issue that could come up with Django Channels

  • Improved the reporting engine to handle even the wildest nested styling.


  • Adjusted finding severity lists to sort by the severity's weight instead of alphabetically.

  • Re-enabled evidence uploads in all WYSIWYG editors (it was previously excluded from certain finding fields).

  • Adjusted sidebar organization to improve visibility of a few sections that could be difficult to locate.

  • Updated BootStrap and FontAwesome CSS versions.

  • Updated all Python libraries to their latest versions.

  • Animated the hamburger menus for fun.

  • Switched ASGI servers (from Daphne server to Uvicorn) for WebSockets and better performance.

  • Updated the sample template.docx to act as a walkthrough for the new report data and changes in Jinja2 expressions.

Last updated