Skip to main content

CLI Plugin Change Log

The following table lists the features and changes that have been implemented for the plugin with the relevant version release. To obtain the plugin, go to the plugin download section.

Version

Change / Feature

Additional Information

1.1.14

  • Fixed an issue that caused duplicated headers being sent while re-attempting a scan after token has expired.

  • The following command line options have been introduced for OSA scans:

    • ‘osafailonerror’ to fail the CxOSA scan if any error occurs while performing the scan.

    • ‘osascanjson’ to provide a custom CxOSA dependency “.json” file.

    • ‘osaerrorlogdir’ to provide a location to store CxOSA log files that contain errors indicted in the command line.

    • ‘osafsaconf’ to provide a comma separated list of FSA configurations.

  • The Config-as-code cx.config file supports a new property called “overrideProjectSetting” that decides whether values of property “preset” and “configuration” are replaced in the SAST project settings.

  • The following third-party libraries have been upgraded:

    • Library “io.netty:netty-codec-http” to 4.1.77.Final.

    • Library “io.netty:netty-code” to 4.1.77.Final.

    • Library “net.lingala.zip4j: zip4j” to 2.10.0.

    • Library “org.springframeworkspring-core” to 5.3.20.

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 21.0.5

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.12

  • The following third-party libraries have been upgraded:

    • Library “org.springframework” to 5.3.18

    • Library “netty-codec” to 4.1.75.Final

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 21.0.5

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.11

  • The following third-party libraries have been upgraded:

    • Library “org.springframework” to 5.3.17

    • Library “com.fasterxml.jackson.core” to 2.13.2.

    • Library “netty-codec-http” to 4.1.75.Final

    • Library “org.freemarker” to 2.3.31

    • Library “com.github.junrar” to 7.4.1

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 21.0.5

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.10

  • The following third-party libraries have been upgraded:

    • Library “org.apache.logging.log4j:log4j-core” to 2.17.1.

    • Library “org.apache.logging.log4j:log4j-api” to 2.17.1.

    • Library “org.apache.logging.log4j:log4j-slf4j-impl” to 2.17.1.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.9

  • An option to run a SCA scan via the SCA Resolver has been added.

  • Support for scan level custom fields has been added.

  • The SCA scan timeout functionality enforces the timeout for SCA scans.

For additional information and instructions on running SCA via the SCA Resolver, on using scan level custom fields and on using the SCA timeout, refer to Running Scans from the CLI.

  • The following third-party libraries have been upgraded:

    • Library “io.netty:netty-codec” to 4.1.70.Final.

    • Library “org.apache.logging.log4j:log4j-core” to 2.16.0.

    • Library “org.apache.logging.log4j:log4j-api” to 2.16.0

    • Library “org.apache.logging.log4j:log4j-slf4j-impl” to 2.16.0.

    • Library “commons-codec:commons-codec” to 1.15.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.8

  • Fixed an issue that caused retrieving CxSAST scan results to fail when logging on using a token.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.7

  • Added support for FSA agent version 20.0.13

  • Supported SAST Versions: 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

1.1.5

  • The version numbering has been changed starting with this version (semantic versioning instead of year.quarter.version).

  • An exploitable path/attack vector has been added for CxSCA scans.

  • The ‘CheckPolicy’ option now enforces CxSCA policies to break the build as per policy action.

  • An option to include source code with CxSCA scans has been added.

  • Private registries and environment variables have been added for CxSCA scans.

  • Project creation and team assignment capabilities have been added for CxSCA scans.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported - * FSA agent supported version: 20.0.11

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2021.1.4

  • Upgraded third-party libraries as follows:

    • Library “org.springframework:spring-web“ to version 5.3.5

    • Library “com.fasterxml.jackson.core:jackson-databind“ to version 2.10.5.1

    • Library “org.bouncycastle:bcprov-jdk15on“ to version 1.68

    • Library “io.netty:netty-codec-http“ to version 4.1.58.Final

    • Library “org.mozilla:rhino“ to version 1.7.12

    • Library “net.lingala.zip4j:zip4j“ to version 1.3.3

    • Library “io.vertx:vertx-web“ to version 4.0.2

    • Library “io.netty:netty-handler“ to version 4.1.58.Final

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3

  • OSA Support: Supported - * FSA agent supported version: 20.0.11

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2021.1.1

  • Fixed the CxSAST 8.9 scan issue

  • Fixed the retry mechanism for the SAST/OSA scan status failure

  • Converted zipped files messages from the info to the debug log level

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3

  • OSA Support: Supported - * FSA agent supported version: 20.0.9

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.4.12

  • Fixed the CxSAST project settings override options (relevant for CxSAST 9.3)

