Resolved Issues
The following issues are resolved in this release.
|
Issue |
Resolution Notes |
|
SCA-31347 |
Performance has improved when using the /projects API to retrieve a large number of projects. Pagination has been added to the API response as one way of handling a large volume of results. |
|
SCA-31503 |
Error messaging has improved for SSO sign-in errors. Instead of a default 405 Tomcat error, the message now direct users to a contact for assistance. |
|
SCA-32039 |
Attempts to drag-and-drop a group of files to associate them with inventory in Analysis Workbench was resulting in an error and causing subsequent file operations to hang. The error occurred especially after using the Filter to Selected Files option to filter to desired files. This issue is now resolved. |
|
SCA-33194 |
Line breaks are now retained in the Project and Audit reports. |
|
SCA-37067 |
The /project/inventory REST API no longer fails with an “Unable to parse unicode value” message when attempting to retrieve Notices or As-Found License text for inventory. |
|
SCA-37099 |
The project page is now properly refreshed once the project-branching process has completed. |
|
SCA-37384 |
All project inventory is now imported during the branch process. Previously, unpublished inventory was overwriting published inventory. The order in which published/unpublished inventory is imported has been modified to help address this issue. |
|
SCA-37668 |
The missing proxy property (http.nonProxyHosts) is now available in proxy configuration to identify those hosts that the Scan Server should access directly—that is, not through the proxy. |
|
SCA-37879 |
Issues that caused discrepancies between the number of security vulnerabilities recorded in remote scan-agent logs and the number shown in the Web UI have been resolved. |
|
SCA-38007 |
The Gradle File Analyzer is now properly handling proprietary code, creating it as a Work in Progress inventory item and giving it the name of the rootProject or the project root folder. |
|
SCA-38770 |
Gradle dependencies from the buildscript tag are no longer detected. |
|
SCA-38771 |
The false positive reporting of androidx.annotation as inventory is now resolved. |
|
SCA-39010 |
Previously, in the Analysis Workbench, inventory was not properly filtered if a user first filtered files by right-clicking inventory and selecting Show Inventory Files and then attempted to filter inventory by right-clicking a file in the File Search Results pane and selecting Show file inventory. This issue has been resolved. |
|
SCA-39013 |
The right-click option in File Search Results to mark a file as reviewed or not reviewed is now working properly. |
|
SCA-39081 |
The right-click option Show file evidence in the File Search Results pane is now working properly. |
|
SCA-39284 |
The dependency jsch is now reported with the correct forge. |
|
SCA-39336 |
Issues with loading projects after upgrading to 2021 R3 have been resolved. |
|
SCA-39352 |
The Tomcat version installed with Code Insight 2022 R1 resolves the Tomcat vulnerability issues. |
|
SCA-39372 |
Previously, the Show file inventory right-click option for files was not filtering inventory properly unless you performed the right-click operation from the File Search Results pane only. This issue is now resolved. Inventory is properly filtered when you select Show file inventory from either the Codebase Files pane or the File Search Results pane. |
|
SCA-39480 |
The log4j vulnerability issues have been resolved with an upgrade of log4j to the latest version. |