Skip to main content

Visual Studio Plugin Change Log

The following table lists the features and changes implemented for the plugin with the relevant version release. To obtain the plugin, go to the plugin download section.

Version

Change / Feature

Additional Description

9.00.27

December 2023

  • Fixed an issue that caused a project to be unbound anytime you right-click different project scopes.

  • Fixed an issue that caused zip files to fail to upload due to the source folder hierarchy using the VS plugin.

  • Fixed an issue where Not Exploitable fails to load in a result state option even if the user has permission.

  • Fixed an issue where the vulnerability short description failed to load when the language was not English and displayed a message if the vulnerability description was unavailable in the same language.

  • Fixed an issue that displays the wrong vulnerability short description when using a language other than English in SAST.

  • Fixed a UI issue on the project bind list search box and close icon on Windows 10.

  • Added support to disable or enable server-side certification validation in the CxVSPlugin.conf file.

  • Fixed an issue for public projects where you could not create a public scan within the same project if the first scan is private.

  • Supported SAST Versions 9.4, 9.5, 9.6

  • OSA Support: N/A

  • SCA Support: N/A

  • Supported Operating Systems: Windows (not Windows Server)

  • Supported Tool Versions: Visual Studio 2019, Visual Studio 2022 (17.0 +)

9.00.22

  • Supports Visual Studio 2022 LTSC version 17.4.6.

  • Supports Visual Studio 2019 version 16.11.25.

  • The plugin now supports the SAST feature, which mandates the user to comment when changing the result state in SAST.

  • Fixed an issue where the window for Show Vulnerability Description opened in the external browser instead of the embedded one.

  • Added validation for Authentication Type username_password to display an error in cases of invalid credentials.

  • Added a filter to search for projects using project names from the list during a bind project operation.

  • Improved the Bind Project screen to now display a default of 100 projects. The number of projects displayed is configurable in the CxVSPlugin.conf file.

  • Updated the CxViewer result page to display a short description and Codebashing link.

  • Updated the Checkmarx logo in the Login, Add/Edit comment, and Query Description screens.

  • Supported SAST Versions: 9.3, 9.4, 9.5

  • OSA Support: N/A

  • SCA Support: N/A

  • Supported Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019, Visual Studio 2022 (17.0 +)

9.00.19

  • Changed the authentication flow for the default authentication type set to ‘access_control'. This change enables the use of the CxSAST local/AD/LDAP credentials as well as SAML for authentication.

  • Improved diagnostic log messages

  • Added the missing web resources that rendered the results viewer of the plugin unusable.

  • In the case of Visual Studio 2022, the plugin can now be installed even on its based version 17.0. Version 17.1.0 is no longer a minimum requirement.

  • The Plugin menu now appears even if the source code is opened as a website instead of opening it with the solution file.

  • The Plugin menu now appears for File & Folder as well.

  • Fixed an issue that caused binds to fail if Visual Studio is switched to another solution.

  • Fixed an issue that caused menu items like scan, incremental scan, etc., to be available only after a successful bind.

  • Upgraded the libraries below

    • Log4jnet from 1.2.10 to 2.0.14

    • Newtonsoft.json from 9.0.1 to 13.0.1

Notice

  • If a version lower than 9.00.10 is installed, it is recommended to uninstall it after installing the new version. Otherwise, both versions are shown under 'Manage Extensions'. This happens because the unique identifier of the plugin has changed and works differently for Visual Studio 2022 and 2019.

  • If the CxSAST Server is SSL enabled, install the certificate chain of the CxSAST Server in the ‘Trusted Root Certificates’ folder of the Windows Certificate store.

  • The login window may become unresponsive if a user attempts to log in after manually closing the login window. In this case, restart Visual Studio manually.

  • Supported SAST Versions: 9.3, 9.4, 9.5

  • OSA Support: N/A

  • SCA Support: N/A

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019 and Visual Studio 2022 (version 17.0 or higher). The installation for both versions of Visual Studio is available in a zip archive called CxViewerVSIX-9.00.19.zip.

9.00.10

  • Added Visual Studio 2022 support for CxViewerPlugin

  • The following issues have been fixed as follows:

    • The transparent login page on the VM does not appear anymore.

    • The grey screen no longer loads when authenticating with a CxSAST 9.2 server.

    • The redirect URL was invalid when accessing a TLS enabled in CxSAST.

Notice

Plugin versions lower than 9.00.10 must be uninstalled after upgrading to version 9.00.10 or higher. Otherwise, both versions are listed under Manage Extensions.

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: N/A

  • SCA Support: N/A

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019 and Visual Studio 2022 (version 17.1.0 or higher). The installation for both versions of Visual Studio is available in a zip archive called CxViewerVSIX-9.00.10.zip.

9.00.9

  • Fixed an issue that prevented authentication via Microsoft-based browsers.

  • Added support for authentication based on SAML 2.0.

Notice

Versions lower than 9.00.9 must be uninstalled after upgrading to 9.00.9 or higher. Otherwise, both versions are listed under Manage Extensions.

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: N/A

  • SCA Support: N/A

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019

9.00.8

  • Added support for individual login (user name & password). This login mode can be enabled from <My Documents>/Visual Studio 2019\Settings\CxVSPlugin.conf.

    The CxSAST Server must be updated with the QuickFix patch.

  • Fixed an issue related to token expiration. The token is renewed based on the refresh token.

  • Supported SAST Versions: 9.0, 9.2, 9.3, 9.4

  • OSA Support: N/A

  • SCA Support: N/A

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019

9.00.2

  • Support Visual Studio 2019

  • Fixing the scan engine to distinguish upper and lower case in file names

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: N/A

  • SCA Support: N/A

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019

8.90.3

  • Support for complex solutions to avoid cutting off long file names

  • Certified SAST Versions: 8.9

  • OSA Support: N/A

  • SCA Support: N/A

  • Supported Tool Version: Visual Studio 2017 - Enterprise Edition, Visual Studio 2019 - Enterprise Edition, Visual Studio 2019 - Community Edition

  • Supported Java Version: N/A

  • Supported Operating System: Windows (but not Windows Server)

8.90.1

  • Scan engine fixed to distinguish upper and lower case in file names.

  • Certified SAST Versions: 8.9

  • OSA Support: N/A

  • Supported Tool Version: Visual Studio 2019

8.90.0

  • Support Visual Studio 2019

  • Certified SAST Versions: 8.9

  • OSA Support: N/A

In this section: