Release Notes 23.1

CodeScan Release 23.1

Major Updates

23 April 2023 Release Date

(CodeScan v 23.1.0)

1. New policy rules added for Salesforce Metadata

Serial No.

Rule Name

Description

Profile - Developer Policy

Profile - Developer Policy gives visibility on access permissions related to Author APEX, Import Custom Objects. This violation means that this Profile conflicts with your policy for these settings.

Profile - Password Policy

Profile - Password Policy gives visibility on access permissions related to Passwords Expiry, Enforce password History, Minimum Password Length, Password Complexity Requirement, Password Question Requirement, Maximum Invalid Login Attempts, Lockout Effective period, Obscure answer for password resets, Require minimum One Day password lifetime, Don't Immediately expire links in forgot password emails.

PermissionSet - Security Settings Policy

PermissionSet - Security Settings Policy gives visibility on access permissions related to Manage Certificates,Manage IP Addresses,Manage Encryption Keys,View Threat Detection Events,Profile allows Manage Security Center.

PermissionSet - Flows Policy

PermissionSet - Flows Policy gives visibility on access permissions related to Run Flows, Flows Policy, Manage Flow. This violation means that this Permission Set conflicts with your policy for these settings.

Profile - API Admin Policy

Profile - API Admin Policy gives visibility on API Admin permissions.

Profile - Security Settings Policy

Profile - Security Settings Policy gives visibility on access permissions related to IP Restrict Requests,Manage Certificates,Manage IP Addresses,Manage Encryption Keys,View Threat Detection Events,Profile allows Manage Security Center.

PermissionSet - Packages Admin Policy

PermissionSet - Packages Admin Policy gives visibility on access permissions related to Create and Update Second-Generation Packages, Delete Second-Generation Packages, Manage Package Licenses, Download AppExchange Packages, Create AppExchange Packages, Upload AppExchange Packages.

PermissionSet - Platform Admin Policy

PermissionSet - Platform Admin Policy gives visibility on Platform Admin permissions.

PermissionSet - User Management Policy

PermissionSet - User Management Policy gives visibility on access permissions related to Manage Users, Manage Roles, Assign Permission Sets, Reset Passwords and Manage Internal Users.

Profile - Packages Admin Policy

Profile - Packages Admin Policy gives visibility on access permissions related to Packaging2, Packaging2Delete, ManagePackageLicenses, InstallPackaging, CreatePackaging, PublishPackaging.

PermissionSet - Data Admin Policy

PermissionSet - Data Admin Policy gives visibility on access permissions related to Manage Data Categories, View All Data, Manage Data Integrations, ModifyAllData , View Encrypted Data, Weekly Data Export, Edit Read Only Fields.

PermissionSet - Developer Policy

PermissionSet - Developer Policy gives visibility on access permissions related to Author APEX, Import Custom Objects.

Profile - Data Admin Policy

Profile - Data Admin Policy gives visibility on access permissions related to Manage Data Categories, View All Data, Manage Data Integrations, ModifyAllData , View Encrypted Data, Weekly Data Export, Edit Read Only Fields.

PermissionSet - Files and Content Policy

PermissionSet - Files and Content Policy gives visibility on access permissions related to Files Connect Cloud.

Profile - Platform Admin Policy

Profile - Platform Admin Policy gives visibility on Platform Admin permissions.

Profile - Reports and Dashboards Admin Policy

Profile - Reports and Dashboards Admin Policy gives visibility on access permissions related to Create Report Folders, Manage All Private Reports and Dashboards, Create and Customize Reports, Manage Reports in Public Folders, Manage Dashboards in Public Folders, Manage Custom Report Types, Report Builder, Report Builder (Lightning Experience), Run Reports, Create and Customize Dashboards, Manage Dynamic Dashboards, Export Reports.

PermissionSet - Permissions Admin Policy

PermissionSet - Permissions Admin Policy gives visibility on access permissions related to Manage Profiles and Permission Sets, Manage Sharing, Multi-Factor Authentication for User Interface Logins, Manage Auth. Providers, Manage Custom Permissions, Manage Login Access Policies, Manage Password Policies, Allow Password Never Expires, Manage Session Permission Set Activations, Exempt from Transaction Security, Waive Multi-Factor Authentication for Exempt Users.

PermissionSet - Reports And Dashboards Admin Policy

PermissionSet - Reports And Dashboards Admin Policy gives visibility on access permissions related to Manage All Private Reports and Dashboards, Create and Customize Reports, Manage Reports in Public Folders, Manage Dashboards in Public Folders, Manage Custom Report Types, Report Builder, Report Builder (Lightning Experience), Run Reports, Create and Customize Dashboards, Manage Dynamic Dashboards, Export Reports.

Organization - Session Policy

Organization - Session Policy gives visibility on access permissions related to Session Timeout, Enforce login IP ranges on every request.

