Release Notes - 2.3

2.3.7-funcrel

Other Updates

Details
Updates the behaviour of the extension to create a resource service even if the URL is empty or could not be evaluated (e.g. when code like “$.ajax(url)” is present, even if “url” could not be evaluated, a resource service will be created with name “{}”).

2.3.6-funcrel

Resolved Issues

Customer Ticket Id Details
37715 A fix was applied to prevent the flagging of false violations for “complete” and “always” callbacks for the rule 1020340 “Always implement the success/error/complete or done/fail/always callbacks when using jQuery ajax call”.

Rules

Rule Id New Rule Details
1020340 FALSE A fix was applied to prevent the flagging of false violations for “complete” and “always” callbacks.

2.3.5-funcrel

Rules

Rule Id New Rule Details
1020300 FALSE Fixed false positive for the rule (1020300): “Avoid using the call of web service jQuery ajax inside a loop” .

2.3.4-funcrel

Other Updates

Details
JQuery GET resource services are created when these should be of another type as GET

2.3.3-funcrel

Other Updates

Details
Removed “Traceback” in log file.
Fixed missing service request and link for Ext.Ajax.request call.

2.3.2-funcrel

Resolved Issues

Customer Ticket Id Details
33712 No service objects created for xxx.Ajax.get

Rules

Rule Id New Rule Details
1020332 FALSE The rule: “Avoid using .append() after() with jQuery 1.4.2 (or older)” has been set to critical.

2.3.1-funcrel

Other Updates

Details
Remove traceback errors from logs
urls evaluation is done too early, then some urls are not correctly evaluated.

2.3.0-funcrel

Note

This release of the extension contains a large number of rule related improvements, which will have a significant impact on any existing analysis results generated with a previous release of the extension. When re-analyzing existing and unchanged source code with this new extension, you should therefore expect grade and violation changes. When using AIP Console, if you do not want this extension to be used, you should ensure that you implement an extension strategy to prevent the automatic download and installation of the extension. If you are onboarding a new application, CAST actively encourages you to use this new release to take advantage of the improvements that have been implemented.

Rules

Rule Id New Rule Details
1020300 FALSE Avoid using the call of web service $.ajax inside a loop (updated thresholds)
1020322 FALSE Avoid using Ajax method without dataType before jQuery 3.0 (updated thresholds)
1020324 FALSE Avoid using dialog with closeText parameter before jQuery UI 1.12 (updated thresholds)
1020328 FALSE Avoid using html() with jQuery 1.9.0 (or older) (updated thresholds)
1020330 FALSE Avoid using jQuery $(location.hash) before 1.6.3 (updated thresholds)
1020334 FALSE Avoid using attr() with jQuery 3.0.0-rc1 (updated thresholds)
1020336 FALSE Avoid using Dialog Widget with jQuery UI version older than 1.10.0 (updated thresholds)
320338 FALSE Avoid using Tooltip widget with jQuery UI version older than 1.10.0 (updated thresholds)