On this page: Target audience: CAST AI Administrator |
Summary: this page lists:
|
All changes in results related to extensions are now listed in the extension documentation and will not appear in this page. |
A bug has been discovered which has meant that the rule "CWE-73: Avoid file path manipulation vulnerabilities - 7752" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which has meant that the rule "CWE-79: Avoid cross-site scripting DOM vulnerabilities - 7740" is returning false positive violations for methods that are correctly sanitized in the code. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which has meant that the rule "Ensure you provide a user-defined copy constructor or disable copy when a class allocates memory in its constructor - 592" returns false positives. This bug is now fixed, therefore, after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may differ: reduced number of violations and improved accuracy.
A bug has been discovered which has meant that the rule "Never truncate data in MOVE statements - 7688" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which has meant that the rule "Prefer using indexes instead of subscripts - 8142" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which has meant that the rule "Subscripts and iterators must be defined with BINARY usage - 8140" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which has meant that the rule "Avoid calling programs statically - 8146" is displaying erroneous grade results: the grade thresholds in the rule have all been inverted, for example, to get a grade of 4 a value of 50 is required, whereas a value of 99 should be necessary. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: grades will differ.
A bug has been discovered which has meant that the rule "Variables defined in Working-Storage section must be initialized before to be read - 8034" returns false positives. This bug is now fixed, therefore, after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may differ: reduced number of violations for this syntax and improved accuracy.
A bug has been discovered which has meant that the rule "Avoid executing multiple OPEN statements - 7644" returns false positives. In this scenario, the code does indeed contain multiple OPEN statements, however, only one is used due to an IF clause. This bug is now fixed (i.e. this scenario will not trigger a rule violation), therefore, after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may differ: reduced number of violations for this syntax and improved accuracy.
A bug has been discovered which has meant that the rule "Avoid unreferenced Sections and Paragraphs - 7290" returns false positives. This bug is now fixed, therefore, after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may differ: reduced number of violations for this syntax and improved accuracy.
A bug has been discovered which has meant that the rule "Avoid empty Functions, Forms and Modules - 7512" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.
A bug has been discovered which is causing the creation of "unresolved method objects" for methods declared in classes. The analysis log also contains corresponding warning entries about these unresolved objects. This bug has now been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: increased number of method objects and removal of warnings in the analysis log due to unresolved objects.
A bug has been discovered which is causing the transaction status in the CAST Transaction Configuration Center to remain as unchanged, even when JCL Jobs, JCL Data Sets, and JCL Steps are deleted from the call path. This was due to the fact that a checksum value was never calculated for these specific objects, therefore any changes to them were effectively ignored by CAST AIP. This behaviour has now been changed and checksum values are now calculated for JCL Jobs, JCL Data Sets, and JCL Steps, therefore after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted:
A change has been made to the way in which the Mainframe CICS technology is handled:
SCRAIP-33068 - CICS is no longer considered as a technology in its own right. Instead, it is now considered as part of the Mainframe Cobol.
Therefore, after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may differ for CICS related technology statistics.