Content matrix
| Version | Summary of content | Comments |
|---|---|---|
| 2.6.3-funcrel | Package contents:
Updates:
| Can be used with
|
| 2.6.2-funcrel | Package contents:
Updates:
| |
| 2.6.1-funcrel | Package contents:
Updates:
| |
| 2.6.0-funcrel | Package contents:
Updates:
|
RestAPI documentation
- Application Structure Resources - 2.6
- Engineering Resources - 2.6
- Health Results Resources - 2.6
- Quality and Sizing Model Resources - 2.6
- Report Service - 2.6
- Server Services - 2.6
- User Session Services - 2.6
2.6.3-funcrel
Feature Improvements
| Summary | Details |
|---|---|
| Implement "All Applications" Authorization | "All Applications" Authorization is implemented. Now, Users can assign 'All Applications" to multiple profiles or a single profile without adding any role. Also, a new onboarding application will be automatically assigned to the profile (if the authorization is set to "All Applications"). |
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 36543 | Fixed an issue where 0 weight rules were not included in the data published to the Health Dashboard. |
| 36419 | Critical Violation Density increased even when there was no new or deleted critical violations. |
| 35840 | New applications are not added automatically to "ALL APPLICATIONS" filter in Dashboard 2.6.1. |
2.6.2-funcrel
Other Updates
| Internal Id | Details |
|---|---|
| DASHBOARDS-4546 | Top Priority tile has been removed out of the box. To manually configure the tile, refer: https://doc.castsoftware.com/display/DASHBOARDS/Health+Dashboard+tile+management#HealthDashboardtilemanagement-QualityStandards(TopPriority). |
| DASHBOARDS-4442 | Action Plan Recommendation documentation is updated with remediation effort details. Refer: https://doc.castsoftware.com/display/DASHBOARDS/Engineering+Dashboard+-+Action+Plan+Recommendation#EngineeringDashboardActionPlanRecommendation-Calculationoftheremediationeffort. |
| DASHBOARDS-4590 | Fix for the CVE-2022-23457 is provided. |
| DASHBOARDS-4575 | The AC model having 'From Any' and 'To Any' dependency is not displayed in Dashboard after snapshot. This issue is fixed. |
| DASHBOARDS-4396 | In HD ISO view page, the link shared through the icon “share” used to land in the default view, instead of ISO view. This issue has been fixed, and now the link shared in the email (through the share icon) lands in HD ISO view. |
| DASHBOARDS-1133 | Fixed the issue with search for object (Lucene), on Tomcat 8.5 deployed with Java 9.0.4. |
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 35808 | When Dashboard is opened through AIP Console, Engineering Dashboard does not display list of rules correctly for Chinese rules. |
| 35626 | Engineering Dashboard application filter does not work in application selection page (in Dashboard version 2.6.1). |
| 35575 | Unable to start Health Dashboard after configuring SAML authentication mode. |
| 35529 | The Tree-View Edit (Set categories and tags) area is not available in Dashboard v220 for tags customization. |
| 35284 | Though the Dashboard (2.5.2-68) installation on Windows is successful, the Windows service does not start. |
| 36321 | All rules of an application are not extracted. |
2.6.1-funcrel
Note
As a result of the change made to allow the use of Java 11 with the CAST Dashboards/RestAPI (see the entry below in "Other Updates), a new release of the Lucene indexer has been bundled with this release of the CAST Engineering Dashboard/RestAPI that functions with Java 11. As a result of this change to the Lucene indexer, if you have set your basic and advanced indexes to re-index (see https://doc.castsoftware.com/display/DASHBOARDS/Managing+the+Engineering+Dashboard+search+indexes) when the CAST Engineering Dashboard/RestAPI starts up then you should expect that the initial dashboards start-up time may be impacted due to the need to re-build the indexes.
