Changelog for Teamscale 8.5 ​

Version 8.5.21 ​

Fixes ​

• Security: Authenticated Teamscale administrators, under certain circumstances, were able to execute code on Teamscale’s host system CWE-78

Version 8.5.20 ​

Fixes ​

• Test executions were sometimes merged incorrectly if there were no uploads on feature branches

Version 8.5.19 ​

Fixes ​

• NullPointerException in TestHistorySynchronizer
• The code view in the Findings details view did not scroll to the finding location for dataflow findings in large files

Version 8.5.18 ​

Fixes ​

• Possible UnsupportedOperationException when retrieving usage data
• NullPointerException when processing external analysis reports
• False positives for "Null pointer dereference" check in C/C++ when using conditions with casts
• False positives for "Redundant parentheses" check in Python when using walrus operator (:=)

Improvements ​

• Guarded multiple API endpoints

Version 8.5.17 ​

Fixes ​

• Specification items were lost in Teamscale if the title of the specification space was changed in Polarion
• Simulink: Default names of Bitwise blocks were not correctly handled when determining the visibility of block names
• Specification Item Analysis: "Excessive test step" check counted too many words in case of invisible characters

Version 8.5.16 ​

Fixes ​

• Bitbucket Cloud merge requests with 100 - 1000 new findings were not annotated
• NullPointerException in JiraIssueSynchronizer
• NullPointerException during startup when using database sharding
• Azure DevOps Pull Request integration voting comments had type unknown instead of Active
• ArtifactoryContentUpdater and S3ContentUpdater sometimes stopped processing commits when artifacts were not found
• Polarion integration fetched unnecessary data from Polarion server resulting in "Serialized response is too long" errors in the Polarion server logs
• Merge requests were not correctly updated when S3 and Artifactory coverage uploads were added to analyzed Git commits
• Quick edit changes to dashboard widgets were not saved in some cases
• Finding Details slide comments did not support Markdown
• Test Gap Trend Chart showed incorrect data
• Errors in StructuringAnalysis and ElementHistoryUpdater about missing metrics or files when using multiple repository connectors

Improvements ​

• Improved loading behavior of Projects List view

Version 8.5.15 ​

Fixes ​

• Objective-C Shallow Parser: const after type declaration caused parsing error
• OutOfMemoryError while importing large amounts of Polarion work items
• NullPointerException while processing some external uploads
• TestGapSynchronizer failed with IllegalStateException: Duplicate key in some cases
• NullPointerException while creating store-size dumps at Teamscale start-up
• OutOfMemoryError while importing issue and specification items during initial analysis
• Findings Churn and Findings Count widgets showed different number of findings
• Jira annotations overwrote each other if multiple projects voted on the same Jira ticket
• NullPointerException while updating test execution data for merge commits in rare cases

Version 8.5.14 ​

Fixes ​

• NullPointerException in C Preprocessor when retrieving contents of missing header files
• DateTimeException during ABAP full and incremental synchronizations
• Unformatted code in Task Detail slides

Improvements ​

• Xodus Backend: Transaction length monitoring now configurable and turned-off by default
• Improved performance of "User or Group" selector in the Project Role Assignments view

Version 8.5.13 ​

Fixes ​

• NullPointerException in GitHubMergeRequestProvider
• Information about included uploads was always fetched when loading test gap treemaps
• Gerrit connectors did not retrieve changes when no start timestamp was configured
• Numeric Metric Value widget didn't immediately update after specification item query was changed
• Coverable lines in Swift differed from XCode
• Comments were sometimes posted with old analysis results, when new merge requests were created
• Analyzing Artifactory commits on a branch first led to missing parents in commit merged with code commit
• Event Announcement view displayed the error "Sorry, Invalid time value" when opened in Safari

Improvements ​

• Support for cancelling re-scheduled triggers

Version 8.5.12 ​

Fixes ​

• Renaming of branches in Git caused project analysis to get stuck
• Retrieval of changes from S3 and Artifactory failed for commits without parents
• Incremental issue synchronization created unnecessary error logs
• SonarLint C# check titles had redundant quotes
• Swift parser did not support in-method enum declaration
• Commit Tree Details view also showed commits of other repositories that had the current repository name as prefix
• Analysis Profiles view was not rendered after uploading an empty analysis profile
• Eclipse Plugin: Finding tooltips in the editor sidebar could not render Markdown
• Updated check descriptions were not visible in the findings detail view for existing projects
• Azure DevOps pull requests received votes on wrong commits
• In some cases report slides were not displayed correctly
• Some titles of MISRA guidelines were outdated

