Smithy Changelog

Edge cases for Git and GitHub triggers, guaranteed persistence in large finding datasets, better Sentry support and Kafka downstream reporting.

How do you manually run workflow that has a trigger? How do you further reduce noise from PRs?

The new triggers have landed! Complete visibility on which targets the workflow will affect. New integrations and new look and feel

The main Issues List loads faster when there is more than 100k findings

Workflow graph is easier to use, findings summary page shows and filters by individual triage annotation. A couple more integrations

Smithy can now remove even more noise. Several new integrations

Smithy UI is significantly less cluttered as experiments are removed

Smithy reports if an exploit exists for a CVE. Every finding has a ton of info on how to fix and where it was found and the UI looks more like the website

Users can dismiss or silence findings in Smithy. Dismissed finding get re-opened if found again, silenced findings get silenced until they are un-silenced. There is a Jira integration

Users of Smithy SaaS can see found issues by repo or image they were found in. There is a Github reporter component. Smithy runs automatically for private repos and can also monitor private images in registries.

Smithy can do DAST scans and generate SBOMS

Smithy SaaS runs V1 components. There are now dashboards that show reprioritised findings.

Smithy V1 components released. Support for authenticated DAST. Several orchestrator fixes to enable rapid development.

Smithy SaaS runs on local clusters with support for networked filesystems.

Smithy OSS now speaks OCSF