v3.0.2

v3.0.2

v1.10.0

Changes

• FEATURE: Enable response file parsing provided by driver framework. Arguments (e.g., '@Commands.rsp') prefixed with a '@' character will be evaluated as a file path to a text file that contains commands to be injected on the command-line.
• BREAKING: Change fingerprint naming conventions and add new unique secret fingerprint (and opaque unique fingerprint hash).
• RE2.Native will now compile in all environments with the latest Windows SDK 10.0.* installed. #607. Our current release pipelines build NuGet packages with Windows SDK version 10.0.22000.

v1.9.0

• Bump MongoDB.Driver from 2.13.1 to 2.15.0 and Microsoft.AspNetCore.Http from 2.1.0 to 2.2.0. #608
• NR: Adding Url rule in the plugin ReviewPotentiallySensitiveData. #611

v1.8.0

Changes

• BUG: Resolve InvalidOperationException and IndexOutOfRange exceptions in StaticValidatorBase.IsValidStatic due to unsafe use of HashSet class. #595
• NR: Adding SlackWorkflow rule with dynamic validation. #585
• NR: Adding TelegramBotToken rule with dynamic validation. #587
• SDK: Exposing automationId, automationGuid, and postUri in the analyze command. #586
• NR: Adding IdentifiableNpmAuthorToken rule with dynamic validation. #588

v1.7.0

Set version to '1.7.0'

v1.6.0

Set version to '1.6.0'

v1.5.0-g9f639c22c7

Changes

• FPC: Improving RabbitMQ regex (removing new lines and spaces) from secret. #548
• FND: Improving SEC101/018.TwilioCredentials dynamic validation for test credentials. #549
• FPC: Normalizing regular expressions (\s\n got replaced by \s). Rules SEC101/036.MySqlCredential, SEC101/037.SqlCredentials, SEC101/038.PostgreSqlCredentials won't accept spaces in id and secret. #550
• SDK: Single match expression can run multiple regex types. #553
• FPC: Eliminate whitespace and commas from MongoDB match candidates (and resulting fingerprints). #554
• FPC: Improving regular expressions for rules SEC101/036.MySqlCredentials, SEC101/038.PostgreSqlCredentials, and SEC101/041.RabbitMqCredentials removing invalid characters (,, =, |, &, [, ], >) from Id and Resource. #555
• RRR: Improving SEC101/025.SendGridApiKeyValidator dynamic validator, replacing tcp for http calls, retrieving the scope of the key if available. #562

v1.5.0-alpha-0117-g136d47026e

Changes

• Plugin Improvement: Required properties will throw KeyNotFoundException if they do not exist. #539
• Tool should emit fixes with comprehensive region properties. #540
• Plugin Improvement: Added Fixes property in SEC104 rules that provide only one option. #541
• Reducing unhandled exceptions for the certificate rules. #544
• UER: Added a check for PostgreSql instances that are not reachable from external networks, reducing total unhandled exceptions. #545

v1.5.0-alpha-0109-gf687e5e98a

Changes

f687e5e Intrafile and Singlefile expressions weren't respecting retry (#537)
a1cc4de Cleaning StaticValidatorBase, renaming files (#536)
686f9b3 Refactoring ValidatorBase (#534)
28b53ca Improving HttpMockHelper comparison (#535)
336afda Improving regex patterns (#533)
c4214dc Adds Mock HTTP tests to HttpHAuthorizationHeader requests. (#532)
a8fb06e Adding CratesApiKey validator (#531)
0b9c1b0 Create HttpMockTestCase (#528)
ab164b7 Improving HttpMock capabilities (#527)

v1.5.0-alpha-0100-g6ee5829558

Changes

6ee5829 Adding tests for NPM rule (#525)
640f7f6 Making HttpClient static again when not using in tests (#526)
4ca1e08 Create Mock Http tests for Slack Tokens (#524)
e33d3ca Add mock http calls to DiscordValidatorTests (#523)
7b09519 Enabling multiple threads for testing (#522)
f4bf0fa Cleaning httpclient after test (#521)
9466ea6 Fixing collection name
358fef0 Updating MockHelper and CommonAssemblyInfo (#520)
d7da9f5 Crc helpers (#518)
285b41a Enabling GitHubAppCredentials dynamic validator (#516)
575a568 Rename CreateHttpClient to CreateOrUseCachedHttpClient (#517)
06ff25f Add Square Credentials Dynamic Validator (#515)
6e9a22f Nuget refinement (#514)
23dc3fe Improving exception handling for Crypto rule (#513)