Created by N Padmavathi, last modified by James Hurrell on Mar 24, 2023
Content matrix
| Version | Summary of content | Comments |
|---|
| 2.5.2-funcrel | Package contents: Updates: - When there is no data, all ED tiles will show N/A instead of loading icon so that the home page does not hang.
- Pagination has been implemented in CAST Administration page (profiles and users tabs).
- The .ICO file used in the Dashboards (visible in the browser tab) has been updated and improved.
- In Action Plan, for Solved violations, the last snapshot date is displayed. For Added and Pending violations the last updated date is displayed.
| |
| 2.5.1-funcrel | Package contents: Updates: - If admin users are using old license key, followng message is displayed, "A new license policy exisits now for CAST Dashboard, please contact the CAST sales Service or Support for more details"
- In license section, expiry date is displayed in months when number of days is more than 30 days.
|
| 2.5.0-funcrel | Package contents: Updates: - New executable JAR file to replace ZIP file.
- Option to encrypt the username / password for CAST Storage Service/PostgreSQL and/or LDAP individually
- It is now possible to add/edit a license key using the UI.
- It is now possible to add SAML user/ group from UI.
- Six new report types are added to the default exsiting list of Standard Compliance reports
- ISO-5055 tile will not be displayed on the homepage if the application does not have the ISO extension installed.
- Now, in ISO-5055 View, all the Dashboard contents are based on Compliance.
- Bug fix to resolve CVE vulnerabilities found in CAST Dashboards, for Apache Log4j: CVE-2021-45105 and CVE-2021-44832
- Contains customer bug fixes for the Engineering Dashboard and the Health Dashboard
|
RestAPI documentation
2.5.2-funcrel
Feature Improvements
| Summary | Details |
|---|
| UI - browser .ICO file updates | The .ICO file used in the Dashboards (visible in the browser tab) has been updated and improved. |
| UI - tile loading behaviour update | When there is no data, all ED tiles should show N/A instead of loading icon, and hence the user is not stuck in the home page. |
| Add solved date in action plan | In Action Plan, for Solved violations, the last snapshot date is displayed. For Added and Pending violations the last updated date is displayed. |
| Implement pagination for profiles and user | To improve performance, pagination is added to all the admin User/Profile tables. |
Other Updates
| Internal Id | Details |
|---|
| DASHBOARDS-4388 | Fixed an issue where domain bindings were not correctly updated when the Dashboards are used in integrated mode with AIP Console. |
| DASHBOARDS-4394 | Fixed an issue with the Dashboard login routes when the Dashboards are used in integrated mode with AIP Console. |
| DASHBOARDS-4412 | Fixed an issue where the source file view was still being displayed even though the session had timed out. A login dialog box is now shown instead. |
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 33438 | Cannot get the scan results on Dashboard - Dashboard takes infinite time to load. |
2.5.1-funcrel
Feature Improvements
Other Updates
| Internal Id | Details |
|---|
| DASHBOARDS-2848 | HD: SEI-Maintainablity - Filter should display only Grade. |
| DASHBOARDS-4327 | ED: Only critical violations are displayed by default pop up position changed. |
| DASHBOARDS-4328 | Display expiry date in months when number of days is more than 30 days in license section. |
| DASHBOARDS-4329 | HD portfolio view shows no evolution when we select and unselect tags and technology. |
| DASHBOARDS-4348 | HD: Dashboard fails after updating the licence key (new format) via the admin GUI. |
| DASHBOARDS-4349 | ED not showing user excess message in banner. |
| DASHBOARDS-4350 | Associated user count is not updated after removing users from table. |
| DASHBOARDS-4357 | ED: Non admin user is able to access the applications in ED when no authorization is configured. |
| DASHBOARDS-4359 | Roles are not assigned for the user in integrated mode. |
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 33902 | Fixed an issue where multiple profiles were not working as expected. |
| 31456 | Fixed an issue where previous contributed value displayed in the Function Point report is incorrect for transactions with the same full name. |
| 33839 | Fixed an issue where the embedded ED (service) does not display onboarded app - error updating domain bindings. |
| 34069 | Fixed an error in the Health Dashboard: "Your application failed to start due to a "An error occurred"." |
2.5.0-funcrel
Note
This release supports the new license key syntax progressively being introduced by CAST. All existing valid license keys will function exactly as they are intended, however, if you are using one, you may see messages in the dashboards stating that you you need to contact support. This message can be ignored, and all functionality is available.
