What’s New in this Release?
LiveCompare 4.2 Patch Release 8
LiveCompare 4.2 Patch Release 8 includes the following new features:
Miscellaneous
-
The following components have been upgraded to the versions in parentheses: curl (8.4.0).
LiveCompare 4.2 Patch Release 7
LiveCompare 4.2 Patch Release 7 includes the following new features:
Test Repositories
-
For connections to qTest, the User Agent field in the connection header has been updated to ‘LiveCompare’.
LiveCompare 4.2 Patch Release 6
LiveCompare 4.2 Patch Release 6 includes the following new features:
Platform
-
A problem with the Analyze Object Links action has been resolved, where the action became trapped in an infinite loop. This happened when an object was identified as impacted and most-at-risk (according to the Recommended Threshold setting) was duplicated in the action’s Usage Counts dataset.
qTest Integration
-
On the 15th June 2023, Tricentis will introduce monthly API caps and API rate limits for all customers. However, these changes do not apply to API calls made to qTest from LiveCompare.
LiveCompare 4.2 Patch Release 5
LiveCompare 4.2 Patch Release 5 includes the following new features:
Installation
-
A problem with the Configuration Wizard has been resolved where the LIBICUDECNUMBER.DLL file was reported as missing from NWRFC 7.50 Patch Level 11. SAP’s Release Notes for this patch confirm that the LIBICUDECNUMBER.DLL file is no longer required.
LiveCompare 4.2 Patch Release 4
LiveCompare 4.2 Patch Release 4 includes the following new features:
Apps
-
The Cross System Impact Analysis App is designed for gateway-deployed Fiori implementations where custom UI5 apps on a front-end system are supported by S/4 HANA services on a back end system. In this environment, changes to the back-end system may impact the apps on the front-end system.
-
The Cross System Impact Analysis App marks changed testable objects as most-at-risk.
-
The Cross System Impact Analysis App includes an option to execute test runs.
Fixes
-
A problem with the LiveCompare Application Server has been resolved, which occasionally caused a crash in IRecSet::~IRecSet().
-
A problem with the TCTESTCASE WGI has been resolved, which caused a ‘Object reference not set to an instance of an object’ exception.
LiveCompare 4.2 Patch Release 3
LiveCompare 4.2 Patch Release 3 includes the following new features:
Platform
-
The Generic WGI Call action may be used to search only a supplied set of Tosca Test IDs for test assets that match the supplied tokens.
Fixes
-
A problem has been resolved which occasionally caused a crash in the Tricentis LiveCompare Application Server.
LiveCompare 4.2 Patch Release 2
LiveCompare 4.2 Patch Release 2 includes the following new features:
Platform
-
A problem with the Search Test Repository action has been resolved where a single parenthesis in a token caused a ‘not enough )’s’ error.
-
A problem has been resolved where LiveCompare is unable to compare WAPA subobjects stored in .js or .json files if the line length is greater than 255. The problem was caused by the use of ‘+’ as a concatenation symbol in the WAPA subobject names.
-
The following components have been upgraded to resolve security issues: jquery, jquery-ui, microsoft.data.odata, Newtonsoft.json, RestSharp, system.web.mvc.
LiveCompare 4.2 Patch Release 1
LiveCompare 4.2 Patch Release 1 includes the following new features:
Platform
- The SAP Solution Manager Test Repository type has been added in this release.
- ABAP Call Monitor (SCMON) data may be retrieved into an RFC Destination’s SCM tab. If SCM data has been downloaded for an RFC Destination, the data is used automatically by the Uses What and Where Used actions.
- LiveCompare’s representation of a Class/Method combination has been updated to match the format used by the ABAP Call Monitor (SCMON).
-
The following new object type is available: Gateway Service (IWSV).
-
To support cross-system impact analysis, the Where Used action has been updated to find the Gateway Services (IWSV) in which Classes (CLAS) are used.
-
To support cross-system impact analysis, the Where Used action may be used to find Methods (METH) used by Gateway Services (IWSV).
