change log

Code Dx 5.4.0

Code Dx 5.4.0 5/5/2021

Additions

  • Added ability for users to create personal access tokens for API usage
  • Added Secure Code Warrior integration on the finding details page
  • Enterprise Added support for dataflow in custom XML input and XML reports
  • Enterprise Added issue tracker support for GitLab

Changes

  • Made further performance enhancement for the findings page and related functionality
  • Enterprise Made change to show specified tool name for custom XML inputs

Tools

  • Enterprise Added tool connector support for WhiteSource
  • Enterprise Made a fix for an issue causing authentication issues with Contrast tool connector
  • Enterprise Fixed bug causing SonarQube reopened status to not be recognized by Code Dx
  • Enterprise Updated NowSecure tool connector to support new data fields
  • Enterprise Updated Aqua tool connector to ingest layer information

Plugins

  • Added a plugin for importing Code Dx finding data into Splunk

Code Dx 5.3.5

Code Dx 5.3.5 4/27/2021

Tools

  • Enterprise Fixed a bug causing NowSecure tool connector to fail when regulatory URLs are missing
  • Enterprise Fixed a bug causing JFrog tool connector configuration to fail with certain JFrog installations

Code Dx 5.3.3

Code Dx 5.3.3 4/13/2021

Changes

  • Enterprise Made changes to allow Jira issue status transitions that contain required fields that are already populated or have a mapping

Fixes

  • Enterprise Fixed minor container image name display bug

Tools

  • Enterprise Added missing auto-update setting for Aqua tool connector
  • Enterprise Added JWT auth option for Aqua tool connector

Code Dx 5.3.2

Code Dx 5.3.2 4/8/2021

Tools

  • Enterprise Updated ASoC tool reader to classify inputs based on scan type
  • Enterprise+InfraSec Updated QualysVM tool reader to reflect new CVSS score formatting

Code Dx 5.3.1

Code Dx 5.3.1 4/2/2021

Additions

  • Enterprise Added support for cloud infrastructure security scanning
  • Enterprise Added support for cascading Jira select fields
  • Enterprise+ML Added ability to exclude projects from machine learning training

Changes

  • Updated analysis info API endpoints to provide more details

Fixes

  • Enterprise Fixed a bug causing tool connector URL validation to fail in some circumstances
  • Enterprise Fixed a bug causing HTTP variant header data to not be treated as possible when using custom XML input format
  • Enterprise+ML Fixed an issue causing Machine Learning to fail on certain versions of Windows
  • Enterprise+ML Fixed a minor rendering issue for the details page when viewed with IDE plugins

Tools

  • Enterprise Added tool reader support for Prisma Cloud
  • Enterprise Added tool reader support for Prisma Cloud Compute
  • Enterprise Made improvements to JFrog vulnerable component identity ingestion

Code Dx 5.3.0

Code Dx 5.3.0 3/16/2021

Additions

  • Added support for container security scanning
  • Added cross-project findings page and reporting
  • Added ability to edit and delete comments on finding details page

Changes

  • Improved performance of the findings page
  • Enterprise+ML Improved performance for machine learning training and prediction

Tools

  • Enterprise Added tool connector support for Aqua CSP
  • Enterprise Added tool connector support for Tenable.io
  • Enterprise Added tool connector support for the Snyk Container, Snyk License Compliance Management, and Snyk Open Source
  • Enterprise Added tool reader support for Anchore
  • Fixed a bug causing the ESLint reader to fail on optional fields when set to null

Code Dx 5.2.16

Code Dx 5.2.16 3/2/2021

Tools

  • Enterprise Fix bug causing SonarQube tool connector to fail with newer versions of SonarQube

Code Dx 5.2.15

Code Dx 5.2.15 2/24/2021

Tools

  • Enterprise Improved link-back generation for Fortify
  • Enterprise Fixed a bug related to concurrent requests causing a race condition with Fortify
  • Enterprise Fixed a bug causing Fortify SSC tool connector to not select latest version when configured

Code Dx 5.2.14

Code Dx 5.2.14 2/16/2021

Fixes

  • Enterprise Fixed an issue causing Jira creation to fail for single-line fields expressions containing newlines
  • Enterprise Fixed an issue causing Jira field mappings for multi-select fields to not map correctly
  • Enterprise Fixed an issue causing duplicate issue tracker synchronization jobs to needlessly queue up

Tools

  • Enterprise Improved CVSS v2 and v3 reporting for Black Duck