Application Updates

Code Dx 5.1.2

Code Dx 5.1.2 8/24/2020

Fixes

  • Enterprise Fixed a display issue causing the Trace Execution view to not use all available horizontal space
  • Enterprise+Orchestration Fixed a potential stack overflow and crash when waiting for tool service during analysis

Tools

  • Corrected an issue causing SpotBugs to miss results on some inputs from newer versions of Java

Code Dx 5.1.1

Code Dx 5.1.1 8/7/2020

Fixes

  • Reduced log noise related to Tool Orchestration, even if not enabled
  • Fixed a bug causing code metrics update during analysis to fail under certain circumstances
  • Enterprise Fixed a potential bug that would cause LDAP users to be automatically removed from Code Dx user groups
  • Enterprise Updated a usage of a deprecated Jira user search parameter
  • Enterprise Fixed a bug causing the "% Coverage" column on the instrumentation page to show 0
  • Enterprise Fixed a bug causing duplicate work item fields when configuring Azure DevOps issue tracker integration

Tools

  • Updated bundled PHPMD to version 2.8.2
  • Updated bundled Checkstyle to version 8.32
  • Added data flow ingestion to Cppcheck
  • Updated bundled SpotBugs to version 4.0.3 and bundled FindSecBugs plugin to version 1.10.1
  • Enabled HTML checks for bundled JSHint
  • Updated bundled ESLint to version 7.4.0
  • Enterprise Added DTP Engine recognition for Parasoft SATE integration

Code Dx 5.1.0

Code Dx 5.1.0 7/16/2020

Additions

  • Added tracking for last user login on admin page
  • Added navigation tabs to findings pages to toggle between project-centric pages
  • Enterprise Added support for selecting date range on dashboard
  • Enterprise Added support for ServiceNow issue tracker
  • Enterprise+ML Added machine learning functionality to assist with prioritizing and triaging findings

Changes

  • Enterprise Updated DISA STIG 4 standard to 4.10
  • Enterprise Improved error reporting display for LDAP groups

Fixes

  • Fixed a bug causing the project header to jitter on page load

Tools

  • Changed PHP_CodeSniffer wrapper to ignore JS and CSS by default
  • Enterprise Add tool connector support for Checkmarx IAST

Code Dx 5.0.8

Code Dx 5.0.8 6/29/2020

Fixes

  • Enterprise+Orchestration Fixed bug causing different finding counts when running Cppcheck on cluster

Changes

  • Enterprise Updated custom XML input to support finding element

Tools

  • Enterprise sqlmap fork created to export results in Code Dx XML format

Code Dx 5.0.7

Code Dx 5.0.7 6/17/2020

Tools

  • Enterprise Updated Protecode reader to properly parse latest component version

Code Dx 5.0.5

Code Dx 5.0.5 6/9/2020

Fixes

  • Enterprise Fixed a bug causing incorrect finding density on the dashboard

Code Dx 5.0.4

Code Dx 5.0.4 6/1/2020

Tools

  • Updated Dependency-Check integration to handle dependencies nested in archives

Plugins

  • Updated Jenkins plugin with pipeline build support

Code Dx 5.0.3

Code Dx 5.0.3 5/7/2020

Additions

  • Added logic to show a message on the analysis page when user uploads a source or binary file directly

Fixes

  • Enterprise Fixed a dashboard error causing non-triage events to erroneously affect the Created/Resolved counts
  • Enterprise Fixed an issue with LDAP preventing display names from being resolved when the assigned attribute has multiple values

Changes

  • Updated CWE to version 4.0
  • Updated standards list based on CWE update:

    • Added CISQ Quality Measures (2016)
    • Added CWE Architectural Concepts view
    • Added CWE Hardware Design view
    • Updated CERT C Secure Coding Standards
    • Updated CERT Java Secure Coding Standards
    • Updated CWE Top 25 Most Dangerous Software Errors (2019)