|
CAST Highlight upgrade notes
CAST Highlight 5.11.13
Release Date: January 10th 2026
|
* Segmentation - Automatic segment calculation when a new application result is created
* Code Readed - Support of proxy options for scan result upload
* Code Reader - Added progress indicator on the discovery step
* SCA (Component Excel Export) - Fixed 'Applications' column so that it is included as a possible filter
* SCA - Fix - Some .NET dependencies were ignored as the technical identifier changed in framework.validated.csv (from 'csproj' to 'dotnet') (#55981)
* SCA - Fix - Relative paths were not supported for Gradle submodules (libraries.gradle) (#56066) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.10
Release Date: December 27th 2025
|
* Code Reader - Fix - Installation issue on Linux (Env::LibInstall module)
* Cloud Maturity - improvement of COBOL blocker "Code Execution : Avoid using GOTO statements in mainframes" (#55869) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.9
Release Date: December 20th 2025
|
* UI - Improved French labels
* Analyzers - Translation of some legacy French log messages
* Application Groupings - Fix - In some cases, deleting a group member was causing display issue in the Portfolio Management screen (#55769)
* Keyword Scan - Incorrect XML configuration was causing display issues (#55121) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.8
Release Date: December 13th 2025
|
* User Roles - New roles are available for users when they enroll (COO, CFO, Enterprise Architect, and Partner-Advisory/Consulting Firm)
* API - New endpoints to ease retrieval of application segments across all segmentations in a single request
* API - Minor fix in the documentation of the new export endpoint (e.g., SBOMs, PPTs, etc.) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.7
Release Date: December 6th 2025
|
* API - The endpoint to generate exports (SBOMs, PPTs, etc.) is documented and part of the public API
* SCA - Improved vulnerability detection for apple/swift-protobuf
* Analyzers - Improved C# analyzer to prevent issues when circular references are found in *.csproj |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.6
Release Date: November 29th 2025
|
* Code Reader - The UI is now available in Spanish, French, German, Portuguese, Chinese, and Japanese!
* SCA - CVE mapping improvement for io.netty component (#55326)
* API - Fix - The 'alerts' endpoint at application level was not correctly filtered on application result status (#55413) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.5
Release Date: November 22nd 2025
|
* AI - Hopefully, final label changes for the Application Briefings feature
* SCA - Support Gradle modules for dependency detection (#54736)
* SCA - Support Maven's <profile> in pom.xml (#54736)
* CLI - Allow the use of --fingerprints option along with --skipUpload to avoid scan errors |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.4
Release Date: November 15th 2025
|
* AI Advisor - Minor branding and wording adjustments
* CLI - Some scans of Docker images were failing due to a new Docker architecture (#55167)
* Code Reader - Some scans were failing when using the user login/password for result uploads (#54697)
* Analyzers - Allow .Net analyses even when no .csproj are found (only packages.config) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.2
Release Date: November 8th 2025
|
* AI Advisor - Generate role-based application summaries, AI service recommendations, and possible next steps
* Code Reader - Support of OSS Dependency Maps for .Net
* Cloud Maturity - Improved in-line documentation of the Cloud Effort estimates to manage expectations from CSPs
* CLI - Additional options to help troubleshoot possible network issues (#54061) |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.1
Release Date: November 1st 2025
|
* Green Impact - Adding support for Ruby technology
* Analyzers - Fix - Invalid bytes in character encoding were the analyzers freeze in some cases (#55018)
* Cloud Maturity - Updated rule documentation for 'Using log to file system' blocker (now platform agnostic)
* SCA - OSS Dependency Map for .Net - Support of .net dependency detections in *.csproj, packages.config & obj/project.assets.json |
|
CAST Highlight upgrade notes
CAST Highlight 5.11.0
Release Date: October 25th 2025
|
* Code Reader - Fix - Added missing properties_template resource for Mac
* SCA - Fix - CVE count in component timelines was not aligned with SCA results (#54493)
* SCA - Fix - CVE count in application trend view was limited to 5 last results (#54526) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.17
Release Date: October 18th 2025
|
|
* Surveys - Surveys are now available at the domain level
* Custom Segmentation - Domain-level survey answers can now be used as a segmentation criterion
* Continuous Improvement Tracker - Obsolescence, License Compliance and Component Security scores are now available
* Keyword Scan - Fix - Non-ASCII characters in source code were causing issues
* Deprecated Technology Detection - Improved technology version detection for Spring Boot in Gradle files (#54525)
* Code Reader - Fix - Installation/Signature improvements for Mac users |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.15
Release Date: October 11th 2025
|
* SCA - Removal of various CVE false positives (#54634)
* Cloud Maturity - Fix - Bookmarks of 'Use_Unsecured_Data_Strings' were not correct (HL2MRI) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.14
Release Date: October 4th 2025
|
* SCA - Vulnerability detection improvement for Ruby's 'activerecord' component (e.g., CVE-2022-44566)
* SCA - IntelliJ SCA pluging fix to support 2025 versions |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.12
Release Date: September 27th 2025
|
* SCA - Fix - SBOM (Excel) export issue (#54556)
* Email notifications - Fix - Reset password notifications were not working in some cases |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.10
Release Date: September 20th 2025
|
* Application Grouping - Default filter is now on Application Groups and Ungrouped Applications
* Application Grouping - Prevent an application to be an Application Group and an Application Group Member at the same time
* SCA - Fix - The 'Trends' tab was not displayed for instances configured for SCA Insights (#54422)
* Cloud Maturity - Improved pattern for "Use of LDAP/AD authentication"
* Analyzers - Technology detection (JDK, .NET) - Fix - Avoid empty version for detected technologies in AppDataDetails.csv |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.9
Release Date: September 13th 2025
|
* Application Grouping - Dashboards are now filtered on Application Groups by default (if any defined)
* Application Grouping - Users can now switch from Application Groups to Application Group Members by using the filters
* Code Reader - The --fingerprints option is now available in ADVANCED SETTINGS under the Software Composition tab
* Code Reader - The --gitType option (for scanning locally-hosted Git repositories) is now available
* Custom Segmentation - Fix - A result viewer of a subdomain couldn't see custom segmentations (#54174)
* Cloud Maturity - Version 7 of .NET has been added as a deprecated version (#53641)
* Technical Debt - The dollar icon has been replaced by the timeclock icon to align with other effort-based estimates (Cloud, Green)
* Software Composition - Performance of the 'Vulnerabilities' tab has been improved when the result pagination is enabled
* Software Composition - The 'Expore Dependencies' button has been moved down the page and renamed (Visualize Dependency Map)
* Software Composition - The 'tool.poetry.group.main.dependencies' section is now taken into account for dependency detection
* Docker CLI - netty component has been upgraded to a safer version
* Exports - Fix - Various improvements in exports to avoid download failures (#54143)
* CLI - Use the 'gzip' option to reduce body size (#54061) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.8
Release Date: September 6th 2025
|
* SCA - Add an option to disable component detection based on fingerprint matching (see
* Application Grouping - Fix - Cloud Maturity and Green Impact blockers were not displayed in the PPT report of an application group (#54165) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.7
Release Date: August 30th 2025
|
* PPT Report - Fix - Missing labels in slides (#54143)
* Code Reader - Scan of locally hosted Git repositories (--gitType)
* Code Reader - Mac binaries are now signed
* Keyword Scan - Fix - Some Keyword Scan confiugrations were failing due to incorrect keyword indexes (HL-3219)
* Analyzers (ObjectiveC/C++) - Improvement of the technology discoverer (HL-3218) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.6
Release Date: August 23rd 2025
|
* Application Grouping - Exclude application groups from scan campaigns, and application group members from survey campaigns
* Monthly Digest - Fix - Consumed application count was incorrect (-1) (#53904) |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.4
Release Date: August 16th 2025
|
* Campaigns - Fix - Campaign launch notifications were not sent (#53959)
* Platform Security - Various security improvements around the API |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.3
Release Date: August 9th 2025
|
* Custom Segmentation - Use count of Cloud & Containerization blocker occurrences as a segmentation criterion
* SAML - Save configuration changes without having to reupload the idP metadata XML file
* Portfolio Advisor for Technical Debt - Fix - Export didn't work (#53761)
* CLI - Support of custom Git urls (i.e., on-premise Git installations) for repository scanning |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.2
Release Date: July 31st 2025
|
* SCA - Fix - Improvement of dependency detection from Packagist in Composer files (e.g., not try to map 'php' in other forges than Packagist)
* SAML - Fix - Issue when SAML configuration use mismatching sensitivity on some element |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.1
Release Date: July 12th 2025
|
| * Cloud Maturity - 15 new blockers inspired by APPCAT rules |
|
CAST Highlight upgrade notes
CAST Highlight 5.10.0
Release Date: July 7th 2025
|
* Cloud Maturity - New AI Cloud Service recommendations for AWS (Amazon Bedrock, SageMaker, and OpenSearch)
* Technical Debt Advisor - Segmentation configuration adjustments for the "Good Debt" segment.
