Skip to main content



Trusted Advisor Release Notes

Release notes for every release of Trusted Advisor (both SaaS and LifeTime Plugin components)

August 2019 (R1907)


Current Probes Version: R1907

This release was focused mainly on preparing the tool to support a growing number of clients by refactoring the synchronization process but also addressed improvements in patterns and new functionalities.

A new version of the probes was released and it is now possible to download them directly from the application.



Code Analysis Patterns


  • Improved pattern “Foreign Key must have Id Suffix”

    • Correct the false positives raised for the default attributes “CreatedBy” and “UpdatedBy”

  • Improved pattern “Long undocumented flow”

    • When analyzing the code, the comments are not considered anymore to be analyzed 

  • Improved pattern “Large variables in view state”

    • Refined the pattern to only raise a finding if the variable is a record and

      • Has more than 5 fields

      • One of the fields is an object, binary, list or another record 

  • Improved pattern “Large session variables”

    • Refined the pattern to only raise a finding if the variable is a record and

      • Has more than 5 fields

      • One of the fields is an object, binary, list or another record

  • Improved pattern “Monolithic Web UI Module”

    • Changed the thresholds of the pattern to only raise findings if there are >= 30 screens or >= 50 web blocks

  • Support for commented code

    • When analyzing the patterns, all the commented code is ignored not raising any findings.

  • New pattern “Too many legacy code”

    • This pattern looks for actions that have a high number of commented objects


New Features

  • It is now possible to export the list of findings to an Excel file (available only to users with lifetime's admin role)


  • The new version of the probes can now be directly downloaded from the link (available only to users with lifetime's admin role)


  • The layout of the pages used to communicate with the user was improved


  • The icon on the findings to show the path was replaced to be more explicit 


  • Added the possibility of ordering the columns in the “Top Modules” section of the Dashboard


  • Adjusted the comment text box on the Bulk Snooze to allow for more input data


LifeTime Plugin

New Features

  • New filters added to the “Probe Queues” lists (Date Range and Instruction Type)


  • The probes were updated to support a new method of synchronization (twice a day)

  • New image on the probe’s main page

  • When installing the probes only two environments are now available



June 2019 (R1906)

Current Probes Version: R1901

This release was focused on implementing new patterns, improving user experience and some minor bug fixing.


Code Analysis Patterns

  • Improved pattern “Large Images”:

    • The thresholds to be considered are now images bigger than 150KB for Mobile applications and 500KB for Web applications.

    • Added the validation for Mobile Apps that the max resolution for an image must be 1024px.

  • Improved pattern “Large Resources”:

    • The thresholds to be considered are now resources bigger than 150KB for Mobile applications and 500KB for Web applications.

  • New pattern “Foreign Key Must Have Id Suffix”

    • All foreign keys have the attribute name ending with the string "Id" (case insensitive)

  • New pattern “Avoid Long Running Timers”

    • Timers can’t have the timeout value set to more than 30 minutes. 

  • New pattern “Timer must have a prefix”

    • All Timer actions should have the prefix “Timer_”. 


  • UX improvement on the filter’s boxes where some names appeared cut on the list.

  • Corrected the pagination behavior on the list of findings when snoozing a finding on a page with only one item.

  • UX improvement on the login page on low-resolution screens to prevent the overlapping of text on the bottom area

  • Fixed the problem with the percentage bar in the Performance tab not reflecting the values shown in the categories above (Client, Network and Server).

May 2019 (R1905)

Current Probes Version: R1901

This release was focused on stabilizing the tool and correcting bugs.


Code Analysis Patterns

  • Improved pattern “End User module providing services”:

    • With the new capabilities of P11, the screen destinations are now weak references and so no finding is raised for installation in version 11.

  • Corrected the behavior of the pattern “Inadequate data preparation”

    • When the first logic of preparation is a “for each”, a false positive was being raised


  • Fixed a problem with the search icon on the modules filter being cut when the module’s name was too lengthy.