-
If you have LiveCompare Administrator privileges, the Configuration - Test Repository screen may be used to control the behavior of the Search Test Repository action when searching Tosca Test Repositories.
Fixes
- A problem with the Authorization NOTE Impact App has been resolved, where a number of roles were missing from the App’s report.
- A problem with the Smart Impact App’s Classify Changing Objects workflow has been resolved, where the workflow ran for a very long time if its input was large.
- A problem with the Smart Impact Analysis workflow’s Classify Changing Objects workflow has been resolved, where the workflow ran for a very long time if its input was large.
- A problem with the Quick Compare Wizard has been resolved, where exploring the versions of a class caused an internal server error.
- A problem with the Compare View action has been resolved, where view data was not displayed in the comparison result.
- A problem with the Create Test Execution action has been resolved, which caused a 404 - task not applicable error when run against a Tosca Test Repository.
- A problem with the Register Workflow as App Wizard in Internet Explorer has been resolved, where the Choose Input Parameters screen showed no available parameters.
LiveCompare 4.2
LiveCompare 4.2 includes the following new features:
Apps
- The SAP HANA Migration Assessment App’s Custom Code Quality Dashboard chart has been updated to report on the number of objects with quality rule violations in each rule category.
- The Smart Impact App includes an ‘Execute tests?’. This allows test executions created for matching test assets to be run in the specified Tosca Test Repository.
- The Authorization NOTE Impact App has been deprecated in this release. Instead, use the Security Impact Analysis template from the Impact Analysis template folder.
- The Impact for Security App has been deprecated in this release. Instead, use the Security Impact Analysis template from the Impact Analysis template folder.
Templates
- The Configurator Impact Analysis workflow performs an impact analysis for customizing transports on the specified SAP system. Customizing transports contain changes related to data, including Configuration and Master Data.
- The Developer Impact Analysis template’s Home spreadsheet reports on whether each changing object has an associated ABAP unit test on the specified SAP system.
- The Developer Impact Analysis workflow filters the changing objects using the ChangingObjectsToIgnore External Data Source.
- The Developer Impact Analysis workflow no longer reports on Test Repository hits and gaps.
- The Security Impact Analysis workflow performs an impact analysis for security-related changes in transports. Security-related changes include changes to roles (identified as object type ACGR), and changes to ABAP objects that contain AUTHORITY-CHECK statements.
- The Default ‘To’ email address in the LiveCompare Usage Report template from the Tools folder is set to livecompare_usage@tricentis.com.
Security
- All active server pages have been reviewed to ensure that their authentication and authorization checks are sufficient, and new server-side function calls have been added where required.
- A vulnerability in several active server pages has been resolved, where exporting LiveCompare objects (for example workspaces or crash dump files) exposed the user data directory, and could be used to delete any arbitrary file on the server. These ASPs have been corrected to only allow deletions from the folders designated to store the export files.
- A security vulnerability has been resolved, which allowed user details to be obtained using a tool with iterated over a range of object IDs. This was fixed by changing the GET_OBJECT_ATTRS handler so that it performed a check against the requesting user.
- The SEND_EMAIL request used by the Email All Users, Test Email and Share Workflow features authenticates each request using the supplied SessionID. This prevents scripting attacks were where arbitrary script code could be added to the email’s Subject or Body fields. Other data server requests also perform an authentication check using the SessionID attribute.
- A security vulnerability has been resolved, where the SET_REGISTRY_DATA function could be called by users without Administrator privileges. A role check is now performed before executing the function.
- A security problem has been resolved which allowed scripting commands to be included in the Subject parameter passed to the program used by LiveCompare to send emails (BLAT.EXE). This could allow arbitrary commands to be executed, or arbitrary files to be accessed. This was resolved by reading BLAT.EXE’s Subject parameter from a temporary file.
- A security problem has been resolved where the XML parser used by LiveCompare was able to process external entities, which could be used to read files on the application server, retrieve directory listings, send HTTP requests from the application server, or initiate denial of service attack.
- A security vulnerability has been resolved, which allowed a user’s password to be reset following a change of their email address. As a result, only LiveCompare Administrators are able to change the email addresses associated with native LiveCompare accounts.
