You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
BRK: Remove defunct and unsupported kusto command in Sarif.Multitool.
BRK: Remove support for .NET Core 3.1 and .NET 6.0 in preference of a supported version of .NET, net8.0.
BRK: Remove HashData.MD5, HashUtilities.ComputeMD5Hash due to the inherent insecurity of this algorithm.
BRK: 'HashUtilities.ComputeHash' no longer generates MD5 hashes (only SHA1 and SHA256).
DEP: Remove dependency on Microsoft.Azure.Kusto.Data.
DEP: Update Azure.Identity reference from 1.10.2 to 1.13.1 in WorkItems and Sarif.Multitool.Library to resolve CVE-2024-29992 and other CVEs.
DEP: Update Azure.Core from 1.35.0 to 1.41.1 to satisfy minimum requirement of Azure.Identity 1.12.1 (that has no known vulnerabilities).
DEP: Update System.Text.Encodings.Web from 5.0.1 to 6.0.0 (required by transitive closure of dependency requirements from other updates).
DEP: Update all Newtonsoft.Json references to 13.0.3 to resolve CVE-2024-21907.
DEP: Update Microsoft.Data.SqlClient from 2.1.7 to 5.2.2 so its dependencies Microsoft.IdentityModel.JsonWebTokens and System.IdentityModel.Tokens.Jwt upgrade to non-vulnerable version 6.35.0 (GHSA-59j7-ghrg-fj52).
BUG: Resolve process hangs when a file path is provided with a wildcard, but without a -r (recurse) flag during the multi-threaded analysis file enumeration phase.
BUG: Fix error ERR997.NoValidAnalysisTargets when scanning symbolic link files.
BUG: Fix error ERR997.NoValidAnalysisTargets when passing wildcard patterns (e.g., *.txt) to OrderedFileSpecifier. A recent change limited our wildcard support strictly to use of * only.
BUG: Fix ERR999.UnhandledEngineException: System.IO.FileNotFoundException: Could not find file when a file name or directory path contains URL-encoded characters.
BUG: Fix error ERR997.NoValidAnalysisTargets when ambiguous file/directory references are provided to OrderedFileSpecifier. Previously, the code required an explicit directory separator to be added to the end of a directory path. Now, the code inspects the file system and assumes that a reference to an existing directory was intended by the user (even without a trailing separator).
BUG: Fixed error ERR997.NoValidAnalysisTargets | TargetParseError when processing OPC files by correctly handling programmatic usage and skipping redundant file access when a stream is provided via EnumeratedArtifact.
BUG: Eliminate unhandled UriFormatException: Invalid URI: The format of the URI could not be determined. when creating a ZipArchiveArtifact with a relative URI.
BUG: Refactored MultithreadedCommandBase to check for empty or oversized artifacts before attempting to load OPC artifacts. This avoids unnecessary processing and improves performance by skipping invalid inputs early.
NEW: Allow null archive uri in MultithreadedZipArchiveArtifactProvider (which indicates that enumerated artifact paths should not include the base archive).
NEW: Update LogTargetParseError(IAnalysisContext, Region, string, Exception) to include optional exception argument to denote code location where parse error occurred.