* SCA - Dependency version detection improvement for PHP/Composer (#53313) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.23
Release Date: July 1st 2025
|
* Analyzers - Cloud Maturity support for Terraform
* PPT reports - CAST's new branding
* API - Fix - Use of clientRef on subdomains was not working as expected (#51249)
* Application Grouping - Fix - Technical Debt metrics were not included in the Application Grouping feature (#52308)
* Application Overview - Detected technology versions (.NET, Java, etc.) are now counted and listed
* Custom Segmentation - Fix - Multiple versions of a technology were not well handled (#53105)
* SCA/API - Recrawl request are now sent through an API endpoint instead of email notifications |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.20
Release Date: June 21st 2025
|
* Portfolio Advisor for Technical Debt (requires Business Impact survey and scan with recent version of Code Reader or CLI).
* Snapshot Compare - Added/Modified metrics have been added to snapshot compare (lines of code, software resiliency, agility, elegance) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.19
Release Date: June 14th 2025
|
* SCA - CVE detection improvement for Microsoft Visual Studio (#53015)
* Analyzers / Keyword Scan - Fix - Incorrect CSVs were produced when multiple keyword scan XML files (HL-3119)
* Cloud Maturity - Fixed pattern name in documentation (Use_SecuredProtocolsLib |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.18
Release Date: June 7th 2025
|
* Cloud Maturity - 6 new blocker patterns for Openshift containerization (use of JNA-JNI, RMI, JAX-RPC, etc.)
* SAML - Usability improvement for CAST Highlight administrators (instance certificate status)
* Platform - Component upgrade to remove a recent vulnerability on commons-beanutils |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.17
Release Date: May 31st 2025
|
* API - Segmentations - A new endpoint to return only the application count for a segmentation (WS2/domains/{domainId}/segmentations/{segmentationId}/statistics)
* API - Fix - The aggregated vulnerability endpoint was returning an error (WS2/domains/{domainId}/applications/vulnerabilities/aggregated) (#52830)
* Analyzers - Refined detection for .NET versions (AppDataDetails.csv) (#52579)
* SCA - Fix - SBOM export issue for some cases (#52555)
* Performance - Reworked the last login information in Audit to avoid performance issues |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.16
Release Date: May 24th 2025
|
* CLI - Fix - Git changed the authentication header for private repositories (--gitToken) (#52467)
* SCA - Fix - Snapshot compare having aggregation issues on vulnerabilities (#52727)
* Analyzers - Improved pattern for .NET version detection (added <TargetFrameworkVersion>) (#52579) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.15
Release Date: May 17th 2025
|
* Code Reader (1.2.8) - Users can now sign in with a token only (Easy Authentication) + few fixes on Advanced Authentication
* Code Reader (1.2.8) - Fix - Missing parameters have been added to Advanced Authentication (#52634)
* SCA - Optimized performance for loading portfolio-level vulnerabilities
* SCA - Fix - Some dependencies from Ruby (gemfile.lock) and PHP (composer.lock) were not fully matched |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.13
Release Date: May 10th 2025
|
* Code Reader - .properties can now be imported from the UI to save time in scan configuration
* User Roles - Allow Application Contributors to exclude Cloud Maturity and Green insights
* AppData - Fix - Label for some .NET versions were incorrect (#52579)
* SCA - CVE false positive removals (#52550)
* SCA - Fix - OSS Dependency Map was missing some Poetry.lock dependencies (#52225) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.12
Release Date: April 26th 2025
|
* Code Reader - Last selected result folder is now saved for further scans
* SAML - Managed SP update transition for expiring certificates
* Analyzers - Increased XML parser fault tolerance in case of malformed XML files (#52420) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.11
Release Date: April 19th 2025
|
* Analyzers - .NET, JDK and Spring Boot versions are now extracted during the scan and store in AppDataDetails.csv
* Segmentation - App Data Details (see above) can now be used as criteria of custom segmentations
* Technical Debt - Fixed technical debt calculation for weakComment for the C++ technology
* Application Grouping - Fix - CVE exclusions were not taken into account in the application group aggregation (#51963)
* Code Reader - Fix - Non UTF8-encoded Python dependency files were causing issues in the Code Reader and framework.validated.csv |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.9
Release Date: April 12th 2025
|
|
* Export - Cloud Maturity Excel export doesn't work for some specific applications.
