False positive are seen, as smaller portions of code identified as SQL technologies like MariaDB, DB2 and PostgreSQL are not used in any of the application analyzed.
Details and Workaround
For SQL technologies (maria, postgres, db2), the analyzers picks up generic *.sql files and identify them as the technology found.
It is better to either use specific extensions to identify the technologies or to control which technologies are being scanned for in the code.
For example for better results, it is recommended to use .db2 extension which will explicitly associate your files to the DB2 analyzer. The same way it is recommended to use .mysql extension which will explicitly associate your files to the MySQL analyzer, for PostgreSQL it should be .postgresql extension, for MariaDB analyzer it should be .mariadb extension, see page 35 of https://doc.casthighlight.com/Getting-Started-Guide.pdf
For the command line these technologies can be restricted from being analyzed, if you do not want to scan for them. Please refer https://doc.casthighlight.com/product-tutorials-third-party-tools/automated-code-scan-command-line/
Additional Resources
CAST Highlight Troubleshooting Guides
CAST Highlight Product Documentation
Ticket
42291
Comments