  • In the Dashboard tab when the user selects the option "All" in the filter of findings the label now changes to "Findings".

  • Resolved the problem of a redirection error the first time a user was logging in to Trusted Advisor.

  • Updated Trusted Advisor login to support the new version of SSO mechanism.

April 2019 (R1904)

This release was focused on improving patterns, enhance performance and enable a more easy and efficient way of using filters.


Code Analysis Patterns

  • Improved pattern “Monolithic Web UI Module”:
    • All elements are now considered instead of considering only the public elements.
  • Implemented a new pattern “Large Resource”:
    • This pattern will raise a finding for any resource that has a large size, the size considered is different for web or mobile applications.
  • Changed the pattern “Avoid Large Images”:

    • Now only images are considered, all other types of resources are analyzed in the pattern “Large Resources”, the max size has different values for web and mobile.
  • Improved pattern “Public entities not read only”:
    • The static entities are now ignored since they don’t have the read-only attribute.

  • The “Impact” and “How to Fix” texts on the below patterns were improved and clarified in order to be more helpful for the user:

    • Lack of module classification

    • CSS in the screens style sheet

    • Core module providing services to sublayers

    • Disabled button

New Features

  • Added the possibility of filtering the Applications by selecting multiple values on the filter’s list.

  • The filter for “Modules” has now the possibility of selecting multiple values to filter.

  • Whenever there’s a newer version of the probes to be installed, an alert will be shown to the user (only visible for LifeTime admin users).


  • Improvements on the SSO login mechanism for internal users.

  • Fixed a problem that was showing repeated modules in the “Modules” filter.

  • Removed the pagination symbols when there is only one page available.

March 2019 (R1903)

This release was focused on integrating Trusted Advisor login with the new OutSystems SSO mechanism, improving performance, making the tool more stable and robust and addressing user’s feedback.


Code Analysis Patterns

  • Improved pattern “Monolithic web UI”:

    • Analyze only UI screens instead of all public elements.

New Features

  • Integrated Trusted Advisor login with the new OutSystems SSO mechanism.
    This means that OutSystems employees should start using their corporate credentials (email) to log in instead of the "3 letters" login.

  • On the graph below the number of findings in any given section will be redrawn when any filter is applied.

C:\Users\User01\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Picture 1.png

  • Added support for Version 11 to open the findings in Service Studio.

  • Insights integration to collect Customer Satisfaction (CSAT) .


  • Fixed an issue that was preventing analyzing mobile modules on OutSystems 11.

  • Fixed an issue that affected customers with big installations preventing the correct synchronization of the applications.

  • Corrected the layout of the “Findings” and “Teams” filters to not break into two lines when there’s a synchronization happening.

February 2019 (R1902)

This release was focused on improving patterns and upgrading the report's experience and functionalities.


Code Analysis Patterns

  • Improved pattern “Unlimited Records in SQL query”:

    • Don't report findings for the statement  “FETCH FIRST ROW ONLY”.

  • Improved pattern “Client and Server side entities not isolated”

    • Changed the pattern to ignore static entities as long as they only have one attribute in the table.

  • Improved patterns “Unlimited records in SQL query” and “Unlimited records in aggregate”

    • These patterns were changed to not consider the cases where the list returned by the advanced query/aggregate is used as an input in a "Record List to Excel".

  • Improved pattern “Avoid Anonymous and/or Registered Access Screens”

    • The pattern is now ignoring a predefined exclusion list of common screens created by the platform (Login, InvalidPermissions, internal error).

  • Improved pattern “Missing description on public element”

    • The text explanation on the sections “Impact” an “How to Fix” was updated to be more clear to the user what the pattern is testing and how to fix the problem.

  • Improved pattern “Not Secure WebServices Pattern”

    • The hide documentation validation was excluded from the pattern and the text explanation on the sections “Impact” an “How to Fix” was updated to be more clear to the user.


  • The grades’ ranges and colors of the facts in the “Performance” tab were updated to conform to the APDEX (Application Performance Index) metric, used by OutSystems.