Profile - Flows Policy

Profile - Flows Policy gives visibility on access permissions related to Run Flows, Flows Policy, Manage Flow.

Organization - Password Policy

Organization - Password Policy gives visibility on access permissions related to Passwords Expiry, Enforce password History, Minimum Password Length, Password Complexity Requirement, Password Question Requirement, Maximum Invalid Login Attempts, Lockout Effective period, Obscure answer for password resets, Require minimum One Day password lifetime.

Profile - Session Policy

Profile - Session Policy gives visibility on access permissions related to Required Session Level and Session Timeout Limit.

Profile - Files and Content Policy

Profile - Files and Content Policy gives visibility on access permissions related to Query All Files, Files Connect Cloud, Manage Salesforce CRM Content, Manage Content Permissions, Manage Content Properties.

Profile - Permissions Admin Policy

Profile - Permissions Admin Policy gives visibility on access permissions related to Manage Profiles and Permission Sets, Manage Sharing, Multi-Factor Authentication for User Interface Logins, Manage Auth. Providers, Manage Custom Permissions, Manage Login Access Policies, Manage Password Policies, Allow Password Never Expires, Manage Session Permission Set Activations, Exempt from Transaction Security, Waive Multi-Factor Authentication for Exempt Users.

PermissionSet - API Admin Policy

PermissionSet - API Admin Policy gives visibility on access permissions related to Modify Metadata Through Metadata API Functions, Bulk API Hard Delete, API Enabled, Multi-Factor Authentication for API Logins, Manage Multifactor Auth - API, Apex REST Services, Access Customer Asset Lifecycle Management APIs, Update Consent Preferences Using REST API.

Profile - User Management Policy

Profile - User Management Policy gives visibility on access permissions related to Manage Users, Manage Roles, Assign Permission Sets, Reset Passwords and Manage Internal Users.

The complete CodeScan rules list can be accessed HERE.

Improvements

UI/UX Improvements

Note: Self-Hosted 23.1 users will not have the same UI/UX changes as Cloud Release 23.1

New interactive and appearance have been introduced to the CodeScan Welcome screen. Two new options, Application Security Testing and Policy Management are offered when you first log in to CodeScan. If you select Application Security Testing, you will be directed to the Projects page, which is now your default homepage. As a result, when you log in to CodeScan the next time, you will be immediately redirected to the Projects page. Similarly, if you choose Policy Management, you will be navigated to the Policy Results screen, now set as your default homepage.
The Policy Results page can now be accessed under the More tab in the CodeScan application.

Other improvements

This release includes minor stability fixes and improvements for the CodeScan platform.

Minor Releases / Changelogs

7 November 2023

(CodeScan v.23.1.6)

This update included minor improvements.

1 November 2023

(CodeScan v.23.1.5)

The following was updated:

Rule Key	Rule Title
sf:AvoidPublicFields	Class Variable Fields should not have Public Accessibility
sf:AvoidUsingHardCodedId	Avoid Using Hard Coded Salesforce Id

Rule Key

Rule Title

sf:AvoidPublicFields

Class Variable Fields should not have Public Accessibility

sf:AvoidUsingHardCodedId

Avoid Using Hard Coded Salesforce Id

October 2023

(CodeScan v23.1.4)

The following rules were updated for release 23.1:

Rule Key	Rule Title
sf:InsecureEndpoint	Avoid Cleartext Transmission of Sensitive Information
sf:SOQLInjection	Avoid Untrusted/Unescaped Variables in DML Query

Rule Key

Rule Title

sf:InsecureEndpoint

Avoid Cleartext Transmission of Sensitive Information

sf:SOQLInjection

Avoid Untrusted/Unescaped Variables in DML Query

September 2023

(CodeScan v23.1.3)

What's New:

CodeScan Self-Hosted version 23.1.3 (now compatible with SonarQube™ version 10).

31 May 2023

(CodeScan v23.1.2)

This is a maintenance release. The following items were fixed and/or added:

Starting from version 23.1.2, CodeScan supports integration to GIT with SSH Keys and supports ssh:// protocol. Connecting to GIT repository using the Secure Shell Protocol (SSH) provides a secure channel over an unsecured network. (Learn More)
Salesforce Spring '23 (API version 57.0) Support: To keep our product up to current with the most recent Salesforce upgrades, CodeScan supports the most recent API 57.0 version in this release.
This release also includes insecure dependent libraries upgrade and other significant security improvements.

12 May 2023

(CodeScan v23.1.1)

CodeScan self-hosted has been upgraded from 22.8 to 23.1.1 version.
This release includes Apex-pmd dependency upgrade and significant security improvements. Updating is strongly recommended.

PreviousRelease Notes 23.2 NextRelease Notes 22.8

Last updated 2 months ago