Page tree
Skip to end of metadata
Go to start of metadata


On this page:

1.4.0-beta3

Note

In this release, the Python analyzer will accept YAML files (.yaml, .yml) in addition to the already handled PYTHON files (.py, .jy).

Resolved Issues

Customer Ticket IdDetails
28660Improve rule "Avoid hard-coded network resource names (Python)"
28661Avoid artifacts having recursive (includeLink) calls
28612Better support of python (namespace) packages (without "init.py" files). Fixes missing links between python methods.
29690Fix bug when parsing empty dictionary definitions
29822Fix bug in program call interpreter leading to inner crash

Other Updates

Details
Skip analysis of folders containing external libraries: python code in "site-packages" and "dist-packages" is skipped by default by the analyzer

New Support

SummaryDetails
Support for Boto3: Amazon Web Services SDK for PythonCreation of Lambda function objects, SQS messages and S3 buckets
Support for Serverless, SAM, CloudFormation: Amazon Web Service deployment frameworksSupport for AWS deployment frameworks using YAML configuration files, constrained to the Python runtime elements.

1.4.0-beta2

Note

This release officially supports injection of interpreters via different UA extensions (for example for development of custom Python quality rules).

Resolved Issues

Customer Ticket IdDetails
28631Add default value to BackFired Function Point (24)

Other Updates

Details
Update rule title: 'Avoid Python string interpolations to prevent SQL injections' to 'Avoid string interpolations to prevent SQL injections (Python)'
Python Analyzer Openess for external interpreters (e.g. custom quality rules)

1.4.0-beta1

Resolved Issues

Customer Ticket IdDetails
25623Python rule (Rule ID:1021030): "Avoid hardcoded network resource names" does not operate as described.
27785False Violation on Python Analysis for the rule (Rule ID:1021004): "Avoid using a web service with Python requests inside a loop".

Other Updates

Details
Minor update of description for the rule (Rule ID:1021042): "Avoid hard-coded passwords (Python)".
Scope not correctly configured for rule (Rule ID:1021054): "Avoid long docstring lines".
Overall enhancement of method call resolutions, and fixed issues with cross-file method calls.

1.4.0-alpha2

Resolved Issues

Customer Ticket IdDetails
23067Correct internal error when handling ternary conditional expression in loops.

Other Updates

Details
Fixed issues on method names and calls with (possibly deprecated) keywords: print, exec and await.
Fixed internal error (minor impact).
Corrections in analysis of framework "plac". Fixed internal error that could lead to a crash.
Web Service objects are name after their url (complying with other analyzers) instead of their HTTP method name.

1.4.0-alpha1

Other Updates

Details
Jython files (.jy) are recognized as Python source code by the discoverer. These files are then analyzed as regular python code (see: https://doc.castsoftware.com/display/TECHNOS/Python+1.4#Limitations)

New Support

SummaryDetails
Support to "Plac framework"Added support to "Plac framework" for command-line argument handling.