Skip to main content

Releases of July 2022

New features and improvements

Status

Description

Release of July 24

NEW

This release introduces the ability to import on-premise SCMs.

NEW

If a pull request scan fails, the pull request is now marked as failed and a link to the failed scan is displayed.

NEW

The summary HTML message in CLI for incomplete or partial scans has been adjusted to provide the scan status and a link for more details.

NEW

Added support in VS Code for real-time feedback from KICS.

NEW

Added support for ADO updates in SCM Integrations.

NEW

Feedback Apps can now be created and used for non-SCM imported projects created and scanned from plugins or scans in the Checkmarx One platform through ZIP files.

NEW

Imported SCM projects now allow monitoring for new repositories created in the organization.

NEW

Users can now access on-premise GitLab self-hosted SCM installations.

NEW

The name change of AST projects imported from SCM is now disabled.

NEW

Added support in CLI to use Docker for real-time feedback from KICS.

NEW

The SAST Preset Name drop-down menu has been adjusted to be ordered alphabetically.

NEW

Added AppSec Knowledge Center MVP.

NEW

Added scan ID to the AST and SAST Scan Details page.

NEW

KeyCloak API is now exposed via Swagger so users and the CLI can retrieve the users and roles.

NEW

API Security updates are now available in CLI.

NEW

Added SSH support for SCM integrations.

NEW

Actionable results of a scan during a pull or merge request using GitHub Actions or GitLab CI are now shown in a request comment.

NEW

Added the ability to download project reports from the Projects table.

NEW

Created a new SCA details page in the IDE.

FIXED

Fixed an issue that resulted in the Jenkins plugin logging the client secret in clear text.

CLI and Plugins Release of July 2022

During July, we released new versions of the CLI, containing important updates and improvements. We also released new plugin versions, containing additional improvements.

New CLI Versions

Version 2.0.22

New Features
  • Added a new utils command, learn-more, for getting additional info about a specific vulnerability. Submit this command with a query-id (obtained from scan results) indicating the vulnerability for which you want additional info. See learn-more

    ./cx utils learn-more --query-id <query-id> --format [json|table|list(default)]
  • Added a new utils command, remediation sca, for automatically replacing a vulnerable package version with a non-vulnerable version. Add arguments specifying the precise package that you would like to remediate. See sca

    ./cx utils remediation sca --package-file <PACKAGE-FILE-PATH> --package <PACKAGE-NAME> --package-version <PACKAGE-VERSION>
  • Added a new utils command, remediation kics, for automatically remediating KICS vulnerabilities. You can remediate all vulnerabilities, or you can submit identifying details about the specific vulnerabilities that you would like to remediate. See kics

    ./cx utils remediation kics --results-file <PATH-TO-RESULTS> --kics-files <ABSOLUTE-PATH-TO-FILES>

    Caution

    This feature is currently supported only for Terraform projects.

  • Added a new scan create command, kics-platforms, to specify which platforms to run the kics scan on. See Flags

    ./cx scan create --project-name <Project Name> -s <Repository URL> --branch <branch name> --kics-platforms <platform>

Version 2.0.21

Improvements and Bug Fixes

Status

Item

Description

UPDATED

Retry default

The default value for the interval before retry was increased to 20 sec.

FIXED

Scan reports

A scan report is now generated when a scan fails because of a threshold.

FIXED

Summary URL

The branch name in the summary URL is now encoded to enable opening the URL directly without causing any issues.

FIXED

KICS return codes

Check different returns codes for KICS scans.

CI/CD Plugins

In July we released the following CI/CD plugin versions.

  • Azure DevOps Plugin - 2.0.12 (uses CLI 2.0.21)

  • Github Action -  2.0.7 (uses CLI 2.0.20)

  • TeamCity Plugin - 2.0.11 (uses CLI 2.0.21)

General Improvements and Bug Fixes

Status

Item

Platform

Description

FIXED

Results

Azure DevOps

Fixed issue caused by trying to generate results when no scan had run successfully.

IDE Plugins

In July we released the following IDE plugin versions:

  • Visual Studio Code - 2.0.7 (uses CLI 2.0.21)

  • Visual Studio - 2.0.7 (uses CLI 2.0.21)

General Improvements and Bug Fixes

Status

Item

Platform

Description

UPDATED

Signed VSIX

Visual Studio

The installation VSIX file is now signed with a code signing license.

FIXED

Needed Git enabled

VS Code

Fixed the issue that the extension wasn’t working if Git wasn’t enabled in VS Code.

FIXED

Attack Vector

Visual Studio, VS Code

Clicking on a node in the Attack Vector now takes you to the relevant code in the editor window (as expected).