These release notes are for the WhiteSource cloud solution, and do not apply to the on-premises solution that has its own release notes.
Click here to view known issues.
Release notes are subject to change until the actual release date. Note that WhiteSource reserves the right to postpone the release of this page for up to and including 48 hours after the version’s actual release.
This page is "dynamic" and is subject to change between official releases. WhiteSource reserves the right to modify this page retroactively. Check this page periodically between official releases to ensure you are up-to-date with all hotfixes, changes and additions to WhiteSource's products.
Release Notes & Announcements Subscription Service
You can subscribe to the Customer Community Portal Announcements section in order to receive immediate email notifications on important announcements and product release notes.
Version 21.7.2 (15-August-2021)
New Features and Updates
Product | Description |
---|---|
WhiteSource for GitLab Server |
|
WhiteSource for GitHub.com | Users can now manually trigger scans for specific repositories. |
WhiteSource Advise for Visual Studio | WhiteSource added developer focus mode for Visual Studio. |
WhiteSource for Bitbucket Server, | Added Remediate Worker Horizontal Scalability. This feature is used to scale Remediate to allow it to utilize additional containers, in order to process multiple repositories concurrently. |
Version 21.7.1 (1-August-2021)
New Features and Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | Added inheritence configuration validation and error notification via issues and check runs. |
WhiteSource Advise for WebStorm | WhiteSource added developer focus mode for WebStorm. |
WhiteSource Advise for Visual Studio Code | WhiteSource added developer focus mode for Visual Studio Code. |
NOTE: The Unified Agent. The GitHub.com integration in this version supports version 21.6.3 of the Unified Agent. The GitHub.com integration in this version supports version 21.6.3 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.6.3 (18-July-2021)
New Features and Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA |
|
WhiteSource Advise for PyCharm |
|
WhiteSource for GitHub.com |
|
WhiteSource for GitHub Enterprise |
|
WhiteSource for GitHub Enterprise |
|
Resolved Issues
Product | Description |
---|---|
All Repo Integrations | In cases of update requests that originated from the SCM scanner, the plugin request report in the app displayed the org's default approver instead of the service user that created the scan. |
NOTE: The Unified Agent. The GitHub.com integration in this version supports version 21.6.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.6.3 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.6.2 (4-July-2021)
Product | Description |
---|---|
WhiteSource for GitHub.com |
|
WhiteSource Advise for PyCharm |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.5.2 of the Unified Agent. The http://GitHub.com integration in this version supports version 21.6.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.6.1 (20-June-2021)
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.5.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.6.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.5.2 (6-June-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise, | In cases where the integration failed to retrieve either a .whitesource configuration file from a repository, or any of the WhiteSource configuration files included inside the Global Configuration repository, a WhiteSource Configuration check run with a failed status will be created. |
WhiteSource for Bitbucket Server, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.5.1 of the Unified Agent. The GitHub.com integration in this version supports version 21.5.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.5.1 (23-May-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ, | Added support for IDE version 2021.1. |
WhiteSource Advise for IntelliJ, |
|
WhiteSource Advise for Eclipse, | Added a Clear Results button to the WhiteSource tab, providing users the ability to clear all currently displayed data (from all projects). |
WhiteSource Advise for Eclipse | Improved the display of the hierarchy tree for transitive vulnerabilities. |
WhiteSource for Bitbucket Server, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.4.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.5.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource for Bitbucket Server, | When the global-config.json (as part of Global Configuration) contained a noWhitesourceFile parameter, repositories with an unmerged (open/closed) onboarding PR were not scanned. |
WhiteSource for GitHub Enterprise, | In rare cases, the WhiteSource IaC Check returned a Success status instead of a failed status. |
WhiteSource for GitLab | In specific cases, in the Remediate container logs, an SSH public key was leaked. |
WhiteSource Advise for Eclipse |
|
Version 21.4.2 (9-May-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | Added support for .NET core 5.0 built projects. |
WhiteSource for GitHub Enterprise |
|
WhiteSource Advise for PyCharm, | Beginning in this version, you can configure the plugin to also alert on dev dependencies. This changes the default scanning behavior of WhiteSource Advise for Visual Studio (before version 21.4.2, alerts for dev dependencies were displayed). |
WhiteSource for Bitbucket Server, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.4.1 of the Unified Agent. The GitHub.com integration in this version supports version 21.4.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource for GitHub.com | Repositories built with Paket could not be scanned successfully. |
WhiteSource for GitHub.com | Elixir-based repositories could not be scanned successfully. |
WhiteSource Advise for IntelliJ | In specific scenarios where a dependency did not contain an explicit version, no vulnerability alerts were raised for it. |
WhiteSource for Bitbucket Server, | Modifying the minSeverityLevel parameter value inside the .whitesource configuration file did not lead to the automatic closing of existing non-relevant issues. |
