Release Notes - 2.1
2.1.11-funcrel
Fixes/Bugs
| Customer Ticket Id |
Technical Details |
Customer Details |
|
Duplicate guids present in non reg tests |
Resolved an issue where some objects of different types (Android Event Handlers and Android Intent Resources) were missing because of duplicate GUIDs. |
New Support
| Customer Ticket Id |
Technical Details |
Customer Details |
|
See the documentation. |
Added support for android.database.sqlite, an SDK-native persistence library. |
|
See the documentation. |
Added support for androidx.room, an SDK-native persistence library. |
Enhancement/Improvements
| Customer Ticket Id |
Technical Details |
Customer Details |
|
CAST libraries for android are compatible with Android 11, 12, …15 |
Extended scope of support to Android 11, 12, 13, 14 and 15. |
|
Improved functionality with CAST Imaging Core 8.4. |
Updated extension for compatiblity with CAST Imaging Core 8.4. |
2.1.10-funcrel
New Support
| Summary |
Details |
| Support of com.android.volley |
Added support for com.android.volley - see the documentation. |
2.1.9-funcrel
Other Updates
| Details |
| Fixes an issue causing Android UI XML files to be duplicated with Android Kotlin UI XML files. |
2.1.8-funcrel
Other Updates
| Details |
| Fixes various traceback errors in the analysis log. |
| Improvements to and standardization of end-user messages. |
| Removed multiple (and not useful) occurrences of the log message: "[com.castsoftware.android] No Android project found for method". |
| Fixes an issue causing a traceback error in the analysis log: "AttributeError : 'VariableDeclaration' object has no attribute 'get_parameters'". |
| Fixes an issue causing a traceback error in the analysis log: "TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'". |
| Add handlers for "setPositiveButton" method calls. |
2.1.7-funcrel
Other Updates
| Details |
| Android is not Linux compliant. |
2.1.6-funcrel
Other Updates
| Details |
| Traceback errors in log for eWallet analysis. |
2.1.5-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 32275 |
Android analysis warning: Extension com.castsoftware.android has encountered an issue. |
| 32193 |
Analysis warnings: [com.castsoftware.android] Internal Error (with Traceback). |
2.1.4-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 29803 |
Missing link between Android application and onCreate Kotlin method |
| 28853 |
Update android jar file shipped with extension |
2.1.3-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 29189 |
Android Warning: Extension com.castsoftware.android has encountered an issue |
2.1.2-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 27441 |
Extension com.castsoftware.android has encountered an issue: AttributeError: 'str' object has no attribute 'get_begin_line' |
2.1.1-funcrel
Other Updates
| Details |
| Android Extension is executed and launched during analysis where it should not be |
2.1.0-funcrel
Note
This release of the extension contains a large number of rule related improvements, which will have a significant impact on any existing analysis results generated with a previous release of the extension. When re-analyzing existing and unchanged source code with this new extension, you should therefore expect grade and violation changes. When using AIP Console, if you do not want this extension to be used, you should ensure that you implement an extension strategy to prevent the automatic download and installation of the extension. If you are onboarding a new application, CAST actively encourages you to use this new release to take advantage of the improvements that have been implemented.
Rules
| Rule Id |
New Rule |
Details |
| 1024044 |
FALSE |
Always check the device supports Biometric capability before using BiometricPrompt API (updated thresholds) |
| 1024042 |
FALSE |
Avoid using weak encryption algorithm (Android) (updated thresholds) |
| 1024040 |
FALSE |
Always activate unlockedDeviceRequired to avoid data decryption when device is unlocked (updated thresholds) |
| 1024036 |
FALSE |
Always check all the BiometricPrompt acquired options in the onAuthenticationSucceeded method (updated thresholds) |
| 1024034 |
FALSE |
Always check all the BiometricPrompt error options in the onAuthenticationError method (updated thresholds) |
| 1024032 |
FALSE |
Always manage the BiometricPrompt onAuthenticationFailed method (updated thresholds) |
| 1024030 |
FALSE |
Avoid using FingerprintManager as biometric API (updated thresholds) |
| 1024028 |
FALSE |
Avoid using "Android Protected Confirmation" without User Confirmation (updated thresholds) |
| 1024020 |
FALSE |
Avoid using implicit intent (update thresholds) |
| 1024016 |
FALSE |
A permission is required for securing Services (updated thresholds) |
| 1024014 |
FALSE |
A permission is required for securing Receivers (update thresholds) |
| 1024010 |
FALSE |
Apply signature-based permissions (updated thresholds) |
| 1024008 |
FALSE |
Always use onActivityResult to pass the login results when using Facebook SDK (updated thresholds) |
| 1024006 |
FALSE |
Limit the accessibility of your app's Content Provider (update thresholds) |
| 1024026 |
FALSE |
Avoid using MODE_WORLD_READABLE and MODE_WORLD_WRITEABLE (updated criticity) |
| 1024022 |
FALSE |
Media Resources should be released (updated criticity) |
| 1024018 |
FALSE |
Always provide a permission to secure Activities (updated weight and thresholds) |
| 1024012 |
FALSE |
Avoid setting android:grantUriPermissions as True (updated criticity) |
New Support
| Summary |
Details |
| Support of android.app.Application and com.ad4screen.sdk.A4SApplication for Java and Kotlin. |
See documentation |
| Support of androidx.room library for Kotlin. |
See documentation |