Releases: checkmarx-ltd/VSTS-Plugin
Release_2024.4.4
• Fixed an issue where the plugin not displaying full results in CxSCA Report if Medium\ Low Vulnerability count is zero.
• Fixed an issue where SAST user locality is other than English then reports are displaying dates as NaN.
• Added support to download ScaResolver without sudo command.
• Added Log Level for Info logs.
• Added support to show vulnerability results in SAST report without NE vulnerabilities.
• Added plugin name and its version in user agent header which will display in SAST IIS logs or AWS ELB logs.
• Fixed an issue to auto download ScaResolver on Linux and MacOs agent machine if pathToScaResolver not provided.
• Added support to use azure variable for sensitive data like Username or password that needs to use in SCA Resolver Additional Parameter.
• Fixed an issue that if teams parameter contains space, then getting error message.
• Fixed 6 Critical and 7 High SCA vulnerabilities.
Release_2024.2.5
• Added support for branching project in SAST.
• Added support for SAST critical severity (for above SAST 9.6 version)
• Added support for SCA critical severity.
• Fixed an issue where the plugin not using proxy while downloading SCA Resolver.
• Removed checkbox Enable exploitable path from Plugin UI.
• Added in detailed description in Preset and Team information icon related to Service Connection.
• Introduced the Waiting Time Before Retry Scan parameter for SAST scans. It is waiting time before retrying SAST scan in seconds.
• Introduced the Waiting Time Before Retry SCA Scan parameter for SCA scans. It is waiting time before retrying SCA scan in seconds.
Release_2023.3.3
- Introduced the new parameter SCA Resolver Path (in pipeline YAML and UI) for SCA scans to mention SCA Resolver path available in pipeline infrastructure to avoid download of SCA Resolver tool.
- If SCA Resolver Path parameter (using YAML and UI) value is empty or the SCA Resolver tool is not present at specified path, then it will automatically download and install the SCA Resolver tool when the pipeline is designed to use it. The tool downloads by default at user’s home directory.
- Fixed an issue about existing project level custom fields values getting reset while updating value of an existing custom field using ADO pipeline.
- Fixed an issue that plugin fails to use proxy URL with username and password for the SCA scan.
Release_2023.2.5
• Introduced scan Timeout parameter for CxSCA scan. Plugin will return with timeout error when scan takes more time than the timeout set.
• Added fix for cancellation of CxSAST scan from server when SAST scan timeout limit is exceeded, and scan failed in the plugin.
• Enhanced and corrected the logs for Incremental and Vulnerability threshold.
• Plugin will ignore invalid post scan action ID and continue the execution.
• Fixed issue that plugin execution was interrupted if the CxSAST swagger endpoint is not accessible.
• Plugin will honour respective proxy settings as configured using plugin parameter supported for CxSAST and CxSCA scan settings.
• Added support to automatically download and install the SCA Resolver tool when pipeline is designed to use Sca Resolver Tool. Tool will be downloaded in user’s home directory.
• Added support for Project and Scan level custom tags for CxSCA.
• Added support for configuring additional patterns to identify Manifest files that will be added to the ZIP file created for the CxSCA scan.
• Added support for configuring additional patterns to identify files for which Fingerprint need to be passed to CxSCA service.
Release_2022.4.1
- Added change for preset field is configured in such a way that if Project Default value is selected then existing scan preset value will be being used from SAST server. If project is new, it always takes Checkmarx Default preset value.
• Fixed an issue SCA proxy setting not applying on AWS upload request and SSL verification enable for CURL when proxy can fail them.
• Fixed an issue can’t disable proxy for one type when both (SAST,SCA) are enabled .
• Fixed an issue pipeline fails when duplicate project scan is in queue if avoid duplicate scan is enabled.
• Fixed an if CxOriginUrl contains Chinese character, scan failed with error “Scan cannot be completed. The header content contains invalid character.”
• Added logs for SCA resolver command execution.
• If exploitable path is set in SCA resolver additional parameters, then it creates .cxsca-results.json and .cxsca-sast-results.json files and it is zipped and uploaded so that exploitable path will reflect on SCA portal. - New Checkmarx Logo
Release_2022.1.16
Added change for preset field is configured in such a way that if Project Default value is selected then existing scan preset value will be being used from SAST server. If project is new, it always takes Checkmarx Default preset value.
• Fixed an issue SCA proxy setting not applying on AWS upload request and SSL verification enable for CURL when proxy can fail them.
• Fixed an issue can’t disable proxy for one type when both (SAST,SCA) are enabled .
• Fixed an issue pipeline fails when duplicate project scan is in queue if avoid duplicate scan is enabled.
• Fixed an if CxOriginUrl contains Chinese character, scan failed with error “Scan cannot be completed. The header content contains invalid character.”
• Added logs for SCA resolver command execution.
- • If exploitable path is set in SCA resolver additional parameters, then it creates .cxsca-results.json and .cxsca-sast-results.json files and it is zipped and uploaded so that exploitable path will reflect on SCA portal.
Release_2022.1.15
• Added support for separate CxSAST and CxSCA proxy URL
• Enables users to download CxSAST scan results PDF report
• Enables users to add CxSAST Project Custom Fields.
• Enables users to override project settings like preset, engine configuration Id for SAST version 9.3+
• Added presets "OWASP TOP 10 - 2021" and "OWASP TOP 10 API"
• Added support for failing the build for new vulnerabilities
• Upgraded the plugin to support NodeJS version 10
Release_2022.1.1
Added SCA Resolver Support
Fix the issue where Polling during waitForScanResult does not stop even when SAST returned Internal Server Error
Release_2021.4.4
This release has fix for regression found in Release_2021.4.2
Release_2021.4.2
This release contains
• Support for Avoid duplicate scan
• Support for scan level custom fields (for SAST 9.4)
• Support to select Source Configuration
• Support for Post Scan Action selection (for SAST 9.3 and above)
• Updated SAST Service endpoint point connection to enter preset and team to override which is given in pipeline
• Updated SCA Service endpoint connection to enter Access Control URL, Web App URL and Account
• Renamed SAST and SCA Service endpoint connection to Checkmarx SAST and Checkmarx SCA
• Support to define full scan after every X incremental scans