January 2019 (R1901)

This release was focused on supporting a new Code Analysis service for both OutSystems versions 10 and 11, making the tool more stable and robust and addressing user’s feedback, fixing detected issues.


Code Analysis Patterns

  • Improved pattern “Code Tampering”: 
    • Don't report a finding in this pattern if the result from calling “CheckSecureDevicePlugin” action is not being used.
  • Improved pattern “Timeout in Server Calls”:
    • Changed the pattern to not report a finding if the timeout is using the default value.
  • Improved pattern “Large variable in view state”:
    • Performance improvements when analyzing the pattern for big OMLs

New Features

  • Added a pre-defined list of time periods to filter the findings.


  • On the graph below the number of findings in any given section will be redrawn when any filter is applied.



  • Fixed an issue that prevented an application from appearing in the filters if it had a module that was moved from another application.

  • On “Maintenance” tab fixed a problem with the refreshing of the drop-down list “All Ignored Modules” when a module was added or deleted from the list.

  • On “Dashboard” tab in the “Findings Per Category” chart, the problem showing the Performance category label even when there were no findings was fixed.

  • Fixed the problem of deleted applications being shown on “Code Analysis”.

  • Modules without names won’t be analyzed.

LifeTime Plugin

New Features

  • Version number was added to the Probes and this information was included on the data being sent to the SaaS, within the infrastructure information.

November 2018 (R1804)

This release focused on supporting OutSystems version 11, adding new patterns and reviewing and improving existing patterns.


Code Analysis Patterns

  • Improved pattern “Avoid hard-coded literals”:

    • Subtracting two variables was excluded from the findings

  • Improved pattern “Monolithic mobile UI module”

    • Added an exception for the application common flows

  • Improved pattern “Unlimited records in SQL query”:

    • Added to the exclusion list SQL statements using the aggregate functions (SUM, AVG, MAX, MIN, COUNT)

  • Improved pattern “Dynamic inline parameter”:

    • Added an exception for the List_SortColumn_GetOrderBy function

  • Improved pattern “Large variable in ViewState”:

    • Added verification for web block widget input parameters

  • Improved pattern “Avoid Anonymous and/or Registered Access Screens”:

    • Changed the pattern to also search for usages of the “Registered” system role, when the application already has its own business roles

  • 3 new performance patterns for Mobile applications:

    • “Keep the Splash Screen Simple and Fast”- Complex Splash screen

    • “Set the Width of Image Widgets”- Images without width defined

    • “CSS in the screen's stylesheet” - Creating some “flickerings” when changing the page after it is rendered
  • 2 new architecture patterns  (only for Discovery versions higher than 4.0):

    • “Core module providing services to sublayers”- Core module in a higher sublayer providing services to core modules in lower sublayers

    • “Foundation module providing services to sublayers”- Foundation module in a higher sublayer providing services to foundation modules in lower sublayers

New Features

  • New service and compatibility changes to support code analysis for OutSystems version 11 (currently in BETA phase; the final version is planned for December 2018).

  • Added option to unsnooze or change the reason in code Analysis screen, for the user who has snoozed the fact (a bell icon appears, allowing to change the reason or unsnooze it).



  • Fixed issue that was preventing users with 20 chars passwords to login in Trusted Advisor.

  • On “Code Analysis Screen” added a fix to show the applications facts when the user selects a team in the filter.

  • On “Code Analysis Screen” added a fix to update the pattern counter when the user snoozes an application fact.

  • Fixed the issue that wasn’t updating the applications/users in the team's filter, when a user/application was removed from a team in LifeTime.

  • UI improvement on “Code Analysis Screen”: Categories without findings aren’t clickable anymore.


The Architecture category without findings is disabled


  • Improved the analysis of OML analysis with special characters (e.g. Japanese).

  • Changes and improvements to support new discovery version 4.0 or later.

  • Security improvements when deactivating an Installation, preventing the users to login on the inactive infrastructure in TrAd.

