Page tree

Note that CAST highly recommends updating to the new release of AIP Console to take advantage of new features and bug fixes. See Upgrade process for more information about this.

Compatibility matrix

ComponentReleaseRequired releaseNotes
RESTAPI for embedded dashboards≥ 1.26.1-funcrelRESTAPI 2.4.1-funcrel (Spring Boot ZIP) - includes the fix for the Apache Log4j vulnerability.You must use the RESTAPI provided with the current release of AIP Console, otherwise there is no guarantee of compatibility.
1.26.0-funcrelRESTAPI 2.2.1-funcrel (Spring Boot ZIP)
CAST Imaging≥ 1.26.0-funcrel≥ 2.5.2-funcrel-

Upgrading to 1.26

The following technical notes are intended to provide additional information about the upgrade process for moving to 1.26:

RESTAPI for embedded dashboards

The intermediary CAST RESTAPI that provides the link between AIP Console and the Dashboard schemas hosted on CAST Storage Service/PostgreSQL has been upgraded to RESTAPI 2.2.1-funcrel. This means that AIP Console 1.26 will not longer function with a CAST RESTAPI provided with a previous release of AIP Console, therefore, those moving to AIP Console 1.26 and using embedded Dashboards, must use RESTAPI 2.2.1-funcrel. See Embedded CAST Dashboard deployment process and CAST RESTAPI integrated upgrade.

CAST Imaging

AIP Console now requires CAST Imaging ≥ 2.5.2-funcrel, therefore please ensure that this is in place before you upgrade to AIP Console ≥ 1.26.0-funcrel if you are using the CAST Imaging integration.

.NET Assembly locations

Any paths to external .NET Assemblies present in the scanner.dotnet.assembly.locations option in the file on each AIP Node will be transferred to the Administration Center - Settings - .NET Assemblies option (new in AIP Console 1.26) the first time the AIP Node is started following the upgrade.

Mainframe technology

Starting AIP Console 1.26, if Mainframe source code is detected by AIP Console during delivery, the Mainframe extension will automatically be downloaded and installed replacing the Mainframe Analyzer embedded in AIP Core. If you do not want this to occur, you must blacklist the Mainframe extension using the file on the AIP Node responsible for analyzing your application. See Blacklisting extensions and Mainframe Analyzer - 1.0 for more information.



This release specifically fixes the Apache Log4j vulnerability CVE-2021-44228 ( All three components have been patched with Apache Log4j 2.15.0: AIP Console front-end service, AIP Node back-end service and the integrated RestAPI for embedded CAST Dashboards.

Other Updates

Internal IdDetails
WEBI-11363Upgrade Apache Log4j to v. 2.15 to resolve CVE-2021-44228 (see and
WEBI-11363Delivered Engineering / Health Dashboard release: 2.4.1-funcrel. Delivered integrated RestAPI: 2.4.1-funcrel.



Several breaking changes and improvements have been introduced in this release of AIP Console with regard to the integration with CAST Imaging (i.e. the automatic upload/synchronization of application data). AIP Console ≥ 1.26.0-funcrel now requires CAST Imaging ≥ 2.5.2-funcrel, therefore if you are reliant on the automatic upload/synchronization of application data from AIP Console into CAST Imaging please ensure that this release of CAST Imaging is in place before you upgrade to AIP Console ≥ 1.26.0-funcrel. If you do not upgrade your CAST Imaging instance, AIP Console ≥ 1.26.0-funcrel will NOT be able to automatically upload/synchronize application data with your CAST Imaging instance.

New Features

Technical - domain/tenant synchronization with CAST ImagingIt is now possible to choose to synchronize your AIP Console domains with equivalent CAST Imaging tenants. In other words, if your Application belongs to a domain in AIP Console, you can optionally upload the Application to a tenant in CAST Imaging with the same name as the domain. This is achieved by enabling an option in the file located on the AIP Node responsible for analyzing your Application: Note that if your Application already belongs to a domain, if you do not re-publish it to your CAST Imaging instance after upgrade to AIP Console ≥ 1.26.0-funcrel, the link from the Application to CAST Imaging available in the Application list in AIP Console will no longer function: this is because the URL will now automatically include the appropriate domain/tenant name, which was not the case in previous releases of AIP Console. To avoid this issue, ensure that you republish your application to CAST Imaging, which will upload it to the appropriate tenant.
Technical - new rapid delivery modeA new optional delivery mode has been implemented in this release. This delivery mode reduces both the number of times a version's source code is cloned/copied (code is never copied to the delivery or deploy folders) and the amount of disk storage required for a given application. As a result, source code delivery time is reduced when using this mode, particularly for applications with a large volume of source code, however, source code version history is not retained. See
Technical - GDPR/PCI-DSS data sensitive keyword supportTwo new tick boxes (GDPR / PCI-DSS) have been added to the "Objectives panel" under "Data safety investigation" when adding a new version. These options will enable the check of a set of predefined keywords specific to GDPR/PCI-DSS. Currently limited to Mainframe and SQL technologies. See

