Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Resolved Issues and Changes

CategoryResolved Issues

Fixed an issue that caused the scanning to fail and the client-log.log to record the following error message: "System.ArgumentException: An item with the same key has already been added." 

Fixed an issue so that now a Docker image can be deployed on Linux without root privileges.

Added an option for changing the time zone in the Docker image on Linux.

The default AWS Docker ulimits value has been increased to allow the CxSAST engine to work properly.

Fixed an issue that caused the scanning to fail when using an AbsInt component.

The nullish coalescing operator (??) is now supported when scanning JavaScript.


CategoryResolved Issues

The XML report has been enhanced with additional information regarding the ‘Queries Details’ and ‘Source Code’.

Queries Details now contains:

  • Risk: What might happen?
  • Cause: How does it happen?
  • General Recommendations: How to avoid it?
  • Source Code Examples.

Source Code now contains:

  • Num of LOCs (number of lines of code): Before and after the vulnerable line.
  • Method Scope: Brings the entire method of the vulnerable line.
  • File: Brings the entire file that has the vulnerable line.

For these new features, configuration keys were added to the CxComponentConfiguration table in the CxSAST database.

  • To activate the Queries Details feature, set the AddQueryMetaDataToXmlReport configuration key to “true”. 
  • To activate the Source Code feature, set the XmlReportSourceLinesRange configuration key to a number larger than 0.