WhiteSource for GitHub Enterprise, | In specific scenarios, a Bad Credentials error was displayed when migrating specific repositories to the global configuration via the migration feature. |
Version 21.4.1 (25-April-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | WhiteSource has launched the ability to scan cloud infrastructure configurations (IaC) to find misconfigurations before they are deployed. For this, a WhiteSource IaC Check was introduced which runs in parallel to the existing WhiteSource Security/License Check. In addition, IaC violation alerts are displayed via GitHub Issues. |
WhiteSource for Bitbucket Server, | Previously, the only way to provide the integration's activation key to the Remediate container was by using a prop.json file. |
WhiteSource Advise for IntelliJ, | Beginning in this version, you can configure the plugin/extension to alert only on detected vulnerabilities satisfying a given minimum severity level (as opposed to always showing Low, Medium and High severity vulnerabilities). |
WhiteSource Advise for WebStorm | Beginning in this version, WhiteSource Advise will not scan the node_modules folder of a selected project. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.3.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.4.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for VS Code | In specific scenarios, when installing the extension on a WhiteSource Dedicated Instance-related environment, scanning resulted in connection issues. |
Version 21.3.2 (11-April-2021)
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.3.1 of the Unified Agent. The GitHub.com integration in this version supports version 21.3.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ, | Better handling when the developers' environment is disconnected from the internet or has no access to the WhiteSource servers. |
WhiteSource Advise for Visual Studio | In some cases, scanning a C# project resulted in an exception, and in addition, no vulnerabilities were displayed. |
WhiteSource for GitHub.com | When adding an empty whitesource-config repository from a default "main" branch to the integration, it was not initialized with WhiteSource configuration files. |
WhiteSource for GitLab | When using the security dashboard, issues were published but the commit comment was not updated with scan results and remained with a "scan in progress" indication. |
Version 21.3.1 (4-April-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA, | An improved notification message is now displayed when no vulnerabilities are found in a scanned project. |
WhiteSource Advise for IntelliJ IDEA | Added support for the "apply from" script plugin in Gradle projects, which can reference a dependency file contained within the scanned project or outside of it. |
WhiteSource Advise for Eclipse, | Beginning in this version, you can configure the plugin to alert only on direct dependency vulnerabilities (as opposed to both direct and transitive vulnerabilities). |
WhiteSource for Bitbucket Server, | For NPM projects only - Added support for remediation of transitive npm packages when a package-lock.json is present. |
WhiteSource for Bitbucket Server, | Beginning in this version, a new WhiteSource Security/License Check summary will be displayed in case a scan results in an empty inventory (as opposed to when one or more Security/License issues are detected). |
WhiteSource Remediate | Remediate sometimes, and Renovate often, needs to query github.com for tags and releases (e.g. for release notes fetching). |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.2.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.3.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ | When scanning a large Gradle project (~20 modules), the plugin would run for an excessive amount of time, which resulted in the IDE being frozen. |
WhiteSource for Bitbucket Server, | Improved rotation of the application container logs by modifying the maximum log size from 10GB to 2GB, and the maximum history days from 600 to 60 days. |
Version 21.2.2 (14-March-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA, | Beginning in this version, you can configure WhiteSource settings (Settings > Tools > WhiteSource) either on a global (affecting all projects) or project level (affecting a single project only). |
WhiteSource Advise for VS Code, | Beginning in this version, you can configure the plugin to alert only on direct dependency vulnerabilities (as opposed to both direct and transitive vulnerabilities). |
WhiteSource for Bitbucket Server, | Beginning in this version, to improve performance, the integration will only clone the specific repository branch instead of cloning all branches before performing a scan. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.2.1 of the Unified Agent. The GitHub.com integration in this version supports version 21.2.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Version 21.2.1 (28-February-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA, |
|
WhiteSource Advise for WebStorm | Scanning a project that does not contain any package-lock.json file now results in a notification asking the user to ensure the project is built before being scanned with WhiteSource Advise. |
WhiteSource Advise for PyCharm | An improved notification message is now displayed when no vulnerabilities are found in the project. |
WhiteSource for GitHub.com | Beginning in this version, to improve performance, the integration will only clone the specific repository branch instead of cloning all branches before performing a scan. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.1.2 of the Unified Agent. The GitHub.com integration in this version supports version 21.2.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource for GitHub Enterprise | In a forked repository with branch protection rules in place, when the last commit in a PR did not trigger a scan (not a valid push), then a neutral check run was created. In such a case, even if new vulnerabilities were introduced as part of the PR, merging the PR was still possible. |
