Patch Releases for Teamscale 2026.2
Version 2026.2.8
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- False positives for "Null pointer dereference" check in C# when using the null-conditional operator
- Test Gap percentage API endpoint returned 0 instead of indicating that Test Gap Analysis was not enabled for a project
- Dashboards: Widget parameter validation could fail even after the validation error was fixed
- False positives for "Missing access control for exposed CDS view" check in ABAP CDS on SAP standard objects
- Reports: Callout text on slides was rendered too small in Chrome in some cases
- Delta perspective: Findings of spec items were not shown as resolved
- Eclipse plugin: "Server is Disabled" dialog was shown twice after closing the preferences dialog
- False positives for "Naming convention" and "Public class attribute" checks in C/C++ when using
constexprpointer variables - ABAP: Code Compare view showed a "Must insert in ascending order!" error in some cases
Improvements
- Security: Updated selected ABAPLint dependencies to mitigate CVE-2026-25547
- Security: Updated Bouncy Castle dependencies to mitigate CVE-2025-14813, CVE-2026-5598, and others
- Security: Updated selected Web UI dependencies to mitigate CVE-2026-23736, CVE-2026-4800, CVE-2025-62718, and CVE-2026-40175
Version 2026.2.7
Fixes
- Method History view: Links on method names to code view turned black after opening them
- Jira authentication failure was not reported in case of CAPTCHAs
- External Storage Backend: Uploads to a partition containing
/../or/./failed - C/C++: A random compilation command was chosen per commit for files with multiple commands in different partitions
- Snippet Analysis view: Macro expansion failed after code changes without refresh
Improvements
- Documentation: Updated recommendation for server sizing
Version 2026.2.6
Fixes
- False positives for "Variables should not be declared before they are relevant" check in Java
NullPointerExceptionwhen trying to authenticate as a user with the "DenyAll" authenticator- Snippet analysis showed no findings without any feedback when pre-commit analysis was disabled server-side
- Project Edit: Correct passwords did not pass validation when editing an external account
- False positives for "Multiple declarations of extern objects/functions" check in C++ for static member definitions with scope qualifiers
- False positives for "Switch statement without default case" check in Java for exhaustive switches
- Issue metadata in the Issue Detail view was truncated too aggressively
- Architecture Editor: Excluding a component did not consider its subcomponents when computing matched types
Version 2026.2.5
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- Architecture view: Dragging components from the unmatched types into a component sometimes didn't add them as a child
- False positives for "Throw of generic exception in Java" check
- Contributor Statistics: S3 upload commits from the "Teamscale" committer were counted erroneously
S3ForceFullScanServicesometimes did not perform a full scanNullPointerExceptionduring Gitlab merge request synchronization due to incomplete merge requests not filtered in some cases- False positives for "Assignment of a variable to itself" check in Swift
- Compare view scroll synchronization behaved strangely in some cases
- IntelliJ Plugin: Hostname validation was performed when TLS certificate validation was deactivated
- Visual Studio Code plugin: Credentials were visible on the command line
- Visual Studio Code plugin: Previously saved server configurations vanished upon IDE restart
Improvements
- Faster creation of support requests
- Security: Updated dependencies to mitigate CVE-2026-33228 and CVE-2026-32141
Version 2026.2.4
Security Improvements
This version contains security improvements. If possible, please update to at least this version.
Fixes
- System Information view did not show versions of connected SAP systems in some cases
- False positives for "Null pointer dereference" check in Java
- Dashboard: Mouse cursor had an offset in view mode
- Simulink:
StackOverflowErrorwhen encountering circular dependencies between data dictionary references - Finding Details view: Extended code snippet did not use the available height in Safari
- False positives for "Uncaught Exception" check in function group includes for ABAP
- False negatives for "Forbidden Standard I/O-Functions" check when using
sscanf - "Metrics Trend Chart" widget used the color of the first selected metric for all grid lines
- Stale HTTP connections caused annotations and votes on merge requests in code collaboration platforms to fail
- Merge requests deleted in Gitea were not deleted in Teamscale
- Security: OpenID Connect configuration options were not validated sufficiently
Improvements
- Architecture Editor: Improved performance when many unmatched types were shown
- Improved performance of compile-command file parsing for reports with many translation units
Version 2026.2.3
Fixes
- Redirection from old
issues.htmllinks did not work if the ID contained only numbers OutOfMemoryErrorinS3ChangeRetriever- Reports: Starting a presentation from the list view did not work
- C#:
UnsupportedOperationExceptioninRaexFindingsSynchronizer - False positives for "Avoid unused private field" check in Java for
serialVersionUID - Binary size metrics were displayed incorrectly in some cases
- Dashboards: Dashboard sometimes showed up too small
- SAML login failed when metadata XML contained multiple certificates
- Delta > Findings Churn view showed "Unexpected type of uniform path" error in some cases
- External uploads were not sorted properly in the External Upload view
NullPointerExceptionduring coverage integration in rare cases- Timeout for importing a backup from another instance was too short
- False positives for "New exception is created but not thrown" check in Java when using
throwin a switch statement - ABAP: Field-symbols were incorrectly interpreted as HTML tags, causing them to be rendered as strikethrough
- Merge Request Details view showed outdated information when processing squashed or rebased commits
- Overlapping enablement of metric and critical change badges between projects was not detected
- Simulink: Datatype propagation did not work correctly when a library was included multiple times
Improvements
- Removed unused
DebugArtifactoryRepositoryService - ABAP ATC check: Added support for function modules
- Cppcheck: Parsing issues are now logged with precise location information
- Improved C/C++/Objective-C++ scanner performance for some code patterns
Version 2026.2.2
Fixes
- Reports: Metric trend chart took very long to load in some cases
- Proxy authentication did not work
- The user setting of the default view (Dashboard or Start) was not respected after login
- "Load Backup From Other Instance" failed with a "400 Bad Request" error in some cases
- Documentation: Recommended setting of
reuseForksparameter for Teamscale Maven Plugin was misleading - C# files with interface methods using generic type constraints were not parsed correctly
- Dashboards: Widgets did not work when creating dashboards from templates
- Coverage sources were reset when changing the visibility of a path in a widget title
- The "Coverage of Changes" section in the Merge Request Detail view showed coverage from a previous commit if no coverage was uploaded for the head commit
- False positives for "Classes should not depend on an excessive number of classes (aka Monster Class)" check in Java
- Instance Comparison: File content differences were always shown for Simulink files, even when they were identical
- C/C++: Comments after preprocessor directives were not parsed correctly in some cases
Version 2026.2.1
Fixes
- False positives for "Override GetHashCode on overriding Equals" check in C# for parent classes
- CSV export from the "Metrics Trend Chart" widget failed when multiple metrics were selected
- SAML: "Regenerate Certificate" failed if the provider was not yet saved
- Webhooks were sent before Teamscale voted
- Dashboard: Color pickers did not store new colors
- False positives for "Null pointer dereference" check in C# when using the null conditional operator in
string.IsNullOrEmpty - Navigating between the method history view and the code view resulted in a "Bad Request" error
- Synchronization of ignore rules from Teamscale to JFrog failed with a "Bad Request" error
- Tasks: Links to findings did not work in task edit mode
- Code scope configuration was imported incorrectly if configuration lines ended with a comma
Improvements
- The "Upload Commit Details" dialog now explains that displayed data covers all partitions when multiple partitions are present
Version 2026.2.0
Bug Fixes
- 2026.2.0 contains all fixes from previous versions released on and before March 3rd, 2026
- For brevity, only new features are included in the changelog