Feature Improvements

UI - Administration - Job History StrategyA new option has been implemented in the Administration Center > Global Configurations section called "Job History Strategy". This option allows you to set a limit to the number of jobs/logs retained by AIP Console to improve AIP Node startup time. See
Technical - Snapshot ReportThe Snapshot Report (which is generated in .JSON format during a snapshot) has been updated to include information about any Reference Finder rules and Update Analysis schema jobs that have been run during the snapshot. See
.NET Techology - scanner.dotnet.assembly.create.from.root option addedA new option called scanner.dotnet.assembly.create.from.root (default value true) has been added to the file. This will cause the creation of a .NET Assemblies package to be automatically created on the application source code root folder for every single source code delivery. This is to ensure that any assemblies delivered with the application source code (in the ZIP file or via a source code located in a folder) but not stored in the correct location as specified in the project definition file, are always taken into account - a kind of fail safe mechanism. See
.NET Technology options - scanner.detect.dotnet.assembliesThe option "scanner.detect.dotnet.assemblies" available in the "" at AIP Node level has been removed. See
.NET Technology - define .NET Assembly locations in the UIA new option has been added at in the AIP Console Global Settings section called ".NET Assemblies". This option enables you to specify paths to the location of external .NET assemblies required by your .NET application source code - this is global to all AIP Nodes managed by AIP Console. The UI options expose the equivalent option available in the "" file on each AIP Node called "scanner.dotnet.assembly.locations". Note that during an upgrade to 1.26+, any paths specified in the "" file will be transferred to the UI the first time the AIP Node is restarted after the upgrade.
UI - Administration Center - Settings - ProxyThe Manual Proxy option has been updated to accept a username/password combination for proxies that require authentication. See and
UI - CAST Imaging integrationAIP Console now requires a CAST Imaging API Key in order to integrate with CAST Imaging for automatic application data upload/synchronization. This API Key replaces the username/password/ETL Port/ETL Token combination that was required in previous releases of CAST Imaging in both the Administration Center and in the startup wizard (when using AIP Core for Imaging). As a result of this change, AIP Console now requires CAST Imaging ≥ 2.5.2-funcrel (the release in which the API Key was introduced), therefore please ensure that this is in place before you upgrade to AIP Console ≥ 1.26.0-funcrel. After an upgrade to AIP Console ≥ 1.26.0-funcrel, an alert will be visible in the AIP Console interface indicating that the CAST Imaging settings will need to be updated - please ensure that you update the integration settings manually (this will not be done automatically) before running a new upload to CAST Imaging. See and
Technical - Universal Analyzer manual permanent dependency managementIt is now possible to force AIP Console to create a dependency between specific languages managed by the Universal Analyzer and which is valid for every single application managed on a specific AIP Node in AIP Console - in other words, once this is configured, users will no longer need to manually create dependencies between Universal Analyzer languages when AIP Console has not automatically created them. See
RPG Technology - dependency with SQL technologiesWhen analyzing RPG source code, a dependency will now be automatically created between the RPG client source code and the SQL source code. This was not actioned automatically in previous releases and manual intervention was required. See
UI - Log ConsoleThe Log Console has been updated to ensure that the left hand panel can be manually resized (previously this was not the case).
UI - Log ConsoleThe individual logs present in the Log Console are now listed in date order (previously this was not the case).
UI - Log ConsoleThe way in which analysis log messages are displayed in the Log console has been improved. Log message IDs are now taken direct from CAST Extend where more detailed information is available about what to do when a specific error or warning is encountered. Generic warning, error and syntax error messages are also displayed. This feature is a first step towards this initiative and more updates are planned in future releases. See The display of Log message ID information requires either a direct connection to CAST Extend or CAST Extend local server ≥ 1.1.1-funcrel in "online" mode.
UI - TransactionsThe UI system used to portray the list of Transactions and Data Entities has been upgraded to match the system used elsewhere in AIP Console. There is no change to the behaviour. See
Administration - h2 backup cleanupTwo new additional options ("h2.backup.cleanup.enabled" and "h2.backup.cleanup.days") have been added to the .properties files for AIP Console / AIP Node that govern how the cleanup of the automatic h2 database backup is configured. See
UI - Architecture Studio - Quality ModelsIt is now possible to add a condition called "count-of" as a selection criteria for a "set" in a quality rule model. This criterion is based on the count of objects retrieved in another set. The count-of condition is only available for Quality Rule models. See
UI - Application reportsAll values reported by reports generated during the analysis/snapshot process are now displayed in the UI (in columns called Value1 and Value2). Previously only partial information was displayed in the UI. See
UI - Snapshot IndicatorsIt is now possible to recompute snapshot indicators without needing to generate an entire new snapshot. A new button "Recompute indicators" has been added to do so. See
Administration - embedded Dashboard integration - license keyIt is now no longer necessary to provide a license.key file when using CAST Dashboards embedded in AIP Console. See
UI - Version delivery - Project exclusionIt is now possible to configure project exclusions when configuring a new version for delivery. The aim of these rules is to avoid a situation where multiple projects (and therefore Analysis Units) are generated for a given piece of source code when more than one is not needed. These rules were already present in the legacy CAST Delivery Manager Tool. See Note that when importing applications from CAST Management Studio, rules apply about the Project Exclusion Rules that will be used, see

