Eclipse Plugin - Changelog

We have simplified the integration procedure for IDE plugins. It is no longer required to enter the Base URL or Tenant Name of your Checkmarx One account. Now, you just enter your API Key, and we extract all of the relevant account info from that Key.

In the Checkmarx AST settings, there is now a field for adding additional params. This can be used to manually submit the base url and tenant name (in case there is a problem extracting them from the API Key) or to add global params such as --debug or --proxy. To learn more about CLI params, see Global Flags.

The filter setting were changed so that by default Not Exploitable and Proposed Not Exploitable vulnerabilities are filtered out of the display.

Added links to the relevant Codebashing lessons.

Automatically shows results for the latest scan of the project and branch that is currently open in the IDE.

Fixed problems loading result details when user clicks on several nodes in the tree structure in quick succession.

Added ability to filter results by vulnerability state.

Added license content for license approval during installation.

Improved the Attack Vector design

Minor bug fixes

Added ability to triage results directly from the IDE console

Added a brief description for SAST vulnerabilities

Updated UI elements to reflect the new Checkmarx branding (e.g., logo)

Import Checkmarx One scan results into your IDE

Show results from all scan types (CxSAST, CxSCA, and KICS)

Group results by severity or query name

Navigate from results directly to the vulnerable code in the editor

Vulnerable code is highlighted in the editor