Releases: fortify/fcli
Releases · fortify/fcli
Development Release - develop branch
See Assets
section below for latest build artifacts
v2.4.0
2.4.0 (2024-05-17)
Features
- Add
fcli config public-key
commands for managing trusted public keys (4dff325) - Add
fcli fod action
commands for running a variety of yaml-based actions (4dff325) - Add
fcli fod issue list
command (4dff325) - Add
fcli ssc action
commands for running a variety of yaml-based actions (4dff325) - Add
fcli ssc issue list
command (4dff325) - Add actions for generating application version/release summary (4dff325)
- Add actions for generating BitBucket, GitHub, GitLab, SARIF and SonarQube vulnerability reports (4dff325)
- Add preview actions for generating GitHub Pull Request comments (4dff325)
- Add sample actions for checking security policy criteria (4dff325)
- Migrate FortifyVulnerabilityExporter functionality to yaml-based fcli actions (4dff325)
Bug Fixes
Development Release - main branch
See Assets
section below for latest build artifacts
2.4.0-preview
Public preview of fcli 2.4.0. Although just a minor version increase (as there are no notable breaking changes), this release comes with some exciting new features:
- Add
fcli fod issue list
command - Add
fcli ssc issue list
command - Add
fcli ssc action
commands for running a variety of yaml-based actions - Add
fcli fod action
commands for running a variety of yaml-based actions - Add
fcli config public-key
commands for managing trusted public keys - Migrate FortifyVulnerabilityExporter functionality to yaml-based fcli actions
- Add preview actions for generating GitHub Pull Request comments
- Add sample actions for implementing security policy checks (allowing users to implement their own policy checks through simple yaml files)
v2.3.0
v2.2.0
2.2.0 (2024-02-05)
Features
fcli fod
: Addfcli fod report
commands for creating and downloading FoD reports (resolves #263) (5796379)fcli fod
: Add preview commands for starting and managing DAST Automated scans (db898ee)fcli ssc
: Addfcli ssc report
commands for generating, downloading & managing SSC reports (resolves #205) (60e7855)fcli tool
: Addfcli tool * install --base-dir
option to specify the base directory under which all tools will be installed. By default, fcli will now also install tool invocation scripts in a global<base-dir>/bin
directory, unless the--no-global-bin
option is specified. This allows for having a single bin-directory on thePATH
, while managing the actual tool versions being invoked through thefcli tool * install
commands. (e2db51d)fcli tool
: Addfcli tool * install --uninstall
option to remove existing tool installations while installing a new tool version, allowing for easy tool upgrades. (e2db51d)fcli tool
: Addfcli tool debricked-cli
commands for installing Debricked CLI and managing those installations. (e2db51d)fcli tool
: Addfcli tool definitions
commands, allowing tool definitions to be updated to make fcli aware of new tool versions that were released after the current fcli release. Customers may also host customized tool definitions, for example allowing for alternative tool download URLs or restricting the set of tool versions available to end users. (e2db51d)fcli tool
: Addfcli tool fcli
commands for installing Fortify CLI and managing those installations. (e2db51d)fcli tool
: By default, thefcli tool * install
commands will now install tools under the<user.home>/fortify/tools
base directory (no dot/hidden directory), instead of<user.home>/.fortify/tools
(e2db51d)fcli tool
: Deprecatefcli tool * install --install-dir
option; the new--base-dir
option is now preferred as it supports new functionality like global bin-scripts. (e2db51d)
Bug Fixes
fcli ssc
: The--attributes
option onfcli ssc appversion *
andfcli ssc attribute *
commands now supports setting multiple values for an attribute (bd3fd62)
v2.1.0
2.1.0 (2023-11-21)
Features
fcli ssc appversion create
: Add options for copying existing application version (75461db)- Add
fcli ssc appversion copy-state
command (75461db) - Add
fcli system-state wait-for-job
command (75461db)
Bug Fixes
- rename new SSC_URL
PROJECT_VERSION_ACTION
