Skip to main content

Releases of March 2022

New features and improvements

Status

Description

Release of March 24

NEW

To avoid possible confusion and naming mismatch, the editing of project names for imported projects is now disallowed.

NEW

Auto scan is now enabled by default.

NEW

The SCM Import Cancel button in the User Interface works now.

NEW

Added the option in CLI to add the contributors name and changed user-count to contributor-count.

NEW

If the project does not exist in Checkmarx One, a new scan will not be initiated and the respective Webhook and repository will be removed.

NEW

Selected options can be now saved as part of project/workspace for Visual Studio.

NEW

Added an option in IDE to filter by Vulnerability type.

NEW

Added the State filter to the results in CLI.

NEW

Added the command ADO SCM to user-count in CLI.

NEW

Added the command Bitbucket SCM to user-count in CLI.

NEW

CLI now displays the SCM user contributor count for the last 90 days.

NEW

Best Fix Location is now retrieved via CLI and highlighted within the IDE for Eclipse.

NEW

The Codebashing link has been added for Eclipse.

Release of March 10

NEW

Newly added user credentials for accessing a Jira server are now validated by a connection test.

NEW

The results displayed in IDE can now be grouped by vulnerability type.

NEW

Not exploitable and tentatively not exploitable findings are now deselected by default in the IDE filters. In addition, the option name has changed from Filtered by to Filter.

NEW

A new scan create parameter has been added to handle all SCA resolver parameters. The following example illustrates its usage:

--sca-resolver-params "—scan-containers"

NEW

This version introduces the ability to audit logs for all tenant actions through API.

NEW

The VS Code integration now allows handling BFLs (Best Fix Locations).

NEW

In the VS Code and JetBrains integrations, the location on the attack vector is now highlighted and displays the best place to fix an issue.

NEW

A scan consisting of multiple scanners can now be completed even if one of the scanners has failed. The scan will be considered a partial scan.

NEW

To allow developers to triage findings within the IDE without having to log into Checkmarx One, the ability to pull information on the current state of a vulnerability and change its status has been added to Eclipse.

NEW

Only new or fixed vulnerabilities are now displayed in PR.

NEW

The SCM import process has been optimized to require the minimum amount of user privileges and roles.

Resolved issues

Status

Description

Release of March 24

FIXED

Fixed an issue in Checkmarx One Feedback Apps Vulnerabilities Filters due to which State and Categories were not working as expected.

FIXED

When deleting a project from Checkmarx One, all types of failures in any step related to integrations from all SCMs are now ignored.

Release of March 10

FIXED

Fixed an issue that caused an error when validating a GitHub token.

CLI and Plugins Release of March, 2022

During March, we a new CLI version, containing important updates and improvements. We also released new plugins that use the new CLI version and contain additional improvements.

New CLI Version 2.0.13

General Improvements

Status

Item

Description

NEW

SCA Resolver params

Added new --sca-resolver-params flag to the scan create command. See documentation here.

Bug Fixes

Status

Item

Description

FIXED

preset

Removed the default preset.

FIXED

deprecated result command

The old result command has been deprecated.

CI/CD Plugins

In March we released the following CI/CD plugin versions. These plugin versions use CLI version 2.0.13.

Links to install latest plugin versions from marketplace:

General Updates

Status

Item

Platform

Description

NEW

SCA resolver

All

Added new --sca-resolver-params flag to the scan create command. See documentation here.

FIXED

Proxy connection

Azure DevOps

Fixed problems with proxy connection.

FIXED

Branch name

GitHub Action

The branch name is now shown correctly for Pull requests.

IDE Plugins

In March we released the following IDE plugin versions. These plugin versions use CLI version 2.0.13.

Links to install latest plugin versions from marketplace:

General Updates

Status

Item

Platform

Description

UPDATED

Auto-select scan

JetBrains

Automatically selects the latest scan once a Project and branch have been selected.

UPDATED

Filter by state

Eclipse, JetBrains

Added ability to filter results by vulnerability state.

UPDATED

Nested groups

VS Code

Enabled selecting multiple groups in order to create nested display.

FIXED

License

Eclipse

Added license content for license approval during installation.

FIXED

UI bugs

VS Code

Fixed bugs affecting the UI.