Changelog

Version 3.0.0

Release date: October 30th, 2025

Highlights

• PostgreSQL Database Migration – MDSSC now uses PostgreSQL as its primary database, replacing MongoDB for improved performance, scalability, and data reliability.
• Source Code Differential Scanning – Introduced a new diff scanning feature that analyzes only changes between commits, significantly reducing scan time and improving efficiency.
• Default Workflow for Immediate Scanning – A ready-to-use default workflow is now available out-of-the-box, enabling users to start scanning repositories immediately without manual configuration.
• AWS ECR GovCloud Support – Added support for AWS Elastic Container Registry (ECR) GovCloud to serve customers operating in U.S. Government environments.
• Bitbucket Cloud Token Authentication – Bitbucket Cloud integration now supports API token-based authentication for enhanced security and compliance.
• Archive Extraction for Repository Scans – Enabled archive extraction during Bitbucket and GitLab scans for comprehensive analysis of compressed source code and dependencies.
• Encrypted Sensitive Customer Data – Sensitive customer information is now encrypted in the database to meet stricter data protection and compliance standards.
• New Cards View for Top Issues – Redesigned Cards View UI with visual prioritization to enable faster triage and decision-making.

Improvements

• Optimized database queries following PostgreSQL migration.
• Updated UI components for faster navigation and improved accessibility.
• Refined system health monitoring and logging capabilities.

Bug fixes

• Fixed workflow initialization issues when creating new scans.
• Corrected GitLab integration timeout handling.
• Updated API documentation to reflect new PostgreSQL data structure.
• Added migration guide from MongoDB to PostgreSQL.

Version 2.5.4

Release date: September 4th, 2025

Highlights

• Cross‑JFrog Copy Remediation
• GitHub Webhook Testing Support
• Dashboard Redesign (Phase 1) & Updated components
• MetaDefender Cloud Scan Support
• External Logger (Syslog) Support

Bug fixes

• Implemented rate limiting across APIs to mitigate abuse and improve security posture.

Version 2.5.3

Release date: August 7th, 2025

Highlights

• JFrog real‑time scanning with remediation (copy/delete/email), webhook tests, and cert toggle
• SBOM PDF updated with supplier info, release dates, and clickable package links
• Refreshed UI: modernized login/register screens and license details view

Bug fixes

• Implemented rate limiting across APIs to mitigate abuse
• Overall stability and UI interaction improvements

Version 2.5.2

Release date: July 9th, 2025

Highlights

• Manifest v1 Image Scanning
• Transitive Dependencies
• Package Version History States
• Custom Package Labels
• Detailed PDF Reports
• New Recommended Fixed Version

Bug fixes

• Resolved data inconsistency issues when upgrading to a new version.
• Corrected the support package name display.
• PDF export now supports filters for exported Report.

Version 2.5.1

Release date: May 30th, 2025

Highlights

• SBOM Enhancements and PDF Export
• Webhook Support for Bitbucket
• Improved Bitbucket and GitHub Integration
• Added CycloneDX Metadata

Bug fixes

• Some pages now include spinners to improve loading feedback. Minor layout and interaction bugs.
• Email reports have been cleaned up for better readability.

Version 2.5.0

Release date: April 16th, 2025

Highlights

• Enhanced Repository and Package Reporting
• CycloneDX SBOM Export for Scan Results
• JFrog Binary and GitLab Webhook Integration
• Expanded Remediation Actions in JFrog Binary

Bug fixes

• Improved internal repository ID handling that was causing scan reports to show up for incorrect connections with same repository
• Added various internal error handling improvements that caused certain operations and scans to fail.

Version 2.4.2

Release date: February 28th, 2025

Highlights

• Integration of SVN support
• Added masking over API Key for Scan Instance
• Added delete button for reports
• GitHub connection registration guide updated

Bug fixes

• Resolved several issues in UI and improved error handling mechanisms

Version 2.4.1

Release date: February 6th, 2024

Highlights

• Archive files handling for SBOM
• Enhanced Jira Connection security
• Added delete action for scan reports
• Configurable GitLab SSL Certificate Validation Bypass

Bug fixes

• Resolved UI Issues in Dashboard and Reports Modules

Version 2.4.0

Release date: December 18th, 2024

Highlights

• New source code service integration: GitLab
• New Notification option: Jira Connections
• Performance improvement, by the added support of source code services pagination

Bug fixes

• Resolved UI Issues in Workflow and Inventory Modules

Version 2.3.2

Release date: November 5, 2024

Highlights

• New "Soft Deletion" remediation action for GitHub and Bitbucket

Bug fixes

• Fixed incorrect data in the pdf reports sent via email notifications
• Improved scan progress bar display and workflow refresh in UI
• Adjusted audit log message levels for accuracy

Version 2.3.1

Release date: September 25, 2024

Highlights

• SBOM: License Risk Detection
• Email Address Update Capability

Bug fixes

• Bitbucket Cloud Integration: archive processing for repositories to bypass rate limiting, enhancing data retrieval efficiency
• Significant improvements to screen loading speeds, streamlining user interactions and responsiveness

Version 2.3.0

Release date: August 28, 2024

Highlights

• New Source Code Integration: Bitbucket Cloud and Bitbucket Data Center (On-Premises)
• New Container Registry Integration: Azure Container Registry (ACR)
• Refreshed Dashboard UI and User Experience

Bug fixes

• Resolved UI Issues in Reports and Inventory Modules

Version 2.2.0

Release date: July 15, 2024

Highlights

• Support for Artifactory. We are excited to announce our new service integration: JFrog Binary. This integration allows you to scan artifacts from a JFrog Artifactory server, both cloud-based and on-premises. All existing options available for other services are fully supported for JFrog Binary as well.
• New service integration: JFrog Containers
• Branch Configuration for Source Code Scanning
• GitHub Enterprise Support for Source Code Scanning
• Basic Configuration and Enrollment with myOPSWAT

Bug fixes

• Enhanced logging capabilities with log rotation and retention, ensuring better management and access to log data.
• Improved handling for expired service credentials. You will now receive visual aids prompting you to reconnect.
• Upgraded RabbitMQ to version 3.13, providing the latest features and security enhancements.

Version 2.1.0

Release date: April 2, 2024

Highlights

• Users can now edit their GitHub connection settings to prevent scanning interruptions due to token expiration
• We're excited to introduce a new feature on the dashboard that displays a list of upcoming scheduled scans. This enhancement provides users with greater visibility and organization of their scanning schedule, allowing for better planning and management of resources. Stay on top of your scanning tasks effortlessly with this convenient addition to the dashboard.
• When reviewing scan results, users will have immediate access to the fixed version for each package identified. This enhancement streamlines the remediation process, enabling users to quickly identify and implement necessary updates.
• We've added a quick onboarding tutorial for first-time users, making it easier for them to get started with our project. This step-by-step guide helps users familiarize themselves with our platform's key features quickly, ensuring a smoother initial experience and faster adoption.

Bug fixes

• Improved the display for failed scans to provide clearer feedback to users.
• The issue regarding the audit table row not expanding correctly has been addressed and resolved.
• The issue of data overflowing out of the defined cell in the scan report has been resolved.
• The update password button occasionally remaining greyed out inadvertently has been addressed, ensuring consistent functionality for users.
• Users were inadvertently able to select an empty scan pool for their workflow, but this issue has now been corrected to prevent such occurrences.
• Enhanced error handling has been implemented to address cases where users encounter missing permissions while adding an Amazon ECR connection, ensuring smoother integration processes.