December 2017 (version 1.9.0-beta)

1.9.0 Update

Merry (early) christmas to everyone!

Merry time for our 10th release.

We've released a 1.9.0 DeepScan service bringing with more secure architecture for your code.

Keep reading for the highlights for this release.

Release Summary

This version includes a number of updates that we hope you will enjoy. The key highlights are:

• About security - Your code gets more secure.
• Analysis improvements - Enhanced inter-module analysis for CommonJS modules.

About Security

Ultimately, your satisfaction is what matters most to us. So we have been trying to assure users' concern for code security.

As such an effort, in the 1.8.0 release, we improved a file viewing without copies of stored code.

Now we're happy to say we do not need stored code anymore. Your code is immediately and completely deleted from our file system after the analysis is finished.

We hope you like this and are more comfortable with us. Please refer to here.

Analysis Improvements

Inter-module analysis for CommonJS modules

Since we supported inter-module analysis for ES6 modules in October, we have enhanced inter-module analysis for CommonJS modules.

Now we are happy to announce that CommonJS modules are also supported in inter-module analysis.

For example, we now detect MISSING_RETURN_VALUE alarm from a function defined at another CommonJS module. Let's see src/core/system.js file:

module.exports.registerSystem = function (name, definition) {
    var i;
    var NewSystem;
    var proto = {};
    var scenes = utils.findAllScenes(document);
    ...
    NewSystem = function (sceneEl) { System.call(this, sceneEl); };
    NewSystem.prototype = Object.create(System.prototype, proto);
    ...
    // Initialize systems for existing scenes
    for (i = 0; i < scenes.length; i++) { scenes[i].initSystem(name); }
};

In the above code, registerSystem function exported by src/core/system.js does not have a return value.

But below src/systems/camera.js file uses its return value as the exported System variable. Maybe registerSystem function should have returned NewSystem object at the end of its body.

var registerSystem = require('../core/system').registerSystem;

module.exports.System = registerSystem('camera', { ... }); // No value is returned from function 'registerSystem' defined at line 1 of system.js.

Enhanced support for inconsistent null check

We have improved INSUFFICIENT_NULL_CHECK rule to detect alarms also on object properties:

public addRangeSelection(rangeSelection: AddRangeSelectionParams): void {
    if (!this.rangeController) { // Expression 'this.rangeController' is null checked here, but its property is accessed without null check afterwards at line 5.
        console.warn('ag-Grid: cell range selection is only available in ag-Grid Enterprise');
    }
    this.rangeController.addRange(rangeSelection);
}

In the above code, it prints a warning message for missing this.rangeController, and then executes addRange method of it. The method call should be in the else branch.

Miscellaneous

• You can delete a project directly in the project list via Configure Project menu.
• Show the status to be changed in the popup of status change.

Bug Fixes

• Pull request analysis is not merged properly with the previous one sometimes.