2.0.11-450.v39e936fcb_0c0 | June 16, 2023 | 2.0.48 | You can now designate a scan as a "Private Package" and assign a package version to it using the Additional Parameters options. Once a private package has been scanned, info about the risks affecting that package will be identified by SCA when that package version is used in any of your projects. You can download an article about private packages here. We added the --exploitable-path flag to the Additional Parameters options. This enables you to designate whether or not Exploitable Path will run on this particular scan. When used, this overrides the designation made in the project settings. We also added a flag --sca-last-sast-scan-time , which enables you to specify the number of days that SAST scan results are considered valid for use in Exploitable Path (i.e., if there is no current SAST scan, how many days prior to the current SCA scan will Checkmarx One look for a SAST scan to use for analyzing Exploitable Path.) WarningThe --sca-last-sast-scan-time flag is not yet fully supported and may not function as designed. Improved memory usage when uploading zip files. Added file extensions go.mod, go.sum, *.dart, and *.plist to the list of included files (when creating the zip archive for scanning). Added additional options for pdf format reports. When running the results show command or the scan create command with --report-format set to pdf , you can now: Add the --report-pdf-email flag to specify email recipients. Add the --report-pdf-options flag to specify which sections to include in the report. Options are: Iac-Security, Sast,Sca, ScanSummary, ExecutiveSummary, ScanResults.
Added the option to generate reports in markdown format using the --report-format flag.
| |
2.0.11-415.vde4f199d0f33 | Mar 2, 2023 | 2.0.41 | General improvements and bug fixes | |
2.0.11-409.vddc0ca_56ce70 | Feb 24, 2023 | 2.0.39 | General improvements and bug fixes | |
2.0.11-366.vcc8e9a_380a_78 | Nov 11, 2022 | 2.0.34 | A report is now generated when a build fails because of a threshold set in the Checkmarx One plugin. | |
2.0.11-348.v434cc908cfe6 | Oct 20, 2022 | 2.0.31 | | Fixed issue that pipelines were failing. |
2.0.11-319.vb_0fa_8477f9a_d | Aug 29, 2022 | 2.0.25 | All documentation links now point to the new Checkmarx documentation portal at https://checkmarx.com/resource/documentation. | |
2.0.11-305.vf5b_6c5f3d2cd | Jul 20, 2022 | 2.0.21 | | Fixed issue that "Test Connection" hadn't been working properly. |
2.0.11-295.v86e43214c160 | Jul 4, 2022 | 2.0.21 | You can now store secrets as environment variables, to avoid printing them to logs. | |
2.0.11-278.v19427b_1422b_3 | Jun 16, 2022 | 2.0.18 | | |
2.0.11-274.va_d38ce3e7a_35 | May 31, 2022 | | You can now add filters to the scan create command (to exclude files/folders from the scan) separately for each specific scanner. The flags for the new filters are: --sast-filter <string> , --kics-filter <string> , --sca-filter <string> . See scan create. TipThe existing flag --file-filter , which sets filters for the entire scan (for all scanners) is still in use.
You can now add an ssh key to a scan, using the flag --ssh-key <string> with the path to the ssh private key. Updated html content to give clear explanation of async scan flow.
| |
2.0.11-270.v58f65715b_f9b_ | May 11, 2022 | | Change build step to run in the agent. | |
2.0.10-265.v7ed6917039c0 | Apr 13, 2022 | | General improvements and bug fixes. | |
2.0.9-261.vfd1a_e1162900 | Apr 11, 2022 | 2.0.16 | Handle job cancel event and cancel scan if running. | |
2.0.9-234.v64773b_46040d | Mar 2, 2022 | 2.0.13 | | |
2.0.15 | | 2.0.10 | Added SummaryJSON reports. Added the --scan-timeout <int> flag to the scan create command, enabling users to specify a time limit after which the scan will fail and terminate. See documentation here. Updated UI elements to reflect the new Checkmarx branding (e.g., logo).
| |
2.0.14 | | 2.0.9 | | |
2.0.13 | | 2.0.4 | | |
2.0.11 | | | | |
2.0.10 | | | | |
2.0.10 | | | | |
2.0.9 | | | | |
2.0.8 | | | Added a check connection button Remove scan type selection Change jenkins minor version to 2.263.1
| |
2.0.7 | | | | |
2.0.6 | | | | |
2.0.5 | | | | |
2.0.4 | | | | |
2.0.3 | | | | |
2.0.0 | | | Supports SAST Scan Support for file filters while zipping the source code. Store the Client-ID/Secret using Jenkins Credentials. Support for using all the available options from the CLI. (Conditions Apply)
| |