Changelog for Teamscale 7.2
Newer Release Available
Our current release is available here.
Urgent Security Notice: Teamscale affected by log4shell (CVE-2021-44228)
Teamscale is affected by the widely discussed log4shell (CVE-2021-44228) security vulnerability and its follow-up CVE-2021-45046. A third vulnerability in log4j has been published CVE-2021-45105, but Teamscale is not affected in its default installation.
Please update Teamscale to a version released on or after the 21st of December 2021.
Note: The Eclipse/IntelliJ/NetBeans plug-ins are also affected by the security vulnerability. Please make sure to update your plug-ins to the latest versions compatible with your currently deployed Teamscale version.
REST XML Interface Removed (since Teamscale 7.0)
As of Teamscale 7.0, its REST XML interface (deprecated since Teamscale v6.0) has finally been removed. This affects only the legacy REST API; the new, versioned API is not affected. You have hence two options:
- The preferred long-term solution is to migrate to the new, versioned REST API, i.e., to use REST endpoints like
…/api/v7.0.0/…
. - A temporary solution is to keep using the legacy REST API but always send an
Accept: application/json
request header and accept JSON rather than XML responses. Note, however, that the legacy REST API will be deprecated and subsequently removed, too.
Changed Voting Behaviour for Bitbucket Server Integration (since Teamscale 6.7)
As of Teamscale 6.7, the Enable Voting option in the Bitbucket Server connector will only add the findings badge to the pull request description. Please enable the Enable pull request review option, if you want Teamscale to also review pull requests.
Changed Permissions when Using Docker Image (since Teamscale 6.3)
As of Teamscale 6.3, Teamscale is no longer executed as the root user in the Docker container, but as user teamscale
(UID=1000). Please make sure to either allow this user to access the mounted directories and files or add a user mapping to your docker-compose file, e.g. user: technical-user
, which refers to a user whose permissions should be mapped to teamscale
.
Java 11 Required (since Teamscale 6.2)
As of Teamscale 6.2, running the Teamscale server requires a Java Runtime Environment, Version 11 or later.
Changed Resolving of Configuration Files (since Teamscale 6.0)
- As of Teamscale 6.0, all configuration files are loaded using the same logic. In particular configuration files in the process working directory take precedence over ones in the Teamscale installation.
- Relative paths specified in configuration files will always be resolved to the working directory. The working directory usually equals the installation directory unless explicitly changed.
- Custom check JAR files can be deployed in a directory relative to the working directory and installation directory.
- Searching for a Teamscale configuration file
teamscale-config.properties
in the installation root directory. Use the fileteamscale.properties
in one of the config directories. - Searching for a license in the installation root directory, or a directory specified by the Java system property
teamscale.license.path
is no longer supported. Use the environment variableTEAMSCALE_CONFIG
to specify a separate configuration directory or pass the license using theTS_LICENSE
environment variable if you cannot place the license in one of the config directories. - The administrative service to read and write configuration files via the Web API (
config-files
) has been removed.
Re-Analysis when Upgrading
- When updating from 7.2.x, drop-in.
- When updating from 7.1.x or earlier, a full re-analysis via backup is required.
Version 7.2.14
Fixes
- Log4j2 version upgraded to avoid vulnerability due to CVE-2021-45105
Version 7.2.13
Fixes
- Log4j2 version upgraded to avoid vulnerability due to CVE-2021-45046
Version 7.2.12
Fixes
- Log4j2 version upgraded to avoid vulnerability due to CVE-2021-44228
Version 7.2.11
Fixes
- C++ parser failed for function-try-blocks
Version 7.2.10
Fixes
SonarLintRunner
did not create findingsSimulinkModelBuildingException
inSimulinkOutputDataTypeExtractionStep
when a Simulink file got deleted from the repository- Executed by tab in Method History view was empty when there is no data to show
OutOfMemoryException
in case test paths contained test data
Version 7.2.9
Fixes
NullpointerException
inExternalAnalysisResultsUpdater
in special circumstances- Delphi parser failed for the
&
character and if negative integers were used
Version 7.2.8
Fixes
- C++ parser failed for constructors starting with an uppercase and certain method parameters
- Editing ABAP connectors always prompted for re-analysis, even if there were no changes
- Spec Item custom fields for Polarion work items were not formatted using the client time zone
- False positives for C# naming conventions in case of expression-bodied members
- Pre-commit jobs were sometimes delayed by repository scanning
Improvements
- Clarified finding description for "If statement without braces" check
Version 7.2.7
Fixes
- Duplicate forks in external analysis uploads sometimes led to unprocessed external analysis data
- Clone detection result was incomplete for Delphi code
- Some Gerrit changes were not included during live analysis
- False positives for "Declarations should be part of namespace" check in C++ in case of
Extern "C"
definitions - Some custom user-enumeration fields in Polarion were not resolved
- MC/DC coverage information was ignored in case it was imported via Artifactory
TestGapSynchronizer
was not executed in parallel for unrelated commits- Imported SonarQube quality profiles were not accessible by the importing user
NullPointerException
inGerritAnalysisResultUploadTrigger
when processing impacted specification items- Changing the selected project for all widgets in a dashboard did not correctly update the selected project in the project selector
- A warning indicating long loading times was sometimes incorrectly displayed in the Issues page in the Test Gaps perspective
Improvements
- Faster loading and updating of Issues and Specification Items tables in the Metrics perspective
Version 7.2.6
Fixes
- Stacked-code animations in the Findings Detail slide were sometimes skipped
- Finding location links for architecture violation findings were incorrect
- Macro expansion button in the code view caused code lines to be displaced, creating a wobble effect
- False positives for "Terminate octal and hexadecimal escape sequence" check in C++ in case of escape sequences in raw strings
- Validation error when editing external credentials in case the password was not changed
