The Puma Scan Professional v0.9.9 End User, Server and Azure Editions have added a new Dataflow Analysis Engine (v2.0). The new engine will increase performance, improve accuracy, and enable Puma Scan to start analyzing additional languages in the near future. The new engine is currently in beta and is an optional feature for current customers. However, a future Puma Scan Professional release will automatically upgrade users to the v2.0 Dataflow Analysis Engine. A formal announcement including the v1.0 engine deprecation timeline will be sent to all customers at a later time.
Opting in to the new Dataflow Analysis Engine can be made on a solution by solution basis, and is controlled by the new “DataflowAnalysisEngineVersion” field in solution’s
.pumafile. By default, the value of this setting will be “1.0”. Modifying the value to “2.0” will instruct Puma Scan Professional to use the new engine.
Please report any Dataflow Analysis Engine (v2.0) false negatives or false positives to support [at] pumascan [dot] com.
Using the SARIF Output Format Puma Scan Professional Server and Azure DevOps editions have...
Enabling the Sonatype OSS Index Integration We’re excited about the new integration with the...