Eclipse Plugin - Changelog

Fixed problem installing the plugin on newer versions of Eclipse.

Fixed issue that changes made to vulnerability state weren't being shown on the correct vulnerabilities.

Added Podfile and Podfile.lock to the list of included files (when creating the zip archive for scanning).

Updated libraries in order to remediate security issues.

Updated for CLI version that uses GO version 1.21.1, in order to remediate a vulnerability.

You can now initiate scans directly from your eclipse IDE. This empowers developers to identify vulnerabilities and remediate them as they code.

You can run a new scan on an existing Checkmarx project by simply clicking on the "play" button in the Checkmarx panel. A Checkmarx scan runs on the files in your current workspace.

A sanity check is run to verify that the project and branch in your workspace match the project and branch that were scanned for this project. If a mismatch is detected, then a warning message is shown.

In the SAST results viewer, we added new tabs with additional info about each vulnerability.

We now create nightly pre-release versions of this extension whenever we merge new code. The pre-release version can be installed from Marketplace.

Disabled triaging for SCA risks, because it hadn't been functioning properly.

Fixed issues with invalid thread access.

Added support for eclipse version 2019-03 (4.11) and above.

All references to "AST" (other than the name of the plugin) have been changed to use the new product name "Checkmarx One".

Fixed tooltip for Additional parameters so that the link points to new documentation portal.

We have simplified the integration procedure for IDE plugins. It is no longer required to enter the Base URL or Tenant Name of your Checkmarx One account. Now, you just enter your API Key, and we extract all of the relevant account info from that Key.

In the Checkmarx AST settings, there is now a field for adding additional params. This can be used to manually submit the base url and tenant name (in case there is a problem extracting them from the API Key) or to add global params such as --debug or --proxy. To learn more about CLI params, see Global Flags.

The filter setting were changed so that by default Not Exploitable and Proposed Not Exploitable vulnerabilities are filtered out of the display.

Added links to the relevant Codebashing lessons.

Automatically shows results for the latest scan of the project and branch that is currently open in the IDE.

Fixed problems loading result details when user clicks on several nodes in the tree structure in quick succession.

Added ability to filter results by vulnerability state.

Added license content for license approval during installation.

Improved the Attack Vector design

Minor bug fixes

Added ability to triage results directly from the IDE console

Added a brief description for SAST vulnerabilities

Updated UI elements to reflect the new Checkmarx branding (e.g., logo)

Import Checkmarx One scan results into your IDE

Show results from all scan types (CxSAST, CxSCA, and KICS)

Group results by severity or query name

Navigate from results directly to the vulnerable code in the editor

Vulnerable code is highlighted in the editor