This release includes the following enhancements:

Release date: May 11, 2022

OpenID Connect Support

You can now authenticate on DTP via OpenID Connect to add a layer of security to your interactions with your DTP server. See Configuring OpenID Connect in the UI and Configuring OpenID Connect in the .properties File for details. Depending on your requirements, two methods are available to authenticate on the OpenID Connect server from the command line: device code and certificate. Device code authentication is enabled by default. 

Jtest Container Image at Docker Hub

You can download a ready to use Jtest container image from Docker Hub: https://hub.docker.com/r/parasoft/jtest. See also Deploying Jtest in a Docker Container.

Unit Test Assistant Enhancements

Support for Mockito 3 and 4

We've added support for Mockito 3 and 4.

Static and Constructor Mocks Using Mockito

Static method and constructor mocking is now supported using Mockito instead of PowerMock for bulk creation. Recommendations and quick fixes related to static and constructor mocking for tests that already use PowerMock are still supported. If you want to enable static and constructor mocking during bulk creation on projects created prior to 2022.1 that use PowerMock, you need to reconfigure your tests. See What if tests fail when running PowerMock with mockito-inline? for details about updating your PowerMock tests and converting PowerMock tests to Mockito. See Mockito Static and Constructor Mocking Limitations for details about cases which are not supported by Mockito.

Unit Test Bulk Creation Enhancements

  • Test cases generated during bulk creation now cover exception blocks.
  • We've optimized bulk creation to eliminate test cases that do not provide additional coverage or do not compile.

Other Enhancements

  • We've improved assertions created for numeric object and null types.

Support for Parallel Builds

Jtest now collects test coverage for Maven and Gradle parallel builds. For details, see Testing and Analysis with Maven and Testing and Analysis with Gradle.

Support for IDEs

We've added support for the following IDEs:

  • IntelliJ 2021.2
  • IntelliJ 2021.3
  • Eclipse 2021-12 (4.22)
  • Eclipse 2022-03 (4.23)

Extended Security Compliance Pack

We've extended the Security Compliance Pack by adding support for the latest version of CWE and updating some configurations. See the New and Updated Test Configurations section below.

New and Updated Test Configurations

We've added the following test configuration:

  • CWE 4.6

We've updated the following test configurations:

  • OWASP Top 10-2021
  • CERT
  • DISA ASD STIG

Updated Static Analysis Rules

We've updated the following rules:

  • BEAN.SERIALIZABLE
  • CODSTA.READ.CID
  • EJB.AMSC
  • EJB.MNDF
  • EXCEPT.NCNPE
  • EXCEPT.NTNPE
  • FORMAT.FCN
  • FORMAT.TC
  • GC.FCF
  • GC.FM
  • GC.NCF
  • INIT.LV
  • INTER.COS
  • INTER.CTLC
  • JAVADOC.TSMJT
  • JAVADOC.VMCR
  • NAMING.IRB
  • NAMING.USF
  • OOP.MFP
  • PB.API.OF
  • PB.API.REP
  • PB.CLOSE
  • PB.NUM.BBDCC
  • PORT.EXEC
  • PORT.NATV
  • SECURITY.EAB.CMP
  • SECURITY.ESD.TFP
  • SECURITY.IBA.AEAF
  • SECURITY.IBA.ATF
  • SECURITY.IBA.CSVFV
  • SECURITY.IBA.UPS
  • SECURITY.WSC.CLONE
  • SECURITY.WSC.RDM
  • SECURITY.WSC.SER
  • SECURITY.WSC.SRD
  • SECURITY.WSC.SSM
  • SECURITY.WSC.USC
  • SERIAL.FT
  • SERIAL.ROWO
  • SERIAL.SROS
  • SERVLET.SOP
  • SERVLET.UCO
  • TRS.ANF
  • TRS.AUTG
  • TRS.NSYN
  • TRS.THRD
  • TRS.TSHL
  • TRS.UCM
  • TRS.UWNA
  • UC.EF
  • UC.SNE

