Content matrix
| Version | Summary of content | Comments |
|---|---|---|
| 1.13.0 |
| Can be used with:
|
Component documentation
1.13.0-funcrel
Resolved issues
No customer bugs reported for fix in this release.
Updates
Report Generator CLI tool updates
CLI tool name change
The Report Generator CLI tool has been renamed in ≥ 1.13.0 as follows, therefore you should update any batch files that you routinely use:
| Previous name | New name |
|---|---|
| CastReporting.Console.exe | CastReporting.Console.Core.exe |
Return codes updated
CLI tool return codes have been updated in ≥ 1.13.0 to show positive numbers instead of negative:
| Previous code | New code | |
|---|---|---|
| 0 | 0 | Report successfully generated |
| -1 | 1 | Bad arguments given to the Report Generator |
| -2 | 2 | Web service cannot be accessed or is badly configured |
| -3 | 3 | Report failed |
1.13.0-beta2
Resolved issues
No customer bugs reported for fix in this release.
Updates
Microsoft Excel compliance report improvements
Microsoft Excel compliance reports have been improved in comparison to the same reports provided in beta1.
Custom Expressions
The CUSTOM_EXPRESSIONS parameter added for various components types in 1.12.0 have been updated and now function correctly when any language is selected in the GUI using Settings > Language.
Table component updates
- QUALITY_STANDARDS_EVOLUTION, options added:
- EVOLUTION=true|false to display added and removed violations columns. By default or if it does not exist, this is set to true if there is a previous snapshot.
- HEADER=NO to not display headers (useful for Excel reports when you want to define your own customized headers). By default if the option is not present or set to something other than NO, headers are displayed.
- LIST_RULES_VIOLATIONS_BOOKMARKS, options added:
- WITHCODELINES = Y|N, by default (or option not present) source code is displayed, if you don’t want to see it, set this option to N.
- HEADER=NO to not display headers (useful for Excel reports when you want to define your own customized headers). By default if the option is not present or set to something other than NO, headers are displayed to not display source content.
- QUALITY_TAGS_RULES_EVOLUTION, options added:
- DESC=true|false. For display rationale, description and remediation of the rule. By default or if it does not exist, it is set to false.
- HEADER=NO to not display headers (useful for Excel reports when you want to define your own customized headers). By default if the option is not present or set to something other than NO, headers are displayed.
- RULE_IMPROVEMENT_OPPORTUNITY, options added:
- CRITICAL=Y|N - add this option to add a column displaying whether the rule is flagged as critical or not
- RULES_LIST_STATISTICS_RATIO, options added:
- DESC=true|false. For display rationale, description and remediation of the rule. By default or if it does not exist, it is set to false.
- HEADER=NO to not display headers (useful for Excel reports when you want to define your own customized headers). By default if the option is not present or set to something other than NO, headers are displayed.
- EVOLUTION=true|false to display added and removed violations columns. By default or if it does not exist, this is set to true if there is a previous snapshot.
New table components
- LIST_RULES_VIOLATIONS_BOOKMARKS_TABLE for Excel reports to list violations with bookmarks without source code for a list of rules by Business Criteria/Technical Criteria/Rule/Quality Standards tags.
- METRICS=List of metrics id (Business Criteria, Technical Criteria or Rule) or quality standards tags separated by ‘|’.
- CRITICAL=true : add this option if you have selected a Business Criteria or a Technical Criteria and want only critical rules to be selected (by default this is set to false). This option has no effect on selection by rule or quality standard tag.
- COUNT=N where N indicates the top number of violations ; by default 5 (-1 correspond to all violations). All bookmarks of a violation are displayed.
- HEADER=NO to not display headers (useful for Excel reports when you want to define your own customized headers). By default if the option is not present or set to something other than NO, headers are displayed.
1.13.0-beta1
Resolved issues
No customer bugs reported for fix in this release.
Updates
.NET Core 3.0.x required
This release of Report Generator and Report Generator for Dashboards require a manual installation of .NET Core 3.0.x (minimum)
| Application | Minimum SDK or runtime required? | Notes |
|---|---|---|
| Report Generator | .NET Core 3.0.x SDK | The .NET Core 3.0.x SDK should be manually installed BEFORE or AFTER running the Report Generator setup installer (the setup installer will not install this for you). See CAST Report Generator - Installation process for more details. |
| Report Generator for Dashboards | .NET Core 3.0.x runtime | Previous releases of Report Generator for Dashboards already required the .NET Core 2.0.x runtime, therefore if the .NET Core 3.0.x runtime is not already present on the machine, this new release of .NET Core must be installed before using Report Generator for Dashboards. See CAST Report Generator - CAST Report Generator for Dashboards for more details. |
Future releases of CAST Report Generator / Report Generator for Dashboards will require .NET Core 3.1.x due to the end-of-life of .NET Core 3.0.x scheduled for 3rd March 2020, therefore CAST recommends installing .NET Core 3.1.x to avoid the need to re-install .NET Core in the future.
Note that if Report Generator GUI does not launch, or a .NET error message is displayed when attempting to launch it, this usually means that the required release of .NET Core is not installed on the machine (either nothing is installed at all, or the wrong type is installed e.g. runtime vs SDK).