- False negatives in ABAP taint analysis when using multiple append statements
- False positives for "Consistent storage class modifiers" check in C++ due to parsing errors in attribute types
Version 7.2.5
Fixes
- Simulink finding derivation from generated code sometimes led to left-over findings with dangling sibling links
- C# naming conventions:
_
was not allowed as a method parameter name by default - Stateflow states with empty names were not supported
- Custom threshold configurations were not usable with -test- paths in the Metrics Table widget
- Siblings tab was not displayed in the finding details view in case the sibling finding was removed
- Autocomplete suggestions for the assignee field for Jira issues incorrectly included the users' account IDs
- Users could not be imported from LDAP by email if the user wasn't unique and the first found user was disabled
- Finding markers sometimes appeared on the wrong side of Findings Detail report slides
- Some project services were incorrectly shown as deprecated in the documentation
Improvements
- New Simulink/Stateflow check for commented out elements
Version 7.2.4
Fixes
- The Test Gap Issues table was initially empty when the option Only Issues with Test Gaps was selected
- Rare merge scenarios in Gerrit led to missing changeset branches and rollbacks
- External uploads (e.g. findings, coverage, etc.) were not carried over when files were moved/copied
- Creating a dashboard from a template only replaced the project but not path
- Difference view in Findings Detail slide of reports was broken when printed in PDF from Google Chrome
- Lauterbach Trace32 report parser marked never-executed functions as covered
- Font size, label format and legend location in Metrics Trend Chart slide were inadequate
- Some finding markers in Simulink files were not displayed
- Compare with remote option of Instance Comparison view did not always link the comparison to the instance snapshot
- Metrics table did not show non-code metrics for architecture paths
- Integer literal type definitions in TypeScript were parsed incorrectly leading to
StackOverflowError
inTypeIndexSynchronizer
- Findings locations for Stateflow elements in Simulink Model Advisor reports were incorrectly parsed
- Git connector caused a lot of errors to be logged in TFS
- Merge Request commenting crashed with
NullPointerException
in case a force push fixed a finding - Merge Request Details view broke if the affected branches were not analysed
- ABAP field condition includes were not parsed correctly leading to
IndexOutOfBoundsException
inContentIndexSynchronizer
Improvements
- Improved web UI loading speed for instances with a lot of projects
Version 7.2.3
Fixes
- Merge request detail view incorrectly showed commits from different repositories in case the commits belonged to branches having the same name
- New baselines could not be added while editing dashboard widgets in case All Projects was selected in the project dropdown
NullPointerException
inCodeToSpecItemReferenceMappingSynchronizer
- Gerrit branches were not included by default
- Instance comparison didn't show information about the included and excluded projects
- Enabling and/or disabling voting options via clicking on the icons in the projects table did not work
Version 7.2.2
Fixes
- Selecting an issue metric in the Issues page in the Test Gaps perspective unset the manually selected branch
- Extremely long URLs broke the code view in case many partitions or partitions with long names were selected
- Teamscale review comments in code collaboration platforms sometimes contained unnecessarily escaped markdown
- Check descriptions were not shown in the analysis profile editor
- Database sharding did not distribute projects as expected
- False positives in null pointer analysis of some method calls in C++
- Changing both the project's alias and any connector option while editing a project caused an error
- Old backup cleanup did not work on Windows
- Order of projects in the system logs and backup export and import views was random
IndexOutOfBoundsException
inTestCaseExtractionSynchronizer
when extracting parameterized tests in Python codeNullPointerException
errors inGerritAnalysisResultUploadTrigger
Improvements
- Some Tasks views now have a branch chooser allowing the users to check if the task's findings have been resolved on a particular branch
Version 7.2.1
Fixes
- Analysis granularity caused
IndexOutOfBoundsException
with Artifactory connection for certain repository layouts - Branch selector for the Issues table did not work correctly
- Test gap summary of the Issues table was not shown correctly for the empty default query
- Accessing a dashboard showed an empty page because of
ClassCastException
- Architecture editor: Policies hidden for specific components re-appeared when selecting another component
- Architecture editor: Excluded component did not exclude types matched to subcomponents
- Delta perspective used filtered commits for determining alerts
- Available metrics for threshold configuration were incomplete when using ESLint in analysis profile
- Metrics table was not updated after changes to threshold configuration
IndexOutOfBoundsException
inTestCaseExtractionSynchronizer
for Pylint test cases- Project creation button was enabled during long running validations for create/edit operations
- Paths with common prefixes were not handled consistently in the Delta perspective
- Method history indicator interrupted findings marker on the sidebar in the Code perspective
- Instance comparison produced thousands of requests during comparison creation
- "Comment Completeness" Analysis for Kotlin never yielded any findings
- Sequence of default colors in Metric Trend slide didn't restart when all metrics were deselected
- Delta perspective was slow when comparing against
HEAD
Improvements
- Test execution results in Code view now use graphical indicators
Version 7.2.0
Requirements Tracing
- Specification item tracing in the architecture editor
- Related requirements in merge request view are displayed based on architecture components
- Tooltips with item title for linked specification items and specification item parents
- Issue and specification item metrics are now shown as a hierarchy and can be expanded and collapsed
Tests View
- New test filter view
- Test queries can now be saved as metrics and referenced from dashboards
- Tooltips for test result icons are now more informative
Web UI
- New finding filter which only shows findings in changed code
Administration
- New analysis profile option allowing exclusion of test code from coverage metric computation