| Table of Contents |
|---|
...
New version of Kiuwan, CQM, and Kiuwan Engine
| Info |
|---|
Main features of this release are:
|
Kiuwan CQM and Engine
New SAP HANA SQLScript Rules
As SAP is introducing many new programming technologies, more and more SAP users are confronted with new languages besides ABAP.
...
- OPT.HANA.EFFICIENCY.AvoidTraceInProduction
- OPT.HANA.EFFICIENCY.AvoidUsingCursors
- OPT.HANA.EFFICIENCY.DeeplyNestedSubqueries
- OPT.HANA.EFFICIENCY.ModificationStatementInLoop
- OPT.HANA.EFFICIENCY.NonTrivialSubquery
- OPT.HANA.EFFICIENCY.ReadsSqlDataNotSpecified
- OPT.HANA.EFFICIENCY.SelectInScalarFunction
- OPT.HANA.EFFICIENCY.UnusedVariable
- OPT.HANA.EFFICIENCY.UseOfCalculationEngineOperator
- OPT.HANA.MAINTAINABILITY.LanguageNotSpecified
- OPT.HANA.MAINTAINABILITY.UnusedCondition
- OPT.HANA.RELIABILITY.ImproperParameterUsage
- OPT.HANA.RELIABILITY.NonCustomErrorCode
- OPT.HANA.RELIABILITY.UseOfUninitializedVar
- OPT.HANA.SEC.ExcessivePrivilegesGranted
- OPT.HANA.SEC.ForbiddenCall
- OPT.HANA.SEC.SqlInjection
New Python security rules
- OPT.PYHTON.SECURITY.AvoidHostNameChecks
- OPT.PYHTON.SECURITY.TooMuchOriginsAllowed
- OPT.PYTHON.SECURITY.InsufficientSessionExpiration
- OPT.PYTHON.DJANGO.InsufficientDjangoSettingsSessionExpiration
- OPT.PYTHON.SECURITY.CookiesInSecurityDecision
- OPT.PYTHON.SECURITY.ExecutionAfterRedirect
- OPT.PYTHON.SECURITY.FormatStringInjection
- OPT.PYTHON.SECURITY.HardcodedCryptoKey
- OPT.PYTHON.SECURITY.HardcodedSalt
- OPT.PYTHON.SECURITY.HttpParameterPollution
- OPT.PYTHON.SECURITY.InformationExposureThroughErrorMessage
- OPT.PYTHON.SECURITY.InsufficientKeySize
- OPT.PYTHON.SECURITY.JSONInjection
- OPT.PYTHON.SECURITY.LdapInjection
- OPT.PYTHON.SECURITY.NonRandomIVWithCBCMode
- OPT.PYTHON.SECURITY.PasswordInConfigurationFile
- OPT.PYTHON.SECURITY.PasswordInRedirect
- OPT.PYTHON.SECURITY.PlaintextStorageInACookie
- OPT.PYTHON.SECURITY.PotentialInfiniteLoop
- OPT.PYTHON.SECURITY.TrustBoundary
- OPT.PYTHON.SECURITY.UncheckedInputInLoopCondition
- OPT.PYTHON.SECURITY.UnhandledSSLError
- OPT.PYTHON.SECURITY.UnsafeReflection
- OPT.PYTHON.SECURITY.UserControlledSQLPrimaryKey
...
- If you are using CQM, these new rules will automatically become active and will be applied to new analyses.
- If you are using your own custom model, you can activate them in case you want to be applied to your code.
Recategorization of TypeScript and Angular rules
After adding support to TypeScript, it was not clear for many users that TypeScript support was embedded within JavaScript.
...
- Angular versions previous to 2.x : filter : Framework -> AngularJS
- Angular versions equal or above 2.x : filter : Framework -> Angular
Kiuwan Website
New Passwords Policy
Kiuwan has implemented a more strict password policy that applies to password strength.
...
You can set your acccount's password policy at Account Management >> Password Policies tab (only available to account owner)
Blocking state of Kiuwan Engine
As you probably know, Kiuwan allows to "block" the engine, i.e. to freeze the version of Kiuwan engine so it's not automatically updated as a new one is available.
...
You can find it at Account Management >> Engine tab ( blocking/unblocking only available to account owner)
Kiuwan Insights
Enhanced readability of Software Licenses Terms
...