Resolved Issues
The following issues were resolved in the Code Insight 2024 R1 release.
|
Issue |
Description |
||||||
|
SCA-11520 |
Review policies were not being applied as expected during rescans and other events. This has been resolved with the following new features that automatically apply policy:
|
||||||
|
SCA-37347 |
Certain users (including Microsoft Azure SSO users) were receiving the message “Error Validating SAML” whenever they attempted to log in through SS0. This issue has been resolved with an enhancement that forces SSO authentication during login. See Support for Forcing SSO Authentication. |
||||||
|
SCA-45800 |
A Copy Project operation that used (as its source) a codebase synchronized to Code Insight through a Subversion instance was creating two sets of codebase files on the target project. This issue has been resolved. |
||||||
|
SCA-43625 |
Server shutdowns occurred when simultaneous custom-component indexing and searching were taking place. This issued has been fixed as part of the SCA-50663 resolution (shown later in this list). |
||||||
|
SCA-49410 |
The README for the Audit Migration tool has been corrected to reflect the appropriate instructions for the latest version of the Migration tool. |
||||||
|
SCA-50663 |
Performing multiple Edit or Add operations on custom components could cause the Code Insight Core Server to fail with a Java Runtime Environment error. This issue has been resolved. |
||||||
|
SCA-50872 |
Previously, when a transitive scan was run on a codebase, dependency inventory for one or more specific packages in the codebase were not always not listed in scan results. (However, when a scan was run on an individual package, the dependencies were listed.) This issue has been resolved. |
||||||
|
SCA-50947 |
When a user removed a dependency from a manifest file (or removed the file itself) in a codebase that had been scanned by a remote agent plugin, the results of a rescan could still show the inventory item and its associated file. This issue has been resolved. |
||||||
|
SCA-51135 |
Previously, after a new ALM instance was saved on the ALM tab on the Administration page and the page then refreshed, the instance might no longer be visible on the tab nor be available for selection on the ALM Settings tab in projects. This issue has been resolved. |
||||||
|
SCA-51393 |
The issue with a rescan not detecting inventory in a newly added manifest file has been resolved. |
||||||
|
SCA-51424 |
Tomcat has been upgraded to version 9.0.84 to address security vulnerabilities associated with the previous version used by Code Insight. See also Tomcat Upgrade. |
||||||
|
SCA-51504 |
Rescanning two identical files in the same codebase could create duplicate inventory. This issue has been resolved by ensuring that a full rescan yields the same results a first-time scan. (However, an incremental rescan on identical files can still result in duplicate inventory.) |
||||||
|
SCA-51609 |
Previously, the fact that Code Insight (as a Service Provider) did not sign SAML requests conflicted with the security policy of some customer organizations. Code Insight now supports the optional configuration to sign SAML requests sent to the Identity Provider. See Code Insight Support for Signing SAML Requests. |
||||||
|
SCA-51631 |
Dependencies were not being reported from all manifest files during a scan on codebase synchronized to the Scan Server through a Git instance. This issue has been resolved. |
||||||
|
SCA-51656 |
Scans did not complete due to an exception that occurred during the resolution of dependencies in the automated analysis. This issue has been resolved. |
||||||
|
SCA-51659 |
Instructions for configuring Code Insight as a Windows service have been corrected in the “Running Code Insight as a Service” section of the Code Insight Installation & Configuration Guide. |
||||||
|
SCA-51664 |
The Get project inventory and Get details of an inventory REST API no longer fail when inventory is associated with alerts that have no mapping to vulnerabilities. |
||||||
|
SCA-51670 |
No error message was being produced when REST API failed due to the problem described in SCA-51664 (see the previous issue listed). The resolution of SCA-51664 fixed this issue as well. |
||||||
|
SCA-51821 |
The Get Inventory Summary of the Project API has been enhanced to fetch the SPDX ID or short name for licenses. |
||||||
|
SCA-51829 |
The TLS-version error that occurred when Code Insight attempted to send email notifications has been resolved. |
||||||
|
SCA-52135 |
Instructions in the “Enabling an HTTPS Connection” section of the Code Insight Installation & Configuration Guide have been updated to reflect the correct Connector protocol information for the SSL certificate, as listed in the server.xml file. |