dfir-iris · Che4ter · May 13, 2026 · May 13, 2026 · May 13, 2026 · May 13, 2026
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -102,7 +102,7 @@ services:
         condition: service_healthy
 
   frontend:
-    image: node:23-alpine
+    image: node:24-alpine
     profiles: ["new-ui"]
     container_name: iris_sveltekit_frontend
     working_dir: /app

diff --git a/docker/webApp/Dockerfile b/docker/webApp/Dockerfile
@@ -19,7 +19,7 @@
 ####################
 # COMPILE JS IMAGE #
 ####################
-FROM node:20-alpine AS compile-js-image
+FROM node:24-alpine AS compile-js-image
 
 COPY ui/ /ui
 
@@ -40,10 +40,12 @@ RUN python -m venv /opt/venv
 # Make sure we use the virtualenv:
 ENV PATH="/opt/venv/bin:$PATH"
 
+RUN python -m pip install --upgrade pip wheel
+
 COPY source/dependencies /dependencies
 COPY source/requirements.txt /
 
-RUN pip3 install -r requirements.txt
+RUN python -m pip install --no-cache-dir -r /requirements.txt
 
 ###############
 # BUILD IMAGE #

diff --git a/source/app/blueprints/graphql/graphql_route.py b/source/app/blueprints/graphql/graphql_route.py
@@ -22,7 +22,7 @@
 from flask_wtf import FlaskForm
 from flask import Blueprint
 
-from graphql_server.flask import GraphQLView
+from graphql_server.flask.views import GraphQLView
 from graphene import ObjectType
 from graphene import Schema
 from graphene import Float
@@ -119,7 +119,7 @@ def wrap(*args, **kwargs):
 
 def _create_blueprint():
     schema = Schema(query=Query, mutation=Mutation)
-    graphql_view = GraphQLView.as_view('graphql', schema=schema)
+    graphql_view = GraphQLView.as_view('graphql', schema=schema.graphql_schema)
     graphql_view_with_authentication = _check_authentication_wrapper(graphql_view)
 
     blueprint = Blueprint('graphql', __name__)

diff --git a/source/app/blueprints/pages/demo_landing/templates/demo-landing.html b/source/app/blueprints/pages/demo_landing/templates/demo-landing.html
@@ -155,7 +155,7 @@ <h3 class="mt-2">Accounts</h3>
         </div>
     </div>
   </body>
-    <script src="/static/assets/js/core/jquery.3.2.1.min.js"></script>
+    <script src="/static/assets/js/core/jquery.min.js"></script>
     <script src="/static/assets/js/core/bootstrap.min.js"></script>
     <script type="module" src="/static/assets/js/iris/demo.js"></script>
 </html>
diff --git a/source/app/post_init.py b/source/app/post_init.py
@@ -1214,6 +1214,8 @@ def _custom_assets_symlinks(self):
                 filename = store_fullpath.split(os.path.sep)[-1]
                 show_fullpath = os.path.join(self._configuration['APP_PATH'], 'app',
                                              self._configuration['ASSET_SHOW_PATH'].strip(os.path.sep), filename)
+                show_dir = os.path.dirname(show_fullpath)
+                os.makedirs(show_dir, exist_ok=True)
                 if not os.path.islink(show_fullpath):
                     os.symlink(store_fullpath, show_fullpath)
                     self._logger.info(f"Created assets img symlink {store_fullpath} -> {show_fullpath}")

diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py
@@ -19,7 +19,7 @@
 import datetime
 import dateutil.parser
 import os
-import pyminizip
+import pyzipper
 import random
 import re
 import shutil
@@ -796,16 +796,16 @@ class CaseTemplateSchema(ma.Schema):
     created_at: datetime = fields.DateTime(dump_only=True)
     updated_at: datetime = fields.DateTime(dump_only=True)
     name: str = fields.String(required=True)
-    display_name: Optional[str] = fields.String(allow_none=True, missing="")
-    description: Optional[str] = fields.String(allow_none=True, missing="")
-    author: Optional[str] = fields.String(allow_none=True, validate=Length(max=128), missing="")
-    title_prefix: Optional[str] = fields.String(allow_none=True, validate=Length(max=32), missing="")
-    summary: Optional[str] = fields.String(allow_none=True, missing="")
-    tags: Optional[List[str]] = fields.List(fields.String(), allow_none=True, missing=[])
-    classification: Optional[str] = fields.String(allow_none=True, missing="")
+    display_name: Optional[str] = fields.String(allow_none=True, load_default="")
+    description: Optional[str] = fields.String(allow_none=True, load_default="")
+    author: Optional[str] = fields.String(allow_none=True, validate=Length(max=128), load_default="")
+    title_prefix: Optional[str] = fields.String(allow_none=True, validate=Length(max=32), load_default="")
+    summary: Optional[str] = fields.String(allow_none=True, load_default="")
+    tags: Optional[List[str]] = fields.List(fields.String(), allow_none=True, load_default=[])
+    classification: Optional[str] = fields.String(allow_none=True, load_default="")
     note_directories: Optional[List[Dict[str, Union[str, List[Dict[str, str]]]]]] = fields.List(fields.Dict(),
                                                                                                 allow_none=True,
-                                                                                                missing=[])
+                                                                                                load_default=[])
 
