Resolved Issues
The following issues have been resolved in this release:
|
Issue |
Summary |
|
SCA-6110 |
Ability for users with any permissions to delete pending, approved, or rejected requests using the workflow/deleteRequest REST API. However, request deletions should be restricted to draft requests only and performed only by the request owner. |
|
SCA-10373 |
No detection of transitive dependencies for NPM and first-level and transitive dependencies for Nuget when Code Insight runs in proxy mode. |
|
SCA-17249 |
Enhancement: New report option to ignore empty inventory during report generation for those reports that show inventory. See Option to Ignore Empty Inventory in Report. |
|
SCA-20843 |
Creation of projects with same name erroneously occurring when different users simultaneously copy the same project. |
|
SCA-22052 |
Custom remap script not updating the PAS_ITEM table with component and component version remaps. |
|
SCA-22312 |
Documentation enhancement: Summary of software development “ecosystems” supported by CodeAware now available. See Summary of Development Ecosystems Processed by CodeAware for more information. |
|
SCA-22533 |
Issue with POM analyzers bypassing proxy and retrieving dependencies using the direct URL. |
|
SCA-22914 |
Unauthorized access to DWR functions. |
|
SCA-23323 |
False-positive detection for the following licenses: Academic Free License, Xinetd, and Sendmail. Additionally, there is no detection of the X11 license. |
|
SCA-23346 |
Security issues with Tomcat version installed with Code Insight. (To resolve these issues, Code Insight has upgraded from Tomcat 7.0.94 to 7.0.103 in this release.) |
|
SCA-23482 |
Scan failure when a custom security vulnerability is a duplicate of a vulnerability found in the Code Insight Data Library. (The custom vulnerability is not being deprecated.) |
|
SCA-23639 |
Enable Analyzer option not available in the Web UI if Core Server and Scan Server are configured on different machines (even though Analyzer availability is enabled in the scanEngine.properties file on the Scan Server). |
|
SCA-23723 |
Documentation enhancement: Description of the san parameter used in the self-signed certificate generation now included in documentation for Code Insight SSO configuration. See “san” Parameter Description for Generating Self-Signed Certificates in SSO Configuration for more information. |
|
SCA-23820 |
No detection of SunPro license. |
|
SCA-23885 |
Proxy connections failing for Maven packages. |
|
SCA-24156 |
Enhancement: Project Copy now copying custom statuses. |
|
SCA-24163 |
Enhancement: Project export and import now processing custom statuses. |
|
SCA-24234 |
No detection of GPLv3+, OFL-1.1 and CC-BY-4.0 licenses. |
|
SCA-24371 |
Exception occurring when the deleteDraftRequest Java method attempts to delete draft requests associated with a license or component that has a -1 value. (The -1 value represents “I don’t know” for the license and “Could not find component” for the component.) |