Professional Edition 1.0.4 Release Notes

Puma Scan’s 1.0.4 release is an update for the Puma Scan End User, Server, and Azure DevOps Editions.

System Requirements

• End User Edition for Visual Studio Code requires Visual Studio Code for Windows, macOS, or Linux.

• End User Edition for Visual Studio requires Visual Studio 2019 v16.0 or higher.

• End User Edition for Visual Studio 2017 requires Visual Studio 2017 v15.9 or higher.

• Server Edition requires a Windows Server with the following:

  • .NET Framework v4.7.2

  • The Build Tools for Visual Studio 2017 and 2019 are both supported. Ensure you have at least 1 of the following installed:

    • Build Tools 2017 version 15.8 or higher

    • Build Tools 2019 version 16.4 or higher

• Azure DevOps Edition requires a hosted Azure Build Pipeline using the vs2017-win2016 or windows-2019 build agent.

Framework Enhancements

• Bug fix: False positives are being raised when data from configuration namespaces flow to a sink. This includes specific objects, methods and properties from the System.Configuration and Microsoft.Extensions.Configuration namespaces.

• Enhancement: Support added for NET Core 3.x Authz policies to prevent false positives being raised when evaluating Puma Scan rule, SEC0120 - Missing Authorization Attribute.

End User Edition for Visual Studio

• Enhancement: Warning messages display prior to generating a report if Puma Scan detects that scanning is paused or that a suppression was added to a .pumafile that results in all violations being suppressed.