Skip to content

Latest commit

 

History

History
34 lines (23 loc) · 2.76 KB

currentreleasenotes.md

File metadata and controls

34 lines (23 loc) · 2.76 KB

Current Release notes

Notices

[company_name] [solution_name] has been renamed [detect_product_long] with page links, documentation, and other URLs updated accordingly. Update any [detect_product_short] documentation, or other bookmarks you may have. See the Domain Change FAQ.

  • As part of this activity, sig-repo.synopsys.com and detect.synopsys.com are being deprecated. Please make use of repo.blackduck.com and detect.blackduck.com respectively.
    • [detect_product_short] script downloads should only be accessed via detect.blackduck.com.
    • [detect_product_short] 10.0.0 and later will only work when using repo.blackduck.com.
    • If you are using [detect_product_short] 8 or 9 it is essential to update to 8.11.2 or 9.10.1 respectively, before sig-repo is decommissioned.

It is recommended that customers continue to maintain sig-repo.synopsys.com, and repo.blackduck.com on their allow list until such time as all scripts, services, or pipelines have been updated with the repo.blackduck.com URL.

  • [bd_product_long] SCA Scan Service (SCASS) requires customers add or update IP addresses configured in their network firewalls or allow lists. This action is required to successfully route scan data to the new service for processing.

    • scass.blackduck.com - 35.244.200.22
    • na.scass.blackduck.com - 35.244.200.22
    • na.store.scass.blackduck.com - 34.54.95.139
    • eu.store.scass.blackduck.com - 34.54.213.11
    • eu.scass.blackduck.com - 34.54.38.252

Version 10.4.0

New features

  • Support for Conda has been extended to 25.1.1.
  • Cargo CLI Detector, leveraging cargo tree to extract direct and transitive dependencies, improving accuracy over the previous flat lockfile detection. This build-based detector is triggered for Cargo projects with a Cargo.toml file and requires Cargo version 1.44.0+. For further information, see Cargo package manager support.
  • Added property detect.cargo.path to allow user specification of a custom Cargo executable path.

Resolved issues

  • (IDETECT-4642) - Improved handling of pnpm packages that contain detailed version information in the pnpm-lock.yaml. Resolving [detect_product_short] missing some packages through failure to link direct and transitive dependencies.
  • (IDETECT-4641) - Improved [detect_product_short]'s Yarn detector to handle non-standard version entries for component dependencies.
  • (IDETECT-4594) - Resolved [detect_product_short] failing to handle duplicate keys in package.json files across npm, pnpm, Lerna, and Yarn projects.