Skip to content

Latest commit

 

History

History
37 lines (25 loc) · 2.65 KB

currentreleasenotes.md

File metadata and controls

37 lines (25 loc) · 2.65 KB

Current Release notes

Notices

[company_name] [solution_name] has been renamed [detect_product_long] with page links, documentation, and other URLs updated accordingly. Update any [detect_product_short] documentation, or other bookmarks you may have. See the Domain Change FAQ.

  • As part of this activity, sig-repo.synopsys.com and detect.synopsys.com are being deprecated. Please make use of repo.blackduck.com and detect.blackduck.com respectively.
    • [detect_product_short] script downloads should only be accessed via detect.blackduck.com.
    • [detect_product_short] 10.0.0 and later will only work when using repo.blackduck.com.
    • If you are using [detect_product_short] 8 or 9 it is essential to update to 8.11.2 or 9.10.1 respectively, before sig-repo is decommissioned.

It is recommended that customers continue to maintain sig-repo.synopsys.com, and repo.blackduck.com on their allow list until such time as all scripts, services, or pipelines have been updated with the repo.blackduck.com URL.

  • [bd_product_long] SCA Scan Service (SCASS) requires customers add or update IP addresses configured in their network firewalls or allow lists. This action is required to successfully route scan data to the new service for processing.

    • scass.blackduck.com - 35.244.200.22
    • na.scass.blackduck.com - 35.244.200.22
    • na.store.scass.blackduck.com - 34.54.95.139
    • eu.store.scass.blackduck.com - 34.54.213.11
    • eu.scass.blackduck.com - 34.54.38.252

Version 10.4.0

New features

  • Support for Conda has been extended to 25.1.1. Here’s the revised line, following your requested format:
  • A new detector leveraging cargo tree to extract direct and transitive dependencies, improving accuracy over the previous flat-list detection. This build-based detector is triggered for Cargo projects with a Cargo.toml file and requires Cargo version 1.44.0+. Falls back to the existing build-less approach if cargo tree is unavailable.
  • Added property detect.cargo.path to allow users to specify a custom Cargo executable path.

Resolved issues

  • (IDETECT-4642) - Improved handling of pnpm packages that contain detailed version information in the pnpm-lock.yaml. Resolving [detect_product_short] missing some packages through failure to link direct and transitive dependencies.
  • (IDETECT-4641) - Improved [detect_product_short]'s Yarn detector to handle non-standard version entries for component dependencies.

Dependency updates