Release Notes

Introduction 

The release notes provide brief and high-level descriptions of the new features of HaloENGINE. Before installing HaloENGINE, it is recommended to read the release notes to understand any current limitations or bugs that may apply to this version of the software.

Product Description

HaloENGINE is a Java-based classification engine that applies business logic and integrates with the Microsoft Purview Information Protection service to fetch the sensitivity labels for configuration in the admin portal. Using metadata, it classifies and organizes data while enforcing schemas and action rules, serving as the core component that works with the HaloCAD for PLM/PDM solution to protect data.

Requirements

The following system requirements table outlines the minimum and recommended technical specifications, including software and network requirements, necessary to run the product.

Requirements

Prerequisites

Before installing the HaloCAD component, ensure that the following prerequisites are met:

1. An application of type Web is registered with Microsoft Entra ID.

2. An active Office 365 subscription is available.

3. Access to the recommended URLs is enabled.

4. TLS 1.2 or later is enabled on all client workstations to ensure secure communication.

For more information, refer to the Installation Manual.

Code Quality and Security

Secude focuses on software quality and security. This is accomplished by adhering to and exceeding best practices in development, testing, and quality control. Secude has chosen SonarQube as the first building block for building and implementing a robust continuous code quality assurance (QA). SonarQube is a platform for static code analysis for continuous inspection of code quality. It performs automatic reviews of code to detect bugs, code smells, unit test coverage, and security issues in 29 programming languages.

SonarQube is utilized throughout the development process at Secude, and only the highest marks are accepted for a product to be released. It helps to regulate code quality from the beginning of development, find and repair issues promptly, and improve overall software stability.

Each build report can be found under its relevant version heading in this release notes.

Reliability Rating 

1. A = 0 Bugs

2. B = at least 1 Minor Bug

3. C = at least 1 Major Bug

4. D = at least 1 Critical Bug

5. E = at least 1 Blocker Bug

Security Rating

1. A = 0 Vulnerabilities

2. B = at least 1 Minor Vulnerability

3. C = at least 1 Major Vulnerability

4. D = at least 1 Critical Vulnerability

5. E = at least 1 Blocker Vulnerability

Security Review Rating 

The Security Review Rating is a letter grade based on the percentage of Reviewed (Fixed or Safe) Security Hotspots.

1. A = >= 80%

2. B = >= 70% and <80%

3. C = >= 50% and <70%

4. D = >= 30% and <50%

5. E = < 30%

Maintainability Rating 

A=0-0.05, B=0.06-0.1, C=0.11-0.20, D=0.21-0.5, E=0.51-1

The Maintainability Rating scale can be alternatively stated by saying that if the outstanding remediation cost is:

1. <=5% of the time that has already gone into the application, the rating is A

2. Between 6 to 10%, the rating is a B

3. Between 11 to 20%, the rating is a C

4. Between 21 to 50%, the rating is a D

5. Anything over 50% is an E

Build 6.10

This chapter provides an overview of the updates and quality insights included in this release. It covers the fixed issues, improvements, limitations, new features, and known issues, along with a summary of SonarQube’s key parameters to highlight code quality metrics and analysis results.

New Features

There are no new features to highlight in this release.

Improvements

This section lists improvements added to the current release.

1. Updated the REST SDK to use the REST JSON interface. HENGINE-3279

2. Updated HaloENGINE to support Apache Tomcat 10.1.52. HENGINE-3280

Limitations

This section lists the limitations of the current release.

Currently, Wildcard * is only supported when defining categorization rules and custom pre-expressions. HENGINE-1760

Fixed Bugs

This section lists the fixed issues in the current release.

1. Fixed an issue where the parent label was listed separately in the label list on the Action Rule page. HENGINE-3270

2. Restored the getLocalSetMetadata() function required for Teamcenter integration. The function was previously available in the haloengine-proto-rest.jar, but was missing after it was replaced by haloengine-restclient in the recent update. This fix ensures that Teamcenter can fetch values from HaloENGINE during file upload and correctly set the ip_classification attribute. HENGINE-3272

3. Fixed an issue that caused automatic logout in the HaloENGINE portal and logged an exception in the admin log. HENGINE-3282

4. Fixed an issue that prevented file extensions from being deleted in the CAD file types configuration. HENGINE-3283

Known Issues

This section provides a list of the fixed issues in the current release.

1. The file type will be displayed as 'unknown' when an already labeled (MPIP) non-office file is downloaded. HENGINE-1393

2. When downloading an assembly file with many dependent files from the Windchill workspace and selecting the Open in Creo option, the document is downloaded and opened in the Creo application. Still, the temporary files are saved in the HaloENGINE temporary folder. HENGINE-3074

3. Logs will not appear in the HaloENGINE Dashboard if the Scheduler file path is specified. HENGINE-3072

Function as Designed

Beginning with this release, the dashboard displays Total Users, Total Actions, and Total Processed as “0”, and File Types, Regions, and System Name as null or unknown when old monitor logs are used. Only the new PLM monitor logs are supported. HENGINE-3288

Quality Gate Report

Please see the table below for a list of SonarQube's key parameters for this version. Refer to the "Code Quality and Security" section for more information on rating definitions.

Quality Gate report