Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Release Date:22/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
Added Missing Snyk Project ID for Datalake Vulnerability response.
The following list provides you the bug fixes that are applied in this release:
Resolved issue in the Onboarding Status response when removing a GitHub Organization (removing BOT) from the PCC
Modified Repository statistics scheduler task functionality
Updated Linter Version work with Golang v1.18
Updated Serverless and Libs
Resolved [#LFXSEC-1829] OSSF security score (Datalake) (added Datalake queries for OSSF security scores)
NA
You can visit the following links for more information on LFX Security:
Release Date:18/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
BluBracket API Refactor - separated the vendor APIs and the datalake APIs into separate folders
Implemented LFXSEC-1828:Datalake Integration - API to Query Datalake Dependencies
Added Additional Project Statistics Checks
Added Markdown Scheduler Output Format for printing pending jobs/scheduled tags CLI
The following list provides you the bug fixes that are applied in this release:
BluBracket Org Lookup Fix - resolve an issue when a child project code secrets are queried and the organization information is stored with the parent. Added logic to cross-check the parent's org information
Fixed Snyk Projects not Found and Datalake fetch all dependencies Issues
Updated Project Stats CLI - cleaned up command-line flags and usage
Resolved Bug in the Vulnerabilities DL query related to the repository ID - now use the DL repo ID hashing function
Update code_secrets_details of Project statistics of project and parent projects
Resolved [#LFXSEC-1896] Feature/Datalake Integration
Resolved Project Stats - Code Secrets Details Encoding Error
Resolved Publish Stats Empty Message Issue
Resolved Additional Nil References After Service Composition Refactor, Resolved CSV Nil Pointer Issue
NA
You can visit the following links for more information on LFX Security:
Release Date 08/April/2022
This sections provides you with list of new features and bug fixes for this release.
Added Datalake Provider Interface - Abstracted Vendor vs Datalake queries
Updated BB Vendor Repo Scan Status Queries -> migrated from GET to POST with payload to support larger queries
Updated GitHub Webhook validation logic - tested/validated webhook secrets
Added Redis Caching on a number of API calls to increase query performance (local, vendor, and datalake sources). Added cache invalidation logic
Added Query Logic support for Global query on the v2 UX (search by project, CVE, CWE, GHSA, Language)
Expanded queries on the vulnerabilities page to support filtering for issue type/title, severity, CVE, CWE, GHSA, state (fixed/not fixed)
Updated API for BB non-inclusive language notifications (added logic to work with vendor and datalake, track notifications locally)
NA
NA
Release Date:10/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
Added Publish Stats to Platform Logic
Added Project Repository Statistics Job for Scheduler CLI
Added Code Secrets Details for Foundation Page
Added GitHub Repo Description to Code Secrets Response
Backend API work for security wall design changes
Added Project Service Client API for Setting Project Repo Relationship
Optimisation of created services functionality for various location
Added IsFixable to Datalake Vul Publish Schema
Added Fixable Flag for Snyk Vulnerabilities
The following list provides you the bug fixes that are applied in this release:
Remove update Code Secrets code from update project statistics to fixed timeout issue
Resolved Scheduler TaskID Issue
CI/CD - Updated to Golang 1.17.7
CI/CD - Updated Serverless to v3.7.4
Updated GitHub Membership Job Details
Fixed datalake repository query statement
NA
You can visit the following links for more information on LFX Security:
Release Date:23/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
NA
The following list provides you the bug fixes that are applied in this release:
Resolved PCC LFX Security Settings API Issues
Resolved API not implemented error (was using Datalake provider vs the vendor provider)
Removed the requirement to pass/provide the repository list for the Onboard Update settings API (not required if only adjusting the auto-enable flag
Removed Settings Update response payload (not used by PCC) and took a lot of resources
Updated to the serverless library to v3.8.0
NA
You can visit the following links for more information on LFX Security:
Release Date: 28/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
Added Initial Redis Cache Support
Added Redis configuration
Added Redis Caching for BluBracket Code Secrets, BluBracket Non Inclusive Language, and Vulnerabilities queries
Added Applicable flag for Datalake Repository Vulnerability API
The following list provides you the bug fixes that are applied in this release:
Fixed CVE/CWE datalake query
Fixed Issue LFXSEC-2060: Repository - Manifest file display does not display for Licenses Tab of EasyCLA
Resolved Issue for Datalake Licenses for the project which has more than 1 Snyk org
Resolved Project Search Filter
Updated to Serverless 3.10.0
Updated Minimist Library
NA
You can visit the following links for more information on LFX Security:
\
\
Release Date:10/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
Added Vulnerability Sort Filter
The following list provides you the bug fixes that are applied in this release:
Updated Vulnerability Stats Query to support publishing metrics. Added missing fields, updated metrics producer
NA
You can visit the following links for more information on LFX Security:
Resolves CWE-1321, , issue with the minimist library - updated to version ^1.2.6
Release Date:14/March/2022
LFX Security provides a strong security for you open source code. LFX provides a clear view into the security of a given project and enables developers to identify and resolve vulnerabilities quickly and easily.
Some of the prominent features for LFX Security are:
Automated vulnerability scanning
License compliance management
Centralized project security dashboard
Fix Recommendations
Contextual vulnerability reporting
Detailed Dependency Tree
Neutral to Source Control Systems
Release Version Contextualization
Code secrets detection
Identification of Non Inclusive language in the code
This sections provides you with list of new features and bug fixes for this release.
The following list provides you an overview of new features implemented in this release:
Added Badge Count and Total Project count on the project endpoint
Added Logic to Set Code Secrets Details for Parent Project
Added Snyk scan status to the Onboard status response
The following list provides you the bug fixes that are applied in this release:
Resolved Simple-Git Serverless Lib Vulnerability
Updated Project Foundation Summary Response
NA
You can visit the following links for more information on LFX Security: