For information about new features added in InstallShield 2018 Express Edition, refer to the following sections:
| • | Perform Open Source Risk Assessment with FlexNet Code Aware |
| • | Set Forms Authentication on Web Applications |
Perform Open Source Risk Assessment with FlexNet Code Aware
InstallShield now includes full integration with FlexNet Code Aware, an automated open source risk assessment and package discovery solution that enables you to quickly scan your products for security and intellectual property (IP) compliance risk.
| • | Supported File Types |
| • | Running FlexNet Code Aware |
| • | Reading the FlexNet Code Aware Report |
| • | More Information |
FlexNet Code Aware supports analysis of the following files:
| • | Java Packages |
| • | Node Packages |
| • | Nuget Packages |
| • | RPM Packages |
| • | Ruby Packages |
| • | EXE & DLL Files |
Security vulnerabilities are looked up against the National Vulnerability Database (NVD).
FlexNet Code Aware is part of InstallShield and no activation ID is required to activate it.
To run FlexNet Code Aware from within InstallShield, click Scan Project using FlexNet Code Aware on the InstallShield Project menu or click the FlexNet Code Aware icon on the standard toolbar.
Note • This FlexNet Code Aware menu options are disabled out if you are not currently in an open InstallShield project.
When FlexNet Code Aware completes the scan of your project, the Results Summary view opens, displaying the number of files scanned, and the number of open-source packages and vulnerabilities found.
When you click the View Report button, a full report is displayed.
Reading the FlexNet Code Aware Report
When you click View Report on the Results Summary screen, the full FlexNet Code Aware report opens, consisting of an Initial Summary view and a Package Inventory view.
| • | Initial Summary View—The Initial Summary view presents the user with a scan summary, and assessments of operational risk, security vulnerability exposure, and license exposure. The FlexNet Code Aware Initial Summary View displays the following information: |
| • | Scan Summary—This section provides details regarding the codebase that was scanned, including a breakdown of file types, percent of files analyzed, and number of findings. |
| • | Operational Risk—This section provides a composite risk rating based on the combination of packages with Intellectual Property (IP) issues and packages with Security Vulnerabilities. |
| • | Security Vulnerability Exposure and License Exposure—These sections provide a breakdown of the types and categories of identified issues. |
| • | Package Inventory View—The Package Inventory view, available by clicking View full package inventory in the Scan Summary section, provides a complete list of discovered open source and third-party packages with associated licenses, security vulnerabilities, dependencies, and detected copyright statements. |
The Package Inventory view provides filters that you can use to execute targeted queries to refine the list to various package types of interest.
To view additional package details, click a vulnerability count listed in the Vulnerabilities column of the package you want to review. The Vulnerabilities Detail page opens (covering a portion of the Package Inventory view), and displays detailed information on the selected package.
For detailed information on using FlexNet Code Aware, see Using FlexNet Code Aware to Perform Open Source Risk Assessment.
Set Forms Authentication on Web Applications
InstallShield 2018 Express Edition includes a new option to set forms authentication on web applications. This new option, Forms Authentication, is displayed under the Authenticated Access section of the Internet Information Services view for a Web site.
Set the Forms Authentication option to Yes to enable forms authentication. ASP.NET forms-based authentication works well for sites or applications on public Web servers that receive many requests. This authentication mode lets you manage client registration and authentication at the application level, instead of relying on the authentication mechanisms provided by the operating system.
Important • Forms authentication sends the user name and password to the Web server as plain text. You should use Secure Sockets Layer (SSL) encryption for the Log On page and for all other pages in your application except the Home page.
Enhancements
InstallShield 2018 Express Edition includes the following enhancements:
| • | Include the Value of a Property in a Product Configuration’s Setup File Name |
| • | New MSBuild Parameters to Set Summary Information Stream Comments and to Set Package File Name |
| • | Additional Prerequisites Included |
Include the Value of a Property in a Product Configuration’s Setup File Name
In InstallShield 2018 Express Edition, you can now include the value of a property from the Property Table in product release setup and package file names.
For example, you could enter any of the following properties in the Setup File Name or MSI Package File Name field on the General tab of the Releases > Express view:
setup[ProductVersion]
setup[CustomVersion]
setup[ProductCode]
setup[ProductCode][ProductVersion]
If you entered setup[ProductVersion] in the Setup File Name field, it would result in a setup named setup14.10.1234.exe, for example.
New MSBuild Parameters to Set Summary Information Stream Comments and to Set Package File Name
In InstallShield 2018 Express Edition, new MSBuild parameters were added to enable you to set add comments to an installer and to set the package file name of an installer.
| • | New Parameter to Set Summary Information Stream Comments |
| • | New Parameter to Set Package File Name |
New Parameter to Set Summary Information Stream Comments
You can add comments to an installer in the Summary Information Stream Comments field on the General Information view.
In InstallShield 2018 Express Edition, you also have the option of entering comments at build time. A new parameter has been added to the MSBuild.exe task, named SummaryInfoComments, to set the Summary Information Stream comments at build time, such as including the build number, as shown in the following example:
MSBuild.exe c:\installers\Setup.sln /Property:SummaryInfoComments="Insert Comments Here"
The comments that are added using the SummaryInfoComments property can be viewed on the Properties dialog box of the built installer.
New Parameter to Set Package File Name
You can specify the package file name of an installer in the MSI Package File Name field on the General tab on the Releases > Express view.
In InstallShield 2018 Express Edition, you also have the option of setting the package file name at build time. A new parameter has been added to the MSBuild.exe task, named MSIPackageFileName, to set the package file name of the built installer at build time, as shown in the following example:
MSBuild.exe c:\installers\Setup.isproj /Property:MSIPackageFileName="MySetup"
When entering the value for the MSIPackageFileName parameter, you need to enter the file name—without the period or the file extension—that InstallShield should use for the .msi file.
Additional Prerequisites Included
InstallShield 2018 Express Edition includes the following additional prerequisites:
| • | Visual C++ 2017 x86 and x64 Prerequisites |
| • | Microsoft SQL Server 2014 SP1 and SP2 Prerequisites |
| • | Microsoft .NET Framework 4.7 Prerequisite |
Visual C++ 2017 x86 and x64 Prerequisites
Because Microsoft Visual Studio 2017 has been released, InstallShield now includes the prerequisites for Visual C++ 2017 x86 and x64.
Microsoft SQL Server 2014 SP1 and SP2 Prerequisites
Because Microsoft SQL Server 2014 has had 2 Service Packs released, InstallShield now includes the prerequisites for both Microsoft SQL Server 2014 SP1 and SP2.
Microsoft .NET Framework 4.7 Prerequisite
In InstallShield 2018 now includes a prerequisite for Microsoft .NET Framework 4.7.
In InstallShield 2018 R2, you can now add pre-defined install conditions for .net 4.7:
| • | 4.7 |
| • | 4.7.1 |
| • | 4.7.2 |
InstallShield 2019 Express Edition Help LibraryApril 2019 |
Copyright Information | Flexera |