fixes

Code Dx 5.4.9

Code Dx 5.4.9 8/3/2021

Additions

  • Enterprise Added SARIF support

Changes

  • Changed result location display to show raw path, with Code Dx temporary folder removed for bundled tool results

Fixes

  • Enterprise Fixed missing recorrelation prompt after disabling hybrid correlation
  • Enterprise Fixed some miscellaneous bugs with the issue tracker configuration modal
  • Fixed an issue causing recorrelation to attempt to update triage predictions when disabled
  • Fixed a bug causing PDF report generation to fail when including comments with invalid URLs

Tools

  • Enterprise Added support for Qualys Container Security CSV
  • Enterprise Added tool connector support for Tinfoil API and Web
  • Enterprise Improved data ingestion and correlation for Seeker IAST results
  • Enterprise Improved consistency of SD Elements tool connector configuration UI
  • Enterprise Added tool connector support for Polaris

Code Dx 5.4.7

Code Dx 5.4.7 7/13/2021

Tools

  • Enterprise Fixed a regression causing missing line numbers for some ASoC results
  • Enterprise Added filtering options for the Black Duck tool connector
  • Enterprise Reduced the number of results reported for Black Duck matched files
  • Enterprise Added functionality to skip scheduled tool connector runs for AppScan Enterprise and Black Duck when there are no changes to ingest

Code Dx 5.4.6

Code Dx 5.4.6 7/7/2021

Fixes

  • Fixed some issues causing incomplete analyses to cause phantom results and findings in some scenarios

Code Dx 5.4.5

Code Dx 5.4.5 6/25/2021

Changes

  • Improved performance of new analyses and archiving of inputs

Tools

  • Enterprise Fixed an issue causing ingestion failure for Black Duck in certain scenarios
  • Enterprise Fixed an issue causing Black Duck tool connectors to not work until reconfigured
  • Enterprise Added support for Coverity json-v8 format

Code Dx 5.4.4

Code Dx 5.4.4 6/24/2021

Additions

  • Enterprise Added ASoC issue ID to metadata search list

Changes

  • Improved security headers
  • Improved UI for bulk comment creation
  • Enterprise Made some UI improvements centered around the GitLab integration

Fixes

  • Made some fixes causing incompatibility with MySQL
  • Enterprise Fixed a bug causing Jira issue types to fail to load in configuration dialog

Code Dx 5.4.3

Code Dx 5.4.3 6/7/2021

Fixes

  • Enterprise Fixed a bug that caused the NowSecure Connector to sometimes fail

Code Dx 5.4.2

Code Dx 5.4.2 6/2/2021

Changes

  • Enterprise Added access token authentication option for Jira integration

Tools

  • Enterprise Added ability to search by AppDetective Pro CheckResultStatus field

Code Dx 5.4.1

Code Dx 5.4.1 5/20/2021

Changes

  • Made improvements to reduce memory usage of Code Dx over time
  • Enterprise Made improvements to encoding detection for tool output files
  • Enterprise Made improvements to HTML handling with issue tracker field templates

Fixes

  • Fixed a bug causing missing files from Git repositories containing invalid symbolic links

Tools

  • Enterprise Updated JFrog tool connector configuration modal
  • Enterprise Tweaked Nessus integration to treat compliance and standard scans separately
  • Enterprise Improved location reporting for ASoC Java results
  • Enterprise Fixed a bug causing authentication to fail for AppScan Enterprise tool connector

Code Dx 5.4.0

Code Dx 5.4.0 5/5/2021

Additions

  • Added ability for users to create personal access tokens for API usage
  • Added Secure Code Warrior integration on the finding details page
  • Enterprise Added support for dataflow in custom XML input and XML reports
  • Enterprise Added issue tracker support for GitLab

Changes

  • Made further performance enhancement for the findings page and related functionality
  • Enterprise Made change to show specified tool name for custom XML inputs

Tools

  • Enterprise Added tool connector support for WhiteSource
  • Enterprise Made a fix for an issue causing authentication issues with Contrast tool connector
  • Enterprise Fixed bug causing SonarQube reopened status to not be recognized by Code Dx
  • Enterprise Updated NowSecure tool connector to support new data fields
  • Enterprise Updated Aqua tool connector to ingest layer information

Plugins

  • Added a plugin for importing Code Dx finding data into Splunk