Skip to main content
Skip table of contents

Mend for Azure Repos Release Notes

Mend.io may modify this page retroactively from time to time.

  • To stay informed about hotfixes, modifications, and additions to Mend's products, check this page from time to time in between releases or use our RSS Feed:

  • This integration is hosted by Mend.io. New major versions are traditionally released every two weeks.

  • Click here to view known issues in repo integrations.

  • Access all release notes for Mend.io’s products.

Version 25.7.1.1 (03-August-2025) (Hotfix)

Resolved Issues

  • Fixed an issue where some scans would fail due to a timeout, under certain conditions.

Version 25.7.1 (27-July-2025)

Unified Agent 25.4.3-179 | Renovate 41.40.0 | Remediate 25.7.1 | Pre-Scan Builder (PSB) 25.4.1

New Features and Updates

  • Poetry 2.x project scans are now supported.
    This enhancement allows users to analyze dependencies defined and locked with Poetry 2.x using the same repo integration workflow, at no additional configuration overhead.

Version 25.6.1 (29-June-2025)

Unified Agent 25.4.3-179 | Renovate 40.62.1 | Remediate 25.6.1 | Pre-Scan Builder (PSB) 25.4.1

New Features and Updates

  • Mend AI is now available in all the repository integrations!

    • The Mend AI detection is performed automatically as part of your SCA scan.

    • Mend AI results are only available in the Mend AppSec Platform UI.

Version 25.5.1 (08-June-2025)

Unified Agent 25.4.3-179 | Renovate 39.264.0 | Remediate 25.5.1 | Pre-Scan Builder (PSB) 25.4.1

Resolved Issues

  • Fixed a bug where commits with code changes to a submodule were not being scanned.

Version 25.4.2 (04-May-2025)

Unified Agent 25.4.2-169 | Renovate 39.257.3 | Remediate 25.4.2 | Pre-Scan Builder (PSB) 25.4.1

New Features and Updates

  • The “CVE” column in check run and issues tables has been renamed as "Vulnerability".

Resolved Issues

  • Fixed scenarios where a null message parameter within exceptions in the resolution phase led to an additional, unhandled exception, which failed the scan entirely.

Version 25.4.1 (20-April-2025)

Unified Agent 25.3.2-163 | Renovate 39.238.0 | Remediate 25.4.1 | Pre-Scan Builder (PSB) 25.3.1

New Features and Updates

  • Changes in the packages.lock.json file will now trigger scans.

Version 25.3.1 (23-March-2025)

Unified Agent 25.1.2-146 | Renovate 39.200.0 | Remediate 25.3.1 | Pre-Scan Builder (PSB) 25.3.1

New Features and Updates

  • Remediate: Upgraded dependency from npm v9 to npm v10.

Version 25.2.2 (09-March-2025)

Unified Agent 25.1.2-146 | Renovate 39.185.2 | Remediate 25.2.2 | Pre-Scan Builder (PSB) 25.2.2

Resolved Issues

  • Fixed an issue in the scanner where the dotnet restore command would execute in the wrong directory when multiple .csproj files were present in the original directory.

  • Fixed a bug in Mend Remediate where remediation was not suggesting the correct package version.

  • Removed two vulnerabilities from the Scanner image (25.1.1.3):
    CVE-2021-29425
    CVE-2024-47554

Version 25.2.1 (23-February-2025)

Unified Agent 25.1.2-146 | Renovate 39.145.0 | Remediate 25.2.1 | Pre-Scan Builder (PSB) 25.1.2

New Features and Updates

  • A sourceUrl tag containing information about the URL of the scanned repository will be added to projects in the Legacy SCA Application and to both projects and scans in the Mend AppSec Platform.

Resolved Issues

  • Fixed a Remediate issue where a single invalid remediation suggestion would result in an entire batch of suggestions being suppressed. As a result of this fix, more remediation pull requests could be created, each with its own branch, which can result in increased SCA scanning activity.

Version 25.1.2 (10-February-2025)

Unified Agent 25.1.2-146 | Renovate 39.107.0 | Remediate 25.1.2 | Pre-Scan Builder (PSB) 25.1.2

New Features and Updates

  • The default Python version in the scanner was updated to 3.9.

Resolved Issues

  • Fixed an issue where incorrect parsing of gem (Ruby) library versions containing platform-specific suffixes, e.g., nokogiri (1.17.2-x86_64-linux), led to those libraries not being identified.

Version 25.1.1 (26-January-2025)

Unified Agent 25.1.1-134 | Renovate 39.107.0 | Remediate 25.1.1 | Pre-Scan Builder (PSB) 25.1.1

Resolved Issues

  • Fixed an issue where the existence of “setup.py” in certain filenames caused the scanner to mistakenly identify such files as manifest files, leading to false dependencies being reported in the scan results of scanned Python projects.

