Coverity on Polaris 2022.9.0 Release Notes

Note: This platform is renamed Coverity on Polaris. Unless otherwise specified, references to Polaris or Polaris Software Integrity Platform in this documentation are referring to Coverity on Polaris.

Here's what's new in Polaris 2022.9.0.

Platform

  • Coverity 2022.3.1, 2021.12.1, 2021.9.3 and 2021.9.0 are no longer supported.
  • Support for Coverity 2021.12.3 is deprecated. It will be discontinued in a future release.
  • Polaris supports Coverity Versions:
    • 2022.9.0 (Recommended)
    • 2022.6.1
    • 2022.6.0
    • 2022.3.4
    • 2021.12.3
  • Polaris now supports Coverity 2022.9.0. See Coverity 2022.9.0: Supported Platforms, Languages, and Compilers. It includes the following changes:
    • Support for Go 1.16 has been removed.
    • Support for Kotlin 1.5.20-1.5.32 has been removed.
    • Support for LLVM Clang 5.x has been removed.
    • Support for Oracle JDK 1.7 has been removed.
    • Support for Go 1.17 is deprecated and will be removed in a future release.
    • Support for Kotlin 1.6 versions are deprecated and will be removed in a future release.
    • Support for Oracle JDK 1.8 is deprecated and will be removed in a future release.
    • Support for OpenJDK 1.8 is deprecated and will be removed in a future release.
    • Support for .NET Core 3.1 is deprecated and will be removed in a future release.
    • Added support for glibc 2.28 and 2.31-2.35 on Linux platforms.
    • Added supports for Go 1.18.
    • Added support for Java 18.
    • Added support for Kotlin 1.6.21 and 1.7.0.
    • Added support for Python 3.10.
    • Added support for Swift up to 5.7.
    • Added support for FSF GCC up to 12.1.0.
    • Added support for Go 1.18 compiler.
    • Added support for OpenJDK 18.
    • Added support for Oracle JDK 18.
    • Added support for macOS 12 on Apple Silicon.
      • Running Sigma on ARM-based Mac machines is not supported.
      • Build capture is not currently supported.
    • For Windows, Coverity Analysis is not supported on 'Server Core' installations at this time.
    • Kotlin has received several new quality checkers.
    • Kotlin support has been made more compatible with minor versions of Kotlin for smoother upgrades.
    • Java's unsafe deserialization checker has been redesigned to be more reliable.
    • Kotlin and Java gain support for Spring Room/Data for more reliable operation with those frameworks.
  • For all Coverity versions other than 2022.3.4 and 2022.6.0, JAR caching is enabled by default while DLL caching is disabled by default. The configurations of JAR and DLL caching are split. JAR caching and DLL caching can be enabled/disabled respectively.
  • For Coverity 2022.3.4 and 2022.6.0, both JAR and DLL caching is enabled by default. The configurations of JAR and DLL caching are tied together. If one caching is enabled, the other caching will be enabled as well.
  • For Polaris customers using Code Sight, Code Sight 2022.9.0 has a new workflow with multiple scan options to replace the existing auto scan feature in Coverity. Users can now trigger the scan of their choice. No configuration changes are needed. More information is available in this Code Sight community article.
  • "Not Specified" issue type has been added to charts and data in the UI.
  • The Polaris System Status page associated with customer Polaris instance URL has been renamed for improved management and scalability. Any bookmarks or external links to the status page will need to be updated manually.
  • Bug Fix: Clarification of Coverity on Polaris support for Visual Studio 2022. (POL-15690)
  • Bug Fix: When a large number of database queries impacted performance, fix was provided. (POL-15591)
  • Bug Fix: Polaris would not run due to physical memory errors was fixed by upgrading version of Coverity. (POL-15569)
  • Bug Fix: Personal Access Token showing "Authentication Failed" was discovered to be firewall blocker. (POL-15517)

Polaris CLI

  • The following versions of the Polaris CLI Scan Client are supported in this release:
    • 2022.9.0 (Recommended)
    • 2022.6.0
    • 2022.3.1
    • 2021.12.1 (Deprecated)
  • Bug Fix: Polaris CLI upgrade message was fixed. (POLCT-3833)

Polaris API

  • Bug Fix: A 503 error when calling the reporting API /reporting/tps/v1/api/tps/projects to get the list of Projects for the "Polaris Agent" was fixed by setting the page limit to 500.(POL-15609)