Update Notices for Teamscale 9.5
Security: Reverse proxy related feature toggle was removed,
reverse proxy configurations have to be updated for version 9.5 From version 9.5, Teamscale is more strict in handling path rewrites from reverse proxies. The feature toggle
-Dcom.teamscale.proxy.https-termination=true was removed. Use
X-Forwarded-Proto: https in the reverse proxy configuration instead. For further information on how you might need to change your nginx configuration, please have a look at our documentation on Configuring Reverse Proxy.
Updated requirements in version 9.4
The minimal system requirements for web browsers have been updated to:
- Chrome version 108+
- Firefox version 101+
- Edge version 108+
- Safari version 15.4+
The minimal requirements for the IntelliJ plugin have been updated to version 2020.3.
Deprecated feature: XPath-based entity selection in version 9.4
From version 9.4, using XPath for selecting entities is deprecated. This affects those instances where the users implemented their own custom checks using XPath selection. The entity selection in these should be replaced by Java code. Please contact Teamscale support if you need help with updating your custom checks.
Content Security Policy changed for version 9.4
From version 9.4, Teamscale's Content Security Policy (CSP) prevents embeddings in an
<iframe> element of unknown origins by default. This is a proactive security measure to prevent clickjacking. To allow embeddings from other origins, you can set the
com.teamscale.server.csp-frame-ancestors JVM property to a valid "frame-ancestors" CSP value. The default is
'self' https://dev.azure.com https://cqsegmbh.gallerycdn.vsassets.io https://*.visualstudio.com The last three origins ensure that the embedded parts of Teamscale's Azure DevOps Extension continue to work. Note that the JVM flag will completely overwrite this setting, including the defaults.
Permissions to create dashboard templates might be missing for
version 9.4 In 9.4 the
CREATE_DASHBOARD permission was removed along with the "Dashboard Creator" role. Now all users have the permission to create dashboards by default again. Users might lose the permission to create dashboard templates, in this case it can be readded in the Admin > Roles view.
Removed feature: Avatar images via Gravatar
Due to privacy concerns, the ability to fetch avatar images via the external Gravatar service was deprecated since version 9.2 and was removed in Teamscale 9.4. Please upload your avatar directly to Teamscale.
Custom log configurations have to be updated for version 9.3
If you use a custom log configuration, you have to add new filters to still collect the Parse Log errors. Please contact Teamscale support for details.
Deprecated feature: Issue id parameter in Test Gap Treemap
widgets The "issue id" parameter of the Test Gap Treemap widget is deprecated and will be removed in Teamscale 9.1. Please use the Test Gaps > Issues perspective instead.
Re-Analysis when Upgrading
- When updating from 9.5.x, drop-in.
- When updating from 9.4.x or earlier, a full re-analysis via backup is required.
What's New for Teamscale 9.5
We continuously strive to improve the user experience with Teamscale. As a result, the new release comes with many improvements in the web UI.
- Various UI improvements and tweaks with the aim of giving the dashboard a more modern feel and look and making it less cluttered
- Improved appearance of Dashboard widgets by showing widget buttons when hovering over them
- Various UI enhancements with the aim of modernizing and improving the architecture editor
- Architectures can now be saved to all important branches in the project
Additional Web Interface Improvements
- Commit Details view: Change origin entry is now displayed for affected files
- Project Configuration view: Trimmed connector validation errors
- Multi-options in the Admin > Settings view are now collapsible
- Search field is now smaller when inactive
Quality Control: Reports
In this release, we have continued our efforts to make the reporting framework more flexible and capable of supporting different use cases. These improvements include the following:
- New option to set the font size on markdown slides
- New option to hide KPI assessments of system quality overview slides
Plugins & Integrations
- QtCreator plugin now supports QtCreator 10
- Code Collaboration Platforms: Findings badges are now updated at their previous location within merge request descriptions
Analysis: Integrated Tools
- Flake8 Python linter (including pyflakes, pycodestyle, mccabe and bugbear) is now available as an internal tool, thereby adding ~170 new checks to Teamscale.
- Security Code Scan (SCS) for C# is now available as an internal tool. This integration adds ~30 new checks to Teamscale.
New Checks & Check Options
- New option for "Empty Catch Block" check to flag catch blocks which only contain comments
- New option for "Missing VDM view type annotation" check to define a custom annotation
- New "Usage of an unchecked URL object can be insecure" check which finds vulnerabilities to Server-Side Request Forgery (SSRF) attacks
- New options for "Do not put multiple statements in a Lambda expression" check to define the number of maximum allowed statements in lambda expressions
In this release, we have continued with our focus on optimizations and improving the overall performance of Teamscale. These improvements include the following:
- Backup exports can now run in parallel
- Improved performance of backup import
- Improved performance of ABAP taint analysis on very large systems
Administration & Operation
This release comes with a number of administrative features to make operating a Teamscale instance easier.
- Hints are displayed for best practices regarding the start timestamp of issue connectors
- New option for Azure DevOps TFVC (TFS) connectors to distinguish between non-branched mode and disabled branch analysis
- Backup export options can now be specified per project
- ABAP Connections: Retention duration for raw zip files retrieved from SAP systems can now be configured
- Paused projects are now indicated in the Execution Status view
- Improved findings tracking between instance updates