change log

Code Dx 5.4.3

Code Dx 5.4.3 6/7/2021

Fixes

  • Enterprise Fixed a bug that caused the NowSecure Connector to sometimes fail

Code Dx 5.4.2

Code Dx 5.4.2 6/2/2021

Changes

  • Enterprise Added access token authentication option for Jira integration

Tools

  • Enterprise Added ability to search by AppDetective Pro CheckResultStatus field

Code Dx 5.4.1

Code Dx 5.4.1 5/20/2021

Changes

  • Made improvements to reduce memory usage of Code Dx over time
  • Enterprise Made improvements to encoding detection for tool output files
  • Enterprise Made improvements to HTML handling with issue tracker field templates

Fixes

  • Fixed a bug causing missing files from Git repositories containing invalid symbolic links

Tools

  • Enterprise Updated JFrog tool connector configuration modal
  • Enterprise Tweaked Nessus integration to treat compliance and standard scans separately
  • Enterprise Improved location reporting for ASoC Java results
  • Enterprise Fixed a bug causing authentication to fail for AppScan Enterprise tool connector

Code Dx 5.4.0

Code Dx 5.4.0 5/5/2021

Additions

  • Added ability for users to create personal access tokens for API usage
  • Added Secure Code Warrior integration on the finding details page
  • Enterprise Added support for dataflow in custom XML input and XML reports
  • Enterprise Added issue tracker support for GitLab

Changes

  • Made further performance enhancement for the findings page and related functionality
  • Enterprise Made change to show specified tool name for custom XML inputs

Tools

  • Enterprise Added tool connector support for WhiteSource
  • Enterprise Made a fix for an issue causing authentication issues with Contrast tool connector
  • Enterprise Fixed bug causing SonarQube reopened status to not be recognized by Code Dx
  • Enterprise Updated NowSecure tool connector to support new data fields
  • Enterprise Updated Aqua tool connector to ingest layer information

Plugins

  • Added a plugin for importing Code Dx finding data into Splunk

Code Dx 5.3.5

Code Dx 5.3.5 4/27/2021

Tools

  • Enterprise Fixed a bug causing NowSecure tool connector to fail when regulatory URLs are missing
  • Enterprise Fixed a bug causing JFrog tool connector configuration to fail with certain JFrog installations

Code Dx 5.3.3

Code Dx 5.3.3 4/13/2021

Changes

  • Enterprise Made changes to allow Jira issue status transitions that contain required fields that are already populated or have a mapping

Fixes

  • Enterprise Fixed minor container image name display bug

Tools

  • Enterprise Added missing auto-update setting for Aqua tool connector
  • Enterprise Added JWT auth option for Aqua tool connector

Code Dx 5.3.2

Code Dx 5.3.2 4/8/2021

Tools

  • Enterprise Updated ASoC tool reader to classify inputs based on scan type
  • Enterprise+InfraSec Updated QualysVM tool reader to reflect new CVSS score formatting

Code Dx 5.3.1

Code Dx 5.3.1 4/2/2021

Additions

  • Enterprise Added support for cloud infrastructure security scanning
  • Enterprise Added support for cascading Jira select fields
  • Enterprise+ML Added ability to exclude projects from machine learning training

Changes

  • Updated analysis info API endpoints to provide more details

Fixes

  • Enterprise Fixed a bug causing tool connector URL validation to fail in some circumstances
  • Enterprise Fixed a bug causing HTTP variant header data to not be treated as possible when using custom XML input format
  • Enterprise+ML Fixed an issue causing Machine Learning to fail on certain versions of Windows
  • Enterprise+ML Fixed a minor rendering issue for the details page when viewed with IDE plugins

Tools

  • Enterprise Added tool reader support for Prisma Cloud
  • Enterprise Added tool reader support for Prisma Cloud Compute
  • Enterprise Made improvements to JFrog vulnerable component identity ingestion

Code Dx 5.3.0

Code Dx 5.3.0 3/16/2021

Additions

  • Added support for container security scanning
  • Added cross-project findings page and reporting
  • Added ability to edit and delete comments on finding details page

Changes

  • Improved performance of the findings page
  • Enterprise+ML Improved performance for machine learning training and prediction

Tools

  • Enterprise Added tool connector support for Aqua CSP
  • Enterprise Added tool connector support for Tenable.io
  • Enterprise Added tool connector support for the Snyk Container, Snyk License Compliance Management, and Snyk Open Source
  • Enterprise Added tool reader support for Anchore
  • Fixed a bug causing the ESLint reader to fail on optional fields when set to null