
Smithy Changelog
See what's new in each version of Smithy.
Git Trigger UX improvements, large dataset reliability, Kafka and improved Sentry
Edge cases for Git and GitHub triggers, guaranteed persistence in large finding datasets, better Sentry support and Kafka downstream reporting.
Even more noise reduction, manually run workflows with triggers
How do you manually run workflow that has a trigger? How do you further reduce noise from PRs?
New way of launching workflows, SonarQube integration, new workflows page look and feel
The new triggers have landed! Complete visibility on which targets the workflow will affect. New integrations and new look and feel
Bugixes and Performance Improvements
The main Issues List loads faster when there is more than 100k findings
UX polish, improved ZAP support, Linear and Discord integrations
Workflow graph is easier to use, findings summary page shows and filters by individual triage annotation. A couple more integrations
Automated Triaging and more integrations
Smithy can now remove even more noise. Several new integrations
UI Improvements
Smithy UI is significantly less cluttered as experiments are removed
Exploitability, rich finding info and lots of UX changes
Smithy reports if an exploit exists for a CVE. Every finding has a ton of info on how to fix and where it was found and the UI looks more like the website
Findings Management and a Jira integration
Users can dismiss or silence findings in Smithy. Dismissed finding get re-opened if found again, silenced findings get silenced until they are un-silenced. There is a Jira integration
Users can see found vulnerabilities by Repository and Image, Smithy reports on Github PRs
Users of Smithy SaaS can see found issues by repo or image they were found in. There is a Github reporter component. Smithy runs automatically for private repos and can also monitor private images in registries.
Dast, unified Snyk, Semgrep, SBOMS
Smithy can do DAST scans and generate SBOMS
SaaS uses V1 components
Smithy SaaS runs V1 components. There are now dashboards that show reprioritised findings.
Smithy V1 components
Smithy V1 components released. Support for authenticated DAST. Several orchestrator fixes to enable rapid development.
Operator Improvements to better support on-premise deployments
Smithy SaaS runs on local clusters with support for networked filesystems.
OCSF support
Smithy OSS now speaks OCSF