In this release, we've focused on extending Jtest's unit testing capabilities and enhancing our security compliance solution.

Support for IDEs

We've added support for the following IDEs:

  • Eclipse 2019-06 (4.12)
  • Eclipse 2019-09 (4.13)

Enhanced Unit Testing

Support for JUnit 5

Jtest now ships with support for JUnit 5. You can execute JUnit 5 tests and collect coverage information on the desktop and in the command line. In addition, desktop users can create and enhance JUnit 5 tests with Unit Test Assistant, as well as perform test impact analysis in Eclipse or IntelliJ IDEA.

We've added the JUnit 5 Best Practices test configuration to help you handle projects that include both JUnit 4 and JUnit 5 tests or assist you in migrating your tests from the earlier versions of the framework to JUnit 5; see Built-in Test Configurations.

Historical results associated with tests created in legacy frameworks, such as Junit 3 or JUnitParams 10.0.4, may no longer be available on DTP.

Extended Security Compliance Pack

We've added support for the latest version of Common Weaknesses Enumeration (CWE). We've added new static analysis rules and extended some existing rules to enable support for CWE 3.4, including CWE Top 25 2019 and One the Cusp guidelines; see the New and Updated Test Configurations section below.

New and Updated Test Configurations

We've added the following test configurations:

  • CWE 3.4
  • CWE Top 25 2019
  • CWE Top 25 + On the Cusp 2019

  • JUnit 4 Best Practices

  • JUnit 5 Best Practices

The TDD test configuration has been renamed as "TDD Best Practices".

Removed Test Configurations

  • CWE 3.2
  • CWE-SANS Top 25 2011
  • CWE SANS Top 25 2011 + On the Cusp
  • Unit Test Assistant
  • Unit Testing Best Practices

Other Changes

  • We've added the -project.jsonpath option. If you you create your .json file manually (with the the -project.* options), you can configure this option to customize the default name and location of the file; see Creating Custom .json Data Files.
  • We've changed the structure of coverage data files to enhance the mechanism of matching static and dynamic coverage. In consequence, Jtest no longer allows you to analyze coverage data files that were generated with earlier Jtest versions. To collect and merge coverage data, ensure that all Jtest instances thought your infrastructure have the same version. 
  • The license.network.enabled option has been renamed as license.network.use.specified.server; see Setting the License.
  • We've optimized memory usage to increase performance.

New and Updated Static Analysis Rules

The following rules have been added:

Rule IDHeader
BD.SECURITY.TDCODEValidate potentially tainted data before it is used in methods that generate code
BD.SECURITY.TDSESSIONDo not store untrusted data in HTTP session

FORMAT.MCH

Include a meaningful file header comment in every source file

JUNIT.AUL

Avoid using loops in JUnit tests

JUNIT.IGNORE

Ensure that JUnit 5 test classes that use @Ignore are annotated with

@ExtendWith(IgnoreCondition.class) or @EnableJUnit4MigrationSupport

JUNIT.RPL5

Do not use JUnit 4 annotations when migrating tests to JUnit 5

JUNIT.TDIR

Do not use the TemporaryFolder Rule in JUnit 5 tests

SECURITY.UEHL.DCEMSL

Avoid untrusted input when logging messages with Seam Logging API

SECURITY.WSC.BUSSB

Prevent external processes from blocking on output or error streams

SECURITY.WSC.PBRTE

Always specify absolute paths to execute commands

SERIAL.VOBD

Validate objects before deserialization

SPRING.DCSRFJAVA

Do not disable CSRF protection

SPRING.DCSRFXML

Do not disable CSRF protection

SPRING.REQMAP

Ensure that methods annotated with @RequestMapping specify the HTTP request method

they call

In addition, we've added a NOMCIM metric to calculate the number of method calls in methods.


The following static analysis rules have been updated to improve analysis results:

  • BD.SECURITY.TDFNAMES
  • CODSTA.BP.NTX
  • FORMAT.CBRACE
  • FORMAT.LL
  • GC.OSTM
  • GLOBAL.ACD
  • JUNIT.AEAT
  • JUNIT.ANAT
  • JUNIT.ANBA
  • JUNIT.ASAT
  • JUNIT.ASSERT
  • JUNIT.AST
  • JUNIT.CBA
  • JUNIT.DIR
  • JUNIT.ETCTA
  • JUNIT.FAIL
  • JUNIT.FICB
  • JUNIT.ISMTC
  • JUNIT.MAIN
  • JUNIT.OSIC
  • JUNIT.OSUM
  • JUNIT.OTDM
  • JUNIT.SIA
  • JUNIT.SIFN
  • JUNIT.TATC
  • JUNIT.TEST
  • JUNIT.UPJT
  • NAMING.NTEST
  • PB.TYPO.EB
  • SECURITY.WSC.ASAPI
  • SECURITY.WSC.DMDS
  • SECURITY.WSC.ICA
  • SECURITY.WSC.SL
  • SECURITY.WSC.STREP
  • TRS.ISTART
  • TRS.UCM

The severity level of the following rules has been changed:

  • SECURITY.WSC.ASAPI – severity 5 has been increased to severity 3

The output messages of the following rules have been updated, and as a result, suppressions associated with these rules on DTP may no longer be available:

  • BD.PB.CHECKRET

  • JUNIT.AEAT

  • JUNIT.ANAT

  • JUNIT.ASAT

  • JUNIT.FAIL
  • JUNIT.OSUM
  • JUNIT.OTDM
  • SECURITY.WSC.ASAPI
  • TRS.ISTART

Resolved Bugs and FRs

Bug/FR IDDescription
JT-70763Request to have FORMAT.MCH rule implemented in Jtest 10.x
JT-70857Document with Deprecated Rules
JT-71241Review why not existing exit code 137 is beeing reported
JT-71244Dependencies not found when importing as virtual folder
JT-71273Empty test scope for project imported to IntelliJ with "Create separate module per source set" option
JT-71381Lack of problem details in parasoft console during unsuccesfull launching pre/post analysis script
JT-71382jtestcli.bat is not able to obtain license from DTP when executed via Eclipse runner
JT-71397Extend FORMAT.LL rule to treat tab the same way like editor does
JT-71592Error message when project.location path doesn't exist
JT-71830NumberFormatException in GLOBAL.ACD rule in ACD.java
JT-71831ArrayIndexOutOfBoundsException: 0 in PB.EB rule
UTA-3956Test classes not created due to naming conflict
UTA-4459   Spring MVC test uses constant name instead of value.
UTA-4511 Don't mock calls to getClass or toString
UTA-4529 Recommendation instability due to dumb mode.
UTA-4529Annotation values are not fully supported by UTA syntax tree.
UTA-4554Performance issue with decompiling classes during test case creation.
XT-36609£ character in password prevents Parasoft tool from connecting to DTP
XT-36611Publishing sim-link source code using 'min' option failed
XT-36843Concurrent builds which use cpptestcli do not wait for timeout when trying to pull license
XT-36950Update vulnerable libraries from XML Graphics Project
XT-37358100% not being displayed in reports when achieving 100% test success

  • No labels

Need assistance? Visit our support page