CI/CD Plugin Enhancements

We concentrated on amplifying our offerings for on-premises customers. New extensions and integrations tailored for CI/CD have been a focal point, ensuring that your workflow remains as seamless as ever. Plus, in a move towards even greater transparency and community involvement, we're excited to share our open-sourced roadmap. Dive in, share your thoughts.

🌟 Latest Update: v2308.30

🚀 New Features

  • Azure TFVC Support: Support for Azure TFVC has been added, both as an extension and as part of our broader integration. And it is open sourced now!

  • GitLab CI/CD Plugin Integration: We've officially launched the CodeThreat GitLab CI/CD plugin. This pivotal enhancement streamlines the vulnerability scanning process directly within the GitLab CI/CD pipeline. Now, developers can detect and address vulnerabilities in real-time, ensuring secure code deployment and efficient workflows.

  • API Optimization: More accurate filtering in the Scan-Log API. This leads more faster responses if the repository have tons of issues to show.

🐛 Bug Fixes

  • Manually Imported Code Base: Enhanced handling of tar.gz files after the scan.

  • Auth Module Adjustments: Adjustments have been made for better handling of different user roles.

  • File Upload Process: Addressed a potential risk by ensuring files are properly closed after the upload process.

  • Scan Termination Bug: Addressed an issue where scans would sometimes terminate prematurely without covering the entire codebase.

  • Reporting Inconsistency: Fixed inconsistencies in the vulnerability report generation process which occasionally omitted certain details.

  • Path Pruning: Resolved an issue where non-viable data paths were not being correctly pruned from analysis, improving performance.

  • UI Updates for CodeThreat Web App:

    • Breadcrumb Refinement: Improved breadcrumb navigation ensuring better in-app navigation.

    • Settings Enhancements: Added a note for the license settings page and introduced a Max Upload Limit field to streamline user preferences.

    • Azure & GitHub Field Controls: Enhanced the field controls during project creation for better user guidance.

    • UI Refinements: Addressed minor UI issues including the horizontal scrollbar, font inconsistencies, and provided additional UI tweaks.

Internal Updates:

  • Database Update Mechanism: Recognizing the importance of backward compatibility for our user base, we have established an internal database update mechanism. This ensures that as we roll out new features and improvements, existing functionalities remain consistent and uninterrupted. Our aim is to provide our customers with a seamless experience, reducing disruptions commonly associated with major updates.

Starting next month, every weakness rule update will be accompanied by a unique identifier, allowing you to quickly reference and understand the specifics of each change.

As August winds down, we pause to reflect on the spirit of August 30th, a date that embodies the pursuit of progress for Turkey. At CodeThreat, our roots might be local, but our reach is global. Thanks to invaluable advisors from around the world, we've come to realize that our core strength isn't just in the technology we build, but in the spirit and soul of our team. See you in the next month! The CodeThreat Team

Last updated