WhiteSource for GitHub.com | In cases where the WhiteSource License Check was enabled, license policy violation data for libraries with an unknown license (Requires Review license type) were not surfaced in the integration. |
Version 21.1.2 (14-February-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, | For improved visibility and troubleshooting, a startup check mechanism was added in the app container, which upon startup, provides a clear indication of the connectivity status between itself and the remediate container, the repository platform (SCM) API, and the WhiteSource application server. The startup check also validates the activation key provided in the initial configuration. |
WhiteSource Advise for PyCharm, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 21.1.1 of the Unified Agent. The GitHub.com integration in this version supports version 21.1.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource for Bitbucket Server, |
|
WhiteSource Advise for PyCharm, |
|
Version 21.1.1 (31-January-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, |
|
WhiteSource for Bitbucket Server, | With the release of version 20.12.3 of the Unified Agent, the default dependency resolution for npm projects has been optimized by relying on the package-lock.json file (the npm.resolveLockFile Unified Agent configuration parameter default value is now true). |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.12.3 of the Unified Agent. The GitHub.com integration in this version supports version 21.1.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for PyCharm |
|
WhiteSource Advise for PyCharm, | In some cases, a wrong transitive vulnerability tree was displayed for vulnerabilities detected under a direct dependency. |
Version 20.12.3 (17-January-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | With the release of version 20.12.3 of the Unified Agent, the default dependency resolution for npm projects has been optimized by relying on the package-lock.json file (the npm.resolveLockFile Unified Agent configuration parameter default value is now true). |
WhiteSource Advise for Eclipse, | Added enhanced WhiteSource Advise license validation. WhiteSource Advise will periodically validate the activation credentials and delete its data in case the license key has expired. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.12.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.12.3 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA, | In some cases, when the Remember license key option was enabled during activation, the activation credentials would not be saved upon restarting the IDE. |
WhiteSource for Bitbucket Server, | A .whitesource file pointing to a custom whitesource-config repo which is not the default one, led to the global repo configuration (global-config.json) being taken from the default whitesource-config repo location. |
Version 20.12.2 (3-January-2021)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for PyCharm, | WhiteSource has launched WhiteSource Advise for PyCharm and WhiteSource Advise for WebStorm plugins, empowering JetBrains developers with important, valuable information on security vulnerabilities concerning open-source components employed in their development projects. |
WhiteSource Advise for IntelliJ IDEA |
|
WhiteSource for Bitbucket Server, | From this version onwards, the Administration > WhiteSource Integration page enables the Bitbucket administrator to select Projects to integrate with WhiteSource, instead of Repositories. Once a project is selected by the Bitbucket administrator, the project administrator will be able to access the WhiteSource Integration page from the Project > Project settings page and decide which repositories within that project to integrate with WhiteSource. NOTE: Customers upgrading from an older version of the integration will be automatically migrated to the new WhiteSource Integration model. This means that for each already integrated repository, the repository will be automatically selected inside the Project > Project settings page. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.12.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.12.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.12.2 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA | Scanning a Gradle project following file changes would sometimes not show markers for detected vulnerabilities. |
WhiteSource for Bitbucket Server, | In an integrated repository page, the Critical severity metric inside the WhiteSource Security widget was modified to High in order to align with the WhiteSource UI severity metrics. |
Version 20.12.1 (20-December-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise, | Added ability to define a whitelist of GitHub Organizations and/or GitHub repository owners who can integrate with the WhiteSource integration. |
WhiteSource for Bitbucket Server, | Global Repo Configuration:
|
WhiteSource Advise for Visual Studio Code |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.11.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.12.1 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.11.1 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA | The No proxy HTTP setting was ignored by the plugin. |
WhiteSource for Bitbucket Server, | The scanner container did not clean up between container restarts, resulting in a potentially large growth in the container’s disk size. |
Version 20.11.2 (6-December-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for Eclipse |
|
WhiteSource for Bitbucket Server, |
NOTE: This feature currently supports only base branches (using the baseBranches parameter). A License Check Run (GitHub)/Commit Status (GitLab)/ Build Status (Bitbucket) will not be created on non-base branches when using displayMode=diff as part of the configuration in the .whitesource file. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.11.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.11.2 of the Unified Agent. The WhiteSource for Bitbucket integration in this version supports version 20.11.1 of the Bitbucket Add-on.
