- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes June 2024
Checkmarx SCA Release Notes June 2024
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
Remediation Icon
When a remediated version of a package exists, we now show a remediation icon next to the package in the Packages tab of the scan results. Clicking on this icon takes you to that item in the Remediation Tasks tab.
Notice
This feature is only available for direct dependencies.
Improved Remediation Tasks
We have cut out the “noise” in this section by showing recommendations for replacing transitive packages only if the current package has vulnerabilities. For outdated packages without vulnerabilities, we no longer show remediation suggestions.
Global Inventory & Risks - Data Enrichment
We have enriched the Global Inventory and Risks page to include all relevant data from the SCA scan results page. We have added the following items in the Packages and Risks tabs respecitvely:
Packages Tab
Show only Effective licenses
Added Scan Date
Risks Tab
Added severity Score
Added risk State
Added Exploitability indicators
Added Category (CWE)
Made Package Name and Package Version into separate items
Added Detection Date
In addition we have improved filter and search capabilities.