  • Improved the User Filter in “Code Analysis Screen”: When a team is selected, the user filter appears now divided by the Team Users (the active ones) and the Former Team Users (users that don’t belong to the team anymore).


  • Improved the facts list in “Code Analysis” when a team is selected: if the user is a former team user, a different user icon is shown instead.


  • Added an icon to show the snoozed comment (mouse hover) in the Bulk Snooze feature on “Maintenance Screen” and in the facts list on “Code Analysis Screen”.


Icon in bulk snooze feature to show the snoozed comment (mouse hover)


Icon in facts list to show the snoozed comment (mouse hover)

LifeTime Plugin

New Features

  • Platform version 11 probes.


  • Added the access to dashboard and maintenance menu to the factory admins.

  • Version 9 was discontinued.

  • Fixed an issue that was generating a broken reference with the TimeZone component upon the probes installation in a new infrastructure. To solve this issue, the TimeZone component must be updated to the latest version on both DEV and LifeTime environment).

September 2018 (R1803)

This release focused on adding new Patterns, fixes and performance improvements in Trusted Advisor.


Code Analysis Patterns

  • 1 new security pattern for Web applications:

    • “Injection” - Unescaped/unencoded user inputs or screen variables

  • 1 new security pattern for Mobile applications:

    • “Code tampering” - Device is compromised, meaning its rooted (Android) or jailbroken (iOS)

  • 2 new performance patterns for Mobile applications:

    • “No Offline sync method” - Offline Sync framework not used correctly    

    • “No asynchronous offline sync” - Server data is not being stored in the local database asynchronously


  • Added a new tab “Maintenance” with the Last Snoozed Findings and Ignored Modules.

  • “Change Reason” option was added to the bulk snooze feature, allowing the Team Admins to select facts that were already snoozed and change their reason (e.g. change all facts with already solved to dismiss).
  • Added the option to filter by category in the “Dashboard”.
  • Added a pie chart in the “Dashboard” that shows either the number of findings per category or the number of findings per pattern, depending on the filters selection.

  • Solved the category icons that were disappearing in code analysis when clicking the snooze bell.
  • Added the team filter to “Performance” screen.

  • On “Performance Screen”, added a fix to show the applications facts when the user selects an application in the filter.

  • The team filter is now sorted by team name.

  • The modules filter was adjusted to show the entire module name.

  • Improved the error retrieved when the user was trying to access Trusted via LifeTime, instead of giving a general error now it’s showing some more details on the issue.

  • Fixed the issue that was allowing to show findings from deleted applications.

  • Improved performance on Code Analysis screen.

  • Added scroll bars in code analysis to improve the navigation along the patterns and findings.

LifeTime Plugin


  • N/A

August 2018 (R1802)

This release focused on adding new Patterns, fixes and improvements and new Probes to support the breaking changes on the newest platform versions.


Code Analysis Patterns

  • 3 new Performance patterns for Mobile applications:

    • “Non Optimized Local storage” - Local storage is a copy of server entities or using a complex model.

    • “Not taking advantage of Local Storage”- Too many server calls (screen data action) instead of using local storage.

    • “Multiple server Calls inside Client Actions”- Multiple Server Aggregates or Server actions calls inside Client Actions.

  • 2 new Architecture patterns:

    • “Monolithic Service Module”- Module providing services with too many public elements

    • “Library or Core module with screens”- Misplaced end user screens

  • 1 new Maintainability pattern:

    • “Long undocumented flow”- Action with a long and undocumented flow

  • 3 new Security patterns:

    • “SQL Injection”- User inputs used in expanded inline parameters of a query

    • “Avoid Anonymous Access Screens”- Screens should have specific roles set instead of Anonymous and/or Registered

    • “Not Secure Web Services”- Exposed REST services should enforce SSL/TLS, authentication and hide documentation

  • Improved pattern “Unlimited records in SQL query”, excluding the truncate table statement


  • Improved the object path when the object name appears with newline characters, replacing the new lines with spaces.

