- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes March 2024
Checkmarx SCA Release Notes March 2024
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
Warning
For the SCA JFro plugin, version 1.1.9 and below are no longer supported. To continue using this plugin, make sure to upgrade to version 1.1.10.Checkmarx SCA Plugin for JFrogCheckmarx SCA Plugin for JFrog
For the SCA Nexus plugin, version 1.1.5 and below are no longer supported. To continue using this plugin, make sure to upgrade to version 1.1.6.
Risk Management
We have improved the handling of Risk Management for vulnerabilities identified by Checkmarx SCA. You can now change the state of all SCA vulnerabilities and Supply Chain risks to any of the following states: To Verify (default), Not Exploitable, Proposed Not Exploitable, Confirmed or Urgent. Whenever you make a state change you are required to add a comment explaining the rationale behind the change. In addition, there is an option to add a comment without making a state change.
When a state change is made, a red dot next to the Risks tab indicates the need for a recalculation in order to update the risk counters to reflect the changes. State changes are automatically applied to the identical risk if it is identified in subsequent scans of that project.
Support for VB.NET
We expanded our support for Nuget package manager to include VB.NET projects that use *.vbproj
manifest files.
SCA Resolver Version 2.6.9 (Mar 21, 2024)
For Gradle,
Fixed exception during project detection
Fixed issue that scans were being duplicated
Download the new version here.