- Checkmarx Documentation
- Checkmarx One
- Release Notes
- Previous Releases
- Releases of March 2023
- Multi-Tenant (March 2023)
Multi-Tenant (March 2023)
New features and improvements
Status | Description |
---|---|
Version 2.82 (Released on March 26, 2023) | |
NEW | Single-tenant deployment is now integrated with Salesforce. This allows opening support cases from single tenants hosted by Checkmarx. |
Version 2.81 (Released on March 12, 2023) | |
NEW | Checkmarx One CLI now allows generating scan reports in PDF format by running the new command: By default, the command creates a comprehensive report with a scan summary, executive summary, and scan results. The report is then downloaded to the local machine or sent to an email of your choice. |
NEW | The Azure DevOps Feedback App now fetches the custom fields from the client ADO and allows populating these custom fields in the ADO work items as part of the Feedback App wizard. |
NEW | AppSec engineers can now use the Checkmarx One platform to monitor how many Azure DevOps repositories are covered by scans in comparison with the total number of repositories in their organization. |
NEW | Checkmarx One is now able to assist AppSec engineers to decide which repositories need to be scanned and monitored in the first place. This is calculated using an algorithm that analyzes repository metadata, including commits, lines of code, and repository privacy settings among others parameters. |
NEW | To enhance the current Code Repository (SCM) import process, Checkmarx One now allows customers to scan all projects in their organization without administrative privileges. Any user can import repositories to be scanned. This does not require that an admin token from the user be stored at the Checkmarx One platform. NoteLIMITATION: Trigger scan upon push/pull request can only be set up by an administrator because it requires admin access to the GitHub client environment. |
Bug Fixes
Status | Description |
---|---|
Version 2.82 (Released on March 26, 2023) | |
FIXED | Single Tenant email sender is not configurable. |
FIXED | Last login timestamp incorrect between 12:00 PM to 12:59 PM. |
FIXED | Adding Notes to findings. |
FIXED | US Site: Identity and access management page performance issue. |
FIXED | US Site: IAM page takes a long time to load. |
FIXED | Missing description on SAST Query (CPP\Off By One Error). |
FIXED | AST Padding in Vulnerability Description. |
FIXED | AST Padding in Vulnerability Description. |
FIXED | No result message when toggle right away. |
FIXED | Applications Tab visible. |
Version 2.81 (Released on March 12, 2023) | |
FIXED | GitHub integrations in single-tenant environments are not working. |
FIXED | Checkmarx One sends non-executable preset queries to the SAST engine. |
FIXED | Broken link when accessing a query description. |
FIXED | Audit API is not working. |
FIXED | Results from different programming languages are mixed in the Results Viewer. As a result, result states are affected. |
FIXED |
|
FIXED | Cannot login to Checkmarx One with OKTA (a Salesforce issue) |
FIXED | An attempt to create a long name (because a long name is defined in GitHub) results in a character limit error. |
FIXED | Incorrect Sarif report creation for SCA scan. |
FIXED |
|
FIXED | IDE Plugin slowness/freeze when navigating in large projects. |
CLI and Plugins Release of March 2023
Version 2.0.43
Status | Item | Description |
---|---|---|
UPDATED | Tags and Groups | When tags and/or groups are specified in the |
FIXED | Thresholds | Fixed issue that spaces and capital letters had been interfering with Threshold functionality. |
FIXED | Scan summary | Fixed issue that SCA vulnerabilities marked as "Not Exploitable" were being included in the scan summary data. (Current behavior for all scanners is that "Not Exploitable" vulnerabilities are not included in the scan summary.) |
FIXED | Sarif reports | Fixed problem with generating sarif reports. |
FIXED | Debug logs | Fixed issue that debug logs were showing URLs that contained sensitive data. |
IDE Plugins
In March we released the following IDE plugin version:
VS Code Extension - 2.0.14 (uses CLI v2.0.42)
Improvements and Bug Fixes
Added the SCA Realtime scanner tool, which enables all VS Code users to run an SCA scan on the project in their workspace and view results in the VS Code console.
Tip
This is a free tool that doesn't require a Checkmarx One or Checkmarx SCA account. For Checkmarx users, the results are not synced with their account.