New Features
Feature Improvements
| Summary | Details |
|---|
| In ISO-5055 View, all the Dashboard contents are based on Compliance. | Now, in ISO-5055 View, all the Dashboard contents are based on Compliance. By default, the Data in the tiles represents the most recent "compliance" of your Applications. But the Mode can be manually changed (refer: https://doc.castsoftware.com/display/TECHNOS/Manual+configuration+of+Dashboard+tiles+using+ISO-5055+data#ManualconfigurationofDashboardtilesusingISO5055data-Whataboutchangingotheraspectsofthetiles?) to show Grade (as in previous releases) and Number of violations. |
| Option to encrypt the CAST Storage Service/PostgreSQL and/or LDAP username/password individually. | It is now possible to encrypt the username/password individually for CAST Storage Service/PostgreSQL and/or LDAP, instead of encrypting both (as in previous releases). When using the encryption keys, just replace the clear text entries with the encryption keys (previously, these items needed to be removed and new encryption key lines had to be added). All previous functionality still remains in place. See https://doc.castsoftware.com/display/DASHBOARDS/Encrypt+login+and+password+for+database+and+LDAP. |
| New defaults Reports are added in Engineering Dashboard to Standard Compliance reports list. | Six new report types are added to the exsiting list of Standard Compliance reports. |
| SAML user/ group can be added from UI. | An option to add a user or group in the Users tab/UI is provided. |
| In Engineering Dashboard, ISO-5055 tile will be hidden, based on extension | In Engineering Dashboard, ISO-5055 tile will be hidden, if the application does not have the ISO-5055 extension installed. |
| APR - only Compliance option for IndustryStandard health measures. | In Action Plan Recomendation, upon selecting any IndustryStandard health measures, the violations will be calculated only on Compliance. |
| HD- View option drop-down is removed, if ISO-5055 results are not calculated. | The view option will be removed, if there are no ISO-5055 results. The portfolio and application home view will be based on default view in such case. |
Other Updates
| Internal Id | Details |
|---|
| DASHBOARDS-4153 | HD: "show less" text is displayed with 180 degree rotation. |
| DASHBOARDS-4207 | Wrong message displayed after user/group is added in SAML mode. |
| DASHBOARDS-4132 | Security mode should be set to default instead of security.mode=${security.mode} |
| DASHBOARDS-4222 | Overlapping issue in ISO portfolio level detailed view |
| DASHBOARDS-4123 | Dashboard not able to generate report correctly with Report Generator |
| DASHBOARDS-4292 | HD: Overlapping issue in ISO detailed view |
| DASHBOARDS-4288 | Go to HD is not working in ED |
| DASHBOARDS-4304 | Dashboards from AIP console 1.27.0 is displaying an empty page |
| DASHBOARDS-1764 | Impcated transaction section is not loading for some transactions. |
| DASHBOARDS-4241 | Fix for security issue: CVE-2021-23463 |
| DASHBOARDS-4306 | Update Log4j version to 2.17.1 for CVE-2021-44832 |
| DASHBOARDS-4296 | APR - if Compliance mode seleted, SEI maintainability will break the UI with console error |
| DASHBOARDS-4309 | For integrated v2 mode, there is an erroneous license message in ED. |
| DASHBOARDS-4310 | Dashboards integrated with console 2.0.0 does not display the Dashboard version. |
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 33235 | Tags CWE-78 and PCI-Requirement-6.5.1 are duplicated in Rule Documentation display in ED. |
| 32866 | The Password Present in the application.property file for dashboard Integration should be encrypted. |
| 32700 | Change the comment in the application.properties file to not use encryption tool to encrypt ldap password. |
| 32867 | com.castsoftware.aip.dashboard.engineering.2.3.0 - login issues after configuring user access restriction using SAML groups. |
| 33273 | CAST Dashboard 2.4.0 - exclustion and action plan role problem. |
| 33023 | Unable to navigate from HD (TechnicalDebt(OMG)) to ED. |
| 33202 | Error while running datamart. |
| 33265 | Advanced search is not working when transactions are filtered based on health factor. |
| 33501 | Application Engineering Dashboard - Advance search is hanging. |
| 33347 | When installing Microsoft Windows services for multiple ZIP/JAR file deployments on the same host, the documentation does not explain how to manually remove those services if necessary. The documentation has been updated: https://doc.castsoftware.com/display/DASHBOARDS/Deploying+multiple+2.x+ZIPs+or+JARs+on+the+same+server. |
| 33693 | Impossible to add a new application in the file domains.properties of combined HD-ED 2.4 |
| 33535 | Impacted objects with violations are not loading in transaction investigation view. |
