Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Product

Description

Mend for GitHub Enterprise
Mend for GitLab
Mend for Bitbucket Server

The setup.cfg file is now supported for triggering a scan through the Unified Agent Controller.

Mend for GitHub Enterprise
Mend for GitHub.com
Mend for GitLab
Mend for Bitbucket Server
Mend for Azure Repos

Names of all Checks (Security, License, SAST, IaC) were changed from “WhiteSource” to “Mend”.

Mend for Bitbucket Server

Added the ability to scan cloud infrastructure configurations (IaC) to find misconfigurations before they are deployed. For this, a Mend IaC Check was introduced which runs in parallel to the existing Mend Security/License Check. In addition, IaC violation alerts are displayed via Issues.

Mend for GitHub Enterprise
Mend for GitLab
Mend for Bitbucket Server

Enabled Smart Fix for Java projects.

NOTE: An update to this version will cause an increase in plugin activity for the repositories with Java projects in the first few days (up to a week). The number of scan requests will temporarily increase by 20%-50% depending on how many Java projects there are in the organization. Consider temporarily increasing the number of scanners for this period.

Resolved Issues

Product

Description

Mend for Azure Repos

A Remediate pull request would not be created if a space appeared in the repository name.

...

Product

Description

Mend for GitLab

Added the ability to scan cloud infrastructure configurations (IaC) to find misconfigurations before they are deployed. For this, a Mend IaC Check was introduced which runs in parallel to the existing Mend Security/License Check. In addition, IaC violation alerts are displayed via GitHub Issues.

Mend for Github.com
Mend for GitHub Enterprise
Mend for GitLab
Mend for Bitbucket Server
Mend for Azure Repos

Added a new tag commitId to the Mend application Projects that will contain the latest scanned commit ID.

Mend for Azure Repos

The issueType setting was added to the issueSettings parameter of the Mend configuration file. This setting defines the type of issues that will be enabled in the repository - one for each vulnerability or one for each dependency with all vulnerabilities grouped within.

Mend for Github.com
Mend for Azure Repos

Python version 3.8 is now supported when performing a scan with the SCM scanner. Note that Python version 3.7.12 is still the supported default version.

Mend for Github.com
Mend for Azure Repos

The scanning of Dotnet 6 projects is now supported.

Mend for Github.com
Mend for Azure Repos

Dev dependencies in the NPM and Yarn projects will not be scanned by default.

Mend for Github.com
Mend for GitHub Enterprise
Mend for GitLab
Mend for Bitbucket Server
Mend for Azure Repos

Enabled Smart Fix for Java projects.

...