  • Fixed synchronization issue in non UTC installations, where some modules weren’t being analyzed.

  • Fixed name of preparation objects that in some cases were being shown with the fact name.

  • Fixed deleted Modules and facts being shown in Code Analysis.

  • Fixed the issue related with applications of a team not appearing in Code Analysis.

  • Fixed link from Runtime performance screen to Code analysis that was not working for Query objects.

  • Fixed Code analysis filters issue that stopped working when a synchronization was running.

  • Improved snoozed findings view in Dashboard to be filtered by team.

  • In Dashboard (Team Leader View) the order on the Top Modules list was changed to use the new prioritization mechanism.

  • Improved bulk snooze view on Dashboard: showing the number of snoozed findings per pattern with an option to see more details.


  • Improved Charts in Dashboard (Team Leader view).


LifeTime Plugin


  • Changed the Probe type names to be self-explanatory:

    • DEV= Code Analysis

    • QA= Runtime Performance

    • PRD= Runtime Performance

  • Changed performance engine to support data model changes from LifeTime (version 10.0.804.0 onwards).

  • Changed API calls to support breaking changes made on the authentication mechanism used for communication between OutSystems Platform components due to a  security issue (10.0.816.0 onwards).

May 2018 (R1801)

Release date: 2018/05/25

This release focused on adding GDPR Compliance rules and regulations.


Code Analysis Patterns

  • Improved pattern "Avoid Hardcoded Literals" :

    • Exclude ".ValidationMessage" assigns and “Ids” being included in SQLs queries

  • Improved pattern “Inline CSS Style”, making sure that only extended properties with tag “Style” are detected, fixing a previously identified bug.

  • Improved “Query data in ViewState” pattern, excluding queries not used in screen actions but bounded to tables or list records with an ajax refresh

  • Improved the pattern "AvoidServerCalls" :

    • Added local variables to be checked

  • Improved the pattern "SitePropertyUpdate", excluding site properties being bootstrapped in timers

  • Improved "Disabled buttons pattern":

    • Added verification for Links

    • Check the extended property style "display:none"


  • Implemented a new Registration Screen with GDPR mandatory consent to continue use of Trusted Advisor.

  • Fixed login not being remembered as expected when the user selects “Remember me” option in the login screen.

  • Changed application filter to order the list alphabetically.

  • Added new icon to highlight the patterns runtime performance evidence and snooze findings.


  • Added Code Analysis team filters (teams are defined in LifeTime).


  • Improved Presentation of Findings in a new Structure Tree.


  • Last analysis info changed to be presented in the customer timezone.

  • Added info icon with synchronization details (Last Analysis, Number of Espaces processed and Next Run).


  • Added First and Last Button to Navigation Lists.


  • When a new customer is registered, it shows a welcome message until the 1st sync runs.

New Features

  • Team Leader View on Dashboard to Team Admin User Role (Team User Role defined in LifeTime).


  • Project Evolution Chart in Team Leader View with “Open vs Closed” findings.


  • Top Modules with findings.


  • Last Snoozed Findings with Bulk Snooze feature.


  • Added a new Snooze Reason, named “Dismissed” (only available for Team Admin User Role, defined in LifeTime).


  • Ignored Modules list with the possibility to define your list of modules to be ignored (while ignored all facts contained in modules selected are marked as solved in next sync onward).



Add New Modules to ignore

LifeTime Plugin


  • Added support for Oracle.

  • Changed Probes Architecture to be GDPR complaint.

  • Added the option to download the Performance JSON.


December 2017 (R1712)

Release date: 2018/01/10

This release focused on the new recommendation prioritization algorithm, which was designed to help developers be more impactful by solving higher priority findings first, and in improvements to the findings correlation features.

Happy New Year!


Code Analysis Patterns

  • No changes were made to code analysis patterns in this release.


