change log

Code Dx 2.6.3

Code Dx 2.6.3 10/13/2017

What’s different since v2.6.2

Additions

  • Enterprise Added truncation/abbreviation options for PDF report templates
  • Enterprise Added creation/update time and additional result value column options to CSV report

Changes

  • All Made changes to improve performance of filtering backend

Fixes

  • All Made a fix to ensure manual input archival is blocked by running analyses
  • Stat! Fixed an issue preventing creation of new JIRA issues

Code Dx 2.6.2

Code Dx 2.6.2 10/3/2017

What’s different since v2.6.1

Fixes

  • Enterprise Fixed an issue causing only the first 50 assignable JIRA users to be displayed when creating an issue (the limit is now 1000, as enforced by JIRA)

Code Dx 2.6.0

Code Dx 2.6.0 9/19/2017

What’s different since v2.5.8

Additions

  • All Added tool metadata display to evidence section on the finding details page
  • All Added timestamp for last status change to finding
  • Enterprise Added ability to search for findings by result metadata
  • Enterprise Added JIRA template support for tool metadata
  • Enterprise Added project hierarchy support
  • Enterprise Added support for NIST 800-53 and OWASP Mobile Top 10 standards
  • Enterprise Updated DISA STIG 4 standard to 4.3
  • Enterprise Added JIRA status auto-updating

Changes

  • All Improved consistency of API data responses
  • All Updated to CWE 2.11
  • All Made visual tweaks to standardize configuration dialogs

Fixes

  • All Fixed a bug causing source mappings to potentially be invalidated following archival
  • Enterprise Fixed an issue causing git and JIRA authentication secrets to overwrite each other

Tools

  • Enterprise Added tool connector support for Black Duck Hub and NowSecure
  • Enterprise Added tool readers for AppSpider and Microsoft Threat Modeling Tool
  • Enterprise Added link to report for Sonatype results
  • Enterprise Added logic to capture additional metadata for Sonatype and WhiteHat Sentinel results

Code Dx 2.5.8

Code Dx 2.5.8 8/17/2017

What’s different since v2.5.7

Changes

  • All Made a change such that analyses will fail if result ingestion fails

Fixes

  • All Fixed an issue that may cause rules to display in the tool filter when importing Code Dx XML reports
  • All Fixed an issue causing faulty descriptors to be created when importing Code Dx XML reports
  • All Fixed a bug causing obsolete path entries to be maintained in an in-memory cache
  • All Fixed a bug causing incorrect counts in the tool filter under certain circumstances

Tools

  • All Update bundled Gendarme to use Mono.Cecil version to v0.9.6

Code Dx 2.5.7

Code Dx 2.5.7 7/20/2017

What’s different since v2.5.6

Fixes

  • All Fixed an issue where PDF report generation may fail when result details are enabled
  • Enterprise Fixed a bug causing the ‘OK’ button to be disabled for Sonatype tool connector configuration when the stage is set to ‘Any’