- Checkmarx Documentation
- Checkmarx One
- Release Notes
- Version 3.23 (Early Access)
Version 3.23 (Early Access)
Multi-Tenant release date: October 6, 2024
Warning
The content and dates of these Release Notes are provisional and subject to change.
All new features, enhancements, and resolved issues will be available upon version deployment in the multi-tenant environment, unless explicitly stated otherwise in the respective section's sub-heading.
New features and enhancements
New Code Retention Controls
We have developed two related features that enhance code privacy and result clarity:
Delete Code After Scan: The entire source code is removed once a scan is completed. While scan results remain visible, clicking on a result will not display the source code.
Keep Code Snippets: Only a few relevant lines of code related to each result are stored and shown when a result is clicked.
Currently, these features are controlled by feature flags with no option for user-driven activation or deactivation.
New 'Detection Date' Column in Results Viewer
We have introduced a Detection Date column, displaying the date each vulnerability was detected. This column is sortable and includes a filter option to help users easily manage and view vulnerability timelines.
SAST Engine Upgrade
The SAST engine in Checkmarx One has been upgraded to version 9.6.7. To discover all the new features and updates in the latest version, refer to this page.
SCA updates
Private Packages
We now identify private and unresolved packages in the scanned project. Private Packages are shown in the SCA Results > Packages tab.
Notice
A “private package” is a package or library developed in-house that is being used across the organization. For example, a logging library that was developed in-house and is used by several different projects. These packages are only visible to the specific collaborators/teams that were granted access.
Resolved issues
Failed to download the PDF report due to the error: “Something went wrong – failed to generate report.”
The
Scan-Summary
API was returning a negative number of findings.Traditional Chinese characters were masked in the project report.
The DAST scan initiated from Checkmarx One was throwing DOM errors.
Attack Vector was throwing errors.
API security scans returned duplicate vulnerabilities when pagination was configured to display 10 items per page.
The
POST /repos-manager/project-conversion
API call remained in an ongoing state indefinitely.Packages with malicious risks or Suspected Malware were experiencing an infinite loading issue.
It was required to add retry to publish messages on SCA services.
The scan of the SBOM CycloneDX version 1.2 returned no results.
Two different versions of jackson-databind were reported in same module though only one version appeared in the pom.xml.