release-notes
Puma Scan Pro 0.9.8.12 patch for AntiForgery Token and Missing Authorize Attribute rule improvements across all editions.
Puma Scan’s 0.9.8.12 release is a minor patch to the SEC0019 - Missing AntiForgery Token Attribute and SEC0120 - Missing Authorize Attribute rules in all editions.
End User Edition requires Visual Studio v15.9 or higher.
Server Edition requires a Windows Server with the following:
.NET Framework v4.7.2
The Build Tools for Visual Studio 2017 and 2019 are both supported. Ensure you have at least 1 of the following installed:
Build Tools 2017 version 15.8 or higher
Build Tools 2019 version 16.4 or higher
Azure DevOps Edition requires a hosted Azure Build Pipeline using the vs2017-win2016 or windows-2019 build agent.
Bug fix: SEC0019 - Missing AntiForgery Token Attribute eliminates false positives caused by controller classes inheriting from a custom controller decorated with the AntiForgery attribute.
Enhancement: SEC0019 - Missing AntiForgery Token Attribute identifies custom attributes inheriting from the AntiForgery attribute.
Bug fix: SEC0120 - Missing Authorize Attribute eliminates false positives caused by controller classes inheriting from a custom controller decorated with the Authorize attribute.
Enhancement: SEC0120 - Missing Authorize Attribute identifies custom attributes inheriting from the Authorize attribute.