     @staticmethod
     def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str]]:
@@ -863,7 +863,7 @@ def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) ->
     tasks: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List(
         fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])),
         allow_none=True,
-        missing=[]
+        load_default=[]
     )
 
 
@@ -1148,7 +1148,7 @@ class EventSchema(ma.SQLAlchemyAutoSchema):
     event_tz: str = fields.String(required=True, allow_none=False)
     event_category_id: int = ma.Method('get_event_category_id')
     event_date_wtz: datetime = fields.DateTime("%Y-%m-%dT%H:%M:%S.%f", required=False, allow_none=False)
-    modification_history: str = auto_field('modification_history', required=False, readonly=True)
+    modification_history: str = auto_field('modification_history', required=False, dump_only=True)
     event_comments_map: List[int] = fields.List(fields.Integer, required=False, allow_none=True)
     event_sync_iocs_assets: bool = fields.Boolean(required=False)
     children = fields.Nested('EventSchema', many=True, required=False)
@@ -1435,7 +1435,10 @@ def ds_store_file(self, file_storage: FileStorage, location: Path, is_ioc: bool,
 
                     shutil.copyfile(fn.name, Path(fn.name).parent / file_hash)
 
-                    pyminizip.compress((Path(fn.name).parent / file_hash).as_posix(), None, file_path, passwd, 0)
+                    with pyzipper.AESZipFile(file_path, 'w', compression=pyzipper.ZIP_STORED,
+                                              encryption=pyzipper.WZ_AES) as zf:
+                        zf.setpassword(passwd.encode())
+                        zf.write((Path(fn.name).parent / file_hash).as_posix(), arcname=file_hash)
                     os.unlink(Path(tmp.name).parent / file_hash)
                     os.unlink(fn.name)
 
@@ -2042,7 +2045,7 @@ class AuthorizationGroupSchema(ma.SQLAlchemyAutoSchema):
     group_name: str = auto_field('group_name', required=True, validate=Length(min=2), allow_none=False)
     group_description: str = auto_field('group_description', required=True, validate=Length(min=2))
     group_auto_follow_access_level: Optional[bool] = auto_field('group_auto_follow_access_level', required=False,
-                                                                default=False)
+                                                                dump_default=False)
     group_permissions: int = fields.Integer(required=False)
     group_members: Optional[List[Dict[str, Any]]] = fields.List(fields.Dict, required=False, allow_none=True)
     group_permissions_list: Optional[List[Dict[str, Any]]] = fields.List(fields.Dict, required=False, allow_none=True)
@@ -2174,7 +2177,7 @@ class BasicUserSchema(ma.SQLAlchemyAutoSchema):
     user_name: str = auto_field('name', required=True, validate=Length(min=2))
     user_login: str = auto_field('user', required=True, validate=Length(min=2))
     user_email: str = auto_field('email', required=True, validate=Length(min=2))
-    has_deletion_confirmation: Optional[bool] = auto_field('has_deletion_confirmation', required=False, default=False)
+    has_deletion_confirmation: Optional[bool] = auto_field('has_deletion_confirmation', required=False, dump_default=False)
 
     class Meta:
         model = User
@@ -2292,12 +2295,13 @@ class SavedFilterSchema(ma.SQLAlchemyAutoSchema):
     This schema defines the fields to include when serializing and deserializing SavedFilter objects.
 
     """
+    user = ma.Nested(lambda: UserSchema(only=['id', 'user_name', 'user_login', 'user_email']), dump_only=True)
 
     class Meta:
         model = SavedFilter
         load_instance = True
         include_fk = True
-        include_relationships = True
+        include_relationships = False
         unknown = EXCLUDE
 
 
@@ -2507,8 +2511,8 @@ class UserSchemaForAPIV2(ma.SQLAlchemyAutoSchema):
     user_permissions = ma.Nested(AuthorizationGroupSchema, many=True, attribute='permissions', only=['group_name', 'group_permissions'])
     user_customers = ma.Nested(CustomerSchema, many=True, attribute='customers', only=['customer_name', 'customer_id'])
     user_cases_access = ma.Nested(CaseSchemaForAPIV2, many=True, attribute='cases_access', only=['access_level', 'case_id', 'case_name'])
-    user_organisations = fields.Method('get_user_organisations', only=['org_name', 'org_id', 'org_uuid', 'is_primary_org'])
-    user_primary_organisation_id = fields.Method('get_user_primary_organisation', only=['id'])
+    user_organisations = fields.Method('get_user_organisations')
+    user_primary_organisation_id = fields.Method('get_user_primary_organisation')
 
     class Meta:
         model = User

diff --git a/source/app/templates/layouts/default.html b/source/app/templates/layouts/default.html
@@ -68,7 +68,7 @@
 