  • Fixed an issue in the scanner where, under certain conditions, some scans would fail due to a java.lang.NoSuchMethodError exception.

Version 24.12.2 (12-January-2025)

Unified Agent 24.12.1-123 | Renovate 39.80.0 | Remediate 24.12.2 | Pre-Scan Builder (PSB) 24.11.2

New Features and Updates

Resolved Issues

  • Fixed a bug where Remediate jobs were being triggered for repos not in the “includedRepos” list.

Version 24.12.1 (06-January-2025)

Unified Agent 24.12.1-123 | Renovate 39.80.0 | Remediate 24.12.1 | Pre-Scan Builder (PSB) 24.11.2

New Features and Updates

  • Improved error and warning messages in strict mode for Ruby scans.

Resolved Issues

  • Fixed an issue where Pipenv or Poetry scans experienced Security Check errors under certain conditions.

Version 24.11.2 (15-December-2024)

Unified Agent 24.11.2-87 | Renovate 39.49.0 | Remediate 24.11.2 | Pre-Scan Builder (PSB) 24.11.2

New Features and Updates

  • The SCA scanner now supports .NET version 9.

Resolved Issues

  • Fixed a bug where the scanner was failing when attempting to scan repos with names that start with “-”.

Version 24.11.1 (01-December-2024)

Unified Agent 24.11.1-60 | Renovate 38.142.7 | Remediate 24.11.1 | Pre-Scan Builder (PSB) 24.9.2

New Features and Updates

  • Improved error and warning messages in strict mode for Pip, Poetry and Pipenv scans.

Resolved Issues

  • Fixed an issue using privateKey values for Renovate/Remediate.

Version 24.10.3 (17-November-2024)

Unified Agent 24.10.3-199 | Renovate 38.142.7 | Remediate 24.10.3 | Pre-Scan Builder (PSB) 24.9.2

New Features and Updates

  • The following parameters can now configured to be either overridden or appended to:
    "includes", "excludes", "archiveIncludes", and "archiveExcludes", by using the "uaConfigMergeSetting" parameter in the repo-config.json file.

Version 24.10.2 (03-November-2024)

Unified Agent 24.10.2-198 | Renovate 38.115.1 | Remediate 24.10.2 | Pre-Scan Builder (PSB) 24.9.2

Resolved Issues

  • Fixed a mismatch issue where the License checkrun didn't show a partial scan failure warning while the Vulnerability checkrun did.

Version 24.9.2 (13-October-2024)

Unified Agent 24.9.1.2-185 | Renovate 38.59.2 | Remediate 24.9.2 | Pre-Scan Builder (PSB) 24.9.1-1

New Features and Updates

  • Upgraded the default Python version in the scanner to 3.8.12 and the default poetry version to 1.6.0.

Resolved Issues

  • Fixed an issue where the check run status was stuck in status "In progress" while retrying a failed scan.

  • Fixed an issue accessing public dependencies not available in private Gradle registries during the pre-scan build (PSB).

Version 24.9.1 (22-September-2024)

Unified Agent 24.9.1-180 | Renovate 37.440.7 | Remediate 24.8.2 | Pre-Scan Builder (PSB) 24.8.1

New Features and Updates

  • Secrets encrypted on the dedicated encryption page can now be scoped to the whole organization (previously this was only possible for repos or projects).
    You can now set the "Organization/Group" field in the encryption form to the format of "organization_name/*" for this to work.

  • When a *.gemspec file is added or edited, a scan will be triggered automatically.

Resolved Issues

  • Fixed an issue where Mend projects were created in the default Mend organization instead of the specified Product/Application when using the customPropertyProductMapping feature, if the .whitesource file defined additional base branches beyond those in the global configuration.

Version 24.8.2 (09-September-2024)

Unified Agent 24.8.1-159 | Renovate 37.440.7 | Remediate 24.8.2 | Pre-Scan Builder (PSB) 24.8.1

Resolved Issues

  • Fixed an issue where uppercase letters in the excludes statement in the whitesource.config file were being read as lowercase.

Version 24.8.1.2 (28-August-2024)

Unified Agent 24.8.1-159 | Renovate 37.440.7 | Remediate 24.8.1 | Pre-Scan Builder (PSB) 24.8.1

Resolved Issues

  • Fixed an issue which led to NuGet hostRules being ignored by the integration.

Version 24.7.2 (11-August-2024)

Unified Agent 24.7.2-155 | Renovate 37.440.7 | Remediate 24.7.2 | Pre-Scan Builder (PSB) 24.7.2

Resolved Issues

  • Fixed an issue that led to incorrect Gradle versions being used by the scanner to resolve dependencies in projects that use Java 17 or above.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.