Application Updates

Code Dx 5.3.1

Code Dx 5.3.1 4/2/2021

Additions

  • Enterprise Added support for cloud infrastructure security scanning
  • Enterprise Added support for cascading Jira select fields
  • Enterprise+ML Added ability to exclude projects from machine learning training

Changes

  • Updated analysis info API endpoints to provide more details

Fixes

  • Enterprise Fixed a bug causing tool connector URL validation to fail in some circumstances
  • Enterprise Fixed a bug causing HTTP variant header data to not be treated as possible when using custom XML input format
  • Enterprise+ML Fixed an issue causing Machine Learning to fail on certain versions of Windows
  • Enterprise+ML Fixed a minor rendering issue for the details page when viewed with IDE plugins

Tools

  • Enterprise Added tool reader support for Prisma Cloud
  • Enterprise Added tool reader support for Prisma Cloud Compute
  • Enterprise Made improvements to JFrog vulnerable component identity ingestion

Code Dx 5.3.0

Code Dx 5.3.0 3/16/2021

Additions

  • Added support for container security scanning
  • Added cross-project findings page and reporting
  • Added ability to edit and delete comments on finding details page

Changes

  • Improved performance of the findings page
  • Enterprise+ML Improved performance for machine learning training and prediction

Tools

  • Enterprise Added tool connector support for Aqua CSP
  • Enterprise Added tool connector support for Tenable.io
  • Enterprise Added tool connector support for the Snyk Container, Snyk License Compliance Management, and Snyk Open Source
  • Enterprise Added tool reader support for Anchore
  • Fixed a bug causing the ESLint reader to fail on optional fields when set to null

Code Dx 5.2.16

Code Dx 5.2.16 3/2/2021

Tools

  • Enterprise Fix bug causing SonarQube tool connector to fail with newer versions of SonarQube

Code Dx 5.2.15

Code Dx 5.2.15 2/24/2021

Tools

  • Enterprise Improved link-back generation for Fortify
  • Enterprise Fixed a bug related to concurrent requests causing a race condition with Fortify
  • Enterprise Fixed a bug causing Fortify SSC tool connector to not select latest version when configured

Code Dx 5.2.14

Code Dx 5.2.14 2/16/2021

Fixes

  • Enterprise Fixed an issue causing Jira creation to fail for single-line fields expressions containing newlines
  • Enterprise Fixed an issue causing Jira field mappings for multi-select fields to not map correctly
  • Enterprise Fixed an issue causing duplicate issue tracker synchronization jobs to needlessly queue up

Tools

  • Enterprise Improved CVSS v2 and v3 reporting for Black Duck

Code Dx 5.2.13

Code Dx 5.2.13 1/28/2021

Fixes

  • Fixed a bug that may cause project finding recorrelation to fail
  • Fixed a bug causing analysis inputs to not show in ‘Show Inputs’ if they are missing on disk

Tools

  • Enterprise Added tool connector support for Dependency-Track

Code Dx 5.2.12

Code Dx 5.2.12 1/18/2021

Release Notes

The Dependency-Check update contained in this release requires installation of .NET Core 3.1 if used to scan .NET components.

Tools

  • Enterprise Added tool connector support for JFrog
  • Enterprise Added custom field support for Black Duck
  • Enterprise Added tool connector support for Burp Enterprise
  • Updated bundled ESLint to version 7.15.0
  • Updated bundled Dependency-Check to version 6.0.3

Code Dx 5.2.11

Code Dx 5.2.11 1/13/2021

Additions

  • Enterprise Added aggregation helpers for use with issue tracker expressions

Changes

  • Enterprise Made a tweak to allow for decimals in issue tracker number fields

Fixes

  • Fixed a bug causing occasional duplicate key errors in the Code Dx log after a failed analysis
  • Enterprise Reconciled some differences in issue tracker expression handling between manual and automatic creation/sync
  • Enterprise Fixed a bug causing timestamps for comments from tools to not display on activity stream

Tools

  • Enterprise Fixed a timezone issue with comment timestamps from ASoC
  • Enterprise Fixed an issue causing AppScan Enterprise tool connector to fail when some optional variant data wasn’t present

Code Dx 5.2.10

Code Dx 5.2.10 12/15/2020

Additions

  • Added wildcard functionality to CVE search

Tools

  • Enterprise Fixed issue causing concurrent AppScan Enterprise tool connector runs to fail
  • Updated bundled PHP runtime to address issues with PHP tools failing to run on certain Linux distributions

Code Dx 5.2.9

Code Dx 5.2.9 12/1/2020

Fixes

  • Enterprise Fixed a bug causing all findings on a project to be incorrectly associated with an issue tracker issue when attempting to associate one finding on its details page