Release Notes

Product Version

1.3

Release Date

September 5, 2025

Overview

This release focuses on two key aspects: enhancing platform flexibility and customization, and integrating with even more leading security tools. We are giving you more control over processes and data.

Summary

• Project pipeline management is now handled through a hierarchy of security layers
• Implemented status model functionality for vulnerability management
• Expanded customization of custom fields and pipeline templating
• Added support for SARIF format for importing scan reports
• Added support for ESLint and PVS Studio security tools
• Various UI/UX improvements

What's New

New Project Structure

Projects now feature enhanced structure with expanded custom field configuration options, enabling better reflection of your architecture and processes.

Project Layers

• Evolution to Project Layers: Replaced "Security Pipelines" with new "Project Layers" entity
• Multi-Level Configuration: Flexible setup of complex multi-stage security pipelines
• Layer Templating: Create and reuse security layer templates
• Detailed Descriptions: Add comprehensive information to layers

Security Issue Status Model

Full control over vulnerability management lifecycle with:

• Customizable status sets
• Status presets
• Transition rules configuration
• Access control for transitions
• Additional characteristics for statuses and transitions

SARIF Support

Unified SARIF data upload process supporting any tool that exports in standard SARIF format.

Improvements

Security Issues

• Commenting system: Reply to comments, mention users, comment filtering
• Advanced filtering: Flexible filters and filter presets
• Bulk operations: Mass actions on vulnerability groups
• Status history search
• User/group assignments

Test Connection

Refactored connection testing process with additional validation for improved reliability.

Bug Fixes

LDAP/AD

Fixed intermittent connection issues with LDAP/AD.

New Integrations

PVS-Studio

CLI integration using SARIF format supporting both manual and CI/CD execution.

ESLint

Linter integration for JavaScript/ECMAScript with CLI and pipeline automation support.

Deprecations & Breaking Changes

LDAP/AD

• Updated LDAP version to 2.0.02
• Requires reconfiguration of LDAP/AD integration after update

CodeScoring

• Adapted for new CodeScoring 2025.29.3
• ❗ Requires reconfiguration - new version is not backward compatible

Upgrade Instructions

• Online Documentation
• Docker Compose Installation
• Helm Chart Installation

Feedback & Support

• support@tronasoc.ru
• Support Policy

Conclusion

We are building a future where security enables innovation rather than obstructing it. Our platform unifies your tools and integrates into your processes with maximum flexibility. We continue to advance toward sophisticated automation capabilities, including AI-powered solutions.