Skip to content

Releases: sonatype/nexus-iq-fortify-ssc

SonatypeFortifyBundle-5.4.2

31 Mar 15:54
@sonatype-jenkins sonatype-jenkins
v5.4.2
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.4.2 Latest
Latest

Changelog

  • Added support for fetching projects using pagination from Fortify SSC
Assets 3
Loading

SonatypeFortifyBundle-5.4.1

13 Jan 01:31
@sonatype-jenkins sonatype-jenkins
v5.4.1
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.4.1

Changelog

  • Fixed an issue where expired waivers caused syncronization to fail
  • Fixed an issue where auto-waivers caused syncronization to fail
Loading

SonatypeFortifyBundle-5.4.0

28 Oct 13:54
@sonatype-jenkins sonatype-jenkins
v5.4.0
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.4.0

Changelog

  • Added a new endpoint for ad‑hoc synchronization by scanId
Loading

SonatypeFortifyBundle-5.3.0

03 Mar 15:50
@sonatype-jenkins sonatype-jenkins
v5.3.0
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.3.0

Changelog

  • Converted the iqWebhook endpoint to an asynchronous model to improve stability
Loading

SonatypeFortifyBundle-5.2.1

11 Feb 15:28
@sonatype-jenkins sonatype-jenkins
v5.2.1
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.2.1

Changelog

  • Prevented redundant artifact uploads when no missed reports were found in the history
Loading

SonatypeFortifyBundle-5.2.0

06 Feb 22:28
@sonatype-jenkins sonatype-jenkins
v5.2.0
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.2.0

Changelog

  • Fixed a bug that caused redundant artifacts
  • Added support for Golden Versions, the non-breaking upgrade resolving policy violations for the component and its dependencies
Loading

SonatypeFortifyBundle-5.1.3

23 Jan 14:34
@sonatype-jenkins sonatype-jenkins
v5.1.3
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.1.3

Changelog

  • Fixed an issue where an older report was uploaded to Fortify SSC. The sync service now correctly prioritizes and only uploads the latest available report
  • Added the Sonatype Policy Name to the violation detail view
Loading

SonatypeFortifyBundle-5.1.2

14 Nov 19:03
@sonatype-jenkins sonatype-jenkins
v5.1.2
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.1.2

Changelog

  • Fixed an issue where the expected scan report was not being synchronized if the most recent one was an identical report generated by continuous monitoring
Loading

SonatypeFortifyBundle-5.1.1

07 Oct 18:14
@sonatype-jenkins sonatype-jenkins
v5.1.1
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.1.1

Changelog

  • Fixed issue where sync service did not terminate as expected when the killProcess flag was set to true
  • Added support for fortifyApplicationId when using the startScanLoad endpoint
Loading

SonatypeFortifyBundle-5.1.0

11 Sep 15:47
@sonatype-jenkins sonatype-jenkins
v5.1.0
e8ade22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
SonatypeFortifyBundle-5.1.0

Changelog

  • Fortify Application ID can now be used to map JSON instead of the application name
  • Added support for synchronizing all violation categories, not only security
  • Uploads of reports generated by continuous monitoring will be skipped if the data is identical to the previously uploaded report
  • Fortify Audit Details are now clickable links for Fortify versions 23.0 and later
  • Included license information for the report in the synchronized artifact. This can be configured via the include.license.information property
Loading