Skip to main content

Bamboo Plugin Change Log

The following table lists the features and changes implemented for the plugin with the relevant version release. To obtain the plugin, go to the plugin download section.

Version

Change / Feature

Additional Description

2024.2.3

  • Bamboo Server support migrated to the Bamboo Data Center.

  • Fixed an issue where if the first scan in a pipeline or new project is asynchronous, it will not show a failed scan report if the reports are not generated or if a report of a previous successful scan is not available.

  • Fixed an issue where a Dependency Scan occurred even when both global dependency scan and override global dependency scan settings in config were disabled.

  • Ability to download PDF reports on the Artifact and Summary section.

  • Support has been added for the latest LTS version.[9.2.x]

  • Upgraded below libraries:

    • commons-codec:commons-codec to 1.16.0

    • com.google.guava:guava to 33.0.0-jre

    • cx-client-common to 2024.1.1

    • org.apache.sshd:sshd-common to 2.10.0

    • org.apache.sshd:sshd-core to 2.9.3

    • org.apache.commons:commons-compress to 1.26.0

    • org.apache.struts: struts2-core to 2.5.33

    • commons-io: commons-io to 2.7

    • org.codehaus.plexus: plexus-utils to 3.5.1

    • org.springframework: spring-web to 5.3.31

    • org.springframework: spring-beans to 5.3.31

    • org.apache.activemq: activemq-broker to 5.16.1

    • org.apache.activemq: activemq-client to 5.16.7

    • org.apache.activemq: activemq-openwire-legacy to 5.16.7

    • com.fasterxml.jackson.core: jackson-databind to 2.12.7.1

    • xalan: xalan to 2.7.3

    • io.netty: netty-codec-http to 4.1.104.Final

    • io.netty: netty-codec-http2 to 4.1.104.Final

    • io.vertx: vertx-web to 4.3.8

    • commons-validator: commons-validator to 1.8.0

    • org.codehaus.jettison: jettison to 1.5.4

  • Supported SAST Versions: 9.4 - 9.6

  • OSA Support: Supported

    * FSA agent supported version: 24.0.1

  • SCA Support: Supported

  • Supported Tool Versions: Bamboo Data Center 9.2.x

  • Supported Java version: Oracle JDK 8, OpenJDK 11

2023.1.4

  • Ability to enable/disable SAST scan

  • The Force Scan option to force the SAST server to perform a full scan irrespective of the code changes

  • SCA resolver configuration is now available on the Global Configuration page

  • Fixed the issue in SCA Resolver, where result files were overwritten in a parallel execution scenario.

  • Supported SAST Versions: 9.3 - 9.5

  • OSA Support: Supported

    * FSA agent supported version: 23.0.0

  • SCA Support: Supported

  • Supported Tool Versions: Bamboo 7.2.1 to 8.2.2, 7.1.x, 7.0.0, 9.0.1, 9.1.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8, OpenJDK 11

2022.2.6

  • Added support for SCA Resolver.

  • Updated the user interface to the new Checkmarx look and feel.

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: Supported

    * FSA agent supported version: 21.0.5

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 8.2.2, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8, OpenJDK 11

2022.2.1

  • Third-party libraries have been upgraded as listed below:

    • Library “com.github.junrar” to 7.5.0

    • Library “org.springframework” to 5.3.19

    • Library “org.dom4j” to 2.1.3

  • Supported SAST Versions: 9.2, 9.3, 9.4

  • OSA Support: Supported

    * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 8.1.2, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2022.1.1

  • Removed the Log4j dependency.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported

    * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 8.1.2, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2021.4.34

  • Added support for Bamboo LTS 8.0.2.

  • Fixed an issue that caused the PDF Report link from the CxSAST results to fail.

  • Fixed an issue that caused OSA FSA logs to remain hidden after upgrading to FSA 20.0.13.

  • Fixed an issue with logs to show an effective incremental scan. This is useful when interval based full scans are enabled.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4

  • OSA Support: Supported

    * FSA agent supported version: 20.0.13

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 8.0.2, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2021.2.33

  • Fixed an issue that caused HTML reports to be unavailable in case of failure caused by exceeding a threshold.

  • Fixed a user interface issue that caused ‘Dependency Scan’ always as checked.

  • Fixed various security vulnerabilities by upgrading the libraries listed below to the latest versions:

    • org.apache.httpcomponents:httpclient

    • com.jcraft:jsch

    • org.apache.activemq:activemq-broker

    • org.igniterealtime.smack:smack-core

    • org.igniterealtime.smack:smack-tcp

    • commons-collections4:org.apache.commons

    • org.yaml:snakeyaml

    • org.quartz-scheduler:quartz

    • org.springframework:spring-jms

    • commons-fileupload:commons-fileupload

    • commons-io:commons-io

    • com.fasterxml.jackson.core:jackson-databind

    • org.bouncycastle:bcprov-jdk14

    • io.netty:netty-codec-http

    • io.netty:netty-codec-http2

    • io.vertx:vertx-web

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3

  • OSA Support: Supported

    * FSA agent supported version: 20.0.11

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 7.2.3, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2021.2.31

  • Overriding the Preset during a scan is controlled by the CxSAST server (only CxSAST 9.3 and up).

  • The Scan Origin value reflects details like server URL, project name, plan name and job name.

  • Improving various Log messages.

  • Proxy support with the option to enable, disable and bypass support.

  • Fix for the PDF report link and the file system path.

  • Fixed interval based full scans for use in when Incremental Scan is selected.

  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3

  • OSA Support: Supported

    * FSA agent supported version: 20.0.11

  • SCA Support: Supported

  • Supported Tool Version: Bamboo 7.2.1 to 7.2.3, 7.1.3, 7.0.0

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2020.3.1

  • Support for Bamboo 7

  • Support self-sign SSL

  • Fix for OSA GIT scan with HTML files

  • Add XML report path to the log

  • Supported SAST Versions: 8.9, 9.0, 9.2

  • OSA Support: Supported

    * FSA agent supported version: 20.0.5

  • SCA Support: N/A

  • Supported Tool Version: Bamboo 6.10.3 – 7.0.4

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

2020.1.12

  • Support for the Scale language in OSA.

  • Support for the PHP language in OSA.

  • Fixing the Hide Results Checkbox issue.

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported

    * FSA agent supported version: 20.0.3

  • SCA Support: N/A

  • Supported Tool Version: Bamboo 6.9 – 6.10.3

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

9.0.0

  • Ability to break the build according to both SAST&OSA policy status

  • Global ability to not display the scan results

  • Certified SAST Versions: 8.9, 9.0

  • OSA Support: Supported

  • SCA Support: N/A

  • Supported Tool Version: Bamboo 6.8 – 6.9.2

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

8.9.0

  • New Top-Bar ("red" scan failed, "green" scan passed)

  • Support OSA scanning of NuGet package files

  • Support OSA scanning of Python 3 package files

  • Ability to break the build according to the OSA policy status

  • Certified SAST Versions: 8.8, 8.9

  • OSA Support: Supported

  • SCA Support: N/A

  • Supported Tool Version: Bamboo 6.4 – 6.8

    * Operating Systems: Windows

  • Supported Java version: Oracle JDK 8

8.8.0

None

8.7.0

  • Embed OSA core library into the Checkmarx CI plugins

  • Support scanning of the NPM package.json

  • Support scanning of Maven POM.XML files

8.6.0

  • Globally enable\disable new project creation from the plugin

8.5.0

  • Ability to schedule interval-based full scans

8.42.0

  • First official CxSAST and CxOSA plugin