CAST AIP Service Packs 8.3.20 - 8.3.23 are compatible only with the latest releases of the JEE Analyzer extension, i.e. 1.0.28 and 1.2.10-funcrel. Using older releases of the extension with these CAST AIP Service Packs risks incomplete analysis results (missing objects, links, violations, erroneous FP values) for JEE and C++ analyses.
Therefore, when using CAST AIP Service Packs 8.3.20 - 8.3.23, please either:
- Upgrade your JEE extension to a compatible release (i.e. ≥ 1.0.28 or ≥ 1.2.10-funcrel) OR
- Upgrade CAST AIP to a more recent Service Pack (≥ 8.3.24) which are compatible with older releases of the JEE Analyzer extension
If upgrading the JEE Analyzer extension or CAST AIP is not possible, please contact CAST Technical Support .
Stability and Performance Improvements
- The exception safety of the analyzer is improved
- Performance of JSP analysis parts is improved
- Performance of Java analysis with imports and type parameters is improved
In previous releases, 'Use' links existed between JPA/HIB entities based on the usage of one entity inside the other. These links were generated only for the following QR: 'Avoid Hibernate and JPA Entities using many-to-many association', which polluted the transactions. To improve the transactions, these links are now removed and the QR is rewritten. This update results in better bookmarks for the violations related to the aforementioned QR.
Most of the transactions will appear as modified, due to the huge impact of the update.
- A regression that caused missing links to Lombok annotations is fixed.
- Incorrect links between objects from Java source vs Class files are fixed.
|7220||Avoid Unused Imports||A regression in the creation of links to Lombok annotations was fixed. False positives as a result of this were fixed.|
|7492||Avoid Hibernate and JPA Entities using many-to-many association.|
This name of this rule has been changed from "Avoid many-to-many association" to "Avoid Hibernate and JPA Entities using many-to-many association". The bookmarks for the violations of this QR is also improved.
The documentation has also been updated and the rule has been recoded per JFAMILY-1534.
|8110||Use dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)||False positives for this rule have been fixed as part of JFAMILY-1850.|
|8112||Avoid improper processing of the execution status of data handling operations||Missing violations for java.sql.PreparedStatement is now displayed when a snapshot is taken.|
Below table lists the bugs fixed in the current release.
|JFAMILY-1267||13425||Inference Engine crash during JEE analysis leads to missing links|
The problem comes from jee Analyzer with a bad input to InferenceEngine. Now, after the fix, if this kind of problem arises, IE pushes a warning on this object but, does not stop IE. IE disables this object and the analyzer continues without crashing and the expected links are created.
|JFAMILY-1361||19251||Java analysis failed with warning Database BCP operation dbbcp_done failed on table castapp_local.IN_LINKS||The warning message for this issue has been updated.|
|JFAMILY-1534||19937||Wrong Use Links between JPA Entities||No more 'use' links between JPA/HIB entities, better bookmarks for violations related to QR ID 7492 and most, if not all, transactions will appear to be modified.|
|JFAMILY-1600||20032||DLM reviewed links still appear in Enlighten and TCC as valid links||Links marked false via DLM are not seen.|
|JFAMILY-1646||20376||Call link should be implemented in entry point "%Java-thread"||Impact in Transactions. Call links have been added to the Generic Set "All called methods (GS)"|
|JFAMILY-1650||20217||False-positive for the rule "Avoid using native methods (JNI)"||False positives are not seen with this extension.|
|JFAMILY-1850||21642||Violation deleted in current run for rule - Avoid improper processing of the execution status of data handling operations||The missing violation for PreparedStatement is now displayed.|
|JFAMILY-1860||-||False violation for the rule: "Avoid Unused Imports"||Missing links to Lombok annotations are created. The related false violations have been removed.|
|JFAMILY-1855||21594||Modified EFP is high post fixing Java analysis issue due to links created to .class files instead of .java files||The missing links are now created.|
|JFAMILY-1871||21886||Java analysis crashed with the warning: Log the exception information||The analysis now runs successfully without crashing.|