Releases: microsoft/ApplicationInspector
Release v1.1.4
Changes:
This list of changes was auto generated.
Release v1.1.3
Changes:
This list of changes was auto generated.
Release v1.1.2
Changes:
- 353e06f Update projects for NuGet packaging, Add NBGitVersioning, Update pipeline (#154)
- 566d72a Improves project name clarity under restructure for Nuget/DLL support and code cleanup of spacing.
- 0559799 Solution change to split out CLI and core command functions as separate projects for improved NuGet support.
- a5f3a14 Merge pull request #148 from PabloClon/master
- ee471a6 Merge pull request #149 from microsoft/Misc [ #146, #147 ]
- 7cf33ec Fixes #146, #147
- 5e2884f Fixed typo in database rules
- c7114d2 Merge branch 'master' into SupressBrowserOption
- 1af0ce4 Adds arg to supress auto opening of browser for html output. Issue for docker.
This list of changes was auto generated.
Release v1.0.27
Fix for #139 Tagdiff command issue
Release v1.0.26
- Minor repair to exclusion default list with spaces preventing it actually excluding properly
- Adds missing check on zip file exclusion if matches exclusion list
- Reduces exception to log warning if decompressed result has zero files which is valid for zip with no data or directories only.
Release v1.0.25
Improvements & Fixes:
- Adds convenient code line number to html report FileListDialog improving ability to verify match #70
- Replaces restrictive built-in exclusion list with user customization list with prior defaults #122
- Fixes paths with spaces for launching output.html automatically #121
- Addresses an error detecting languages including when files are skipped for size or exclusion reasons #109
- Adds Dart language to allowed language file types to scan #95
- Removes breaking header from JSON output #125
Release v1.0.24
Includes improvement suggested in #104 and is expected to be a resolution for items #103 #91 as well, related to processing [large] files partially including reading and out of memory exceptions before the file size checks preventing it.
Includes fix for security issue #108 for missing XSS output encoding in HTML report. Highly recommended to update to this release or later to avoid vulnerability impact.
Release v1.0.23
Fixes #97 for TagDiff command including a related issue for TagTest
Additional patterns were added for detection of cloud storage services, and minor improvements to regex patterns for client based TLS auth, Kerberos and SAML. The newer Metadata tags checks against the file type scanned for avoiding elimination of subsequent checks for an unaccepted match was relocated to the rulesengine to ensure valid matches were not eliminated . We will continue to add and improve rules for detection while keeping false positives a low rate.
Release v.1.0.22
Addresses HTML report rendering issues when run outside of the application directory i.e. from a source folder using a path to the app installation folder vs running from the application folder with a path to source code. See #75 and #93 for issues submitted. With the change, either approach will work.
Release v1.0.21
Adds app container detection like Docker etc. Improves name standardization / clarity on a few rules. Completes the effort begun in v1.0.20 to add the ability to distinguish features in executable code files from just information in build files by adding the 'Metadata' root to a few more solution rule tags. See wiki Tags section for more.
Minor fixes for bugs #75, #79 including issuing console message on use of -o argument when using the default or specified 'html' output format that generates an output.html file, which is application managed and not redirect-able. Both json and text formats do allow the output path to be specified.