This release includes the following enhancements:
Release date: December 13, 2022
Support for .NET 7
Support for .NET 7 has been added. See Supported Frameworks.
Support for C# 11
dotTEST can now analyze code written in C# 11.
IDE Integration
- Support for visualizing code coverage in VSCode dotTEST extension has been added.
- Setup problems can now be displayed in the form of pop-up messages in the VSCode window.
Parasoft Findings for SonarQube
The Parasoft Findings Plugin for SonarQube has been introduced. The plugin allows you to view static analysis test results within SonarQube. For details, see Parasoft Findings for SonarQube. The plugin can be downloaded from the Parasoft marketplace: https://customerportal.parasoft.com/lightningportal/s/marketplacedetails?id=a703g0000000KoZAAU.
Test Impact Analysis
Test Impact Analysis (TIA), which allows you to execute only the affected tests, is now supported (for CLI only). See Configuring the Test Impact Analysis for details.
Tests Execution and Coverage
- VSTest has been updated to version 17.3.0.
- Test adapters have been updated to versions compatible with .NET 7:
- MSTest v.2.2.10
- NUnit 2 v.2.3.0
- NUnit 3 v.4.3.0
- xUnit v.2.4.1
- MSTest v.2.2.10
- Generating application coverage has been simplified by reducing the number of required settings.
Enhanced Static Analysis
- Support for analyzing XAML files has been extended.
- The accuracy of MSIL-based Rule Wizard rules has been improved as the rules are now executed via Roslyn infrastructure. This applies to the following built-in rules:
- CS.PB.INVOKE
- EXCEPT.NCNRE
- GC.DCGC
- GC.RCCB
- OOM.FCSF
- PB.CONSOLEWRITE
- SEC.AASV
- SEC.ALBM
- SEC.AUMS
- SEC.AUPS
- SEC.DMSC
- SEC.USSCR
- SPR.ENFL
- SPR.VPPD
- SPR.VPPDIMPL
- A parameter has been added to BD.PB.CC to allow reporting violations on constant values. The definition of the constant value has been extended.
- Support for handling the String.Empty value in Flow Analysis rules has been added.
- Rules from the ROSLYN.MSNA category have been updated thanks to the upgrade of Microsoft.CodeAnalysis.NetAnalyzers package to version 6.0.
New and Updated Test Configurations
The Security Compliance Pack has been extended by adding support for the following test configurations:
- CWE 4.9
- CWE Top 25 2022
- CWE Top 25 + on the Cusp 2022
- HIPAA
- PCI-DSS 4.0
- VVSG 2.0
The following test configurations have been updated:
- Calculate Application Coverage
- Collect Static Coverage
- Roslyn .NET Analyzers Default Rules
- Run VSTest Tests with Coverage
- Run VSTest Tests
- UL 2900
Updated Static Analysis Rules
The following rules have been updated:
| Rule ID | Updates |
|---|---|
| BRM.APNFT | Support for C#11 syntax |
| BRM.MLL | Support for C#11 syntax |
| CS.BRM.PNPT | Support for C#11 syntax |
| CS.INTER.ITT | Support for C#11 syntax |
| CS.PB.SHIFT | Support for C#11 syntax |
| PB.CFF | Support for C#11 syntax |
| PB.STATICFLD | Fixed false positive violations |
| SEC.ALSI | Support for C#11 syntax |
| SPR.VPPDIMPL | Improved accuracy |
Additional Updates
- The Dockerfile used to create a dotTEST container image has been simplified.
- The shipped JRE has been upgraded to version 11.0.5.
- Git integration has been improved by optimizing performance.
- OIDC authentication with OKTA is now supported for both IDE and CLI-based workflows. See Configuring OpenID Connect in the UI and Configuring OpenID Connect in the .properties File.
- General improvements to the Flow Analysis engine may cause some differences in the violations reported by Flow Analysis rules compared to the previous version.
Removed Support
Removed Support for Platforms
Support for the following platform is now removed:
- Windows Server 2016
Removed Support for Development Platforms
Support for the following development platform is now removed:
- .NET 5
Known Limitations
- TIA can be successfully performed only for a solution in which the solution file is located in the root folder, and all the sources compiled from this solution are located in the same directory or its subdirectories.
Deprecated Rules
| Deprecated Rule | Suggested Rule |
|---|---|
| CS.MLC | METRIC.NOPLIM |
| CS.OOM.MI | METRIC.MI |
| OOM.CYCLO | METRIC.MCC |
| OOM.LNMM | METRIC.NOMIT |
| OOM.LNPM | METRIC.NOPAR |
| OOM.LNPBD | METRIC.NOPUBMIT |
| OOM.LNPTD | METRIC.NOPROTMIT |
| OOM.LNPVD | METRIC.NOPRIVMIT |
| OOM.MLCI | METRIC.IDOC |
| OOM.LNPBM | METRIC.NOPUBMIT |
| OOM.LNPTM | METRIC.NOPROTMIT |
| OOM.LNPVM | METRIC.NOPRIVMIT |
Resolved Bugs and FRs
| Bug/FR ID | Description |
|---|---|
| DT-17701 | Update information about dottest_iismanager -stop |
| DT-18026 | Analysis does not finish on customer's project |
| DT-18706 | Rule PB.CFF - text formatting in curly braces and inconsistent static analysis results |
| DT-18742 | "unknown" project is shown in result.xml after running static analysis |
| DT-18772 | Japanese DTP - dotTEST rules description of CDD. category are not visible from Violation Explorer view |
| DT-18545 | Rule CMUG.MU.AUPM reports on event handler |
| DT-18833 | Parameters for mapped or cloned rules are not applied in OldRunner |
| DT-19149 | Fix hang when dotTEST analyzes unsupported C# version |
| FA-9090 | BD.EXCEPT.NR false positive on pattern matching |
| FA-9150 | Incorrect simulation of a loop where the condition contains a array element access |
| XT-39993 | [ VS ] Translated resources specific for resources project are not displayed in IDE |
| XT-40011 | Inquire about specification of totLns in the tag <Scope> |
| XT-40492 | [ VS ] Japanization issue: label for link to Parasoft Forums is missing |