Updated Flow Analysis Rules

We've updated the following rules:

  • BD.EXCEPT.AN
  • BD.EXCEPT.NP
  • BD.EXCEPT.NR
  • BD.PB.CC
  • BD.PB.NP
  • BD.PB.STRNULL
  • BD.PB.VOVR
  • BD.SECURITY.TDALLOC
  • BD.SECURITY.TDLOG
  • BD.TRS.DIFCS

We've improved the violation message in the following rules, and as a result, suppressions associated with these rules on DTP may no longer be available:

  • BD.SECURITY.CUSTOM
  • BD.SECURITY.SENS
  • BD.SECURITY.TDALLOC
  • BD.SECURITY.TDCMD
  • BD.SECURITY.TDCODE
  • BD.SECURITY.TDDIG
  • BD.SECURITY.TDENV
  • BD.SECURITY.TDFILES
  • BD.SECURITY.TDFNAMES
  • BD.SECURITY.TDINPUT
  • BD.SECURITY.TDJXPATH
  • BD.SECURITY.TDLDAP
  • BD.SECURITY.TDLIB
  • BD.SECURITY.TDLOG
  • BD.SECURITY.TDNET
  • BD.SECURITY.TDPASSWD
  • BD.SECURITY.TDRESP
  • BD.SECURITY.TDRFL
  • BD.SECURITY.TDSESSION
  • BD.SECURITY.TDSQL
  • BD.SECURITY.TDXML
  • BD.SECURITY.TDXPATH
  • BD.SECURITY.TDXSS

Additionally, the id of rule BD.PB.ARRAYINP has been changed to: BD.SECURITY.ARRAY.

Other Enhancements

  • We've added support for Gradle 7.3 and 7.4.
  • We've added support for Lombok 1.18.22.
  • IPv6 is now supported.
  • We've improved creating a local Maven repository with Maven and Gradle plugin dependencies.
  • We've improved Jtest's performance when running a test configuration containing Flow Analysis rules.
  • We've improved Flow Analysis rules accuracy when source code contains compiler-generated or class initialization code.
  • You can now specify a custom name of your Jtest report. See report.file.name.
  • We've addressed log4j vulnerabilities (log4j version 2.17.2 is used for this release).

Other Changes

  • Support for JUnit 3 is now deprecated and will be removed in future versions. 
  • Upgrading to 2022.1 might cause machine ID change on Windows and Linux. Verify your machine ID before requesting a new license from Parasoft. See Obtaining the Machine ID.
  • General improvements to the Flow Analysis engine may cause some differences in the violations reported by Flow Analysis 2022.1 and the previous version.
  • To add support for enhanced UTA and achieve compatibility between test ids in different versions of Junit, we've changed the format of Junit 5 tests ids. This might cause some data stored on DTP to become invalid.
  • TFS SDK libraries are now no longer distributed as part of Parasoft. If you want TFS support to work on your machine, you need to install TFS SDK from vendor.

Removed Support for Environments

Removed Support for IDEs

Support for the following IDEs is now removed:

  • IntelliJ 2017-2019
  • Eclipse 4.4
  • Eclipse 4.5
  • Eclipse 4.6
  • Eclipse 4.7

Resolved Bugs and FRs

Bug/FR IDDescription
FA-8531Improve documentation of BD-PB-VOVR rule
FA-8696Improve documentation of BD-TRS-DIFCS rule
FA-8739BD.PB.ARRAY false positive
FA-8824BD.SECURITY.TDALLOC potential false negative
JT-73698Can we skip Lombok autogenerated code when performing analysis?
JT-74319How to fix violation for PB.CLOSE
UTA-7116CSV inputs are not getting generated when creating parametrized test case
XT-39405Impacted Unit Tests view does not populate in Eclipse 2021-09 on Java >15
XT-39435Unable to obtain license when password contains " " - space char
XT-39530Issues with scontrol settings on Perforce using SSL
XT-39839How to use scope.path.accept.regexp and scope.path.reject.regexp





  • No labels