Other Updates

Internal IdDetails
WEBI-10897A new limitation has been added with regard to SAP BusinessObjects. See
WEBI-9822Starting AIP Console 1.26, if Mainframe source code is detected by AIP Console during delivery, the Mainframe extension will automatically be downloaded and installed replacing the Mainframe Analyzer embedded in AIP Core. If you do not want this to occur, you must blacklist the Mainframe extension using the "" file on the AIP Node responsible for analyzing your application. See and for more information.
WEBI-10809Delivered Engineering Dashboard release: 2.2.1-funcrel. Delivered Health Dashboard release: 2.2.1-funcrel.
WEBI-10617Support has been added for Java 16 for the front-end AIP Console and the back-end AIP Node packages. The Microsoft Windows Service installation scripts and the start up batch scripts provided by CAST must be altered before they are used with Java 16. See and

Resolved Issues

Customer Ticket IdDetails
30010Imaging with SAML authentication is not working under AIP Console.
30798Rescan is failing for RPG Application in AIP Console with the error Path not matching even though there is no change in the source code.
30871In AIP Console 1.25, unable to add exclusion during source delivery.
30922Mismatch between the file extensions discovered under AIP Console and CMS DMT.
31231Rescan is failing for RPG Application in AIP Console with the error Path not matching even though there is no change in the source code.
31232AIP Console not able to pick cfamily analyzer extension automatically.
31376AIP console 1.25.1: Install Extensions step fails with error : No such host is known.
31759AIP Console is not creating the correct DB packages when providing a .castextraction file.
31772For the Snapshot Indicator "Technology wise LOC - No Change" the download button is missing.
31839Console should allow Imaging license key only with AIP for Imaging and AIP license with AIP.
31853Discovery step fails with error - java.lang.NullPointerException:.
30932AIP Console 1.24: Not able to see Application on Engineering Dashboard after performing analysis.
31513AIP CONSOLE 1.25.0: Adding extra package step fails while downloading maven packages Unable to tunnel through proxy. Proxy returns "HTTP/1.1 504 Gateway Timeout"
32086When AIP console is set to use a manual proxy and there is an exclusion added for a maven url, the same exception is not passed onto the DMT which forces DMT to use the proxy settings to connect to the maven repo and fail during the extraction step with an error. This has been fixed: if the maven excluded url/patterns in the manual proxy setting is part of the main repo url, then AIP Console will not send the proxy setting to the DMT.
32220Renaming the application is failing because of expired license, even though the license configured in console is valid.

Known Issues

Internal IdDetails
DASHBOARDS-3963When using embedded Dashboards, the "Standard Compliance Reports" option (see does not function.
  • No labels