Release Notes - 2.3
2.3.3-funcrel
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 48750 | An update was made to the description section of the rule "Avoid using Javascript Function constructor" (1020066) concerning security and code injection.. |
| 48943 | Fixes an issue causing service objects using "react-io" to fail to be resolved. |
Other Updates
| Details |
|---|
| An update to support inclusion of .js files in .jsp files when .js references are in parameters. |
| An update to support "lodash/get" for link resolution. |
| An update to support the analysis of the files "package-lock.json", "yarn.lock" and "npm-shrinkwrap.json" (see documentation). |
| An update to support "wretch" (see documentation). |
| Fixes an issue causing missing Razor method call objects. |
| Fixes an issue causing a missing link between Razor Method call objects and .NET controller action objects. |
| Fixes an issue causing missing Razor method call objects when ternary if expression is present. |
| Fixes an issue causing the analysis to fail. |
| Fixes an issue causing the analysis to run in an infinite loop. |
| The filters.json file has been updated to ensure that libraries, tests or minified/empty css files are automatically skipped. |
Rules
| Rule Id | New Rule | Details |
|---|---|---|
| 1020066 | FALSE | Description update (see 48750 above). |
2.3.2-funcrel
Other Updates
| Details |
|---|
| Fixes an error introduced in v. 2.3.1-funcrel: missing Razor method call object on "dynamodb" sample. |
2.3.1-funcrel
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 48589 | Fixes an issue causing a missing link between WMCommonHeader.jsp file and included JSP files. |
Other Updates
| Details |
|---|
| Fixes an issue causing missing links from .asp pages to database tables when the log message "HTML5-044 A problem occurred when parsing vbscript code" is present in the analysis log.. |
| Fixes an issue where resource service objects computed from strings containing html code with "href=" inside are often not correct. |
| Fixes an issue causing a missing vendor property for HTML5 SQL Query objects. |
Rules
| Rule Id | New Rule | Details |
|---|---|---|
| 1020082 | FALSE | Updates the rule "Avoid undocumented Functions" to change the scope to include methods and constructors as well as functions. |
2.3.0-funcrel
Resolved Issues
| Customer Ticket Id | Details |
|---|---|
| 48221 | Fixes an issue causing incorrect links to all JavaScript functions that have the same name, instead of the one referenced in the HTML5 header. |
New Support
| Summary | Details |
|---|---|
| Support C/S links from ASP pages using ADODB COM component | See documentation: https://doc.castsoftware.com/technologies/web/html5-js/com.castsoftware.html5/2.3/notes/#support-for-adodb-in-aspaspx-files. |