A new version of CQM (2.0) has been released that incorporate new rules (as detailed below). Major changes are: - Priorities of Security rules have been reviewed
- Rules with Very-Low and Low priorites have been deactivated.
- Support for Apache Cordova framework (new rules, see section below)
- Support for ASP.NET Razor for C# (improved reliability capabilties in detection of security vulnerabilities detections)
CQM is the default Model (i.e. a concrete set of active and pre-configured rules): - If you are using CQM,
- new priorities of security rules will be applied
- low and very-low rules will not longer be active
- new rules will automatically become active and will be applied to new analyses
- If you are using your own custom model, your model remains unchaged, but you can modify it and activate the new rules (in case you want to be applied to your code).
You can find new rules by comparing this release of CQM against previous version. A detailed description of the behavior of these new rules is available in rule’s description. |