- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Previous Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes 2022
- Checkmarx SCA Release Notes July 2022
Checkmarx SCA Release Notes July 2022
We are excited to announce important improvements in Checkmarx SCA…
Key improvements
UI Changes
We have updated several widgets and column headers on the Project page to show combined data for vulnerabilities and also supply chain security (SCS) risks.
Also, the Legal Risks widget now shows values for distinct legal risks (i.e., doesn’t take into account multiple instances of the same risk).
Improvements and Bug Fixes
Status | Item | Description |
---|---|---|
FIXED | Error message | We now return 404 instead of 500 when a CVE is not found in the AppSec Knowledge Center. |
FIXED | Pip Virtualenv | Certain packages were taking a long time to resolve. The issue was fixed by upgrading the pip virtualenv. |
Checkmarx SCA Resolver Updates
We have released several new versions of Resolver with a wide range of improvements and bug fixes. Download the latest version of SCA Resolver here.
Version 1.10.4
For NPM, fixed bug related to workspaces.
Version 1.10.2
Added the
--Sca-app-url
flag for specifying the url of the web application. Previously this could only be done via the config file.Added the ability to include the password in the config file. Previously this could only be done via the CLI command.
Notice
It isn't recommended to include a password in clear text in the config file. Instead, you can use an environment variable for the password. Resolver first checks for an environment variable of the specified name, and uses the plain text value only if no variable is found.
Added the
--override-default-excludes
flag, for disabling the default file exclusions.
Version 1.9.10
For Yarn, general improvements in dependency resolution.
For NPM, added support for NPM workspaces.
Fixed problems caused by duplicate values for environment variables by overriding saved values when a new value is submitted.