Releases: jenkinsci/fortify-plugin
Releases · jenkinsci/fortify-plugin
23.1 release version of the Fortify plugin
Changes in this release:
- Support for Jenkins LTS version 2.426.1
- Minor enhancements and bug fixes
22.2 release version of the Fortify plugin
This is a security patch addressing these CVEs from https://www.jenkins.io/security/advisory/2023-08-16/:
22.1 release version of the Fortify plugin
Changes in this release:
- Support for the Credentials API plugin. The Fortify Jenkins plugin uses the Credentials API for all authentication tokens.
- Support for Jenkins global proxy settings. Connections to Fortify Software Security Center and Fortify Rulepack Update servers now use the Jenkins global proxy settings.
- Support for Jenkins 2.346.3. The supported range is now 2.249.3 – 2.346.3.
- The FortifyUpload step now returns the number of issues that match the failureCriteria. For more information, see: #54.
- Added the ability to automatically accept the public key from Software Security Center when updating Fortify Security Content.
- Added versions 14 and 17 to the Java source version dropdown list.
- Fixed an issue with finding FORTIFY_HOME and PATH variables on agents. For more information, see: #49.
- Minor enhancements and bug fixes.
21.2 release version of the Fortify plugin
Changes in this release:
- Added support to use Maven and Gradle installations set up with Global Tool Configuration
- New support for remote translation of .NET projects
- Timeout option added to the fortifyUpload pipeline step
- Performance improvement: New ability to search for a target application version for upload to SSC and to limit the number of application versions fetched per request
- New option to restrict users from running scans locally
- New ability to send Maven and Gradle projects for analysis by ScanCentral SAST without running a build
- Added ability to upload your custom results to SSC. More details here https://github.com/fortify/sample-parser
- Fixed running translation on UNIX agents due to a backslash in the path for com.fortify.sca.ProjectRoot
21.1 release version of the Fortify plugin
Changes in this release:
- Adding support for Jenkins Configuration as Code, see our documentation.
Please, note that the top level element of our plugin configuration is called fortifyPlugin instead of fortify.
20.2 hotfix release version of the Fortify plugin
Changes in this release:
- Adding support for the div-based layout in Jenkins 2.277 and later, maintaining compatibility with Jenkins 2.222.4 and later.
- Fixing processing of SSC application and version names containing spaces, quotes and braces
- Arbitrary file read/write in fortifyUpload step
20.2 release version of the Fortify plugin
Changes in this release:
- Ability to upload an existing FPR to SSC without running a scan from Freestyle projects
- New timeout settings for SSC connections
- Polling timeout when waiting for SSC processing to complete for Freestyle projects
- Minor bug fixes
20.1 hotfix release version of the Fortify plugin
Changes in this release:
- Fixed an issue with locating ScanCentral executable in system's PATH
- Migrated wiki documentation to github
20.1 release version of the Fortify plugin
Changes in this release:
- Updated java version list to match the items supported by Fortify SCA 20.1 release
- Renamed CloudScan to ScanCentral following the contract of Fortify SCA 20.1 release
- Added ability to download localized rulepacks
- Removed/refactored confusing "executable not found" message from output
19.1: the first official Fortify plugin release
The first official open source release of the Fortify plugin that's been part of the Fortify Software Security Suite since 2013.