Improvements ​

• Better user feedback on Trigger cancellation
• New button in Delta perspective to open the currently-shown findings in the Delta view
• Anonymized and pre-processed download for source code files in pre-processed languages

Version 8.5.11 ​

Fixes ​

• Repeated attempts to delete comments in GitLab merge requests failed due to insufficient permissions
• Per-branch start date specified in branching configuration did not work for TFS and SVN connectors
• Some log entries did not show up in the Worker, Service and Interaction Logs
• Analysis profile export service generated the same file name for the default C, C++ and C# profiles
• NullPointerException in Gapped Clone Detection
• Gapped Clone Detection for test items omitted parts of clones
• ElementHistoryUpdater produced many errors and warnings for pre-commit branches
• Branch renaming in project configuration caused infinite rollbacks
• False positives for "Architecture Violation" check for C/C++ due to architecture analysis not supporting compilation databases
• Eclipse Plugin: Assigning a keyboard shortcut to the "Open in Web Browser" command did not work. Now the default shortcut is bound to Ctrl+Shift+F2 (or Cmd+Shift+F2 on macOS).
• IntelliJ Plugin: Findings tool window was disabled while IntelliJ was indexing
• Rate limiting problems with Bitbucket Cloud
• Interaction Log did not include INFO messages

Improvements ​

• Improved documentation for ABAP "Export configuration locked" troubleshooting page
• Improved Azure DevOps and Jira connector speed
• First column in Reports list view now scales better with window size

Version 8.5.10 ​

Fixes ​

• ArrayIndexOutOfBoundException in EqualityTestWithBooleanLiteralCheck
• Impacted Tests in the Issue Details view unexpectedly considered the selected partitions from the Test Gaps section
• Findings list for specification items did not include findings in changed items
• False positives for "Exception stacktrace is lost" check for C# when passing original exception as named parameter
• Validation error when editing pair list options in the Check Explorer
• Some commits could not be scheduled, resulting in reappearing rollbacks
• False positives for "Unreachable code after exit statement" check in Objective-C
• Merge Request Details: Order of findings with the same message located within the same file was incorrect
• Test Selection view hid filter after submitting a query
• JGitInternalException when an external upload to a project with a GitLab/Bitbucket connector specified a commit hash unknown to Teamscale
• Removed unnecessary scrollbar in Test Gap Treemap widget

Improvements ​

• Improved documentation of configuring Azure DevOps connections
• Improved error message of ABAPLint internal tool, if it failed without generating a result
• Reduced analysis time for "Constant Condition" check
• Limited parallel execution of triggers to prevent storage write congestion
• Improved finding description of "Long File" check

Version 8.5.9 ​

Fixes ​

• Findings filtering in some cases caused extremely long URLs leading to HTTP 502 responses
• Java annotations with their fully qualified names were not correctly parsed
• Maps as return types of methods in Swift were not correctly parsed
• Multiline strings in Python prefixed with "f" were not correctly scanned
• Architecture diagram failed to render after collapsing components
• Simulink: Root Inport and Outports were not recognized correctly
• External findings were not deleted after uploading reports without them
• A lot of unused coverage partitions in Teamscale after coverage export from SAP system

Improvements ​

• Improved performance of updating process of Bitbucket Merge Requests
• Improved finding description for "Non-literal LIKE without ESCAPE in a WHERE clause" check for ABAP
• Teamscale QTCreator Integration Plugin now supports QTCreator 9

Version 8.5.8 ​

Fixes ​

• Project Edit view broke for old project configurations with Jira connectors
• Reanalysing projects could break Projects perspective when using Xodus database
• False positives for "Comments should not contain nested comments" check when using URLs in the comments
• False positives for "Avoid comparisons to boolean literals" check for C# when using nested entities with logical operators
• Spec Item Treemap did not correctly link to the Spec Item Details view
• Generics in TypeScript were not parsed correctly
• Windows file paths containing "+" threw a validation error in Git connectors
• False positives for "Field could be final" check for Java when using @Setter annotation or Lombok Builder.Default() annotation
• NullPointerException in dataflow analysis of C++ when using an ignored statement after a label
• False positives for "A compatible declaration shall be visible with external linkage" check when macro definition was missing
• Analysing multiple specification item types in one project caused errors in the clone detection
• Activity > Commits view and Activity > Issues view were broken if issue ID pattern contained //
• Instance Comparison view was slow and unresponsive while loading the list of snapshots
• Instance Comparison failed to load remote snapshot data if it was too large
• IntelliJ Plugin did not request a necessary restart after an update
• NetBeans and Eclipse Plugin: Cancelling the "Collecting files for pre-commit analysis" job still displayed the staging dialog
• Architecture edit button was always visible, even without edit permissions
• Voting on Bitbucket Cloud merge requests did not work in some cases
• Artifactory content was no longer imported in rare cases
• JiraIssueSynchronizer could get stuck indefinitely in very rare cases
• False positives for "Comments should not contain nested comments" check when having trailing slash in Java block comments
• False positives for "Null pointer dereference" check for C# when conditions contained multiple null checks