* Analyzers - Java - Parsing algorithm for large XML files was not optimized (#52180)
* Result upload screen - Reworded labels to prevent direct CSV file upload instead of result ZIP file (#51646)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.9.8
Release Date: April 5th 2025
|
* SCA - SBOM's CycloneDX import/export is now 1.6
* SCA - SBSOM's CycloneDX export includes 4 new elements
* Keyword Scan - Fixed issue on the application detail page where keyword scan results were not displayed (#52032)
* Surveys - Fix - Unable to create custom questions (#48306) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.7
Release Date: March 29th 2025
|
* Custom Segmentation - Keyword Scan criteria now support AND/OR expressions
* Snapshot Compare - Fix - Comparison was not possible for specific instance configurations (without SCA insights)
* Surveys - Question and choices can now be created with clientRef |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.6
Release Date: March 22nd 2025
|
* Custom Segmentation - Fix - Support match == false for Keyword Scan results
* SCA - Fix - List of components was not taking excluded components into account
* Cloud Maturity - Refined Cloud Service recommendations for Azure (Atlas DB, Elastic Search)
* User Management - Users with custom home page couldn't be deleted |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.5
Release Date: March 19th 2025
|
* Custom Segmentation - Support LOC of a specific technology as a segmentation criterion (e.g., technology:LOC:JAVA > 10000)
* Custom Segmentation - Fix - Support of Keyword Scan groups with spaces
* Custom Segmentation - Fix - Compute was failing in some cases
* SCA/SBOM - Now indicates in the Dependencies tab the reason why transitive dependencies couldn't be generated |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.4
Release Date: March 15th 2025
|
* Custom Segmentation - Use OSS component names as a segmentation criterion
* Custom Segmentation - Use OSS component count as a segmentation criterion
* SCA - Fix - CVE exlcusions weren't possible from the component table at the application level (#51395)
* Code Reader - Fixed LAUNCH SCAN button from the ADVANCED SETTINGS screen
* Code Reader - Fixed issues on some specific Github/Gitlab repositories
* Partner Mode - Fix - Instance feature configuration was deleted when the partner edited it |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.3
Release Date: March 8th 2025
|
* Custom Segmentation - Extended support of segmentations based on Keyword Scan results (patternGroup)
* Keyword Scan - Empty keyword groups are now filtered out from the dashboards
* Surveys - All CAST standard surveys are now automatically imported in created instances
* AI Advisor - Fix - Workaround the current issue which is OpenAI side (
* Analyzers - Fix an issue on parsing some XML files in the HL2MRI extension |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.2
Release Date: March 1st 2025
|
* AI Advisor - Fix to support new API from OpenAI
* Cloud Maturity - Azure Spring Apps recommendation is now replaced by Azure Container Apps (HLIDEA-472)
* Cloud Maturity - Updated the list of deprecated versions for .NET
* SCA - Fix on CVE count on snapshot compare screens (#51205)
* SCA - Filtered dependency 'PROVIDED' scopes for Maven apps (#49699) |
|
CAST Highlight upgrade notes
CAST Highlight 5.9.1
Release Date: Ferbuary 22nd 2025
|
* Application Grouping feature
* Custom Segmentation - Keyword Scan results can now be used in a custom segmentation (e.g., Keyword:GPDR:People:occurrences > 0)
* User Roles - Fix on pages for the Blind Contributor role (#51499) |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.14
Release Date: Ferbuary 15th 2025
|
* SCA - Fix on application-level Software Composition screen when last result was empty (ongoing campaign)
* SCA - Fix on component lifespan's 'Possibly Immature' tag calculation
* Green Impact - Fix on deficiency label which was not displayed correctly (GreenLowEfficiencyRules) |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.13
Release Date: Ferbuary 13th 2025
|
* SCA - Improvements of result processing for stabilizing the OSS Dependency Map feature
* SCA - Fix - SBOM export was failing when a component had no release date (#51386)
* API - Fix - WS2/domains/{domainId}/thirdpary returning a 500 error in some cases (#51358)
* Branding - Changed CAST logo and copyright mention |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.12
Release Date: Ferbuary 8th 2025
|
* SCA - OSS Dependency Map
* Code Reader now supports scan of remote Git repositories
* CLI - Improvement on Docker image scans to support new image architectures
* API - Allow Portfolio Managers to post Custom Segmentation configuration files through the API (POST WS2/domains/{domainId}/segmentations)
* Analyzers - Improved robustness to prevent unexpected behaviors when parsing a high number of NULL characters (#51081)
* SCA - Bug Fix on License distribution chart at portfolio level (#49258) |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.11
Release Date: Ferbuary 1st 2025
|
* CLI - Git options can now be used in .properties
* CLI - Removed unnecessary CLI log output when scanning a Git repository
* SCA - CVE detection accuracy improvement for 'spring-integration' component
* SCA - Maven's PROVIDED dependencies are now filtered out from the results
* Custom Segmentation - Fix - using =out= in survey questions now work as expected (#51128) |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.10
Release Date: January 25th 2025
|
* CLI - Git public and private repositories (e.g., can now be remotely scanned
* SCA - Dependencies found in "requires" of package-lock.json files are now taken into account |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.7
Release Date: January 18th 2025
|
* Green Insights - 10 Green Deficiencies are now available for SAP/Abap
* SCA - Support of Java's Gradle dependency files (gradle.lockfile) for extracting the complete dependency tree
* SCA - CVE filtering was not applied when the user was logged through SAML
* API - Fix - Keyword Scan information was not returned in some cases (#50676)
* Software Health - Java/Groovy - Code Insight improvement to support 'switch' expressions |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.6
Release Date: January 11th 2025
|
* SCA - Support of Python's Poetry dependency files (poetry.lock) for extracting the complete dependency tree
* SCA - Support of Conan dependency files (conan.lock) for extracting the complete dependency tree
* Partner mode - Various fixes (app limit, hidden elements of the UI)
* Trial mode - Updated text for free trials
* Security - Various component upgrades for the pentest |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.5
Release Date: December 21st 2024
|
* SCA - Support of Ruby's dependency files (Gemfile.lock) for extracting the complete dependency tree
* SCA - Support of PHP's Composer dependency files (composer.lock) for extracting the complete dependency tree
* SCA - Python's requirements-%.txt are now excluded from dependency extraction (#50715)
* ASP.Net - Support of .cshtml files
* Cloud Maturity - Fix - Technology-level score aggregations were incorrect in some cases (#50625) |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.4
Release Date: December 14th 2024
|
|
* Custom Segmentation - Ratio answers from surveys (e.g., code base change %) can now be evaluated by the Custom Segmentation
* Cloud Maturity - XML, YAML, and properties files have been added to the scope of some patterns
* SCA - Support of Yarn dependency files (yarn.lock) for extracting the complete dependency tree
* SCA - Fix - Some SBOMs were not downloading for some specific cases (#50604)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.8.3
Release Date: December 7th 2024
|
* Portfolio Demographics - Data tables can now be exported to Excel
* SCA - Complete dependency tree discovery for NPM-based applications with --includeAllDependencies option
* API - The KEV information has been added to a couple of API endpoints
* Cloud Maturity - Minor adjustments on Azure service recommendations to align service categories |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.2
Release Date: November 30th 2024
|
* Cloud Maturity - Aggregated view (group/count by service category) of Cloud Service recommendations at portfolio level
* UI - Optimizations of the menu for the different CAST Highlight editions (Cloud Insights, SCA Insights, etc.)
