Maven Plugin Change Log

Updated the dependencies for use with FSA 21.0.5.

Third-party libraries have been upgraded as listed below:

Supported SAST Versions: 9.2, 9.3, 9.4

OSA Support: Supported

* FSA agent supported version: 21.0.5

SCA Support: Not supported

Supported Java Version: Oracle JDK 8

Proxy Support, e.g., mvn -Dhttp.proxyHost=${proxy_host} -Dhttp.proxyPort=${proxy_port} checkmarx:scan

Proxy Authentication Support, e.g., mvn -Dhttp.proxyHost=${proxy_host} -Dhttp.proxyPort=${proxy_port} -Dhttp.proxyUser=${proxy_username} -Dhttp.proxyPassword=${proxy_password} checkmarx:scan

Added support for maven encryption (username, password).

Updated CxOSA scan support for the following dependency managers: NuGet, Python

Ability to break the build if CxOSA Policy Compliance is violated

Fixed issue that caused CPU spikes

Added support for proxy authentication

Fixed issue for recursive file pattern exclusions

Fixed issue that caused enabling ‘https.’ verification

Fixed issue that truncated team name and caused new projects to be created

Improved multipart requests to CxSAST server

A new parameter (-ExecuteNpmAndBower) has been added to this version of the CxSAST CLI plugin enabling the retrieval of all NPM and Bower dependancies before starting the CxOSA scan.

The parameters ('-OsaReportHtml' & '-OsaReportPDF') have been deprecated and are no longer supported in this version

Support tokenized authentication

Create CxOSA scan by sending SHA1 instead of binaries