- In the LiveCompare Configuration Wizard, the requirement for strong passwords is set by default.
- The Path attribute is used to limit the scope of LiveCompare cookies. This means that LiveCompare cookies cannot be accessed by other apps on the same web server.
- We recommend that LiveCompare is configured to run over HTTPS/SSL.
- Access to log files via URLs on the Browse Logs screen is only available for users with Administrator privileges. Static file access to the LiveCompare logs folder has been disallowed.
- A security vulnerability has been resolved, where the reset password functionality used an HTTP link even when LiveCompare was running over HTTPS.
Platform
- LiveCompare supports the retrieval and comparison of tables with variable length fields (excluding tables that also contain float fields).
- Code comparison of subobjects is no longer limited to 1000 lines. For example, class methods with over 1000 lines of code may be compared in workflows and the Quick Compare Wizard.
- The Create Test Execution and Create Test Requirements actions have been updated to return a clearer error message if the root Tosca object is checked out by another user. The message has the format <object name> is checked out by another user.
- Execute Test Cases actions run the specified execution list in the specified Tosca Test Repository. The execution is performed using a Tosca configuration object that is managed using DEX (Tricentis Distributed Execution Engine).
- Tosca Test Repository definitions include a Workstates field, which allows a comma-separated list of workstates to be specified. If this is done, the Search Test Repository action only returns test cases whose workstate matches one of the workstates supplied in the repository definition.
- For live Tosca Test Repository searches (where the Use Cache property is set to ‘false’), the Search Test Repository action checks the specified Search Paths to verify that all parts of each Search Path are valid, and that each Search Path is synchronized in the Tosca workspace. If either test fails, the action returns a suitable error message.
- The RFC Destination Test Connection screen uses the core ABAP object to determine the installation status of LiveCompare.
Licensing
- The term for the license installed with LiveCompare has been changed from 12 months to 30 days.
User Interface
- The following workflow diagram shortcut keys have been changed so a not to clash with browser shortcut keys (the new key assignments are in parentheses): Zoom in (Shift++), Zoom Out (Shift+-), Zoom Fit (Shift+0), Zoom Restore (Shift+1).
- The Studio’s String List Editor allows string list elements to be pasted from the Windows Clipboard.
- In the LiveCompare user interface, ‘Tosca project’ has been changed to ‘Tosca workspace’.
Debug Logging
- To increase the efficiency of debug logging, idle update entries to the Users.xml file are no longer written to the Debug_ServerMain.txt log file.
Fixes
- A problem with the Smart Impact App and Smart Impact Analysis workflow has been resolved, which caused an ‘Invalid Object Link Cache’ error if two Apps or workflows were run simultaneously against the same Analysis system.
- A problem with the Search Test Repository action has been resolved for qTest Test Repositories, where tokens beginning with /n (for example /n/ICORP/RFC_SUBMIT_DATA) could not be found.
- A problem with the Uses What action has been resolved, where performing a Uses What on an INCLUDE did not find all the INCLUDE’s dependent tables.
- A problem with the Uses What action has been resolved, where a Uses What operation for a class method did not return any of the method’s referenced INCLUDEs.
- A problem with the Search Excel Tests WGI has been resolved, where tokens were matched inside word boundaries.
- A problem with the Search Excel Tests WGI has been resolved where tokens were not matched if they were preceded by /n in the Excel spreadsheet. For example, a search for VA01 would not find /nVA01.
- A problem with the Quick Compare Wizard has been resolved, which caused an autoVerifyReferer error under Internet Explorer 11. This also affects the search and show vault contents functionality.
- A problem with the Edit RFC Destination screen has been resolved, where the SAProuter field was missing from the screen’s RFC Parameters section.
Installation
- The Search Excel Tests WGI is installed with LiveCompare.
- LiveCompare’s Pre-install Check program checks for the MSSQL OLEDB Driver and the MSSQL ODBC Driver. These are required for SQL Server External Data Sources.
Miscellaneous
- LiveCompare has been upgraded to use SQLite version 3.33.0.
- What3Words integration has been removed.