CAST AIP Service Packs 8.3.20 - 8.3.23 are compatible only with the latest releases of the JEE Analyzer extension, i.e. 1.0.28 and 1.2.10-funcrel. Using older releases of the extension with these CAST AIP Service Packs risks incomplete analysis results (missing objects, links, violations, erroneous FP values) for JEE and C++ analyses.
Therefore, when using CAST AIP Service Packs 8.3.20 - 8.3.23, please either:
If upgrading the JEE Analyzer extension or CAST AIP is not possible, please contact CAST Technical Support.
The following issues have been fixed in this release of the JEE Analyzer extension:
|Internal ID||Ticket ID||Summary|
|JFAMILY-904||14878||Syntax errors in wsdl file should not set the analysis status as 'failed'|
|JFAMILY-879||14661||False positive is coming for the rule "Close database resources ASAP"|
|JFAMILY-878||14649||"Analysis failing: Error in Java Analysis"|
|JFAMILY-875||12790||Violations for "Avoid using 'java.io.File'" are incorectly raised on List<File>|
|JFAMILY-859||14451||False positive is coming for rule CWE-672: Expired or Released Resource should not be used|
False violations found for quality rule "Pages should use error handling page"
|JFAMILY-840||12031||False positive for the QR- Avoid to use this within Constructor in multi-thread environment|
|JFAMILY-839||11868||False Violation for QR 'Pages should use error handling page' when webdefault.xml is included in analysis|
|JFAMILY-837||11709||J2EE: Unable to process JSP analysis 'CCE_2b80894c' (An exception occurred)|
|JFAMILY-773||12777||"Missing links between Java Interface and Java Bean objects"|
|JFAMILY-765||-||Messages "No parametrization trigger found for <method-name>" are flooding the log file of JEE analysis|
TCC - Base_Java config file: duplicated value in set "Standard Entry Point - Java - org.apache.camel (GS)"
|JFAMILY-650||-||JEE analysis log file is flooded with useless messages "No parametrization trigger found for <method-name>"|