Release date: April 15, 2020 In this release, we've focused on extending support for environments and frameworks, as well as enhancing our security compliance solution. Support for Visual Studio CodeYou can now leverage dotTEST's static analysis capabilities in Visual Studio Code IDE. dotTEST ships with an extension for Visual Studio Code, which allows you to run static code analysis, review the results directly in the IDE, suppress unwanted findings, and more. See Extension for Visual Studio Code for details. Support for Source Control Management SystemsWe've added support for:
See Deprecated Support for Environments and Systems for information about deprecated and removed support for source control management systems. Extended Support for C#We've added support for features and enhancements of C# 8.0. Extended Support for .NET Core
Extended Security Compliance PackThe Security Pack now supports CWE 4.0. In addition, we've enhanced support for CWE Top 25 2019 and On the Cusp guidelines by adding new rules and updating the existing test configurations. See New and Updated Test Configurations below for details. New Versioning ConventionAll Parasoft products, including dotTEST, now follow a new versioning scheme: YYYY.release.
|
Rule ID | Header |
---|---|
BD.SECURITY.IDENTITY | Always revert the impersonated user to the previous identity |
BD.SECURITY.SENSLOG | Avoid passing sensitive information to log methods |
BD.SECURITY.TDALLOC | Validate potentially tainted data before it is used to determine the size of memory allocation |
BD.SECURITY.TDCODE | Validate potentially tainted data before it is used in methods that generate code |
BD.SECURITY.TDPASSWD | Protect against using unprotected credentials |
SEC.ALSI | Avoid logging sensitive information |
SEC.ATA | Do not use the Trace.Assert() method in production code |
SEC.PBRTE | Always specify absolute path to execute commands |
We've updated the following rule by adding a parameter to let you customize the maximum line length:
Support for the following environments and systems is now deprecated and will be removed in future releases.
Support for Windows 7 is deprecated, following the system's EOL.
Support for the following SCMs is deprecated:
In addition, we've removed support for Microsoft Team Foundation Server 2010.
Support for Java 6 and lower is deprecated. In consequence, support environments that require Java 6 or lower will be removed for future releases.
Bug/FR ID | Description |
---|---|
DT-12089 | Feature request to add a parameter for BRM.MLL-3 |
DT-13663 | Request to document how a scope of instrumentation for Application Coverage can be limited |
DT-14665 | User should be able to use dotTEST on FIPS compliant environments |
DT-14670 | OWASP2017.A1.VPPD: Handling of wrapper classes and method calls |
DT-14706 | Incorrect list of .NET Core Supported Rules in the manual |
DT-14707 | Setup problem for PB.EMPTYMETHODS is reported on .NETCore project, though rule is supported |
FA-7615 | BD.EXCEPT.NR potential false positive |
XT-37470 | New NLS implementation provides English version of (some) resources in Japan environment. |
For information about this release, see https://docs.parasoft.com/display/DOTTEST20201/Updates+in+2020.1. |