1.6.33

🚀 Features

• Add SCA filter for vulnerabilities that break Policy Violations @DhavalPatelPersistent

🐛 Bug Fixes

• Fixed issues related to cx-branch not working correctly @HussainS12
• Used proper jql word in the code. @DadasoBanagar
• Upgraded Spring boot,Spring Core and Tomcat version @DadasoBanagar
• Gitlab command line should support merge title parameter @DhavalPatelPersistent

Documentation

• Documentation - Update README and Wiki to move some sections @DhavalPatelPersistent

1.6.32

🚀 Features

• Support for suppression of code snippets in Jira tickets @james-bostock-cx
• Added scan-resubmit functionality for CLI mode @DadasoBanagar

🐛 Bug Fixes

• Gitlab Security Reports is expecting a string instead of a float. @tnijboer
• Added extra fields of Scan comment to the Postback parser. @atheismann
• Update gitlab template for Gitlab security dashboard to use project mode instead of batch mode @tnijboer
• Upgraded Tomcat version to 9.0.59 to fix vulnerability @HussainS12
• Missed file for Feature/841 option to disable comment @DhavalPatelPersistent
• Scan failing due to value of size variable of Azure Repository is large @DhavalPatelPersistent
• Added for Jira Parameters in GitHub Actions @DhavalPatelPersistent

Documentation

• Fixed image not showing in CxFlow wiki for CxSAST summary @HussainS12
• Documented issue consolidation logic for CxSAST/CxSCA Result Summary in CxFlow wiki @HussainS12
• Corrected CxSAST Report XML schema link in CxFlow wiki @DadasoBanagar
• Documentation for parameters scan-timeout and report-timeout, and scan-polling and report-polling parameters in CxFlow wiki @DadasoBanagar
• Corrected Quick start tutorial in CxFlow wiki. @DadasoBanagar
• Added CxFlow CircleCI Documentation Reference in in CxFlow wiki @DhavalPatelPersistent
• Documented steps to override application.yml parameters in CLI mode @HussainS12
• Added Scan Queuing and fixed Docker command example in CxFlow wiki @HussainS12
• Added Tutorial for Branched project in CxFlow wiki @HussainS12

1.6.31

🚀 Features

• CxXML as bug-tracker for CxSCA. @HussainS12
• Added support for parsing results from CxSCA/SCAResolver XML report file (--parse mode). @DadasoBanagar
• Introduced 'SonarQube' as a bug-tracker for CxSAST and CxSCA. @DhavalPatelPersistent
• CxFlow now supports configuring Jira fields for issues reported by CxSCA. @HussainS12
• Support for Pull Request update event in Bitbucket Cloud/Server. @HussainS12
• Support for Delete event in Bitbucket Server. @HussainS12

🐛 Bug Fixes

• Upgraded version of spring-core package. @HussainS12
• Issues in Jira should not be closed on re-run of other/alternate scans for same project or while parsing the results. @DhavalPatelPersistent
• Correction in CodeBashing tutorial link for Jira service. @DhavalPatelPersistent

Documentation

• Updated CxFlow wiki for above enhancements.

1.6.30

🚀 Features

• Option to disable comment on pr @DhavalPatelPersistent

🐛 Bug Fixes

• Fixed CxFlow Vulnerabilities @HussainS12
• Fixed fasterxml related vulnerabilities @HussainS12
• Upgrade spring boot version to 2.6.1 @HussainS12
• Fixed docker image always running in --web mode. @HussainS12
• Fixed ScanQueuing and ScanQueuingTimeout. @DhavalPatelPersistent
• Uptake alpine version to 3.15 and Java11 version to 11.0.14_p9-r0 @HussainS12
• fixed null pointer exception in ConfigurationOverrider @HussainS12
• Fixed null pointer exception when cx-flow.mail.cc is not set. @cx-leonelsanches

Documentation

• Update for post-action-postback-id and settings-override. @DhavalPatelPersistent
• Branch project documentation update. @HussainS12
• Shard report fix. @DhavalPatelPersistent
• Wiki redesign. @DhavalPatelPersistent
• Wiki config as code fixes @cx-leonelsanches

