Puma Scan’s 0.9.2.1 release includes a new security analyzer, enhanced reporting details, and squashes a few bugs.
End User Edition requires Visual Studio v15.9 or higher
Server Edition requires a Windows Server with the .NET Framework v4.7.1 and Build Tools for Visual Studio 2017 installed.
New rule: SEC0120 - Missing Authorize Attribute
Enhancement: Report output (HTML, JSON) enhanced to include additional audit details including passing rules, scanner configuration settings, disabled rules, custom cleanse methods, and false positives.
Bug fix: Fixed data flow analysis to properly handle async / await conditions on method invocations.
Bug fix: False positive exceptions were not working when using wildcards for start and end line numbers.
Bug fix: Intermittent null reference error when reading the .pumafile settings data.
Bug fix: Improved logging details to help see details as analysis rules are executing.