  • Added Config as code support

  • Configured Origin via the configuration as code

  • Added NTLM proxy support

  • Added a new command line parameter for include/exclude patterns

  • Upgraded Log4j

  • Fixed the CxSCA OpenId call with proxy and SSL context

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3

  • OSA Support: Supported - * FSA agent supported version: 20.0.9

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.4.4

  • Fixed case sensitive project name for SCA

  • Fixed the Async mode in SCA

  • Exported SCA results to JSON files

  • Printed the SAST and SCA user names as hashed

  • Printed the SAST and SCA passwords and token as masked (stars)

  • Fixed GenerateToken and RevokeToken error messages in the log

  • Fixed the OSA Json reports that were missing the “.json” extension

  • Fixed a password issue in Windows (starts with "-" followed by uppercase)

  • Fixed an issue where scans running in parallel 'hung'

  • Fixed missing default include pattern

  • Fixed the include/exclude parameters to be added instead of overridden

  • Coupled multiple scanners in a way that they run independently. In case one scanner fails, it won’t affect the others

  • Fixed the “help” command. It now indicates the missing parameters

  • Supported SAST Versions: 8.9, 9.0, 9.2

  • OSA Support: Supported - * FSA agent supported version: 20.0.8

  • SCA Support: Supported

  • Operating Systems: Windows, Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.3.1

  • Prevents source code from being sent to the SCA cloud

  • Sending Manifest and Fingerprints to the SCA cloud only

  • Supported SAST Versions: 8.9, 9.0, 9.2

  • OSA Support: Supported - * FSA agent supported version: 20.0.5

  • SCA Support: Supported

  • Operating Systems: Windows

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.2.18

  • Excluding Git support

  • Fix for the Post scan override

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 20.0.5

  • SCA Support: Supported

  • Operating Systems: Windows

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.2.11

  • Added support for new CxSCA APIs

  • The ScaTenant CLI flag has been renamed to ScaAccount

  • Enabled creating projects without adding the "\" prefix when performing scans performing scans for SCA only

  • The SCA Scan ID is displayed in the log

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 20.0.5

  • SCA Support: Supported

  • Operating Systems: Windows

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.2.3

  • Fix for the GIT SSH private key

  • Fix for the overriding preset and configuration using GIT

  • Fix for the overriding preset and configuration using Shared Folder

  • Fix for the password print in the log

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported

  • SCA Support: Supported

  • Operating Systems: Windows (not Windows Server)

  • Supported Tool Version: Visual Studio 2019

2020.1.12

  • Fix for configuration parameter

  • Scans are set to be public by default

  • Fix for SSO in CxSAST 8.9

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 20.0.3

  • SCA Support: Supported

  • Operating Systems: Windows

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2020.1.10

  • Support SCA

  • Support OSA for PHP language

  • Correcting an issue that prevented the ForceScan flag to perform as expected.

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 20.0.3

  • Operating Systems: Windows

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2019.4.10

  • Support SCA

  • Support OSA for Scala language

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 20.0.0

  • Operating Systems: Windows and Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2019.4.4

  • Command line script fix

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 18.7.2.4

  • Operating Systems: Windows and Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

2019.4.2

  • OpenJDK 11 support

  • Fix for extension exclusion patterns

  • Fix for resolving team path and project name

  • Fix for login failures in some patterns of passwords

  • Ability to CxOSA Scan Docker images for binary vulnerabilities

  • Ability to break the build according to both CxSAST & CxOSA policy status

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported - * FSA agent supported version: 18.7.2.4

  • Operating Systems: Windows and Linux

  • Supported Java version: OpenJDK 11, Oracle JDK 8

8.90.0

  • Updated CxOSA scan support for the following dependency managers: NuGet, Python

  • Ability to break the build if CxOSA Policy Compliance is violated

    • New command line parameter in the CLI (-CheckPolicy)

    • New Exit code number (18) in case the policy is violated

  • Fixed issue that caused CPU spikes

  • Added support for proxy authentication

  • Fixed issue for recursive file pattern exclusions

  • Fixed issue that caused enabling ‘https.’ verification

  • Fixed issue that truncated team name and caused new projects to be created

  • Improved multipart requests to CxSAST server

8.70.0

  • A new parameter (-ExecuteNpmAndBower) has been added to this version of the CxSAST CLI plugin enabling the retrieval of all NPM and Bower dependancies before starting the CxOSA scan.

  • The parameters ('-OsaReportHtml' & '-OsaReportPDF') have been deprecated and are no longer supported in this version

8.60.0

  • Support tokenized authentication

  • Create CxOSA scan by sending SHA1 instead of binaries