Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Plugin VersionChanges / FeaturesAdditional Information
2021.3.1
  • An issue has been fixed that caused older project build failures on error 'Invalid Engine Configuration Id'
  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3, 9.4
  • OSA Support: Supported
    * FSA agent supported version: 20.0.11
  • SCA Support: Supported
  • Operating Systems: Windows, Linux
  • Supported Tool Version: TeamCity 2019.2 - 2020.1.3, 2021.1.2, LTS 2021.1 
  • Supported Java Version: Oracle JDK 8, OpenJDK 11
2021.2.2
  • The following has been added to improve the performance with CxSCA:
    • Support for exploitable path/attack vectors.
    • EnablePolicyEnforcement now enforces CxSCA policies as well along the CxSAST & CxOSA policies.
    • An option to include the source code with CxSCA scans.
    • Support to include private registry config files and environment variables with CxSCA scans.
    • Project creation and team assignment capabilities for CxSCA scans.
  • Added CxOrigin and CxOriginUrl.
  • Added scheduled periodic full scan capabilities.
  • A proxy can be enabled between the TeamCity system and the CxSAST server as explained.
  • Added a log message for Test Connection Success/Failure.
  • Fixed an issue that caused the dependency scan being performed for CxOSA when CxSCA was selected.
  • Fixed an issue that caused the CxSCA password being saved in plain text in the job config file.
  • Fixed an issue that caused Test SCA Connection to run without retyping the CxSCA password.
  • Fixed an issue that caused hard failures like Scan aborted not being handled properly.
  • Fixed an issue that caused the encryption and decryption of passwords to fail randomly.
  • Fixed various security vulnerabilities by upgrading the libraries listed below to the latest versions as listed below:
    • io.vertx:vertx-web to version 4.1.0
    • io.netty: netty-codec-http2 to version 4.1.65.Final
    • commons-io: commons-io to version 2.9.0
    • org.apache.httpcomponents: httpmime to version 4.5.13
    • org.springframework:spring-web to version 5.3.8
    • io.netty:netty-codec-http to version 4.1.65.Final
  • Supported SAST Versions: 8.9, 9.0, 9.2, 9.3
  • OSA Support: Supported
    * FSA agent supported version: 20.0.11
  • SCA Support: Supported
  • Operating Systems: Windows, Linux
  • Supported Tool Version: TeamCity 2019.2 - 2020.1.3
  • Supported Java Version: Oracle JDK 8, OpenJDK 11
2020.3.8
  • Support TeamCity 2020
  • New SCA support
  • New SCA Dashboard
  • Support for the Self-sign SSL Certificate
  • Fix for the “Connect to Server” button
  • Supported SAST Versions: 8.9, 9.0, 9.2
  • OSA Support: Supported
    * FSA agent supported version: 20.0.7
  • SCA Support: Supported
  • Operating Systems: Windows
  • Supported Tool Version: TeamCity 2019.2 - 2020.1.3
  • Supported Java Version: Oracle JDK 8
2020.1.20 (beta)
  • Corrections for Enable Dependancy Scan Threshold and Archive Extract Pattern
  • Certified SAST Versions: 8.9, 9.0
  • OSA Support: Supported
    * FSA agent supported version: 20.0.3
  • SCA Support: Supported
  • Operating Systems: Windows
  • Supported Tool Version: TeamCity 2019.1 - 2019.2
  • Supported Java Version: Oracle JDK 8
2020.1.2
  • Enabling SAST scans without M&O
  • Support OSA for the Scala language
  • Support OSA for the PHP language
  • Certified SAST Versions: 8.9, 9.0
  • OSA Support: Supported
    * FSA agent supported version: 20.0.3
  • Operating Systems: Windows 
  • Supported Tool VersionTeamCity 2019.1 - 2019.2
  • Supported Java Version: Oracle JDK 8
9.0.0
  • Ability to break the build according to both SAST&OSA policy status

8.9.0
  • New Top-Bar ("red" scan failed, "green" scan passed)
  • Support OSA scanning of NuGet package files
  • Support OSA scanning of Python 3 package files
  • Ability to break the build according to the OSA policy status

8.8.0
  • None

8.7.0
  • Embed OSA core library into the Checkmarx CI plugins
  • Support scanning of the NPM package.json
  • Support scanning of Maven POM.XML files

8.6.0
  • Additional failure summary information in the console log

8.5.0
  • First official CxSAST and CxOSA plugin

...