Release Notes - SPCAF 7.8.0.0 (2018-07-02)

In this release, we have improved reporting further and added support for detecting the performance of scripts hosted on the Office 365 public CDN. Improve on the rule list for SharePoint Framework (SPFx) and SPCAF.

New Features

  • Added support for detecting performance of scripts hosted on the Office 365 Public CDN.
  • Extend the default ruleset "Extended" to include SPFx and AngularJS rules.
  • Add Support for SPF010716  for analyzing bundles with multiple components.
  • Updated SPF010716 to support projects using SharePoint Framework v1.3.2 and newer.

Fixes

  • Fixed bug where analyzing SharePoint Framework projects in some cases would lead to exceptions.
  • Fixed a couple minor UI issues.

New Rules for Web Files

  • Security
    • SPC028701: Don't use JavaScript libraries with known vulnerabilities.
    • SPC028702: When referencing scripts, specify the integrity hash.

New Rules for SharePoint Framework (SPFx)

  • Correctness
    • SPF010302: Extended the rule for detecting including assets in the solution package.

  • Inventory
    • SPF801001: Added inventory of API permission requests in solution package.
    • SPF800201: Added inventory of API permission requests in the project.
    • SPF801401: Added inventory of Field customizers.
    • SPF801402: Added inventory of List View Command Sets.
    • SPF801403: Added inventory of Application customizers.
  • Security
    • SPF020703: Don't reference JavaScript libraries with known vulnerabilities in client-side web part manifest.
    • SPF020803: Don't load JavaScript libraries with known vulnerabilities in JavaScript file.
    • SPF021302: Don't reference JavaScript libraries with known vulnerabilities in project.
    • SPF021401: Don't reference JavaScript libraries with known vulnerabilities in client-side extension manifest.

New Rules for JavaScript

  • Security
    • SPC028905: Don't use JavaScript libraries with known vulnerabilities.
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.