  • New recommendation prioritization algorithm in Code Analysis
    • [Update 2018/01/19] The new algorithm and screen has been enabled for all installations!
    • [Update 2018/01/11] This new algorithm is being enabled for each customer installation, in a phased approach, to allow us to closely monitor it in each installation. You should see it enabled in your installation in a day or two. You can confirm you're seeing the new algorithm results by checking that the Code Analysis screen URL ends in "Rebuild_CodeAnalysisScreen.aspx"
    • Previously the algorithm that prioritized recommendations in Code Analysis view was only based on a fixed severity value associated with each pattern and the total number of recommendations of each pattern. This was a simplistic approach to prioritization that resulted in cases where more severe findings related with e.g. Architecture or Performance were shown below findings related with Maintainability (which are typically less severe). It also didn't account for the potential runtime performance impact that a finding may have (even though it bubbled up findings with performance impact to the top of the list).
    • The new prioritization algorithm takes into account several dimensions to most accurately determine the priority of a pattern and of the findings inside a pattern:
      • Severity values are now assigned at different levels like the pattern category, the pattern and may also have different values even per finding inside a pattern depending on the analysis rules
      • Runtime performance impact of findings is now one of the top values contributing to the prioritization allowing for easier troubleshooting of performance issues
      • Total number of findings of each pattern still counts towards the priority of the pattern (even though not as important as before)
      • Findings with runtime performance impact not only bubble up in the findings list inside a pattern (as before) but will now be ordered by descending average duration of their related performance findings
    • The ultimate goal of this new prioritization algorithm is that, just by going in a top-down approach of fixing the findings as shown in Code Analysis view, should help teams focus on the issues that may have a bigger overall impact in their solutions

TrAd-R1712-New Prioritization Algorithm-20180109.png

  • Improved correlation of recommendations between Code Analysis and Performance Analysis
    • The correlation message displayed under a finding in Code Analysis, when it is related with a performance finding, now includes more information like the number of performance findings related and the average duration of those events
    • This same message also now links to the Performance Analysis view and highlights the related performance findings (which may be more than one)

TrAd-R1712-Finding correlation link and highlight-20180109.png

  • Added Application filter in the Performance Analysis view
    • Also added the detail of the Application to which the screen's module belongs (when not filtering by a specific application)

TrAd-R1712-Application filter on Performance-20180109.png

  • Added links to the Code Patterns list and release notes in Knowledge Base to the user menu
    • Also added the release number to the user menu for easy reference
    • Removed duplicated information on last analysis timestamp and release number from screens

TrAd-R1712-KB links in user menu-20180109.png

  • Improved ability to identify screen or action widgets in the code finding widget path
    • Some widgets were not easily identifiable due to not having the Name property set in the module and were being shown only as "If" or "Button" for instance
      • Unnamed Web Block usages inside web screens now display the name of the Web Block itself
      • Unnamed Button widgets inside web screens/blocks now display their label
      • Unlabeled If widgets inside web screens/blocks or actions now display their condition

TrAd-R1712-Widget names in path-20180110.png

  • Fixed pagination of code findings being reset after snoozing a finding
  • Fixed average duration of performance events in Performance view being displayed as "0 ms" instead of the real decimal value (e.g. 0.5)
  • Fixed a situation on Discovery snapshot analysis that could result in modules not classified in Discovery to generate a finding in one of architecture layer violations patterns, when they should be considered only in the "Lack of module classification" pattern
  • Fixed some cases on module collection mechanism where some module versions may have not been collected, due to small time differences between SaaS and customer installation or errors in the previous synchronization
  • Minor performance improvements and cleanups (e.g. removed a few session variables and OnSessionStart logic)

LifeTime Plugin


  • Improved collection of deleted modules and inactive users
    • Prior to this release of the plugin, all deleted modules and all inactive users were being collected and sent to the SaaS on every synchronization
    • This data is now cached on the plugin side and is only sent to SaaS once per day or when a module is deleted or a user is inactivated, in which case only that specific module or user is sent (which are relatively infrequent changes)
    • This reduces the size of the data collected and processed on each synchronization
  • Added timestamp of when modules are collected on plugin side to the data sent to SaaS

November 2017 (R1711)

Release date: 2017/12/15

Internal release containing only changes in back office and internal modules for improved configuration, scalability, monitoring and troubleshooting operations.