 	<!--   Core JS Files   -->
 
-	<script src="/static/assets/js/core/jquery.3.2.1.min.js"></script>
+	<script src="/static/assets/js/core/jquery.min.js"></script>
 	<script src="/static/assets/js/core/popper.min.js"></script>
 	<script src="/static/assets/js/core/bootstrap.min.js"></script>
 	<script src="/static/assets/js/plugin/tagsinput/suggesttag.js"></script>

diff --git a/source/app/templates/layouts/default_centered.html b/source/app/templates/layouts/default_centered.html
@@ -59,7 +59,7 @@
 
 	<!--   Core JS Files   -->
 
-	<script src="/static/assets/js/core/jquery.3.2.1.min.js"></script>
+	<script src="/static/assets/js/core/jquery.min.js"></script>
 	<script src="/static/assets/js/core/popper.min.js"></script>
 	<script src="/static/assets/js/core/bootstrap.min.js"></script>
 	<script src="/static/assets/js/plugin/tagsinput/suggesttag.js"></script>

diff --git a/source/app/templates/layouts/default_ext.html b/source/app/templates/layouts/default_ext.html
@@ -55,7 +55,7 @@
 	</div>
 
 	<!--   Core JS Files   -->
-	<script src="/static/assets/js/core/jquery.3.2.1.min.js"></script>
+	<script src="/static/assets/js/core/jquery.min.js"></script>
 	<script src="/static/assets/js/core/popper.min.js"></script>
 	<script src="/static/assets/js/core/bootstrap.min.js"></script>
 	<script src="/static/assets/js/plugin/tagsinput/suggesttag.js"></script>

diff --git a/source/app/templates/layouts/static-default.html b/source/app/templates/layouts/static-default.html
@@ -33,7 +33,7 @@
 
 
 	<!--   Core JS Files   -->
-	<script src="/static/assets/js/core/jquery.3.2.1.min.js"></script>
+	<script src="/static/assets/js/core/jquery.min.js"></script>
 	<script src="/static/assets/js/core/popper.min.js"></script>
 	<script src="/static/assets/js/core/bootstrap.min.js"></script>
 

diff --git a/source/requirements.txt b/source/requirements.txt
@@ -1,45 +1,45 @@
-azure-identity==1.10.0
-azure-keyvault-secrets==4.5.1
-celery==5.4.0
-Flask==3.1.0
+azure-identity==1.25.3
+azure-keyvault-secrets==4.11.0
+celery==5.6.3
+Flask==3.1.3
 Flask-Bcrypt==1.0.1
 Flask-Login==0.6.3
 Flask-SQLAlchemy==3.1.1
-Flask-WTF==1.2.2
-flask-marshmallow==1.2.1
-Flask-Caching==2.3.0
-flask-cors==5.0.0
-marshmallow==3.23.1
-marshmallow-sqlalchemy==1.1.0
-gunicorn==23.0.0
-psycopg2-binary==2.9.10
-pyunpack==0.2.2
-packaging==21.3
+Flask-WTF==1.3.0
+flask-marshmallow==1.5.0
+Flask-Caching==2.4.0
+flask-cors==6.0.2
+marshmallow==4.3.0
+marshmallow-sqlalchemy==1.5.0
+gunicorn==26.0.0
+psycopg2-binary==2.9.12
+pyunpack==0.3
+packaging==26.2
 requests==2.31.0
-SQLAlchemy==2.0.36
+SQLAlchemy==2.0.49
 SQLAlchemy-ImageAttach==1.1.0
-SQLAlchemy-Utils==0.41.2
-urllib3==1.26.18
-Werkzeug==3.1.3
-WTForms==3.2.1
-Flask-SocketIO==5.4.1
-alembic==1.7.5
-setuptools~=70.3.0
-python-dateutil==2.8.2
-python-gnupg==0.4.8
-pyminizip~=0.2.6
-PyJWT==2.4.0
-cryptography>=39.0.1
+SQLAlchemy-Utils==0.42.1
+urllib3==2.7.0
+Werkzeug==3.1.8
+WTForms==3.2.2
+Flask-SocketIO==5.6.1
+alembic==1.18.4
+setuptools==81.0.0
+python-dateutil==2.9.0.post0
+python-gnupg==0.5.6
+pyzipper==0.4.0
+PyJWT==2.13.0
+cryptography==48.0.0
 ldap3==2.9.1
-pyintelowl>=4.4.0
+pyintelowl==5.1.0
 pyotp==2.9.0
-graphene==3.3
-qrcode[pil]==7.4.2
-dictdiffer==0.2.0
+graphene==3.4.3
+qrcode[pil]==8.2
+dictdiffer==0.9.0
 oic==1.7.0
-# unfortunately we are relying on a beta version here. I hope a definitive version gets released soon
-graphql-server[flask]==3.0.0b7
-graphene-sqlalchemy==3.0.0rc1
+graphql-server[flask]==3.0.0
+graphene-sqlalchemy==3.0.0rc2
+bleach==6.3.0
 
 https://github.com/dfir-iris/docx-generator/releases/download/v0.9.1/docx_generator-0.9.1-py3-none-any.whl
 dependencies/iris_interface-1.2.0-py3-none-any.whl