* SCA - Minor improvements on Maven's depdendency extraction for better version detection |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.1
Release Date: November 23rd 2024
|
* SAML - Support seemless redirection to the Application Detail page
* Green Insights - "Prefer literal initialisation" disabled for Kotlin and Go as not applicable these technologies (#50246)
* SCA - Dependency level information propagated (when available) to Snapshot Comparison view and the API |
|
CAST Highlight upgrade notes
CAST Highlight 5.8.0
Release Date: November 14th 2024
|
| * Application Detail Page - Display fix for some applications (with survey-only as last results) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.24
Release Date: November 9th 2024
|
* SCA - Indicate the level of dependencies (when available from the scan) in a new column in the SCA result tables
* SCA - Fix - Component exclusion request button was not visible for Application Contributors (#49373)
* SCA - CVE false positive removal (requirejs)
* SCA - Poetry/Python - Version extraction improvement for some .toml files
* Analyzers - Java/Maven - Optional dependencies are filtered out from the results
* Home - Top 20 Code Insights are now filtered for instances which have paginated results |
CAST Highlight upgrade notes
CAST Highlight 5.7.23
Release Date: November 2nd 2024
|
* Cloud Maturity - Improvement of the LDAP/AD authentication pattern (#49834)
* Code Reader - Fix - Ignore directory paramaters were ignored in some cases (#49785)
* Role-Based Dashboards - Fixes on some widgets (available roles: Open Source Governance, Cloud Architects, IP/Legal/Compliance, ESG/Sustainability)
* SCA - Some analyses were blocked in the backend and were preventing SCA results to be available |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.22
Release Date: October 27th 2024
|
* Monthly Digest - Users can now subscribe to the Monthly Digest emails from their user account
* SCA - CLI now supports complete dependency tree extraction of Maven-based appliations (--mavenRepository in combination with --includeAllDependencies)
* SCA - Fix - Some SCA results were blocked in some cases
* Green Insights - Some pattern positions were not reported for TypeScript (HL-2916) |
CAST Highlight upgrade notes
CAST Highlight 5.7.20
Release Date: October 19th 2024
|
* Green Impact - Support of Go technology for Green Insights
* SCA - Dependency mapping and version resolution improvements
* SCA - Indicate in the UI when a dependency is mapped with an SCA component but with a missing version
* CLI/Code Reader - Support of --mavenRepository for better component version resolution (see CLI documentation for further details)
* Code Reader - Improved unicode support for file names with special characters (#49594, #49372)
* API - Fix on WS2/domains/{domainId}/vulnerabilities/aggregated |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.19
Release Date: October 12th 2024
|
* SCA - System.* (.Net) dependency detection improvement
* SCA - Improved version detection for some new version format (semver) Python and Nuget dependencies
* Analyzers - RPG detection improvement (only files without extension will be evaluated) (#49606)
* New Menu - Link to Manage License Profiles was incorrect
* Code Reader - The distribution now includes the list of third-party components and licences |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.17
Release Date: October 5th 2024
|
* Filters - Users can now filter dashboards on a specific segment (e.g., Rehost apps from the Portfolio Advisor for Cloud)
* Cloud Maturity - .Net's netcoreapp versions < 3.0 are now considered as deprecated
* Analyzers - VB/VB.Net - .ctl file extension has been added to the VB/VB.Net analyzer
* Code Insights - Fix on the exclusion feature that was incorrectly displayed to Result Viewers
* New Menu - Fix on the Portfolio Demographics link
* Free Trial - New metadata have been added to the UPGRADE button |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.16
Release Date: September 28th 2024
|
* UI - A new menu to ease navigation across dashboards, features and use cases and improve adoption for new users
* Analyzers - Java - Default methods interfaces (Java 8) lead to false positives in some cases (Missing break in switch) (#49167)
* Home page - Tiles sometimes don't show benchmark after a refresh (#48805)
* Custom Dashboards - Changed "WORST" / "BEST" to "LOWEST" / "HIGHEST" for some tiles (Cloud Blocker, Green Deficiencies, FTEs, etc.) (#49333)
* Code Reader - Windows Long Path - Improved CLI and Code Reader to get default value when properties is not set in .properties configuration (#49372) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.15
Release Date: September 21st 2024
|
* Cloud Maturity - Improved Cloud Service recommendations for Azure/AWS
* Cloud Maturity - Optimized Cloud Wave Advisor segmentation
* Cloud Maturity - Detection of deprecated Java versions for Gradle and Ant build tools
* Cloud Maturity - Fix - Platform-specific blockers should not be counted in Cloud Migration Advisor when occurrences = 0
* Cloud Maturity - Gradle & Ant are now supported to search for deprecated target versions of Java
* Code Reader - As of v1.0.16, the different detected file extensions are now reported for a given technology (e.g., .php, .php5, etc.) |
CAST Highlight upgrade notes
CAST Highlight 5.7.14
Release Date: September 14th 2024
|
* Analyzers - Support of additional Mainframe technologies (detection and sizing): CLIST, RPG3, RPG4, EGL, EasyTrieve
* Cloud Maturity - Removal of "ws" search pattern in SCA components from Azure PubSub to refine recommendations
* SCA - Fix - Multiple entries in KEV listing were displayed for a single CVE (#48840)
* SCA - Fix - Rejected CVEs in NVD were still displayed in dashboards in some cases (#49173)
* SCA - The CVE of a component are not the same, depending of the interface used (wrong category) (#48740)
* SCA - Fix on dependencies without versions not present under Additional Component with Partial Information (#49283) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.11
Release Date: September 7th 2024
|
* Green Impact - Portfolio Advisor for Green now takes Green Impact scores into account (not only Green Scan scores)
* SCA - Improved NPM dependency version detection from package-lock.json files when present
* SCA - Filtered results on main.ts files to reduce component detection false positives
* Software Health - Fix on display of Code Insight benchmark at the technology level (#49037)
* Cloud Maturity - Fix on Cloud detail files (HL2MRI) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.10
Release Date: August 31st 2024
|
* SCA - Support of Conan (C/C++ and Python package manager)
* SCA - Fix - In dependency mapping process, now filter duplicated versions for a given component to prevent result processing issues (#48957)
* Custom Segmentation - Added CO2 and Energy metrics
* Analyzers - VB.Net - Recognize ":" as instruction separator
* Benchmark - Fix on benchmark model versions used for some Typescript applications (#2854)
* SCA - Fix - Adapt SemVer decoding for python to deal with prerelease with DOT as separator (#48971)
* Dashboards - Fix - Some screens were not taking survey-only campaign into account and were displaying previous snapshot's scores (#48813)
* User Persona - Fix - Persona was not saved when selected from "My Account"
|
|
CAST Highlight upgrade notes
CAST Highlight 5.7.9
Release Date: August 24th 2024
|
| * Custom Segmentation - Add Green Impact (survey and overall scores) and CVE counts (critical, high, etc.) to the list of metrics that can be used for custom segmentations |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.8
Release Date: August 17th 2024
|
* Green Impact - Application-level Green Impact information is now included in the portfolio PPT export
* Custom Dashboards - Fix - Company-level custom home was not propagated to users attached to a subdomain (#48808)
* Portfolio Management / API - Fix - ClientRef of domains were not persisted when captured through the UI, nor returned in WS2/domains/{domainId}/domains (#48818)
* SCA - Minor fix on SBOM export to support SPDX validation (https://tools.spdx.org/app/validate/) (#48653)
* SCA - Fix - Code Insight exclusions were removing the application-level OSS score (#48705) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.7
Release Date: August 10th 2024
|
* Cloud Wave Advisor - Changed segment colors and description to avoid confusion with Portfolio Advisor for Cloud segmentation
* Custom Dashboards - SAVE button was not clickable when the "Define as user's homepage" option was turned ON.
* Custom Dashboards - Fixed widgets for Green Deficiencies and Green Deficiency Occurrences
* SCA - Fix - Company-level default license risk template was not applied for users attached in a subdomain (#48541) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.5
Release Date: August 3rd 2024
|
| * Analyzers - Fix on Kotlin analyzer (#48469) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.4
Release Date: July 27th 2024
|
* Cloud Maturity - Dockerfile files are now detected during the scan and trigger a Cloud booster
* Filters - It is now possible to share a url that contains filter parameters
* Analyzers - Fix on CLI for Linux/Mac which had an issue for versions above 5.7.0 (Win32::LongPath)
* Report Download - Bug fix - Report notification is now sent by email when the user closes the modal before the report downloads (#48284)
* Pendo - Country and Country code of the instance are now exposed as a Pendo meta data |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.3
Release Date: July 20th 2024
|
* Code Reader - Users can now create an application and upload scan results to an application directly from the UI
* API - New endpoint parameter to list domains of a domain and their applications (WS2/domains/{domainId}/domains?expand=applications)
* Bug fix on filter's domain selector
* Link to the legacy Code Reader has been removed from APPLICATION SCANS |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.1
Release Date: July 13th 2024
|
* Filters - Domain hierarchy is now visually indicated in filters
* Technical Debt - Performance optimization of the Portfolio Advisor for Technical Debt (#47344)
* Analyzers - TypeScript - Code Insight detection improvement on "Missing semi-colon" (#47841)
* BFP - Fix on BFP calculation for some technologies (#48207) |
|
CAST Highlight upgrade notes
CAST Highlight 5.7.0
Release Date: July 6th 2024
|
* SCA - Proprietary Components can now be edited in bulk from the UI
* SCA - CVE detection improvements (openssl, net-ftp, rubygems, elasticsearch) (#48120)
* Custom Segmentation - Support of new possible Cloud Maturity metrics for segmentations |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.14
Release Date: June 29th 2024
|
* Custom Dashboards - Metric trends are now available as a widget
* PLG - Optimized invite email for new users
* API - Cleaned JSON response for API endpoint on application tags (#48071) |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.13
Release Date: June 22nd 2024
|
* SCA - Support of SBOM export in SPDX 2.3 format
* SCA - Added "Last Version" column in the portfolio-level Obsolescence view
* Cloud Maturity - Detection of deprecated/obsolete Java and .Net target versions declared in pom.xml, .csproj, and .vbproj.
