Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



Table of Contents

Summary: CAST AIP 8.3.26 introduces a number of features and changes as listed below. To view the impacts of these changes on analysis results, see: Changes in results post upgrade

Mainframe Analyzer

Analyzer as an extension

The Mainframe Analyzer has been externalised as an extension to give the feature more flexibility to future development.


  • IMS Transactions are now automatically considered part of "Standard Entry Point - IMS - Unknown (GS)"
  • CICS Transactions called from Java methods and Java constructors are no longer considered part of "Standard End Point - CICS - Transactions called by Java (GS)"
  • An error has been fixed where the opposite was true in previous releases:
    • IMS FilePrototype objects are now considered part of "Standard End Point - IMS - GSAM - Not delivered"
    • IMS AnalyzedFileobjects are now considered part of "Standard Data Entity - GSAM"

See also Changes in results post upgrade - 8.3.26.

In previous releases of AIP, unresolved queue names lead to the creation of Publisher/Subscriber objects with the  same name Unresovled:MQP2P. As a result, many false links are created skewing results. In CAST AIP 8.3.26, the name of the unresolved object has been changed from Unresolved:MQP2P to UnknownMQ:<COBOL_Parent_PROGRAM> - this identifies the Cobol program name publishing/subscribing to the message and will reduce the number of false links. See also Changes in results post upgrade - 8.3.26.

Update to ensure JCL SQL Query objects are created correctly

A change has been implemented to ensure that JCL SQL Query objects are created correctly when the DSNTIAUL program is used. See also Changes in results post upgrade - 8.3.26.

User Input Security


New rules

The following new rules have been implemented:

Rule IDCWE IDRule nameInput nameTarget name.NET supportJEE support
8518400Regular expression injectionNetwork.readRegexp.writePartialNO

Regular expression injection (second order)

8522400Regular expression injection through APINetwork.readAPIRegexp.writePartialNO

CAST Transaction Configuration Center

Improved accuracy of AETP values

In order to provide greater accuracy, the calculation of AETP values has been modified in this release. Previously, all added/deleted/updated AETP detail values between 0 and 1 were calculated with no decimal places, effectively giving the impression in some circumstances (when all added/deleted/updated values were below 1) that total AETP = 0. This behaviour has been changed and AETP detail values are now considered to two decimal places for added/deleted/updated. In addition AETP total values will now be rounded up as follows:

Real valueNew rounded up value

 These results can be seen in the TCC - Enhancement node - Right hand panel. See also Changes in results post upgrade - 8.3.26.