Release Note 23.1.0
  • 02 Jun 2023
  • 6 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

Release Note 23.1.0

  • Dark
    Light
  • PDF

Article Summary

April 2023 - Key Updates, and Improvements

Date of release: 23 April 2023
Article last updated: 31 May 2023

Key Updates

1. New policy rules added for Salesforce Metadata

Serial No.Rule NameDescription
1Profile - Developer PolicyProfile - Developer Policy gives visibility on access permissions related to Author APEX, Import Custom Objects. This violation means that this Profile conflicts with your policy for these settings.
2Profile - Password PolicyProfile - Password Policy gives visibility on access permissions related to Passwords Expiry, Enforce password History, Minimum Password Length, Password Complexity Requirement, Password Question Requirement, Maximum Invalid Login Attempts, Lockout Effective period, Obscure answer for password resets, Require minimum One Day password lifetime, Don't Immediately expire links in forgot password emails.
3PermissionSet - Security Settings PolicyPermissionSet - Security Settings Policy gives visibility on access permissions related to Manage Certificates,Manage IP Addresses,Manage Encryption Keys,View Threat Detection Events,Profile allows Manage Security Center.
4PermissionSet - Flows PolicyPermissionSet - Flows Policy gives visibility on access permissions related to Run Flows, Flows Policy, Manage Flow. This violation means that this Permission Set conflicts with your policy for these settings.
5Profile - API Admin PolicyProfile - API Admin Policy gives visibility on API Admin permissions.
6Profile - Security Settings PolicyProfile - Security Settings Policy gives visibility on access permissions related to IP Restrict Requests,Manage Certificates,Manage IP Addresses,Manage Encryption Keys,View Threat Detection Events,Profile allows Manage Security Center.
7PermissionSet - Packages Admin PolicyPermissionSet - Packages Admin Policy gives visibility on access permissions related to Create and Update Second-Generation Packages, Delete Second-Generation Packages, Manage Package Licenses, Download AppExchange Packages, Create AppExchange Packages, Upload AppExchange Packages.
8PermissionSet - Platform Admin PolicyPermissionSet - Platform Admin Policy gives visibility on Platform Admin permissions.
9PermissionSet - User Management PolicyPermissionSet - User Management Policy gives visibility on access permissions related to Manage Users, Manage Roles, Assign Permission Sets, Reset Passwords and Manage Internal Users.
10Profile - Packages Admin PolicyProfile - Packages Admin Policy gives visibility on access permissions related to Packaging2, Packaging2Delete, ManagePackageLicenses, InstallPackaging, CreatePackaging, PublishPackaging.
11PermissionSet - Data Admin PolicyPermissionSet - Data Admin Policy gives visibility on access permissions related to Manage Data Categories, View All Data, Manage Data Integrations, ModifyAllData , View Encrypted Data, Weekly Data Export, Edit Read Only Fields.
12PermissionSet - Developer PolicyPermissionSet - Developer Policy gives visibility on access permissions related to Author APEX, Import Custom Objects.
13Profile - Data Admin PolicyProfile - Data Admin Policy gives visibility on access permissions related to Manage Data Categories, View All Data, Manage Data Integrations, ModifyAllData , View Encrypted Data, Weekly Data Export, Edit Read Only Fields.
14PermissionSet - Files and Content PolicyPermissionSet - Files and Content Policy gives visibility on access permissions related to Files Connect Cloud.
15Profile - Platform Admin PolicyProfile - Platform Admin Policy gives visibility on Platform Admin permissions.
16Profile - Reports and Dashboards Admin PolicyProfile - Reports and Dashboards Admin Policy gives visibility on access permissions related to Create Report Folders, Manage All Private Reports and Dashboards, Create and Customize Reports, Manage Reports in Public Folders, Manage Dashboards in Public Folders, Manage Custom Report Types, Report Builder, Report Builder (Lightning Experience), Run Reports, Create and Customize Dashboards, Manage Dynamic Dashboards, Export Reports.
17PermissionSet - Permissions Admin PolicyPermissionSet - Permissions Admin Policy gives visibility on access permissions related to Manage Profiles and Permission Sets, Manage Sharing, Multi-Factor Authentication for User Interface Logins, Manage Auth. Providers, Manage Custom Permissions, Manage Login Access Policies, Manage Password Policies, Allow Password Never Expires, Manage Session Permission Set Activations, Exempt from Transaction Security, Waive Multi-Factor Authentication for Exempt Users.
18PermissionSet - Reports And Dashboards Admin PolicyPermissionSet - Reports And Dashboards Admin Policy gives visibility on access permissions related to Manage All Private Reports and Dashboards, Create and Customize Reports, Manage Reports in Public Folders, Manage Dashboards in Public Folders, Manage Custom Report Types, Report Builder, Report Builder (Lightning Experience), Run Reports, Create and Customize Dashboards, Manage Dynamic Dashboards, Export Reports.
19Organization - Session PolicyOrganization - Session Policy gives visibility on access permissions related to Session Timeout, Enforce login IP ranges on every request.
20Profile - Flows PolicyProfile - Flows Policy gives visibility on access permissions related to Run Flows, Flows Policy, Manage Flow.
21Organization - Password PolicyOrganization - Password Policy gives visibility on access permissions related to Passwords Expiry, Enforce password History, Minimum Password Length, Password Complexity Requirement, Password Question Requirement, Maximum Invalid Login Attempts, Lockout Effective period, Obscure answer for password resets, Require minimum One Day password lifetime.
22Profile - Session PolicyProfile - Session Policy gives visibility on access permissions related to Required Session Level and Session Timeout Limit.
23Profile - Files and Content PolicyProfile - Files and Content Policy gives visibility on access permissions related to Query All Files, Files Connect Cloud, Manage Salesforce CRM Content, Manage Content Permissions, Manage Content Properties.
24Profile - Permissions Admin PolicyProfile - Permissions Admin Policy gives visibility on access permissions related to Manage Profiles and Permission Sets, Manage Sharing, Multi-Factor Authentication for User Interface Logins, Manage Auth. Providers, Manage Custom Permissions, Manage Login Access Policies, Manage Password Policies, Allow Password Never Expires, Manage Session Permission Set Activations, Exempt from Transaction Security, Waive Multi-Factor Authentication for Exempt Users.
25PermissionSet - API Admin PolicyPermissionSet - API Admin Policy gives visibility on access permissions related to Modify Metadata Through Metadata API Functions, Bulk API Hard Delete, API Enabled, Multi-Factor Authentication for API Logins, Manage Multifactor Auth - API, Apex REST Services, Access Customer Asset Lifecycle Management APIs, Update Consent Preferences Using REST API.
26Profile - User Management PolicyProfile - User Management Policy gives visibility on access permissions related to Manage Users, Manage Roles, Assign Permission Sets, Reset Passwords and Manage Internal Users.