* Analyzers - Python - Fixed false positive on some code insights (Magic Number and Variable Not Used)
* Analyers - Fixed Green CSV structure error for C/C++ |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.12
Release Date: June 15th 2024
|
* Custom Dashboards - A new "License Risk" widget is available
* Cloud Maturity - Cloud Wave Advisor improvements to take application dependencies into account in the segmentation
* AI Advisor - Fix as OpenAI had changed their APIs recently and some "how-to" questions were not properly working
* Green Impact - CO2 and Energy gain estimates are capped to handle outliers (> 25.000 Green Deficiencies by MLOC)
* PPT Export - Technical Debt estimates are now displayed in person-days instead of minutes in the PPT export (#47835)
* PPT Export - Cloud Maturity Effort estimates are now displayed with decimals in the PPT export (#47833)
* Analyzers - Framework.validated.csv headers were missing in some cases (#47919) |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.11
Release Date: June 8th 2024
|
* SCA - CAST Highlight now integrates with CVEs from Github Advisories (GHSA)
* SCA - Added hint on itext (itextpdf) and wildly (redhat) to improve CVE detection
* SCA - Improved semver support for component version matching (~ and ^) (#47560)
* SCA - Proprietary Components are now taken into account when importing a CycloneDX SBOM generated by the SBOM Manager
* SCA - Improved parsing of poetry.lock files for component detection (#47493)
* SCA - Maven dependency extraction from pom.xml is now supported for Scala, Kotlin and Clojure (previously, only Java was supported)
* SCA - Fix on dependency version detection from composer.lock (PHP)
* Custom Segmentation - Support of custom questions in segmentation configurations (#47200)
* Custom Segmentation - Fix on switching from a segmentation to another from dashboards (#47541)
* Cloud Maturity - CFA impact (Code, Framework, Architecture) wasn't displayed at portfolio level under Cloud Maturity
* API - New endpoint to get applications associated to a specific tag |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.9
Release Date: June 1st 2024
|
* Green Insights - Support of COBOL for Green Insights, see https://doc.casthighlight.com/greenpatterns
* Portfolio Management - List of users can now be exported in Excel
* SCA - CVE detection algorithm improvement (i.e., redhat undertow) (#47503)
* API - clientRef is now returned for questions (WS2/domains/{domainId}/questions) |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.8
Release Date: May 25th 2024
|
* Trends - Technical Debt metrics are now available in trends
* Cloud Maturity - Minor improvements on the Cloud Wave Advisor for apps not having FTEs
* Custom Segmentation - Questions can now be used with numeric and null comparators (e.g., QUESTION_REF_CAST_BI_FTE =is= null or QUESTION_REF_CAST_BI_FTE == 0)
* Green Impact - New instances were not having the Green Impact indicator (#47451)
* API - Fix on Component Status endpoint (#47297) |
CAST Highlight upgrade notes
CAST Highlight 5.6.7
Release Date: May 18th 2024
|
|
* Custom Dashboard - CVE summary can now be added as a widget
* Custom Dashboard - Users can now select specific milestones to add them as a widget
* Cloud Maturity - Improved Cloud service recommendations for Azure (detection of Redis and other cache management libraries now triggers Azure Cache for Redis) (#47155)
* Home - Fix - Campaign summary was displaying NaN in some cases (#47279)
* Code Insights - Minor bug fix on the exclusion feature (#47148)
* Code Reader - Windows long paths are now supported (requires Perl/CLI upgrade as proposed through Code Reader's UI)
* Code Reader - Various fixes (avoid stream did not contain valid UTF-8 error + fix progression greater than 100%) (#47137)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.6.6
Release Date: May 12th 2024
|
* Home Page - Performance improvements
* Software Composition - Performance improvements |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.5
Release Date: May 5th 2024
|
* CLI - Exclusion options (e.g., --ignorePath) now apply to dependency files
* CLI - Display an explicit error message when the CLI version is obsolete
* SCA - Component Status recompute is now done only on last results for better performance
* Login - A new login page to reinforce the "Control Tower" product positioning |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.4
Release Date: April 27th 2024
|
* SCA - KEV insights are now aggregated at both application and portfolio levels
* Component Catalog - Result pagination to improve performance when a large number of component rules (allowed/denied) are defined
* Platform now prevents the process of deprecated result CSVs (older than 5.5.1)
* Code Insights - List of excluded Code Insights are now included in the Excel export
* Technical Debt Advisor is now displayed first under Technical Debt dashboard
* Cloud Maturity - Pattern improvement on "Use of unsecure network protocol" (#46707)
* Keyword Scan - Fix of Typescript analyzer for some specific cases (one single .ts file with a Kewyord Scan) (#46878)
* Home - Top 20 Code Insights - Fix of the Excel export when filtering on domains (HL-2661) |
|
CAST Highlight upgrade notes
CAST Highlight 5.6.2
Release Date: April 20th 2024
|
* Campaigns: Notify Domain Contributors when a new campaign is started (if option is ON)
* SCA - Commented lines in setup.py should be taken into account for component detection (#46770)
* Segmentation improvement when last results are survey-only campaigns (#46334)
* API - Fix on component status recompute when skipOutput was true
* Software Health - Code Insight exclusion feature minor improvements
* Pendo - Get root-level company name instead of domain name as company 'name' in Pendo attrribute |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.28
Release Date: April 6th 2024
|
* Software Health - Code Insights can now be excluded at the application level
* APPLICATION SCANS - Download of the new Code Reader is now the default link
* API - Added an option to Component Management endpoint to not return the list of allowed/denied components after a POST request (WS2/domains/{domainId}/thirdparty/status/configuration?skipRecompute=true&skipOutput=true) (#46086 |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.27
Release Date: March 30th 2024
|
* Green Impact - CO2 emission parameters can now be customized and saved at the application level
* SCA - Support of settings.gradle for dependency versions detection (#46299)
* SCA - CVE detection improvement for "better_errors" component
* SCA - Refine fingerprint-detected component filtering to not miss some legit components
* Cloud Maturity - Wording/label adjustments (e.g., roadblocks become occurrences)
* SAML - Fixed issue that was preventing some SAML users to login (#45712) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.25
Release Date: March 23rd 2024
|
* Cloud Maturity - Improved Cloud service recommendations for Azure (Azure Web PubSub, Azure Events, etc.)