New report templates
New report templates for specific security standards such as CISQ and CWE have been introduced in this beta release for Microsoft Word and Excel specifically to display more violations:
- Microsoft Word templates - violations limited to 50 in this beta. These reports are typically named "Detailed Report", e.g.: CISQ Detailed Report.docx
- Microsoft Excel templates - all violations displayed. These reports are typically named "Full Detailed Report" e.g.: CISQ Security Full Detailed Report.xlsx.
With regard to the Microsoft Excel report templates listed in this release:
- these templates are not the final version that will be delivered in 1.13.0-funcrel - they will undergo further work and improvement.
- when using these Microsoft Excel templates on Applications containing a significant number of violations, processing time may also be significant. In some cases, you may need to increase:
- the timeout setting for the RestAPI (set to 15 minutes by default)
- the timeout setting for Report Generator actions (set to 10 minutes by default)
The following table lists all the templates available in this release. The column Comments provides information about the changes applied:
| Location | Report Name | CAST-RestApi minimum version | Quality Standard Mapping extension minimum version | Comment |
|---|---|---|---|---|
| Portfolio\Portfolio component library | 1- Portfolio-Powerpoint-components-library.pptx | 1.8.0 | N/A | |
| Portfolio\Portfolio component library | 2- Porftolio-Word-components-library.docx | 1.8.0 | N/A | |
| Portfolio\Portfolio component library | Portfolio Generic Graph Definition.docx | 1.10.0 | 20181030 | |
| Portfolio\Portfolio component library | Portfolio Generic Table Definition.pptx | 1.10.0 | 20181030 | |
| Application\Component library | 1- Powerpoint-components-library.pptx | 1.12.0 | 20190909 | |
| Application\Component library | 2- Word-components-library.docx | 1.12.0 | 20190909 | |
| Application\Component library | 3- Excel-components-library.xlsx | 1.12.0 | 20190909 | |
| Application\Component library | Generic Graph Definition.docx | 1.10.0 | 20181030 | |
| Application\Component library | Generic Graph Definition.pptx | 1.10.0 | 20181030 | |
| Application\Component library | Generic Table Definition.docx | 1.10.0 | 20181030 | |
| Application\Component library | Generic Table Definition.pptx | 1.10.0 | 20181030 | |
| Application\Compliance reports | CISQ Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | CISQ Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CISQ Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CISQ Security Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | CISQ Security Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CISQ Security Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE (2011) Top 25 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | CWE (2011) Top 25 Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE (2011) Top 25 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE (2019) Top 25 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | CWE (2019) Top 25 Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE (2019) Top 25 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | CWE Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | CWE Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | NIST-SP800-53R4 Compliance Report.docx | 1.12.0 | 20190909 | |
| Application\Compliance reports | NIST-SP800-53R4 Detailed Report.docx | 1.12.0 | 20190909 | New |
| Application\Compliance reports | NIST-SP800-53R4 Full Detailed Report.xlsx | 1.12.0 | 20190909 | New |
| Application\Compliance reports | OMG-ASCQM Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | OMG-ASCQM Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OMG-ASCQM Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OMG-ASCQM Security Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | OMG-ASCQM Security Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OMG-ASCQM Security Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OWASP-2013 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | OWASP-2013 Detailed Report.docx | 1.12.0 | 20190916 | Updated |
| Application\Compliance reports | OWASP-2013 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OWASP-2017 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | OWASP-2017 Detailed Report.docx | 1.12.0 | 20190916 | Updated |
| Application\Compliance reports | OWASP-2017 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | PCI-DSS-V3.1 ComplianceReport.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | PCI-DSS-V3.1 Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | PCI-DSS-V3.1 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OWASP-Mobile-2016 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | OWASP-Mobile-2016 Detailed Report.docx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | OWASP-Mobile-2016 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Compliance reports | STIG V4R8 Compliance Report.docx | 1.12.0 | 20190916 | |
| Application\Compliance reports | STIG V4R8 Detailed Report.docx | 1.12.0 | 20190916 | Updated |
| Application\Compliance reports | STIG V4R8 Full Detailed Report.xlsx | 1.12.0 | 20190916 | New |
| Application\Legacy reports | Assessment-sample1.docx | 1.8.0 | N/A | |
| Application\Legacy reports | Assessment-sample2.docx | 1.8.0 | N/A | |
| Application\Legacy reports | Assessment-Security1.docx | 1.8.0 | N/A | |
| Application\Legacy reports | Assessment-Security2.docx | 1.8.0 | N/A | |
| Application\Legacy reports | Executive-summary.docx | 1.8.0 | N/A | |
| Application\Legacy reports | Executive-summary-sample1.pptx | 1.8.0 | N/A | |
| Application\Legacy reports | Executive-summary-sample2.pptx | 1.8.0 | N/A | |
| Application\Sizing reports | AEP-sample-Template.xlsx | 1.9.0 | N/A | |
| Application\Sizing reports | Function-points-sample.xlsx | 1.8.0 | N/A | |
| Application\Legacy reports | Result-presentation-fr-sample2.pptx | 1.8.0 | N/A | |
| Application\Legacy reports | Result-presentation-sample1.pptx | 1.8.0 | N/A |