->PROJECT_VERSIONS_ACTION
(55178be)
v2.0.0
2.0.0 (2023-10-25)
⚠ BREAKING CHANGES
- Core: Most commands/options now use case-sensitive matching to avoid inconsistent behavior between server-side and client-side matching
- Core: Change fcli variable syntax & behavior for easier use
- Core: Change query expression syntax to allow for advanced queries
- Core: Restructure fcli home/data directories. Configuration & session data stored by earlier fcli versions will not be available after upgrading, and will not be automatically removed. It's recommended to manually delete the
~/.fortify/fcli
folder when upgrading, and then use the new fcli version to re-apply configuration settings. - Core: Change environment variable names for better clarity and avoiding conflicts with other Fortify command-line utilities
- Core: The .jar version of fcli now requires Java 17 or higher to run
fcli config
: Restructure command tree & options for consistency & ease of usefcli config
: Move variable-related commands tofcli util
fcli fod
: Restructure existing commands & options for consistency & ease of usefcli sc-dast
: Minor restructuring of command tree & options for consistency & ease of usefcli sc-sast
: Minor restructuring of command options for consistency & ease of usefcli ssc
: Restructure existing commands & options for consistency & ease of usefcli tool
: Minor restructuring of command options for consistency & ease of use
Features
fcli config
: Move variable-related commands tofcli util
(ae7ad75)fcli config
: Restructure command tree & options for consistency & ease of use (ae7ad75)fcli fod
: Fixes, usability improvements & new commands for managing applications, microservices, releases, scans & scan results (ae7ad75)fcli fod
: Move out of preview mode, now officially supported (ae7ad75)fcli fod
: Restructure existing commands & options for consistency & ease of use (ae7ad75)fcli fod
: Various other fixes & usability improvements (ae7ad75)fcli license
: New command, adding support for generating MSP & NCD license usage reports (ae7ad75)fcli sc-dast
: Minor restructuring of command tree & options for consistency & ease of use (ae7ad75)fcli sc-dast
: Various fixes & usability improvements (ae7ad75)fcli sc-sast
: Minor restructuring of command options for consistency & ease of use (ae7ad75)fcli sc-sast
: New command for listing ScanCentral SAST sensors (ae7ad75)fcli sc-sast
: Various fixes & usability improvements (ae7ad75)fcli ssc
: Add support for applying filters on issue counts (ae7ad75)fcli ssc
: Add support for embedding additional data onfcli ssc appversion get/list
commands (ae7ad75)fcli ssc
: New commands for creating local users, refreshing metrics, listing rule packs & listing SSC configuration settings (ae7ad75)fcli ssc
: New commands for managing performance indicators & variables (PREVIEW) (ae7ad75)fcli ssc
: Restructure existing commands & options for consistency & ease of use (ae7ad75)fcli ssc
: Various other fixes & usability improvements (ae7ad75)fcli tool
: Add support for FortifyBugTrackerUtility (ae7ad75)fcli tool
: Improve tool version & digest handling (ae7ad75)fcli tool
: Minor restructuring of command options for consistency & ease of use (ae7ad75)fcli util
: Add variable-related commands (moved fromfcli config
) (ae7ad75)fcli util
: Add various other utility commands (ae7ad75)- Core: Add support for interactive confirmation on commands that require confirmation (ae7ad75)
- Core: Change environment variable names for better clarity and avoiding conflicts with other Fortify command-line utilities (ae7ad75)
- Core: Change fcli variable syntax & behavior for easier use (ae7ad75)
- Core: Change query expression syntax to allow for advanced queries (ae7ad75)
- Core: Restructure fcli home/data directories. Configuration & session data stored by earlier fcli versions will not be available after upgrading, and will not be automatically removed. It's recommended to manually delete the
~/.fortify/fcli
folder when upgrading, and then use the new fcli version to re-apply configuration settings. (ae7ad75) - Core: The .jar version of fcli now requires Java 17 or higher to run (ae7ad75)