* SCA - Excluded CVEs now have their criticality reported in the Excel SBOM
* Analyzers/Python - Fixed false positive on "Avoid unused parameter", for parameter "cls" (#46255)
* Analyzers/SCA - Improved dependency detection ("root" to not be considered as a dependency in package.json) (#45051) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.24
Release Date: March 16th 2024
|
* Green Impact - CO2 Emission Estimator parameters at portfolio level are now persisted
* Software Maintenance survey - Added two questions on use of AI
* CLI - Improved responses on some upload errors
* Analyzers - Fix on specific Keyword Scan functions that were causing scanning issues
* Analyzers - Fix on a specific syntax that was preventing Cloud Maturity details to be produced for the HL2MRI extension |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.23
Release Date: March 9th 2024
|
* SCA - Support of CycloneDX 1.5 (XML/JSON) export and import (for supported tools)
* Kotlin support for Green Insights
* API - Custom Indicators - Avoid duplicates of customized CAST's Business Impact metric
* SCA - OnPrem - Include licence information of dependencies that are not present on the server
* CVEDB - OnPrem - Migrate build artifact from JAR to WAR (can be deployed on app container) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.22
Release Date: March 1st 2024
|
|
* API - Optimization of the Allow/Deny component list end point (#46086)
* SCA - Poetry.lock files were not properly parsed in some cases for dependency extraction (#46091)
* SCA - Improved Safer/Safest component version recommendation (filter on next-*) (#46056)
* CLI - Docker image scans now better handle exceptions (symbolic links) (#44637)
* Pendo Optimizations - Added new account-level data mapping and view urls
|
CAST Highlight upgrade notes
CAST Highlight 5.5.21
Release Date: February 24th 2024
|
|
* SCA - Support of CycloneDX (1.4) SBOM import from Anchore Syft
* CLI/API - Fixed issue for users submitting results with a Contributor role only(#45957)
* Green Impact - Label fix on CO2 estimator screen
|
|
CAST Highlight upgrade notes
CAST Highlight 5.5.20
Release Date: February 17th 2024
|
* Cloud Maturity - Improved Cloud Service recommendations for Azure (updated service urls)
* Software Health - Pattern documentation is now embedded in the UI when available
* SCA - CVE false positive removal (flat vs. flat-*)
* SCA - Fix on CVE trends at the application level (#45828)
* Cloud Maturity - Directory Manipulation pattern improvements for C# and VB.Net (#44962)
* Cloud Maturity - File Manipulation pattern improvements for C# and VB.Net (#44962)
* Analyzers - COBOL analyzer improvements on COPY statements (#45632)
* Green CO2 gain estimator - Minor label fixes |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.19
Release Date: February 10th 2024
|
|
* Green Impact - CO2 emission simulator formula adjustments
* CLI - Fixed some incorrect output messages ("Upload stage skipped")
* Analyzers - Clojure's TooDepthArtifact Code Insight was cumulating values from a file to another
|
|
CAST Highlight upgrade notes
CAST Highlight 5.5.18
Release Date: February 7th 2024
|
|
* SCA - Vulnerabilities - Display clickable application names for a given CVE category at the portfolio level
* SCA - Add to KEV insights a short description when available
* Excel Importer - User-friendly error message when user imports or exports a file while it is open
* Cloud Maturity - Improvement of "Use of unsecured network protocols" pattern (exclude when some occurrences are found within loggers)
* Analyzers - JavaScript : enforce support of HTML embedded inside JavaScript
* Analyzers - TypeScript : enforce support of embedded HTML inside TypeScript
* Analyzers - KSH : remove first threshold 0 for alert "The code contains too many piped commands". Unique remaining threshold is now 3 (i.e., code insight will be triggered when 3 or more pipes are detected for a given KSH file)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.5.16
Release Date: January 27th 2024
|
* Code Reader - Users can download the new/alternative version of the Code Reader from APPLICATION SCANS
* Excel Importer - User Token are now supported to authenticate
* Portfolio Advisor for Cloud - Refresh and segment drill-down were causing some display issue
* Analyzers - Fix on TypeScript/React with embedded HTML which was triggering Missing Semicolons code insight (#45166)
* Keyword Scan - Some Keyword CSVs with incorrect format were blocking result processing
* Surveys - Changing an answer of a submitted survey was causing issues on result re-processing (#45487, #45493)
* Keyword Scan - Some applications were not showing at the portfolio level of the Keyword Scan dashboards (#45445, #44823)
* SCA - GPL-2 with classpath exception is not categorized as Medium risk in the default license risk profile (#35601) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.15
Release Date: January 20th 2024
|
|
* SCA – CVE false positive removal (typescript-http-client)
* [FIX] Some keyword CSV uploads were blocked
* [FIX] Green “CO2 Emission Estimator” label changes
* [FIX] Some frameworks.validated.csv files were blocked and marked as duplicated
|
|
CAST Highlight upgrade notes
CAST Highlight 5.5.14
Release Date: January 13th 2024
|
* Cloud Maturity - Cloud Migration Wave Advisor
* Green - CO2 Emission Estimator |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.13
Release Date: January 6th 2024
|
* Portfolio Advisor for Open Source - Bubble chart now includes segment colors
* Portfolio Advisor for Green - Bubble chart now includes segment colors
* Portfolio Advisor for Software Maintenance - Bubble chart now includes segment colors
* CLI - Bug fix - An error was thrown when using --skipUpload option |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.12
Release Date: December 23rd 2023
|
* SCA - SBOM export now includes a 'Vulnerabilities' tab which focuses on CVEs (HLFR-451, HLFR-156)
* SCA - CVE false positive removal (Apache Axis, Apache Axis2) (#44881)
* Cloud Maturity - New recommendation for Amazon Graviton Processors |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.10
Release Date: December 16th 2023
|
* SCA - Hint has been added on commons-collection vs. apache for better CVE detection
* Custom Segmentation - Segment formulas can use other segmentations and math expression
* Docker CLI - Docker image has been upgraded to remove CVEs |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.8
Release Date: December 9th 2023
|
|
* Cloud Service recommendations - New version of Azure service recommendation model (now recommends OpenAI and Machine Learning based on some SCA components detected during the scan)
* Application Scan - Add result export (ZIP) to ease CSV download for a given snapshot
* Docker CLI - Some components of the Docker image have been upgraded to mitigate CVEs
|
|
CAST Highlight upgrade notes
CAST Highlight 5.5.7
Release Date: December 2nd 2023
|
* Cloud Maturity - Display any platform-specific booster as a platform-specific blocker in the Cloud Migration Advisor when the destination platform is different (e.g., an AWS S3 booster will be a blocker if the targeted platform is Azure)
* CLI - apply --ignorePath and --ignoreDirectories options to SCA result CSVs (e.g., frameworks.validated.csv)
* Display a message on the login screen that is posted from the admin to announce planned maintenance and other major communications |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.6
Release Date: November 25th 2023
|
* Benchmark - Fix on benchmark export where Green metrics were missing on APP (Google)
* Code Insights - Export of Top 20 Insights was failing for some large portfolios because of the component vs. app approach (cell limit reached due to long app names) (#44507)
* Analyzers - Minor improvements on Ruby analyzers |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.4
Release Date: November 11th 2023
|
* SCA - Filter portfolio-level CVEs on some filters including KEV information
* SCA - Improved reliability of CycloneDX import (error traceability)
* Cloud Maturity - Beta tag has been removed from Oracle Cloud recommendations
* CLI - Update of CLI's README file
* Analyzers - Minor improvement for Ruby analyzer on Nbr_ShortMethodNamesLT (HL2MRI-47) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.3
Release Date: November 11th 2023
|
SCA - Generate a configurable Word document with license rulebook for all licenses from a license risk profile
SCA - List excluded CVEs in a dedicated tab of the SBOM export
Cloud Maturity - Fix on metric values in Cloud Advisor export at the application level (#44033) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.2
Release Date: November 4th 2023
|
* TRENDS - Screen rework to address performance of large portfolios
* Technical Debt - Fix on Manage Technical Debt Effort screen where priority changes were not reflected in the UI (#44062)
* Analyzers - Fix on empty JSON files which were causing analysis issues (#44059)
* Analyzers - Fix on JSON files with malformed encoding which were causing analysis issues
* Analyzers - C/C++ robustness improvements |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.1
Release Date: October 28th 2023
|
* Ruby support for Software Health
* SCA - CVE false positive removals
* "Local Agent" is now named "Code Reader"
* Survey campaign incorrectly marked fail (#43909) |
|
CAST Highlight upgrade notes
CAST Highlight 5.5.0
Release Date: October 21st 2023
|
* Cloud Maturity is replacing CloudReady in the UI
* Cloud Maturity - Added a tooltip to explain the CFA (Code, Framework, Architecture) acronyms in results (HLFR-410)
* SCA - Added a hint for CVE detection on webpack.js vs. webpack (#43839)
* SCA - Business Impact score was missing for some applications in Software Composition > Vulnerabilities view (#43766)
* Surveys - Add a new question type that support URLs whose answers will be clickable (e.g., SharePoint page for an application) (HLFR-387)