Improvements ​

• Improved validation message for Polarion connectors
• Improved findings description for "Return in finally block" check
• Improved documentation of uploading external results
• Improved findings descriptions for "Test for NaN correctly" and "Method returns null but return type is Optional" checks

Version 8.5.7 ​

Fixes ​

• Parameter lists in Java were not parsed correctly when using annotations, leading to errors in DataFlowFindingsSynchronizer
• Test executions could not be mapped to their implementations if executions of the same test have been uploaded to different partitions
• False positives for "Check for prohibited blocks in discrete controllers" check for Simulink when using discrete-time blocks
• TriggerCompilationException if the file system did not clear and recreate a temporary directory fast enough
• Test and specification item queries could accidentally end up in the Test Gaps > Issues view
• Teamscale crashed when loading a custom check JAR failed
• Outdated plugin user data in Teamscale was not cleaned up properly
• Accessing the Activity perspective resulted in expensive API calls to code collaboration platforms
• Missing whitespaces for some comments on merge request voting statuses
• System Information view broke when showing active users
• Top-level const and var statements in Go were considered coverable
• Warning for "too many inline comments" was added for BitBucket merge request even if code insights were used
• Commit for creating a code review finding showed too many affected files
• IntelliJ Plugin: Findings were fetched for files which were not open in the editor
• Eclipse Plugin: ABAPLint findings disappeared from the editor after a few seconds

Improvements ​

• Support for BitBucker Server versions before v5.15

Version 8.5.6 ​

Fixes ​

• Hover text for trends in Metrics widgets contained [object Object]
• Documentation links for simple and compact coverage were mixed up
• IndexOutOfBoundsException in AbapContentUpdater which blocked any analysis progress
• "Missing f string prefix" check for Python failed in the context of some lambdas
• "Method content" link inside Method History view was misaligned for commits which are linked to issues
• Buttons in Test Gap Treemap widget were misaligned
• IndexOutOfBoundsException in "Multiple Statements per Line" check when using macros
• ABAP: Modification of standard table check broke for EML modify statements
• ABAP: Escaped curly braces in string templates were not handled in scanner
• IntelliJ: Findings refresh button did not work in some cases
• Architecture Editor: Policy create mode could sometimes not be deselected
• Method coverage was shown as over 100% in some cases when multiple line coverage metric groups were configured

Improvements ​

• Improved performance for general coverage report parsing
• Improved default layout and scrollability for declaration of accessibility web page

Version 8.5.5 ​

Fixes ​

• Access key was generated for the logged-in user, not the edited user
• Meta class operator for MATLAB was not parsed correctly
• False positives for some Python checks, when using specific escape sequences in Python documentation strings
• Worker log entry showed wrong color when it contained both errors and warnings
• __attribute__ keyword in C/C++ was not parsed correctly
• ABAP CDS: End-of-line comments starting with -- instead of // were not supported
• Reports: Overwritten assessment values in System Quality Overview slide were not reset when using a report as a template
• False positives for "Types shall be explicitly specified" check for C/C++
• Findings Detail view: Different rules from the same guideline covered by one check were shown in one line

Improvements ​

• Improved description for "Anonymized code download" feature in Code view for potential caveats
• Improved findings description for "Constructor Call Without Encoding" check

Version 8.5.4 ​

Fixes ​

• Filter options on Spec Item Findings view were loading indefinitely when specification item analysis was not enabled
• False negatives for "Avoid unused private fields" check for C# when using class members with implicit access modifiers
• Adding a trailing slash in the GitHub repository server URL caused a reanalysis of the project

Improvements ​

• Improved documentation on reanalysis

Version 8.5.3 ​

Fixes ​

• RepositoryChangeRetrievers were running for a long time under special circumstances
• Some merge requests could not be opened due to a JavaScript error
• "Now" button for time-travel time selector did not work in some cases
• Unnecessary rollbacks in work item analysis branches
• Failure when retrieving work item link updates in AzureDevOpsSpecItemSynchronizer
• Specification items and tests query field was unusable after entering an invalid query
• False positives for "Methods should not be defined in a header file" check for C++
• Merge requests were synchronized too often after rollbacks
• Line coverage values close to 100% were erroneously rounded up
• NullPointerException in RepositoryContentUpdaterUtils leading to analysis being stuck