1.6.29

🚀 Features

• Add scanResubmit property to config-as-code @DhavalPatelPersistent (#884)
• Add Security Severity Attribute in Report of SARIF File. GitHub Action report now shows Severity levels as per the mapping between GitHub Action and CxSAST. @DhavalPatelPersistent (#893)
• Feature to provide thresholds HIGH,MEDIUM,LOW via Webhook query parameters @HussainS12 (#896)
• Support for providing Min-Max Heap size for CxFlow docker @HussainS12 (#889)
• Added link to SAST Result in GitHub Action report. @DhavalPatelPersistent (#898)
• Show attack vector in GitHub Action report. @DhavalPatelPersistent (#895)

🐛 Bug Fixes

• log4j version uptake to 2.17.1 @HussainS12 (#896)
• Fix Service Now Integration and add Comment @DhavalPatelPersistent (#881)
• Fixed issue in SARIF report generation when vulnerability description and/or Line number is missing @DhavalPatelPersistent (#898)

Documentation

• General Wiki page updates. @HussainS12 (#892)

1.6.28

🚀 Features

None

🐛 Bug Fixes

• Log4j 2.16.0 uptake in java8 and java11 build gradle @umeshwaghode (#888)
• fixed branched project regression @HussainS12 (#887)
• ADO CRLF update @DhavalPatelPersistent (#885)
• add more automatically statuses for jira @kecven (#855)

Documentation

• Update Checkmarx.gitlab-ci.yml @jbrotsos (#854)
• Add scan comment sample script @cx-scord (#834)

1.6.27

🚀 Features

• Enable scan level custom fields @james-bostock-cx (#876)
• Support branched project from base project @HussainS12 (#877)
• Enable project-level custom fields @james-bostock-cx (#872)
• Custom Jira Summary feature @HussainS12 (#862)
• Support for ssh key per project @HussainS12 (#868)
• Branch level scanning support for SCA @nandikantipavan (#864)

🐛 Bug Fixes

• Fix slash not present in repoUrl and issues with branched project @HussainS12 (#879)
• small changes in Cx-flow iast integration. @kecven (#867)
• Added warning log for jira-field-name when set to Labels @HussainS12 (#871)
• Base alpine used instead of one from openjdk @umeshwaghode (#870)
• fix for all branches being scanned when no protected branches are defined @HussainS12 (#869)
• False positive handling for SCA @umeshwaghode (#863)

Documentation

• PR Documentation Fixes @james-bostock-cx (#866)

1.6.26

🚀 Features

• added feature for exclude files @HussainS12 (#860)
• added scanQueuing and scanQueuingTimeout @nandikantipavan (#857)
• Override state filter from webhook feature @HussainS12 (#844)

🐛 Bug Fixes

• BitbucketCloudController validation for NullPointerException @HussainS12 (#852)
• fix for branches not present in protected branches list being scanned @HussainS12 (#845)
• fix for sast scan not executing when sca scan fails @HussainS12 (#838)

Documentation

• Update Home.md @jbrotsos (#853)
• update 'multi-tenant' configuration documentation @nandikantipavan (#859)
• Documentation update for alt-project, protected branches and jira label-prefix @HussainS12 (#847)

1.6.25

🚀 Features

• Jira custom issue prefix feature @HussainS12 (#824)

🐛 Bug Fixes

• Fix hyphen not allowed in JIRA issue label @cx-scord (#826)
• exclude-folders works without trailing /. So updated Configuration.md file @nandikantipavan (#829)
• Fix for bitbucket PR webhook broken @HussainS12 (#827)

1.6.24

Changes

• Add SCA timeout @nandikantipavan (#822)
• Pr iast 2646 azure integration @gustavocortarelli (#782)
• Add ssh support for new projects (#810)
• Iast - add iast integration with gitlab and GitHub @kecven (#778)

🐛 Bug Fixes

• Fix JIRA issue priority not updating for SCA @cx-scord (#789)
• Fix colon not allowed in JIRA issue label @cx-scord (#818)
• ADO thread status update and PR status update as per scan result @HussainS12 (#806)
• scan preset override issue fix @HussainS12 (#815)

Documentation

• New template file to handle GITLAB_URL, dashboard on MR and removed hardcoded default branch @jbrotsos (#788)
• Add CxIAST Tutorial @Eli4ontar (#777)