* Added clientRef field on domains and tags for easier API third-party integration |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.107
Release Date: October 14th 2023
|
* API - New endpoint to create license risk profiles (POST WS2/domains/{domainId}/licenses) (#42611)
* Green Impact - Fix - Filters were not working on the Green Impact tab at the portfolio level (#43685, #43777) |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.106
Release Date: October 7th 2023
|
* CloudReady - Added 27 Cloud blockers for PLS/SQL
* Custom Segmentation - Updated labels to clarify the workflow
* SCA - Extended support of CycloneDX import (when no <dependencies> part are defined) (#43600, #43589)
* Analyzers - TypeScript - Fixed false positives for missing semicolon (Software Health) (#43614)
* Analyzers - C++ - Addes method specifiers "override" and "final" (#43586)
* Analyzers - JavaScript - In JSX files, short tags with one letter were leading to parse errors (#43589) |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.105
Release Date: September 30th 2023
|
* Continuous Achievement Tracker - Added Green Impact metrics
* SCA - Sort applications and components by CVE criticality instead of total vulnerability count
* SCA - Changed license risk label from "Partially Compliant" to "Under Conditions"
* Application Results - Added Green Impact metrics, removed Software Resiliency, Agility and Elegance
* Benchmark - Fixed some display issues where applications with no scores were visible in the benchmark chart (#43345)
* Analyzers (SQL) - Support syntax "create or alter" when declaring procedure (#43347)
* Analyzers (Kotlin) - Fix - Do not count violation for an empty routine inside an interface |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.104
Release Date: September 23rd 2023
|
* Portfolio Management - User view now indicates last login dates and user types (Credential vs. SAML)
* Portfolio Management - Portfolio Managers can now invite users as SAML users
* Portfolio Management - Portfolio Managers can now decide to restrict user invites to SAML users only
* Analyzers - C# - "new" syntax not entirely supported which was causing never ending analyses (#43388)
* PPT exports - Changed labels to align with the UI (Code Insights, Improvement Candidates, Contribution)
* SCA - Mixing survey/scan campaigns was causing OSS score calculation issues in some cases (#43413) |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.103
Release Date: September 16th 2023
|
* Custom Segmentation - Expose technologies as possible criteria of the segmentation
* SCA - Changed the Excel library to manage large documents exports
* SCA - Fixed an issue in the SCA Components view on applications, which was not applying filters (#43365)
* CloudReady - For new instances, relabeled two survey questions to make them self-explanatory
* CloudReady - For new instances, changed survey questions order (e.g., current state question now comes first)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.102
Release Date: September 9th 2023
|
|
* Cloud - CloudReady Matrix bubble chart with quadrants (quick-win, core cloud...) and segment information now available from the Portfolio Advisor for Cloud
* PPT report - Fixed overlapping values in the PPT report (#42952)
* SCA - Incorrect sign for 100% diff on snapshot compare (app level & component) (#43233)
* CLI - Add information in CLI logs to indicate number of files discovered for each technology
* CLI/Docker - --analyzerDir option was unavailable given other options on the command line (#43135)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.100
Release Date: September 4th 2023
|
|
* Green - Added a Green Deficiency pattern to the T-SQL technology (#43137)
* Home - Quick Portfolio Insights now take overridden segmentations into account
* SCA - CVE exclusions were temporarily unavailable after adding KEV insights
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.99
Release Date: September 2nd 2023
|
|
* SCA - Enlight CVEs with KEV (Known Exploited Vulnerabilities) information
* SAML/SSO - SAML configuration page for end users
* Code Insights - Changed filters to exclude high quality files from the view if they are below 100 LOC (#43165)
* Application Detail - Reduce font-size of tabs at application level to not break tabs
* User Management - Search for Contributors was not working on Application Edit (#42964)
* Home - Quick Portfolio Insights - not showing any apps (#43107)
* Analyzers - Manage empty JSON files (#42821)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.98
Release Date: August 26th 2023
|
|
* CloudReady - Make the Cloud segmentation information available at the application level
* SCA - Allow any user to search for a license within the current license risk profile and display its rulebook
* Surveys - Some types of survey questions were not cloneable (#42978)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.97
Release Date: August 19th 2023
|
|
* CloudReady - Application CloudReady Advisor now filters "Migrate to..." based on Cloud platforms activated for the instance (#42896)
* User Management - Bug fix for editing a user with a Blind Contributor role (#42924)
|
|
CAST Highlight upgrade notes
CAST Highlight 5.4.96
Release Date: August 12th 2023
|
* SCA - Display publish and last modified dates of CVEs
* SCA - Component Catalog now searches for components even if not local to the server
* SCA - Improvement of the CVEDB search/mapping (project's name is now split by vendor/project)
* CLI/Docker - Connection issues catch
* CLI/Docker - Temporary files are now removed after the scan |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.95
Release Date: August 5th 2023
|
* User persona is now captured when a user account is activated (will be used later for role-based dashboards and features)
* CloudReady Matrix - The bubble chart was not displaying boundaries (e.g., apps having 0 or 100 for Business Impact) - #42744 |
|
CAST Highlight - SCA Chrome extension 0.0.18
|
|
|
|
CAST Highlight upgrade notes (July 29th 2023)
CAST Highlight 5.4.93
Release Date: July 29th 2023
|
* Analyzers - .inc should not be associated to JCL analyzer (#42642)
* CloudReady - Fixed issue that was preventing the display of blocker status (new/fixed) and roadblock variation between the two latest scans |
|
CAST Highlight upgrade notes (July 22nd 2023)
CAST Highlight 5.4.92
Release Date: July 22nd 2023
|
* SCA - Better detection of inherited versions of Maven dependencies (#42315)
* Home - Removed duplicate applications in Quick Portfolio Insights (Cloud / Refactor) (#42462)
* API/Tokens - Allow only GET and POST on /authorize service
* Analyzers - $@ is always defined (empty string or message). So remove "defined" when testing it. (#42540)
* CLI - Reduced overall size of the JAR |
CAST Highlight upgrade notes (July 15th 2023)
CAST Highlight 5.4.91
Release Date: July 15th 2023
|
* Commit Azure service recommendation JSON file (Azure App Service when an application has some JavaScript)
* Analyzers - Fix KSH technology detection [HL2MRI-36]
* Analyzers - Fixed some parsing errors in JavaScript analyzer [HL2MRI-36]
* Analyzers - Fixed errors for strings in MFC files + improve HTML detection in JS files [HL2MRI-36]
* CLI - Rolled back JAR's size decrease as it was preventing HLAutomation.log to be produced |
|
CAST Highlight upgrade notes (July 8th 2023)
CAST Highlight 5.4.89
Release Date: July 8th 2023
|
* CloudReady - Added Oracle Cloud Infrastructure (OCI) service recommendations
* CLI - Significantly reduced the JAR size (from 37MB to 16MB)
* CLI - Fix (integrated retry) to reduce the risk of failing result uploads
* API/SAML - Last login date is now returned for previously enrolled SAML users |
|
CAST Highlight upgrade notes (July 4th 2023)
CAST Highlight 5.4.88
Release Date: July 4th 2023
|
| * User Login: Fixed an issue which was preventing users having multiple subdomain accesses to authenticate |
CAST Highlight upgrade notes (July 1st 2023)
CAST Highlight 5.4.87
Release Date: July 1st 2023
|
|
* PPT - Green Insights have been added to the portfolio-level PPT export
* PPT - Portfolio Advisors (Cloud, Open Source, Software Maintenance segmentations) have been added to the portfolio-level PPT export
* User Login - SSO/SAML users can now use the main login screen to authenticate
* API - Last login date is now returned for SAML users (WS2/domains/{domainId}/users) (#42305)
* CLI - Prevent CSV upload when there was no analysis
* CLI - Some uploads were failing due to a bad CSV sequence order
* SCA - Proprietary Component tab is now removed from the Excel BOM when no proprietary components are found
* Continuous Improvement Tracking - Fix mismatch on displayed metric values in trends (#42266)
|
|
CAST Highlight upgrade notes (June 24th 2023)
CAST Highlight 5.4.86
Release Date: June 24th 2023
|
|
* Green - Application-level Green Insights export
* CloudReady - Added Criticality and Impact columns in the application-level Excel export
* CloudReady - Updated AWS Recommendation JSON file (refined recommendation on RDS for PL/SQL based on SCA components)
* SCA - Exclude dependencies from <dependencyManagement> but keep the version definition (#42076)
* SCA and Snapshot comparison - Sort snapshots on date descending
* Software Health - Fix on score filtering based on SCA results (#42171)
|
CAST Highlight upgrade notes (June 17th 2023)
CAST Highlight 5.4.85
Release Date: June 17th 2023
|
* CloudReady - Improved Azure (all services are now exposed) & AWS (RDS for Oracle on PL/SQL apps) Cloud service recommendation JSON
* SCA - Word BOM improvement (added the license category - permissive, strong copyleft, etc. to different places of the report)
* UI - Documentation links added to recently added features (Portfolio Advisor for Software Maintenance and Green, Application CloudReady Advisor, etc.)