The complete CodeScan rules list can be accessed HERE.


Improvements

UI/UX Improvements

  • New interactive and appearance have been introduced to the CodeScan Welcome screen. Two new options, Application Security Testing and Policy Management are offered when you first log in to CodeScan. If you select Application Security Testing, you will be directed to the Projects page, which is now your default homepage. As a result, when you log in to CodeScan the next time, you will be immediately redirected to the Projects page. Similarly, if you choose Policy Management, you will be navigated to the Policy Results screen, now set as your default homepage.
    image.png
  • The Policy Results page can now be accessed under the More tab in the CodeScan application.
    image.png

Other improvements

  • This release includes minor stability fixes and improvements for the CodeScan platform.

Changelogs

12 May 2023

(CodeScan v23.1.1)

  • CodeScan self-hosted has been upgraded from 22.8 to 23.1.1 version.
  • This release includes Apex-pmd dependency upgrade and significant security improvements. Updating is strongly recommended.

31 May 2023

(CodeScan v23.1.2)

This is a maintenance release. The following items were fixed and/or added:

  • Starting from version 23.1.2, CodeScan supports integration to GIT with SSH Keys and supports ssh:// protocol. Connecting to GIT repository using the Secure Shell Protocol (SSH) provides a secure channel over an unsecured network. (Learn More)
  • Salesforce Spring '23 (API version 57.0) Support: To keep our product up to current with the most recent Salesforce upgrades, CodeScan supports the most recent API 57.0 version in this release.
  • This release also includes insecure dependent libraries upgrade and other significant security improvements.


Was this article helpful?