Releases: checkmarx-ltd/cx-flow
1.6.2
Features:
• Integration with SCA - support Thresholds to fail\approve pull request (#322)
• Merge PR scan summary comments - azure devepos
• Merge PR scan summary comments - SCA reports
• Support configuration as code for SCA properties (#341)
Fixes:
• Fix bug config as code override bugTracker in Pull request (#325)
1.6.1
Features:
• Integration with SCA - add vulnerability filters
• Integration with SCA - cosmetic changes to Jira tickets
• Integration with SCA - support ADO and Gitlab bug tracker tickets
• Improved filter support - support groovy script input
• Support Scan Re-submission for active running scans
• Add 'State' to SAST vulnerability ticket in Jira
• Support for paths in GitLabSecurityDashboard
Fixes:
• Fix: SAST Scan on pull request failed with exception when scanners list contains invalid values
• Fix: update github issues not working as expected with more than 100 issues
• Fix: GitLab - getting project ID by name sometimes returns incorrect result
• Fix typo on issue-still-exist github issue
• Fix unique mdc value in cxflow logs
• Fix CLI break-build fix for 'not exploitable' vulnerabilities
1.6.0
Features:
• Service Now integration
• Add forcescan parameter option to CLI Execution
• CxOD initial implementation
• Integration with SCA – parsing results
• Integration with SCA - send results to pull request comment
• Integration with SCA - open jira tickets
• Support Jira empty case to avoid entering the default section
• Use existing SAST project configuration instead of global CxFlow config
• Github Update PR comment instead of separate comments
• Upload CxFlow-CxOD version to github release and to docker hub
Fixes:
• Docker deploy issue: app version as string
• Sonar cloud issues
• Fix errors in ADO to ADO flow
• SAST vulnerability fix: Absolute_Path_Traversal
• improve connectivity and sonar issues in ScanUtils
1.5.4
Features:
- Add support to Rally integration
- Add support to service now
- Support thresholds for pull request validation
- Github webhook to azure tickets
- Add analytics infra
- End to End tests in circleci pipliene
- config as code for thresholds per branch
- scan default branch
- github support delete project
- CxOD initial implementation
Fixes :
- Fixing false positive tracking issue with counting number of occurrences resulting in issues not closing
- Fix Azure webhook to Azure ticketing with different project name
- sonar cloud issues
- Improve jira ticketing performance
1.5.3
Update SDK to version 0.4.8 to fix incorrect false positive counting …
1.5.2
Revert "Migrate from tfs" This reverts commit 5302425dcfdaf54708acdbc4f6010a95bb1edd70.