- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes June 2025
Checkmarx SCA Release Notes June 2025
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
SCA Updates
Managing Data Retention for SBOM Analysis
We now enable users to ensure that SBOM files sent to the SCA cloud for File Analysis are purged as soon as possible. When using the File Analysis API, which runs an SCA scan on an SBOM that you submit, you can now set DisableRetention as true so that as soon as the Analysis report has been retrieved successfully once, all related data is deleted from the SCA cloud. When this parameter is false (default) then the current policy of retaining the data for 5 days and allowing multiple retrievals of the report remains in place.
This enables users to improve security by keeping data retention in the cloud to the absolute minimum.