Back to Resources

release-notes

Professional Edition 1.1 - 1.5 Release Notes (2021 - 2022)

13 Jul 2022

Puma Scan Professional release notes for versions 1.1 through 1.5, covering Sonatype OSS Index, SARIF output, VS 2022 support, .NET 6, and custom sinks for 40+ rules.

The 1.1 through 1.5 series added open source dependency scanning, new output formats, Visual Studio 2022 support, and .NET 6 compatibility with expanded custom sink support across the full rule catalog.

Version 1.1 (March 2021)

  • New rule: SEC0039 - Vulnerable Package Reference integrating with the Sonatype OSS Index for open source vulnerability detection
  • Fixed Dataflow Analysis Engine v2.0 false positives for const fields in nested static classes
  • New SARIF output format for Server and Azure DevOps editions
  • VS Code: fixed intermittent error dialog on manual scan

Version 1.1.2 (July 2021)

  • Fixed SEC0029 DataContractJsonSerializer ArgumentOutOfRangeException
  • Fixed SEC0039 ignoring project dependencies when Version attribute is missing
  • Server and Azure DevOps: asterisk glob pattern support for project and settings paths
  • Azure DevOps: license activation no longer requires manual PumaLicense pipeline variable updates
  • Server Edition: fixed exit code incorrectly returning error with version switch

Version 1.2 (November 2021)

  • Dataflow Analysis Engine v2.0 now the default for new installations
  • Existing projects with .pumafile retain their configured engine version
  • VS Code: .NET 5 SDK support

Version 1.3.1 (February 2022)

Visual Studio 2022 support.

  • Visual Studio 2022 (v17.0+) support added
  • Build Tools 2019 and 2022 both supported for Server and Azure DevOps editions
  • New dedicated Puma Scan Tool Window for findings, configuration, and report generation
  • On-demand scanning mode option for large solutions or lightweight development. See the User Guide for details.

Version 1.5 (July 2022)

.NET 6 SDK support with expanded custom sinks.

  • All rules updated for .NET 6 framework namespaces
  • Custom sinks support expanded to 40+ rules including SQL injection, XSS, command injection, deserialization, path tampering, LDAP injection, SSRF, and more. See the User Guide for configuration details.
  • VS 2022: fixed exception when opening without a solution
  • VS Code: fixed exception on first scan or license activation

Related Posts

release-notes

Professional Edition 1.0 Series Release Notes (2020 - 2021)

The 1.0 series marked Puma Scan Professional’s general availability milestone, bringing cross-platform VS Code support,...


Eric Mead / 05 Jan 2021

release-notes

Road to 1.0: Release Notes 0.8 - 0.9.9 (2018 - 2020)

The 0.8 through 0.9 series transformed Puma Scan from a Visual Studio-only beta into a...


Eric Mead / 18 May 2020

release-notes

Early Beta Release Notes: 0.5 - 0.7.5 (2017 - 2018)

The early beta period established Puma Scan Professional’s core capabilities: custom rules configuration, data flow...


Eric Mead / 13 Jul 2018