Other Updates
| Internal Id | Details |
|---|---|
| DASHBOARDS-4515 | A fix has been applied to all Dashboards/RestAPI all Dashboards/RestAPI (upgrade of embedded PostgreSQL driver 42.2.18 to 43.3.3) to close the vulnerability described in CVE-2022-21724. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21724. |
| DASHBOARDS-1133 | It is now possible to deploy the CAST Dashboards/RestAPI using Java 11 (previously only Java 8-10 were supported), whether via Apache Tomcat or via ZIP/JAR. As a result of this change, the Lucene search index mechanism available in the Engineering Dashboard has been upgraded to release 7.0.0 to allow it to function with Java 11. |
| DASHBOARDS-4520 | A CSS fix has been applied to the Health and Engineering Dashboards, to prevent an erroneously appearing vertical scroll bar beside the Dashboard logo in login page. |
| DASHBOARDS-4518 | A fixed has been applied to all Dashboards/RestAPI to close the vulnerability, also known as Spring4Shell, described in CVE-2022-22965. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965 and https://doc.castsoftware.com/display/CAST/Spring+Framework+-+CVE+vulnerabilities. |
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 35223 | Fixed an issue in both the Health and Engineering Dashboards where it was impossible to add profiles in the user management page. |
| 35110 | Fixed an issue related to navigation in the Security Dashboard. Navigation was not working correctly (some pages and panels were blank and did not load) for users without the ADMIN role. |
| 35030 | Fixed a nullpointerException popup that appeared erroneously when logging in to the Dashboard. |
2.6.0-funcrel
Feature Improvements
| Summary | Details |
|---|---|
| ED and HD: Performance improvement in Admin page | Pagination and react virtualization has been introduced in user, profiles and license tables and selectors, to increase the performance of the pages. |
| Simplify REST API/Datamart interface | REST API 2.5.2 works with cast-datamart-2.5.0.jar and cast-datamart-2.4.0.jar |
| Security standards tags should be displayed with description and tooltip. | In Rule Documentaion, tooltips are provided for tags to display the detailed name. Also, a hyperlink is provided to the specific rule (in the rule portal) if an official doc page available for the tag. Refer: https://doc.castsoftware.com/display/DASHBOARDS/Engineering+Dashboard+-+Risk+Investigation#EngineeringDashboardRiskInvestigation-RuleDocumentation |
| ED: Show more option for large view files | If the size of the file is more than 500KB, then by default 500 lines below and above the bookmark will be displayed while opening CAST_LOCAL.sql file, with SHOW 100 LINES option to view 100 more lines at a time. Refer: https://doc.castsoftware.com/display/DASHBOARDS/Engineering+Dashboard+-+Risk+Investigation#EngineeringDashboardRiskInvestigation-Bookmarks |
Other Updates
| Internal Id | Details |
|---|---|
| DASHBOARDS-4431 | ED and HD: Editing a user profile displays a blank page. |
| DASHBOARDS-4427 | HD: Validation message should not be displayed when a snapshot is selected in chart. |
| DASHBOARDS-4384 | ED and HD: Passing different value to startRow and nbRows queryParams returns 500 error for most of the web services. |
| DASHBOARDS-4387 | ED: Action plan table shows no violation found even when api returns data. |
| DASHBOARDS-4482 | ED and HD: Fix CVE-2022-0839 for third-party library liquibase-core. Version 4.8.0 now used. |
| DASHBOARDS-4314 | ED: View File should be able to display 2 bookmarks when in same source file, not just 1 at a time. |
| DASHBOARDS-4372 | HD: Disable "add to compare" in hover dialog if no point are selected in graph. |
| DASHBOARDS-4382 | ED: Performance issue while opening CAST_LOCAL.sql file. |
| DASHBOARDS-4440 | ED: Action Plan Recommendation: bad "Remediate" input. |
| DASHBOARDS-4441 | ED: Action Plan Recommendation - When an action plan exists do not increase the violations to fix. |
| DASHBOARDS-2703 | ED: Two Code viewers for two bookmarks on two adjacent lines. Only one code viewer should be enough. |
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 34793 | ED and HD: Cannot associate Applications to Profile in the user configuration of Dashboard as Assign Application by name column is not present. |
| 34732 | ED and HD: Vulnerabilities found in CAST Dashboards. |
| 34998 | ED and HD: Background facts API does not list snapshots. |
| 34828 | HD: Module map showing black colored modules for module tree map. |
| 34603 | HD: Health Dashboard login is not working after updating the license which is of new format. |
| 34137 | HD: Performance issue in Health Dashboard user configuration page when there are more number of users and profiles. |
| 34792 | ED and HD: Dashboard 2.5.2 - User configuration page does not load. |
