Patch Releases for Teamscale 2026.2
Version 2026.2.16
Fixes
- False positives for "Replace magic numbers with named constants" check in ABAP
- Bitbucket: Pull request review voting did not work with access token authentication
Version 2026.2.15
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
AssertionErrorwhen using pre-commit analysis
Improvements
- Security: Updated selected backend dependencies to mitigate CVE-2026-42584 and CVE-2026-42581
Version 2026.2.14
Fixes
- Simulink: Some signals were incorrectly marked as
NOT_CONNECTED
Version 2026.2.13
Fixes
- The minimized test list service returned empty test cluster entries with zero duration at the end of the list when using the
max-exec-timeparameter - Pre-commit analysis failed with the error "Added revision should reference latest revision" in some cases
Version 2026.2.12
Improvements
- Improved performance of external analysis result integration
Version 2026.2.11
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Improvements
- Security: Removed apache2 dependencies from Docker container to mitigate CVE-2026-28780
Version 2026.2.10
Fixes
- Invalid project URLs were rejected instead of being gracefully converted
IllegalStateExceptionabout duplicate keyPropagationKeyinCheckProcessor
Version 2026.2.9
Fixes
- Numeric Metric widget showed scrollbars
- Proxy authentication for Azure DevOps Git did not work
- False positives for "Class named like Exception should extend Exception or subclass" check in C#
- Clang-Tidy: False negatives for "cppcoreguidelines-pro-bounds-constant-array-index" check
teamscale-devperformed redundant interactions with the operating system's certificate store
Version 2026.2.8
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- False positives for "Null pointer dereference" check in C# when using the null-conditional operator
- Test Gap percentage API endpoint returned 0 instead of indicating that Test Gap Analysis was not enabled for a project
- Dashboards: Widget parameter validation could fail even after the validation error was fixed
- False positives for "Missing access control for exposed CDS view" check in ABAP CDS on SAP standard objects
- Reports: Callout text on slides was rendered too small in Chrome in some cases
- Delta perspective: Findings of spec items were not shown as resolved
- Eclipse plugin: "Server is Disabled" dialog was shown twice after closing the preferences dialog
- False positives for "Naming convention" and "Public class attribute" checks in C/C++ when using
constexprpointer variables - ABAP: Code Compare view showed a "Must insert in ascending order!" error in some cases
Improvements
- Security: Updated selected ABAPLint dependencies to mitigate CVE-2026-25547
- Security: Updated Bouncy Castle dependencies to mitigate CVE-2025-14813, CVE-2026-5598, and others
- Security: Updated selected Web UI dependencies to mitigate CVE-2026-23736, CVE-2026-4800, CVE-2025-62718, and CVE-2026-40175
Version 2026.2.7
Fixes
- Method History view: Links on method names to code view turned black after opening them
- Jira authentication failure was not reported in case of CAPTCHAs
- External Storage Backend: Uploads to a partition containing
/../or/./failed - C/C++: A random compilation command was chosen per commit for files with multiple commands in different partitions
- Snippet Analysis view: Macro expansion failed after code changes without refresh
Improvements
- Documentation: Updated recommendation for server sizing
Version 2026.2.6
Fixes
- False positives for "Variables should not be declared before they are relevant" check in Java
NullPointerExceptionwhen trying to authenticate as a user with the "DenyAll" authenticator- Snippet analysis showed no findings without any feedback when pre-commit analysis was disabled server-side
- Project Edit: Correct passwords did not pass validation when editing an external account
- False positives for "Multiple declarations of extern objects/functions" check in C++ for static member definitions with scope qualifiers
- False positives for "Switch statement without default case" check in Java for exhaustive switches
- Issue metadata in the Issue Detail view was truncated too aggressively
- Architecture Editor: Excluding a component did not consider its subcomponents when computing matched types
Version 2026.2.5
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- Architecture view: Dragging components from the unmatched types into a component sometimes didn't add them as a child
- False positives for "Throw of generic exception in Java" check
- Contributor Statistics: S3 upload commits from the "Teamscale" committer were counted erroneously
S3ForceFullScanServicesometimes did not perform a full scanNullPointerExceptionduring Gitlab merge request synchronization due to incomplete merge requests not filtered in some cases- False positives for "Assignment of a variable to itself" check in Swift
- Compare view scroll synchronization behaved strangely in some cases
- IntelliJ Plugin: Hostname validation was performed when TLS certificate validation was deactivated
- Visual Studio Code plugin: Credentials were visible on the command line
- Visual Studio Code plugin: Previously saved server configurations vanished upon IDE restart
