v4.4.0

NCTL 4.4.x Release Notes

v4.4.1

Enhancements

  • nctl scan displays the path of the resources that have violations.
  • The SARIF report format now contains the fixes field, which can be used to showcase remediations when integrating with DefectDojo platform.
  • Support for GitLab and Bitbucket.

Bug Fixes

  • Remove --policy-report argument; instead, use polr consistently across all scan commands.
  • Update policyset installation message to provide more clarity on the status and progress of policyset installation.
  • Consistent fetching of policies from NCH for scans.

v4.4.0

Enhancements

  • Improve nctl remediate output. NCTL skips printing the resource if it is already compliant with the policies.
  • Default policysets are fetched from NCH instead of the pre-packaged policies.
  • NCTL retrieves policy exceptions from NCH and marks those results as skipped during scanning.
  • Add policy-report as a supported output format for scan commands.

Bug Fixes

  • Fix writing output to a file.
  • Fix syntax issues in SARIF output format.