API Releases

3.2.2 (2019-07-11)

  • Do not warm up cache on start
  • Fix incorrect type of upload loc in OpenAPI specification
  • Update of rips-cli to start scans

3.2.1 (2019-07-10)

  • Fix recursion in OpenAPI specification
  • Remove https check from health check

3.2.0 (2019-07-08)

  • Add health check
  • Refactor the queuing system
  • Refactor the functional tests
  • Add digests to scans with unresolved functions/classes
  • Create index for heavily used log columns
  • Add new file browser
  • Fix inconsistencies in OpenAPI specification
  • Sort code summaries in PDF report
  • Add patches to PDF report
  • Improve max. issues in PDF report
  • Add kill process functionality
  • Kill engines if scan is removed
  • Add time to fix to statistics
  • Add options to disable second order and framework hinting for PHP
  • Add filter to scan comparison endpoints
  • Use Symfony env from real env for commands
  • Store scan and issue id in add issue command log
  • Add confidence value to generated patches
  • Improve searching of parent
  • Allow local users to log in without LDAP
  • Allow to specify custom LDAP CA certificate
  • Add LDAP username mapping
  • Allow to disable LDAP through installer
  • Add pitfall support
  • Add new patch types
  • Improve existing patch types and examples
  • Clean part of the logs automatically
  • Add checksum to uploads
  • Make sure that user regex is valid
  • Add option to limit amount of parallel scans per organization
  • Show error message for certain exceptions
  • Add original highlighted content to generated patches
  • Add improved issue text for PHP_SELF
  • Add vscode and eclipse OAuth2 client id's
  • Add new issue type (dynamic query 'table')
  • Enable File Inclusion issue type forJava Engine
  • Include *.tld and *.jspx files for Java
  • Show readable error on upload problem
  • Add total amount of functions, methods, and classes to scan statistics
  • Disable write to global by default
  • Replace dead resource

3.1.2 (2019-04-16)

  • Bug fix of the ignore path function that did not always correctly flag files as ignored

3.1.1 (2019-04-10)

  • Add fallback for check scan command

3.1.0 (2019-04-08)

  • Add LDAP authentication for On-Premises version
  • Rewrite of PDF report for improved speed, asynchronous generation, and new design
  • Add review and comments to CSV export
  • Add files to database asynchronously on scan start
  • Bug fix of callback that was send twice on finished scan in some cases
  • Allow longer request URIs for logs in the database
  • Add base64 encoded authentication headers X-API-Email-Enc and X-API-Password-Enc
  • Require language for quota
  • Show different error message if application does not exist
  • Send headers for certain exceptions for easier identification
  • Limit password length to 72 characters because of BCrypt
  • Add File Write (CSV) issue type
  • Update patch example for Phar deserialization
  • Allow to filter processes by phase and percent
  • Increase possible size of settings value storage
  • Store summary highlight in database
  • Add JSP extension to file types
  • Fix taint confusion if there are multiple sinks in one line
  • Clean up resource links
  • Add ASVS 4.0 support

3.0.6 (2019-01-22)

  • Set upload removed to true by default
  • Add broadcast channel to rips-cli config

3.0.5 (2019-01-18)

  • Restrict callback access to chief users

3.0.4 (2019-01-18)

  • Increase copyright year in SaaS emails
  • Expose file path in the functions end-point

3.0.3 (2019-01-17)

  • Store trial issue types in organization as ids instead of tags

3.0.2 (2019-01-14)

  • Consider flexible quotas when switching app quota
  • Add default language to imported profiles

3.0.1 (2019-01-09)

  • Change parent of issue type "Weak HTTP Header"
  • Add additional flush on process update to avoid potential deadlocks

3.0.0 (2019-01-08)

  • Add Java support
  • Remove colors from issue types
  • Add new OWASP standards to issue types
  • Rename some issue types for Java support
  • Rename organisation to organization
  • Rename customs to profiles
  • Clean up database column names
  • Separate severity distribution by category
  • Calculate and set scan status through processes
  • Add source to scan
  • Use array structure to represent different parts of contexts
  • Add super globals to profiles
  • Add memory to processes
  • Deprecate old filter system
  • Drastically reduce the output of sub elements in the JSON output
  • Add select filter system
  • Use new license data structure
  • Use quotas of applications to start scans
  • Add flexible quotas
  • Add languages to quotas
  • Refactor and extend callback system
  • Add columns for functions, classes, sources, sinks, concats
  • Improved and extended ignore system
  • More precise tag system that finds previous scans
  • Remove Jira export in favor of native Jira plugin
  • Add types to sources and sinks
  • Generate statistics about archives when uploading
  • Use e-mail address as username exclusively
  • Return a special error code or header for expired applications
  • Add auto-renew for applications
  • Replace code highlighter
  • Add patch to issue types
Contents