Resolved Issues
Product | Description |
---|---|
WhiteSource for GitHub Enterprise | Renovate config presets were not being resolved. |
WhiteSource for Bitbucket Server, | In the WhiteSource Security Report (Code Insights), the table listing each vulnerability was not displayed correctly. |
Version 20.11.1 (22-November-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ, |
NOTE: This feature is only available when using version 20.11.1 or later of WhiteSource Advise. |
WhiteSource Advise for IntelliJ IDEA |
|
WhiteSource for Bitbucket Server, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.10.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.11.1 of the Unified Agent.
Resolved Issues
Product | Description |
---|---|
WhiteSource Advise for IntelliJ, |
|
WhiteSource Advise for IntelliJ |
|
Version 20.10.2.1 (8-November-2020)
Resolved Issues
Product | Description |
---|---|
WhiteSource for GitHub Enterprise | In some cases, two scans were triggered for the same commit. This led the issue publishing process to run twice at the exact same time, causing duplicate issues to be created. |
Version 20.10.1.1 (25-October-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for IntelliJ IDEA |
|
WhiteSource for Bitbucket Server, |
|
WhiteSource for Bitbucket Server | In the WhiteSource Integration page:
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.9.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.10.1 of the Unified Agent.
Resolved Issues
Product | Description |
---|---|
WhiteSource for Bitbucket Server |
|
WhiteSource for Bitbucket Server, |
|
Version 20.9.2 (11-October-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, |
|
WhiteSource for GitHub.com |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.9.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.9.2 of the Unified Agent.
Version 20.9.1 (4-October-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, |
|
WhiteSource for Bitbucket Server, |
|
WhiteSource Advise for Visual Studio Code |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.8.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.9.1 of the Unified Agent.
Version 20.8.2.1 (13-September-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, |
|
WhiteSource Advise for Visual Studio Code |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.8.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.8.2 of the Unified Agent.
Resolved Issues
WhiteSource Advise for Eclipse: Reinstallation of the WhiteSource Advise plugin caused multiple entries in the Builders view.
Version 20.8.1 (30-August-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for Visual Studio Code | WhiteSource has launched the WhiteSource for Visual Studio Code extension, empowering Visual Studio Code developers with important, valuable information on security vulnerabilities concerning open-source components employed in their development projects. For more information, see here. |
WhiteSource for Bitbucket Server, |
|
WhiteSource for GitHub Enterprise | Support for a Check Run on a pull request generated from a forked repository. |
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.7.3 of the Unified Agent. The GitHub.com integration in this version supports version 20.8.1 of the Unified Agent.
Resolved Issues
When a vulnerability affected multiple packages, only information on a single package was shown in the WhiteSource security check.
Global Configuration: Adding the migration.json file to a non-default branch generated a failed WhiteSource security check.
Version 20.7.3 (16-August-2020)
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.7.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.7.3 of the Unified Agent.
Resolved Issues
WhiteSource for GitHub.com, WhiteSource for GitHub Enterprise: Migrating specific repositories to the global configuration using the excludeRepos parameter led to incorrect results.
Version 20.7.2 (3-August-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for Eclipse, WhiteSource Advise for IntelliJ IDEA |
|
WhiteSource for Bitbucket Server, |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.7.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.7.2 of the Unified Agent.
Resolved Issues
WhiteSource for GitHub.com, WhiteSource for GitHub Enterprise: When the content of a "WhiteSource Security Check" exceeded GitHub's size limit for a Check Run, the check run content was not displayed.
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, WhiteSource for GitHub.com, WhiteSource for GitLab: As part of the Global Repo Configuration, the whitesource-config repository had to be initialized with a README file in order for the global-config.json and repo-config.json files to be automatically generated by the integration.
