Content matrix
| Version | Summary of content | Comments |
|---|---|---|
| 1.12.0 |
| Can be used with:
|
Component documentation
Resolved issues
No customer bugs reported for fix in this release.
Template updates
New templates
- CWE (2019) Top 25 Compliance Report.docx
- CWE Compliance Report.docx (Contains latest CWE_LATEST_VERSION)
- OMG-ASCQM Compliance Report.docx
- OMG-ASCQM Security Compliance Report.docx
- OWASP-Mobile-2016 Compliance Report.docx
Removed templates
The following templates have been removed in 1.12.0:
- CISQ - Top 22 - Summary.docx
- CISQ Compliance Report.docx
- CWE - Top 25 - Summary.docx
- NIST-SP800-53R4-Summary Report.docx
- PCI-DSS-V3.1-Summary Report.docx
- STIG V4R8 Standards- Summary Report.docx
- STIG V4R8 Standards-DetailedReport.docx
Renamed templates
The following templates have been renamed:
Previous name | Name in 1.12.0 | Notes |
|---|---|---|
| CISQ Compliance Report v2.docx | CISQ Compliance Report.docx | - |
| CWE Compliance Report.docx | CWE (2011) Top 25 Compliance Report.docx | Requires Quality Standards Mapping extension v. ≥ 20190916, and CAST-RESTAPI ≥ 1.12.0. |
| OWASP-2013-Top10 - Summary.docx | OWASP-2013 Compliance Report.docx | - |
| OWASP-2017-Top10 - Summary.docx | OWASP-2017 Compliance Report.docx | - |
| OWASP-2013-Top10 - Detailed.docx | OWASP-2013 Detailed Report.docx | - |
| OWASP-2017-Top10 - Detailed.docx | OWASP-2017 Detailed Report.docx | - |
| STIG V4R8 Standards Compliance Report.docx | STIG V4R8 Compliance Report.docx | Updated with new components. |
| STIG V4R8 Standards Detailed Report.docx | STIG V4R8 Detailed Report.docx | Updated with new components. |
Template re-organization
Templates provided with Report Generator have been re-organized and categorized so that it is easier to find the required template. Templates are stored in the same location (%PROGRAMDATA%\CAST\ReportGenerator\<version>\Templates) as in previous releases, but the folder structure has changed as follows:
This change is also reflected in the GUI:
Adding custom templates
As in previous releases of Report Generator, you can add your own custom templates to the default storage location (see CAST Report Generator - Templates and output options) however, you must ensure that these are stored in any of the following locations so that they can be found by Report Generator:
Any default or custom folder/subfolder of: %PROGRAMDATA%\CAST\ReportGenerator\<version>\Templates\Application %PROGRAMDATA%\CAST\ReportGenerator\<version>\Templates\Portfolio %PROGRAMDATA%\CAST\ReportGenerator\<version>\Templates\zh_CN\Application %PROGRAMDATA%\CAST\ReportGenerator\<version>\Templates\zh_CN\Portfolio
If you update the location where templates are stored (see CAST Report Generator - Templates and output options), please ensure that you store the templates in a folder hierarchy starting with Application or Portfolio - if not, the Report Generator will not be able to find the custom templates. For example, if the new template storage location is set to:
D:\CAST\Templates
Then you should ensure that you create a folder hierarchy starting with Application or Portfolio. Templates can then be stored in any subsequent folder/subfolder, for example:
D:\CAST\Templates\Application\My Compliance Templates D:\CAST\Templates\Portfolio\My Other templates D:\CAST\Templates\zh_CN\Application D:\CAST\Templates\zh_CN\Portfolio
New components for templates
LIST_TAGS_DOC_BYCAT - new table component
This new table component displays a list of quality tags "applicability" by quality standard category. See Table components for Report Generator 1.12.0 for full details of the component. For example:
CUSTOM_EXPRESSIONS
CUSTOM_EXPRESSIONS have been added for various components types based on axis:
Configuration:
- CUSTOM_EXPRESSIONS=a/b|c/d=a/b|(c+d)/2, (operators can be +, -, *, / , (, ) ), list of custom expressions separated by |
- PARAMS=SZ a SZ b QR c QR d, (SZ for sizing measure, QR for quality rule, BF for background fact)
- a=MetricId, (sample 67211 – all violations)
- b=MetricId, (sample 10151 – number of code lines)
- c = MetricId, 60013 for Robustness
- d = MetricId, 60014 for Efficiency
- FORMAT=N0 | N2 (N2 by default, if nothing or erroneous format is set), the first format is associated to the first custom expression, etc.
For example, a table to monitor custom expressions. The following configuration will give for each module the average grade of two business criteria and a ratio between sizing metrics:
TABLE;GENERIC_TABLE;COL1=CUSTOM_EXPRESSIONS,ROW1=MODULES,SNAPSHOTS=CURRENT,CUSTOM_EXPRESSIONS=(a+b)/2|c/d,PARAMS=QR a QR b SZ c SZ d,a=60013,b=60014,c=67211,d=10151,MODULES=ALL
Changes to existing components for templates
TOP_COMPONENTS_BY_PROPERTIES - table component update
Four new parameters have been added to this table component:
- LOWER1=value : result or prop1 should be lower than value
- LOWER2=value : result or prop2 should be lower than value
- GREATER1=value : result or prop1 should be greater than value
- GREATER2=value : result or prop2 should be greater than value
When using LOWER and GREATER parameters, the ORDER parameter can be overridden to get the most accurate components corresponding to the request.
As the filter can only be executed after requesting data from the RestAPI, the list may be truncated. So using the option NBSET defines the number of objects returned from the RestAPI before the filtering and the limitation of display (COUNT) is set to 500 by default, to avoid long response times.