Improvements
- Faster creation of support requests
- Security: Updated dependencies to mitigate CVE-2026-33228 and CVE-2026-32141
Version 2026.2.4
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- System Information view did not show versions of connected SAP systems in some cases
- False positives for "Null pointer dereference" check in Java
- Dashboard: Mouse cursor had an offset in view mode
- Simulink:
StackOverflowErrorwhen encountering circular dependencies between data dictionary references - Finding Details view: Extended code snippet did not use the available height in Safari
- False positives for "Uncaught Exception" check in function group includes for ABAP
- False negatives for "Forbidden Standard I/O-Functions" check when using
sscanf - "Metrics Trend Chart" widget used the color of the first selected metric for all grid lines
- Stale HTTP connections caused annotations and votes on merge requests in code collaboration platforms to fail
- Merge requests deleted in Gitea were not deleted in Teamscale
- Security: OpenID Connect configuration options were not validated sufficiently
Improvements
- Architecture Editor: Improved performance when many unmatched types were shown
- Improved performance of compile-command file parsing for reports with many translation units
Version 2026.2.3
Fixes
- Redirection from old
issues.htmllinks did not work if the ID contained only numbers OutOfMemoryErrorinS3ChangeRetriever- Reports: Starting a presentation from the list view did not work
- C#:
UnsupportedOperationExceptioninRaexFindingsSynchronizer - False positives for "Avoid unused private field" check in Java for
serialVersionUID - Binary size metrics were displayed incorrectly in some cases
- Dashboards: Dashboard sometimes showed up too small
- SAML login failed when metadata XML contained multiple certificates
- Delta > Findings Churn view showed "Unexpected type of uniform path" error in some cases
- External uploads were not sorted properly in the External Upload view
NullPointerExceptionduring coverage integration in rare cases- Timeout for importing a backup from another instance was too short
- False positives for "New exception is created but not thrown" check in Java when using
throwin a switch statement - ABAP: Field-symbols were incorrectly interpreted as HTML tags, causing them to be rendered as strikethrough
- Merge Request Details view showed outdated information when processing squashed or rebased commits
- Overlapping enablement of metric and critical change badges between projects was not detected
- Simulink: Datatype propagation did not work correctly when a library was included multiple times
Improvements
- Removed unused
DebugArtifactoryRepositoryService - ABAP ATC check: Added support for function modules
- Cppcheck: Parsing issues are now logged with precise location information
- Improved C/C++/Objective-C++ scanner performance for some code patterns
Version 2026.2.2
Fixes
- Reports: Metric trend chart took very long to load in some cases
- Proxy authentication did not work
- The user setting of the default view (Dashboard or Start) was not respected after login
- "Load Backup From Other Instance" failed with a "400 Bad Request" error in some cases
- Documentation: Recommended setting of
reuseForksparameter for Teamscale Maven Plugin was misleading - C# files with interface methods using generic type constraints were not parsed correctly
- Dashboards: Widgets did not work when creating dashboards from templates
- Coverage sources were reset when changing the visibility of a path in a widget title
- The "Coverage of Changes" section in the Merge Request Detail view showed coverage from a previous commit if no coverage was uploaded for the head commit
- False positives for "Classes should not depend on an excessive number of classes (aka Monster Class)" check in Java
- Instance Comparison: File content differences were always shown for Simulink files, even when they were identical
- C/C++: Comments after preprocessor directives were not parsed correctly in some cases
Version 2026.2.1
Fixes
- False positives for "Override GetHashCode on overriding Equals" check in C# for parent classes
- CSV export from the "Metrics Trend Chart" widget failed when multiple metrics were selected
- SAML: "Regenerate Certificate" failed if the provider was not yet saved
- Webhooks were sent before Teamscale voted
- Dashboard: Color pickers did not store new colors
- False positives for "Null pointer dereference" check in C# when using the null conditional operator in
string.IsNullOrEmpty - Navigating between the method history view and the code view resulted in a "Bad Request" error
- Synchronization of ignore rules from Teamscale to JFrog failed with a "Bad Request" error
- Tasks: Links to findings did not work in task edit mode
- Code scope configuration was imported incorrectly if configuration lines ended with a comma
Improvements
- The "Upload Commit Details" dialog now explains that displayed data covers all partitions when multiple partitions are present
Version 2026.2.0
Bug Fixes
- 2026.2.0 contains all fixes from previous versions released on and before March 3rd, 2026
- For brevity, only new features are included in the changelog
