- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes September 2024
Checkmarx SCA Release Notes September 2024
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
SCA Resolver Version 2.10.2
(September 3, 2024)
For Npm, improved package.json identification when lerna.json is present
For RubyGems, fixed circle dependencies
For Yarn, fixed direct dependency identification for yarn.lock v2
We added the following items to the scan summary that is shown when a scan is completed:
Outdated packages
Vulnerable packages, with breakdown by severity level
Legal risks, with breakdown by severity level
Critical and Info level severity are now displayed. (However, results for these severities are only identified in accounts for which this feature has been activated.)
Download the new version here.