This release includes the following enhancements:

Release date: December 13, 2022

Support for .NET 7

Support for .NET 7 has been added. See Supported Frameworks.

Support for C# 11

dotTEST can now analyze code written in C# 11.

IDE Integration

  • Support for visualizing code coverage in VSCode dotTEST extension has been added.
  • Setup problems can now be displayed in the form of pop-up messages in the VSCode window.

Parasoft Findings for SonarQube

The Parasoft Findings Plugin for SonarQube has been introduced. The plugin allows you to view static analysis test results within SonarQube. For details, see Parasoft Findings for SonarQube. The plugin can be downloaded from the Parasoft marketplace: https://customerportal.parasoft.com/lightningportal/s/marketplacedetails?id=a703g0000000KoZAAU.

Test Impact Analysis

Test Impact Analysis (TIA), which allows you to execute only the affected tests, is now supported (for CLI only). See Configuring the Test Impact Analysis for details.

Tests Execution and Coverage

  • VSTest has been updated to version 17.3.0.
  • Test adapters have been updated to versions compatible with .NET 7:
    • MSTest v.2.2.10
    • NUnit 2 v.2.3.0
    • NUnit 3 v.4.3.0
    • xUnit v.2.4.1
  • Generating application coverage has been simplified by reducing the number of required settings.

Enhanced Static Analysis

  • Support for analyzing XAML files has been extended.
  • The accuracy of MSIL-based Rule Wizard rules has been improved as the rules are now executed via Roslyn infrastructure. This applies to the following built-in rules:
    • CS.PB.INVOKE
    • EXCEPT.NCNRE
    • GC.DCGC
    • GC.RCCB
    • OOM.FCSF
    • PB.CONSOLEWRITE
    • SEC.AASV
    • SEC.ALBM
    • SEC.AUMS
    • SEC.AUPS
    • SEC.DMSC
    • SEC.USSCR
    • SPR.ENFL
    • SPR.VPPD
    • SPR.VPPDIMPL
  • A parameter has been added to BD.PB.CC to allow reporting violations on constant values. The definition of the constant value has been extended.
  • Support for handling the String.Empty value in Flow Analysis rules has been added.
  • Rules from the ROSLYN.MSNA category have been updated thanks to the upgrade of Microsoft.CodeAnalysis.NetAnalyzers package to version 6.0.

New and Updated Test Configurations

The Security Compliance Pack has been extended by adding support for the following test configurations:

  • CWE 4.9
  • CWE Top 25 2022 
  • CWE Top 25 + on the Cusp 2022
  • HIPAA
  • PCI-DSS 4.0
  • VVSG 2.0

The following test configurations have been updated:

  • Calculate Application Coverage
  • Collect Static Coverage
  • Roslyn .NET Analyzers Default Rules
  • Run VSTest Tests with Coverage
  • Run VSTest Tests
  • UL 2900

Updated Static Analysis Rules

The following rules have been updated:

Rule IDUpdates
BRM.APNFTSupport for C#11 syntax
BRM.MLLSupport for C#11 syntax
CS.BRM.PNPTSupport for C#11 syntax
CS.INTER.ITTSupport for C#11 syntax
CS.PB.SHIFTSupport for C#11 syntax
PB.CFFSupport for C#11 syntax
PB.STATICFLDFixed false positive violations
SEC.ALSISupport for C#11 syntax
SPR.VPPDIMPLImproved accuracy

Additional Updates

  • The Dockerfile used to create a dotTEST container image has been simplified.
  • The shipped JRE has been upgraded to version 11.0.5.
  • Git integration has been improved by optimizing performance.
  • OIDC authentication with OKTA is now supported for both IDE and CLI-based workflows. See Configuring OpenID Connect in the UI and Configuring OpenID Connect in the .properties File.
  • General improvements to the Flow Analysis engine may cause some differences in the violations reported by Flow Analysis rules compared to the previous version.

Removed Support

Removed Support for Platforms

Support for the following platform is now removed:

  • Windows Server 2016

Removed Support for Development Platforms

Support for the following development platform is now removed:

  • .NET 5

Known Limitations

  • TIA can be successfully performed only for a solution in which the solution file is located in the root folder, and all the sources compiled from this solution are located in the same directory or its subdirectories.

Deprecated Rules

Deprecated RuleSuggested Rule
CS.MLCMETRIC.NOPLIM
CS.OOM.MIMETRIC.MI
OOM.CYCLOMETRIC.MCC
OOM.LNMMMETRIC.NOMIT
OOM.LNPMMETRIC.NOPAR
OOM.LNPBDMETRIC.NOPUBMIT
OOM.LNPTDMETRIC.NOPROTMIT
OOM.LNPVDMETRIC.NOPRIVMIT
OOM.MLCIMETRIC.IDOC
OOM.LNPBMMETRIC.NOPUBMIT
OOM.LNPTMMETRIC.NOPROTMIT
OOM.LNPVMMETRIC.NOPRIVMIT

Resolved Bugs and FRs

Bug/FR IDDescription
DT-17701Update information about dottest_iismanager -stop
DT-18026Analysis does not finish on customer's project
DT-18706Rule PB.CFF - text formatting in curly braces and inconsistent static analysis results
DT-18742"unknown" project is shown in result.xml after running static analysis
DT-18772Japanese DTP - dotTEST rules description of CDD. category are not visible from Violation Explorer view
DT-18545Rule CMUG.MU.AUPM reports on event handler
DT-18833Parameters for mapped or cloned rules are not applied in OldRunner
DT-19149Fix hang when dotTEST analyzes unsupported C# version
FA-9090BD.EXCEPT.NR false positive on pattern matching
FA-9150Incorrect simulation of a loop where the condition contains a array element access
XT-39993[ VS ] Translated resources specific for resources project are not displayed in IDE
XT-40011Inquire about specification of totLns in the tag <Scope>
XT-40492[ VS ] Japanization issue: label for link to Parasoft Forums is missing

  • No labels