snyk-security-scanner-plugin

What's Changed

• chore: use new download url for snyk downloads by @j-luong in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/150

Full Changelog: https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/4.0.3...4.1.0

What's Changed

• fix: ignore currently non-fixable vulnerability from jenkins-core by @bastiandoetsch in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/143
• feat: add circleci orb by @Avishagp in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/144
• chore: update pom dependency and base image to jenkins 2.442 by @cmars in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/145
• chore: update pom dependency, base image to jenkins 2.450 by @j-luong in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/147

New Contributors

• @cmars made their first contribution in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/145

Full Changelog: https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/4.0.2...4.0.3

What's Changed

• fix: catch malformedInputException by @j-luong in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/142
• chore: downgrade required Jenkins to 2.401.1+
• chore: set env vars for UserAgent

Full Changelog: https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/4.0.1...4.0.2

What's Changed

• chore: Updates to dependencies and requirements by @j-luong https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/141
  • Plugin requires Java 11
  • Plugin requires Jenkins 2.401.3+
  • Update dependencies

New Contributors

• @j-luong made their first contribution in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/141

Full Changelog: https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/3.2.9...4.0.1

What's Changed

• fix: catch exception when converting report to utf-8 by @PeterSchafer in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/140

New Contributors

• @PeterSchafer made their first contribution in https://github.com/jenkinsci/snyk-security-scanner-plugin/pull/140

Full Changelog: https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/3.2.7...3.2.9

• failOnError flag also works with monitor command now

Fixed

• NPE by undefined platform in tool installer (#122 )

Added

• introduce architecture platform property for installer (#119)

Fixed

• Improve build node platform detection (#116)

• Fixed unstyled reports when viewed from "Snyk Security Report" tab.

• Fixed a non-null annotation on Snyk Installations causing serialisation issues.

• Fixed --json flag conflicting with additional arguments using --.

• Added support for SNYK_TOKEN build environment variable.
  • Lets you provide a Snyk API Token using alternatives such as credential bindings.

• Added support for multiple reports in a single build.
  • HTML reports now use a date and time for their name.
• Removed "Advanced" toggle in interfaces.
• Monitor is now executed after the HTML report is generated.
• All Monitor output is now forwarded to Console Output.
• All stderr output is now forwarded to Console Output.
  • *.debug files are no longer generated.
• Added trace logging for HTML generation.
• Once the HTML report has been archived, *_snyk_report.json and *_snyk_report.html files are removed.
  • To see stdout for debugging, enable trace-level logging for io.snyk.
• Fixed warnings around anonymous class serialisation.
• Increased report page size to fit entire page.
• Fixed script errors on report page.

This is a failed release. Do not use.

• Improved documentation

• Improved error handling and status reporting.
• In pipelines, to differentiate between failed scans and issues found you can catch the SnykErrorException and SnykFailureException respectively.
• Previously if the step failed, the entire build would fail. Now only the step will fail allowing you to control how it propagates.
• Added an option to not fail the step on errors such as failed installs or bad configuration.
  • In pipelines, use the failOnError parameter.
  • In Freestyle Projects, use the relevant checkbox under build configuration.
• Updated Parent POM to 4.19
• Updated Credentials Plugin to 2.5
• Increased minimum supported Jenkins version to 2.222.4
• NodeJS and NPM installations are no longer required to run the step.
  • You may still need them to test your NodeJS-specific projects.
• Fixed an issue with CSS not being applied in HTML report with certain URL path setups.
• Increased minimum supported Snyk CLI version to 1.500.0
• Snyk installations are now downloaded from static.snyk.io instead of GitHub.

• feat: adds support for critical severities
• fix: check for NPE by marshalling/unmarshalling json objects

Improvements

• Allow using SnykApiToken credential on folder level

Fixes

• pipe debug monitor output into stderr #64