Skip to main content

JetBrains Plugin - Changelog

The following table lists of improvements and bug fixes have been implemented for the JetBrains plugin with the relevant version release.

Plugin Version

Release Date

CLI Version


Bug Fixes


Jun 2, 2023


  • We now create nightly pre-release versions of this extension whenever we merge new code. Users have the option to update automatically to the latest pre-release version or to update only when a new release version is published. To learn how to install pre-release versions, see Automatic Updates - Releases Versions and Pre-Release Versions.


Apr 21, 2023


  • Updated dependencies


Apr 12, 2023


  • All references to AST (other than the name of the plugin) have been changed to use the new product name "Checkmarx One".

  • Fixed tooltip for Additional parameters so that link points to new documentation portal.


Dec 13, 2022


  • Fixed issue that SCA Additional Knowledge link had been causing errors when no link was available.


Nov 22, 2022


General improvements and bug fixes


Nov 14, 2022


  • The "Code samples" tab was renamed "Remediation Examples".


Oct 25, 2022


  • You can now initiate scans directly from your IDE. This empowers developers to identify vulnerabilities and remediate them as they code. This feature is currently supported for VS Code and JetBrains. This feature needs to be enabled for your organization's account by a Checkmarx admin user under Account Settings.

    You can run a new scan on an existing Checkmarx project by simply clicking on the "play" button in the Checkmarx panel. A Checkmarx scan runs on the files in your current workspace.

  • In the Checkmarx AST settings, there is now a field for adding additional params. This can be used to manually submit the base url and tenant name (in case there is a problem extracting them from the API Key) or to add global params such as --debug or --proxy. To learn more about CLI params, see Checkmarx One CLI Commands.

  • We have simplified the integration procedure for IDE plugins. It is no longer required to enter the Base URL or Tenant Name of your Checkmarx One account. Now, you just enter your API Key, and we extract all of the relevant account info from that Key.


Sep 13, 2022


  • In the SAST results viewer, we added new tabs with additional info about each vulnerability.

    • Learn More - Gives detailed information about the the nature of the risk and its causes, as well as remediation recommendations.

    • Code Samples - Shows a sample of code that is subject to this vulnerability, followed by a remediated version of that code.

  • In the SCA results viewer -

    • Enriched the data that is shown, and improved the display.

    • Added an automatic remediation button that enables users to automatically replace a vulnerable package version with a non-vulnerable version of that package.


      This feature is currently supported only for NPM and only for direct dependencies.


Apr 13, 2022


  • Added option to group results by file name.

  • Fixed issue that retrieving SCA results was causing an error.


Mar 30, 2022

  • Added links to the relevant Codebashing lessons.

  • Added support for JetBrains’ Android Studio IDE.


Mar 7, 2022


  • Automatically selects the latest scan once a project and branch have been selected.

  • Added ability to filter results by vulnerability state.


Jan 28, 2022


  • Added ability to triage results directly from the IDE console

  • Added a brief description for SAST vulnerabilities

  • Updated UI elements to reflect the new Checkmarx branding (e.g., logo)

  • General UI improvements


Nov 3, 2021


  • Updated CLI to version 2.0.4

  • Added buttons in the sidebar of the Checkmarx pane to filter vulnerabilities by severity

  • Fixed issue when opening a JetBrains project that doesn’t have a repository


Sep 24, 2021

  • Import Checkmarx One scan results into your IDE

  • Show results from all scan types (SAST, SCA, and KICS)

  • Group and filter results

  • Navigate from results directly to the vulnerable code in the editor

  • Vulnerable code is highlighted in the editor