Skip to main content

Releases of June 2022

CLI and Plugins Release of June 2022

During June, we released new versions of the CLI, containing important updates and improvements. We also released new plugins, containing additional improvements.

New CLI Versions

Improvements and Bug Fixes 2.0.20

Status

Item

Description

UPDATED

MacOS build

Created unified build for all MacOS versions.

Improvements and Bug Fixes 2.0.19

We added a new command for running a KICS scan as a standalone tool in your local environment. To run the scan, you are required to provide the file source. You can also add additional KICS parameters. For more info, see kics-realtime.

./cx scan kics-realtime --file <FILE PATH> --engine <ENGINE NAME> --additional-params <KICS PARAMS> 2# The output will be a list of results

Status

Item

Description

UPDATED

Summary HTML

For scans that were not completed (or partially completed), the HTML summary now shows the status along with a link to view more details.

UPDATED

Scan summary

We updated the content of the summary that is shown when a scan is run. We made the following changes:

  • Show “Scan Type”, possible values are “incremental” or “full”

  • Show Timeout, possible values are “None” if the scan didn’t timeout or a value in seconds indicating the time that elapsed before the scan timed out

  • Show “Project Name” instead of “Project ID”

  • Formatted the display of the vulnerabilities results summary

  • Added a link to view the scan results in the web app

FIXED

help menu

The deprecated command result was removed from the list of commands shown in the help menu.

NOTE The command used for retrieving results is now results, as shown in the help menu.

CI/CD Plugins

In June we released the following CI/CD plugin versions.

General Updates

Status

Item

Platform

Description

FIXED

Results tab

Jenkins

Fixed issue that some results weren’t being shown properly in the Checkmarx Scan Results tab in Jenkins.

IDE Plugins

We have not yet released new IDE plugins:

Checkmarx KICS Auto Scanning (for VS Code)

We have added a new tool to the VS Code plugin. This tool initiates KICS scans directly from their VS Code console. The scan runs automatically whenever an infrastructure file of a supported type is saved, either manually or by auto-save. The results are shown in the VS Code console, making it easy to remediate the vulnerabilities that are detected. This is a free tool provided by Checkmarx for all VS Code users, and does not require the user to submit credentials for a Checkmarx One account. For more info, see Visual Studio Code - KICS Auto Scanning.

General Updates

Status

Item

Platform

Description

UPDATED

Codebashing link

VS Code

Added hover tooltip for codebashing links.

UPDATED

Load latest scan

VS Code

Once a project and branch are selected, the latest scan of that branch is automatically loaded.

FIXED

Opening attack vector

Visual Studio

Fixed issue that the app was crashing when opening an attack vector.