Puma Scan’s 1.0.4 release is an update for the Puma Scan End User, Server, and Azure DevOps Editions.
End User Edition for Visual Studio Code requires Visual Studio Code for Windows, macOS, or Linux.
End User Edition for Visual Studio requires Visual Studio 2019 v16.0 or higher.
End User Edition for Visual Studio 2017 requires Visual Studio 2017 v15.9 or higher.
Server Edition requires a Windows Server with the following:
.NET Framework v4.7.2
The Build Tools for Visual Studio 2017 and 2019 are both supported. Ensure you have at least 1 of the following installed:
Build Tools 2017 version 15.8 or higher
Build Tools 2019 version 16.4 or higher
Azure DevOps Edition requires a hosted Azure Build Pipeline using the vs2017-win2016 or windows-2019 build agent.
Bug fix: False positives are being raised when data from configuration namespaces flow to a sink. This includes specific objects, methods and properties from the System.Configuration and Microsoft.Extensions.Configuration namespaces.
Enhancement: Support added for NET Core 3.x Authz policies to prevent false positives being raised when evaluating Puma Scan rule, SEC0120 - Missing Authorization Attribute.