Skip to content

Latest commit

 

History

History
252 lines (174 loc) · 7.8 KB

releasenote.md

File metadata and controls

252 lines (174 loc) · 7.8 KB
Raw

1.8.1 (2024-03-15)

New Features

  • OWASP ZAP integration (uploading findings)

Bug Fixes

  • Fixed some visual deficits on show project page
  • Fixed properly setting the status in adding Dependency-Track scanner

1.8.0 (2023-09-05)

New Features

  • Refreshed show project page with additional statistic
  • Project vulnerability timeline
  • Vulnerability timeline
  • More other stats like average time to fix vulnerability
  • Enabled hibernate envers for projectvulnerability table
  • added endpoint with more detailed statistics for both project and vulnerabilities discovered within project

Updates

  • Updated to angular 14 and ngx-admin 10 (Frontend)

Bug Fixes

  • Fixed problem with not refreshed gauge chart with project threat rating
  • Fixed bug when some vulnerabilities status was not managed properly
  • Fixed bug with Checkmarx integration

New Features

  • Enabled hibernate envers for projectvulnerability table
  • added endpoint with more detailed statistics for both project and vulnerabilities discovered within project

Bug Fixes

  • Fixed bug when some vulnerabilities status was not managed properly
  • Fixed bug with Checkmarx integration

1.7.0 (2023-01-23)

Bug Fixes

  • Fixed bug with caused sometimes failure in creating synchronization with SCA

New Features

  • Nexus-IQ Integration

1.6.3 (2022-08-16)

New Features

  • Adjusted docs
  • Fixed release
  • Fixed startup script

Bug Fixes

  • Updated libraries due to security reasons
  • Fixed problem with checkmarx plugin

1.6.1 (2022-05-07)

Bug Fixes

  • Fixed bug that allow to perform multiple sast scans of same project. Fixed status management, now when specific codeproject has inqueue or running state equal to true, it cannot be put on queue (Mixeway/MixewayBackend#82)
  • Fixed bug related with improper view of the status in codeproject opensource scanner integration (Mixeway/MixewayFrontend#57)

1.6.0 (2022-04-25)

New Features

  • New widget on show-project page
  • Removed CodeGroup concept in favor of CodeProject only
  • Integration tests of MixewayBackend

Bug Fixes

  • Security updates in Backend & Frontend
  • Fixed problem related with errors when Vault integration is disabled

1.5.0 (2021-12-16)

New Features

  • New main dashboard
  • New project dashboard

Bug Fixes

  • Adjusted and fixed problems with Checkmarx scans

1.4.1 (2021-03-10)

New Features

  • Possibility to configure global git credentials (url + username:password) for SAST plugins

Bug Fixes

  • Fixed window with editing of source code repository values

1.4.0 (2021-01-18)

New Features

  • Adding REST Endpoint which return result of Security Quaility Gateway for particular Code Repository
  • Added Orange Poland Logo
  • Knowlege base - possibility to create custom severity for vulnerabilities
  • Openscap support for CIS Benchmark

Bug Fixes

  • Fixing CI Script to fit newest version of MixewayBackend

1.3.5 (2020-11-26)

Bug Fixes

  • Fixing CI Script to fit newest version of MixewayBackend

1.3.4 (2020-09-02)

New Features

  • New Methods for CICD integration with Mixeway Scanner

1.3.3 (2020-08-23)

New Features

  • User Profile eidition (change password)
  • Dark mode enabled (change in user profile)
  • Update to Angular 10 and ngx-admin 6.0.0
  • Intorduced role CICD and possibility to generate CICD Api Key for standard users
  • Introduced new methods for interacting with CICD

Bug Fixes

  • Fixed a bug with project name display during confirmation of deletion
  • Fixed a bug with not reloading proxy and routing domain in admin zone. No refresh is now required.

1.3.2 (2020-07-23)

Bug Fixes

  • Fixed Bug related with running scan on GVM (scope single, multiple asset)
  • Fixed logging during running scans on GVM
  • Fixed Bug related with problems in using Vuln Auditor

1.3.1 (2020-07-16)

New Features

  • Configurable Security Quality Gateway (accessible from settings)
  • AWS EC2 Integration in terms of assets information loading

1.3.0 (2020-05-31)

New Features

  • Mixeway Vuln Auditor - DeepLearning microservice which use Neural Network to classify software vulnerabilities
  • Vulnerability Description is displayed in more proper manner. Modal displaying details is allowing user to confirm or deny vulnerability
  • Possibility to create Application profile, on both project or asset level information gathered and put into profile helps Vuln Auditor to better understand application context and then classify vulnerability

Bug Fixes

  • Tables filtering set to proper level. Whenever possible select fields are possible to show.
  • Vulnerabilities are no longer deleted before loading from scanner. ID of detected vulnerability is constant, vulnerability is deleted only if it is not detected in next scan.

Removed Features

  • Partitioning software vulnerabilities was removed, in this place single tab is displayed with colum which allows to filter

1.2.3 (2020-04-26)

Bug Fixes

  • Fixed problem with saving users with permissions of Admin and Editor #16
  • Fixed problem with saving properly CodeGroup with no dependant CodeProject #15

1.2.2 (2020-04-26)

New Features

  • Possibility to set enable vuln manage option on project level. Setting this option to false will result in hiding vulnerabilities and not returning them through Global API (but getting vulnerabilities per specific project will still works) see also #12

Bug Fixes

  • Fixed problem when search widget did not work as expected see also #13

1.2.1 (2020-04-05)

New Features

  • Frontend updated to Angular 9
  • Frontend updated to Ngx-Admin 5
  • Global statistics for OpenSource Vulnerabilities
  • Possibility to create Password Authentication for Web Application scans (based on username and password passed later to scanner)

1.2.0 (2020-04-03)

New Features

  • Integration with Burp Enterprise Edition

BUG Fixes

  • Routing Domain is no longer required while scanner creation
  • Risk of project, codeProject, WebApp and asset is now created in offline. Fixed problem in long execution time.
  • Code of integration partially refactored

1.1.0 (2020-03-20)

New Features

  • Bash script ready to integrate with CI tools (scripts/CIScript/mixeway-ci)
  • New view for checking CI Job status and state

Bug Fixes

  • Fixed problem with refreshing repository table after creating object
  • Fixed problem with disappearing SAST and OpenSource integration fields once one of them was done

1.0.0 (2020-03-04)

New Features

  • Hashicorp Vault integration is now optional

BUG Fixes

  • Tutorial translation
  • Sonar bugs fixes

0.9.2 (2020-02-08)

New Features

  • REST API to get scanner types already integrated
  • Checkmarx integration (scope: create project, configure scan, run sca, get vulnerabilities)
  • Extended Fortify SSC integration - possibility to create and configure SSC projects via Mixeway

BUG Fixes

  • Fixed bug related with deletion of scanners

v0.9.1 (30.01.2020)

New Features

  • Integration with OWASP Dependency track with scope of loading vulnerabilities
  • Added scope to Security Quality Gateway with WebApp Vulns, Code Vulns and OpenSource vulns
  • Possibility to set scheduler settings (cron expression) from admin->settings panel. Scheduler can be configured for task related with scheduled scans.

BUG Fixes

  • Fix long time of loading tables containing risk calculations
  • Fixed problem with filtering and sorting of some columns in tables of Project Details
  • Fixed problem with JIRA ticket creation