* CLI/Docker - Bug fix on Linux (#41790) |
|
CAST Highlight upgrade notes (June 10th 2023)
CAST Highlight 5.4.84
Release Date: June 10th 2023
|
* Dart support for detection, sizing metrics and SCA (fingerprints only)
* SCA - Lifecycle status for components (Active, Immature, Deprecated) is now calculated
* CloudReady - Added a question on current state of the application (on-prem, cloud native, hybrid) to impact scores and segmentation
* Revisited Home Quick Portfolio Insights (aligned with Portfolio Advisors)
* Custom Dashboards - Quick Portfolio Insights now available as a widget of the Custom Dashboards
* SCA - Fixed CVE count in application table is inconsistent at portfolio level (#41937)
* SCA - Some dependencies were not displayed through the UI when clicking on the magnifying glass icon (#41864)
* Application Results - Indicate the app history limit when exporting (#41479) |
|
CAST Highlight upgrade notes (June 3rd 2023)
CAST Highlight 5.4.83
Release Date: June 3rd 2023
|
* Custom Dashboards - Add milestones (Continuous Improvement Tracker feature) as a possible widget of a custom dashboard
* CLI - Docker Image Scanning feature doesn't require to expose daemon on tcp://localhost:2375 without TLS anymore
* ASP.Net new model and analyzer bug fixes - This could lead to score differences between two scans |
CAST Highlight upgrade notes (May 27th 2023)
CAST Highlight 5.4.82
Release Date: May 27th 2023
|
* SCA - Word BOM now includes a license rulebook overview based on detected licenses (HLFR-276)
* CloudReady - Support of Ruby (25+ patterns) - https://doc.casthighlight.com/cloudreadypatterns/
* CloudReady - Azure Spring Apps and Azure Container Apps are now part of the automated Cloud service recommendations for Azure
* CLI - Improvement of the CLI and portal for supporting parallel scans (HLFR-294)
* SCA - Proprietary Component Governance - Fixed application count for a given component when used in multiple versions (#41688) |
|
CAST Highlight upgrade notes (May 20th 2023)
CAST Highlight 5.4.81
Release Date: May 20th 2023
|
* CloudReady - Cloud service recommendations can now be manually added to an application result
* CloudReady - Improved Cloud Services recommendations for Azure (Azure Spring Apps, Azure SQL for PostreSQL)
* XML Export - Fixed Software Health metric (#41666)
* SCA - C# - Detected component version should be overriden by HintPath version if present (#39938)
* SCA - Fixed issue on component exclusion if it was linked to an archived application (#41573)
* SCA - BOM importing - Fixed CycloneDX importing feature when import is done from a subdomain Portfolio Manager |
|
CAST Highlight upgrade notes (May 13th 2023)
CAST Highlight 5.4.80
Release Date: May 13th 2023
|
|
* SCA - Improvement of the BOM Importing feature (in case of dual-licensed component, retain the one from the CycloneDX BOM)
* Bug Fix - CSV result export was including all snapshots of applications (#41479)
|
CAST Highlight upgrade notes (May 6th 2023)
CAST Highlight 5.4.79
Release Date: May 6th 2023
|
* Define a custom dashboard as the user's homepage
* SCA - Support of Swift's package.swift and package.resolved for dependency extraction (HLFR-297)
* JavaScript - Support of recent syntaxes to improve accuracy of some Code Insights
* JavaScript - Improved code insight on missing semi-colons (#41055)
* SCA - Python fix for supporting trailing comments in requirements.txt
* SCA - Label update of the BOM Importing feature
* Cloud Service Recommendations - Fix on survey answer not displayed when it triggers a recommendation |
|
CAST Highlight upgrade notes
CAST Highlight 5.4.78
Release Date: April 29th 2023
|
|
* CLI and portal modifications to better support simultaneous scan uploads from the same user (#39292)
* Bubble charts - Display application names by default (HLFR-286)
* Cloud Service recommendations - Now support survey answers by using clientRef attributes
* Minor label fixes in the Continuous Improvement Tracker feature
|
|
CAST Highlight upgrade notes (all platforms)
CAST Highlight 5.4.77
Release Date: April 25th 2023
|
| * Bug fix of a UI component which was preventing Code Insights and Custom Indicators to display properly (#41366) |
|
CAST Highlight upgrade notes (all platforms)
CAST Highlight 5.4.75
Release Date: April 22nd 2023
|
|
* SCA - SBOM importing capability (beta) - Requires the feature to be turned on by CAST
* ASP.Net technology support for Software Health (C# and VB.Net code insights calculated when applicable)
* CLI - The command line is now able to scan local and distant Docker images * Custom Dashboards - Improvement of business rules related to Custom Dashboards visibility and company sharing based on user role and domains - #41226
* SAML - Bug fix which was preventing a SAML user to activate the user account when SMTP server was not configured (on-prem) - #41211
* Discussion Threads - Bug fix - Email notifications were not sent for notified people
|
|
Visual Studio Code extension for CloudReady (1.0.4)
March 17 2023
|
We just released v1.0.4 of the Visual Studio Code extension for 2601_cloud CloudReady. It adds support for Go applications.
----
----
CAST Highlight CloudReady Extension for Visual Studio Code - Visual Studio Marketplace
Extension for Visual Studio Code - CAST Highlight CloudReady Extension for Visual Studio Code
marketplace.visualstudio.com
|
|
CAST Highlight 5.4.73
Release Date: April 15th 2023
|
|
* Go technology support for CloudReady
* Portfolio Advisor for Software Maintenance: Result export is now available
* Portfolio Management - Legacy screen has been decommissioned (feature focus: https://doc.casthighlight.com/feature-focus-portfolio-management-optimization/)
|
|
Backend:
* SCA - filter results by ignoring "filename" rows from frameworks.validated.csv (component detection based on file names e.g., jquery-1.2.3.min.js)
* CLI - Removed some constraints which were blocking result upload when the CLI version was in older version than the portal (HL-2350)
|
|
Comments