Improvements ​

• Reduction in storage consumption for "Method always returns the same value" check for Java
• SAP Code Inspector: Added finding descriptions for Code Pal findings
• Added Objective-C++ support for "Methods should not be defined in a header file" check
• Reduction for number of log messages in case some merge messages could not be parsed

Version 8.5.2 ​

Fixes ​

• Objective-C++: struct defined inside of a method was not counted for method length analysis
• Objective-C++: Class was not detected as a valid identifier
• Incremental updates of artifactory items could cause rollbacks
• False positives for multiline URLs in comment analysis
• Issue search view was broken
• Naming convention analysis for Simulink did not correctly analyze name of in-/outports of bus elements
• Intellij Plugin: Renaming of a file did not create a precommit
• Copying to clipboard failed in insecure contexts
• Snapshot backups for RocksDB storage backend did not work

Improvements ​

• Improved documentation on licensing model
• IntelliJ Plugin now interprets the project.branch option of the .teamscale.toml IDE Configuration File Format

Version 8.5.1 ​

Fixes ​

• Merge Requests view was broken in some cases
• List of parsing errors was not expandable in Code view
• Proxy settings using wildcards could break outgoing HTTP connections
• Navigating in -issues- and -spec-items- paths added duplicate entries in the path selector when multiple queries had the same name
• False positives for "Use of enclosing braces, partial array initialization, multiple initialization of array elements" check in C/C++ when using nested structs with trailing commas

Improvements ​

• Azure DevOps integration requests now retrieve work item link updates in a more efficient manner
• Support importing Code Pal findings from SAP Code Inspector (with Code Pal add-on)
• Improved memory usage and performance for clone detection on very large commits

Version 8.5.0 ​

Analysis ​

• Analysis of Objective-C++ code
• Support for tracing generated code to Simulink models for Simulink PLC Coder
• ABAP: Metadata of ABAP objects is now stored historized

Azure DevOps ​

• Work item link changes are now imported as specification item updates
• Support for all work item relations
• Support for deletion of work items

Test Data and Coverage Upload ​

• New coverage report format: Teamscale Compact Coverage
• CLI tool to compress JaCoCo and LCOV coverage reports to Teamscale Compact Coverage format
• Test case extraction and test execution report upload for XCTest test cases written in Swift or Objective-C
• Extension of testwise coverage report format with an option of a file path hint for the corresponding test implementation
• JavaScript Profiler: Upload to artifactory

Web UI ​

• Delta perspective now supports deltas for specification items in addition to deltas for code
• All available clang-tidy checks are now configurable using analysis profile options
• Replace analysis granularity specification by simpler per-branch start date
• Specification item status is now also visible in the Impacted Specification Items table
• Traceability violation findings are now displayed in the Findings Details view and the details view of manual test cases
• Manual test case steps are now shown in the Findings Details view if a finding is located within a manual test case
• Manual test case steps are now shown when opening a manual test case in the Requirements Tracing perspective
• Code references tab now includes simple list views as well
• Default avatar is now personalized using the user's initials
• Confirmation prompt in Check Explorer in case of unsaved changes
• Findings Churn Widget now supports findings churns for findings in specification items
• Support for matched items of specification items query in Treemap widgets

Reports ​

• Configurable font size for code snippets
• Thumb icons for comments
• Search box for the Reports list view
• Enhanced visualization of the delta trend on the System quality overview slide

New Checks ​

• "Usage of goto" and "Avoid using out on parameters" checks for PL/SQL
• "Avoid using certain text snippets" check for many languages
• "Endif directive comment" check for C/C++, Objective-C and Swift
• "Method always returns the same value" check for Java
• "Do not throw multiple exceptions in method declaration" check for ABAP
• "Use ABAP_TRUE and ABAP_FALSE for boolean comparisons" check for ABAP

Work Item Analysis Checks ​

• "Find traceability violations for work item links" check
• "Find excessively long test steps of manual test cases" check
• "Find vague expressions in test steps of manual test cases" check

Administration ​

• User can include all visible projects in the backup export by setting the newly added parameter "include-all-visible-projects"
• Admins may cancel long running triggers via Web UI
• System health check now checks for expiration of server certificate
• New permission to control whether or not a test ranking computation can be performed