This version introduces new and updated support on the latest versions of Apex, using the latest CxSAST engine technology.
To introduce queries changes that work on top of this Hotfix, it is mandatory to install CP 12. For more information about the queries, see Content Pack Version - CP.18.104.22.16821.
The new APEX support includes a new flow calculation algorithm. When working with APEX and additional languages in the same project, the accuracy of the results for the additional languages might be slightly effected. To prevent these changes you can split the projects between APEX and the rest of the languages or disable the new flow algorithm. To learn how to disable the new flow please contact support.
The following frameworks are now supported:
Updated support for the following frameworks (both created by Salesforce):
The Visualforce Framework includes a tag-based markup language, similar to HTML, and a set of server-side “standard controllers” that make basic database operations, such as queries and saves, very simple to perform.
The Lightning Component Framework (commonly called Lightning) is a UI framework for developing single page applications.
|Additional fixes introduced in this HF:|
|Engine improvements to prevent unfinished scans when scanning Java projects with several XML files.|
Improvements in log information, such as indicating in the scan log when large files, which exceed the maximum limit, are excluded from the scan.
Improvements in VUE.JS parsing support.
Implemented several COBOL improvements and support for MicroFocus extensions.
Several improvements have been made for Swift parsing.
Missing Japanese query descriptions have been added.
|Improvements in the query hierarchy mechanism according to the teams.|
|Improvements to the incremental scans using ActiveMQ are preventing unfinished scans.|
|Implemented several improvements in the Query Security mechanism.|
|Improvements in the installer to fix installation directory locations when SAST is installed on a non-default drive.|
|Added support in ASP and PHP for files with .inc extension.|
Improvements in C++, allowing the scans to complete successfully.
|XML mapping improvements in MyBatis.|
|Improvements in type casting handling in VB6.|
|Engine Improvements for preventing unfinished scans when matching regular expression patterns.|
Added a new capability in the CxAudit for easily extracting the source code related to a query. To enable, please refer to the CxAudit Guide.
|Improvements in log files to display the queries name that failed in the security check.|