Version 20.7.1.1 (23-July-2020)
Resolved Issues
All Repo Integrations: In some scenarios, the WhiteSource Security Check summary functionality led to a NullPointer exception where we could not identify the package dependency file path. This led to the Check Run/Commit Status/Build Status being in Pending status for 6 hours, after which a timeout mechanism marked it as Failed.
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.6.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.7.1 of the Unified Agent.
Version 20.7.1 (20-July-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for Visual Studio |
|
WhiteSource for Bitbucket Server, |
|
WhiteSource for Bitbucket Server |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.6.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.7.1 of the Unified Agent.
Version 20.6.2.2 (7-July-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource Advise for Visual Studio |
|
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, and WhiteSource for GitLab |
|
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, WhiteSource for GitHub.com, and WhiteSource for GitLab |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.6.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.6.2 of the Unified Agent.
Resolved Issues
WhiteSource for Bitbucket Server: When uninstalling the add-on, the activation key and list of integrated repositories were not cleared.
Version 20.6.1.1 (23-June-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, and WhiteSource for GitLab |
|
WhiteSource for Bitbucket Server |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.5.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.6.1 of the Unified Agent.
Version 20.5.2.1 (10-June-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise, and WhiteSource for GitLab |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.5.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.5.2 of the Unified Agent.
Version 20.5.1.3 (03-June-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, and WhiteSource for GitLab |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.4.2 of the Unified Agent. The GitHub.com integration in this version supports version 20.5.1 of the Unified Agent.
Resolved Issues
WhiteSource for GitHub Enterprise: When running the wss-ghe-app container, a FileNotFoundException error message appeared in the logs.
Version 20.4.2.2 (17-May-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise |
|
WhiteSource for Bitbucket Server, WhiteSource for GitHub Enterprise, and WhiteSource for GitLab |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab integrations in this version support version 20.4.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.4.2.2 of the Unified Agent.
Resolved Issues
WhiteSource for GitHub Enterprise: When performing a scan, the local Maven registry directive was ignored.
Version 20.3.1 (29-March-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | Support for Gradle Kotlin projects |
NOTE: The GitHub.com integration in this version supports version 20.3.1 of the Unified Agent.
Version 20.2.2 (15-March-2020)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com | Support for Gradle in WhiteSource Remediate |
WhiteSource for Bitbucket Server |
|
NOTE: The GitHub Enterprise, Bitbucket Server, and GitLab Server integrations in this version support version 20.2.1 of the Unified Agent. The GitHub.com integration in this version supports version 20.2.2 of the Unified Agent.
Resolved Issues
WhiteSource Advise for Eclipse - Quick fix did not work when the version was provided as a variable
Version 19.11.2 (8-December-2019)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise, WhiteSource for GitHub.com, and WhiteSource for Bitbucket Server | Setting the minSeverityLevel parameter in the .whitesource configuration file now also affects the WhiteSource Security Check summary list. |
Version 19.11.1 (24-November-2019)
New Features & Updates
Product | Description |
---|---|
WhiteSource for Bitbucket Server | The .whitesource configuration file now includes a parameter minSeverityLevel, enabling you to decide whether to open a new Bitbucket Server Issue only if a certain Security Vulnerability Severity level is available. |
WhiteSource Advise for Chrome | Removed browser permissions for the Chrome extension that were not used by WhiteSource. |
Resolved Issues
Products | Description |
---|---|
WhiteSource for GitHub.com, WhiteSource for GitHub Enterprise | When executing a scan with either the LOCAL or EXTERNAL values set for the configMode parameter in the .whitesource configuration file, the includes and excludes parameters are ignored. |
Version 19.9.2 (27-October-2019)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub.com, WhiteSource for GitHub Enterprise | This version introduces the ability to generate fix PRs on-demand without defining workflow rules in advance. |
WhiteSource for GitHub Enterprise, WhiteSource for Bitbucket Server | A Health Check API endpoint was added to the wss-scanner Docker image. |
Version 19.9.1 (22-September-2019)
New Features & Updates
Product | Description |
---|---|
WhiteSource for GitHub Enterprise, WhiteSource for GitHub.com, and WhiteSource for BitBucket Server | An indicator has been added indicating when automatic remediation is available for the specific vulnerability. |
WhiteSource for GitLab Core | WhiteSource is launching the WhiteSource for GitLab Core beta version, enabling GitLab users to access WhiteSource security alerts within GitLab’s native environment. |