Changes in results post upgrade - 8.3.32

Summary: this page lists:

  • Impacts of changes made to AIP Core 8.3.32 on Quality Model results post upgrade
  • Other impacts of changes made in AIP Core 8.3.32

All changes in results related to extensions are now listed in the extension documentation and will not appear in this page.

Impacts of changes made in AIP Core 8.3.32 on Quality Model results post upgrade

JEE

LOC values and Commented-out Code Lines/Code Lines ratio (% of LOC) - 7128

A fix applied in 8.3.32 will cause a decrease in LOC values for the JEE technology when analyzing unchanged source code with this release of AIP Core: in previous releases, LOC values for anonymous classes, inner classes and enums defined in classes were incorrectly counted twice. This change will also impact the results produced by the measure "Commented-out Code Lines/Code Lines ratio (% of LOC) - 7128".

Other impacts of changes made in AIP Core 8.3.32

Maven discoverer

The Maven discoverer provided in AIP Core now supports the following two Maven plugins:

As a result of this change, re-delivering and re-analyzing unchanged source code may mean that new code is analyzed that was not in previous releases of AIP Core: impacts ti sizing metrics, links and rules may be visible.

Oracle Forms and Reports

Oracle Reports and procedure objects

A bug that caused procedure type objects to not be resolved from Oracle Report files has been fixed in this release. As a result of this change, re-analyzing unchanged source code may mean that new procedure objects are resolved that were not resolved in previous releases.

User Input Security

New framework support

The User Input Security feature now supports several new frameworks as listed in the 8.3.32 Release Notes. As a result of this improvements, re-analyzing unchanged source code may mean that new violations are discovered that were not visible in previous releases.

Change of classification of some entry points

ASP.Net MVC and Struts2 entry points were tagged internally as "Network.input" in previous releases of AIP Core, however, these entry points are now classed as "Network.inputAPI". As a direct result of this change, violations found using these entry points will be classed as "violations through API". This change may impact analysis results when re-analyzing unchanged source code with this release of AIP Core: some rules will have less violations, others will have more.