No changes were made to SaaS or Plugin.

October 2017 (R1710)

Release date: 2017/11/15

Update 2017/11/25: Added the top 50 components from OutSystems Forge to the modules ignored in code analysis. Any facts uncovered from analyzing these components will no longer be visible or accounted for.

This release focused on improving code analysis patterns and synchronization mechanisms, namely automatic adjustment of SaaS to an installation's time zone.

Thank you very much for all your feedback that allows us to keep improving!

P.S. Stay tuned for more news on the snooze feature!


Code Analysis Patterns

  • New "Avoid hard-coded literals" Maintainability pattern
    • This one replaces the "Avoid hard-coded identifiers" pattern previously released, which was more limited and had many issues with false positives
    • All findings of the previous pattern were considered solved
  • Improved Performance patterns "Unlimited records in aggregate" and "Unlimited records in SQL query"
    • Eliminated false positives when aggregate/SQL is bound to ForEach, TableRecords, ListRecords or ComboBox widgets
    • Eliminated false positives when SQL query is being limited by using LIMIT (MySQL specific)
    • This is expected to substantially reduce the number of findings - current findings will be automatically dismissed the next time each eSpace changes and is analyzed by Trusted Advisor


  • Increased time of snooze options
    • "False positive" is now 3 months - to be used when you think a specific finding was wrongly created by Trusted Advisor
    • "Discontinued" is now 6 months - to be used for findings of elements that are no longer in use - expectation is that they are cleaned during this period
    • "Other" is now 1 month - to be used when you want to snooze the finding for any other reason - e.g. it is a justifiable implementation but will be improved in the near future


  • Added snooze reason and comment (in tooltip) in details of snoozed code findings


  • Fixed "Discontinued" snooze reason not requiring a comment to be added
  • Fixed some cases where a code finding would not being shown in Code Analysis view, when opened from a related runtime finding in Performance view (e.g. code finding was snoozed or was not recent)
  • Several minor fixes and improvements to UI, filters and tooltips in Code Analysis view
  • Reduced number of instructions sent to plugin when a previous synchronization didn't finish successfully
    • There were specific situations where the plugin could repeatedly received the same instructions whenever a synchronization was not successful in SaaS side

LifeTime Plugin


  • Added time zone information to the data collected in LifeTime Plugin
    • This information is then used in SaaS to automatically adjust the generation of instructions for the installation's time zone

September 2017 (R1709)

Release date: 2017/10/17

This release focused on adding new Mobile patterns and improving developer experience and scalability. There were also many additions/changes to the internal GAP reports and back office (not described here).


Code Analysis Patterns

  • 2 new Performance patterns for Mobile applications:
    • "Avoid server calls" - Server actions being called in client events
    • "Non-optimized local data fetch" - Local data fetch performed in client events
  • 1 new Maintainability pattern:
    • "Avoid hard-coded identifiers"
  • Improved Maintainability pattern "Missing description on public element"
    • Added "is_active" (and similar) to exclusion list of attribute/parameter names not requiring description
    • Added to exclusion list cases of attributes/parameters that have an Id suffix and an identifier type
  • Fixed Architecture patterns to not include findings related to System applications (e.g. "Cyclic Reference between applications")

New Features

  • Unified login mechanism using an OutSystems account
    • From this release on, login must be done through an OutSystems (OS) account (and not a platform installation user, as it was until now)
    • Whenever the email of the logged in OS account is the same as the email of a user of a platform installation registered in Trusted Advisor, the users will be associated, effectively allowing that OS account to access that installation in Trusted Advisor
    • When a user opens Trusted Advisor via the plugin home screen, a token is sent to allow for association between the platform installation user logged into LifeTime and the OS account that will login to Trusted Advisor (if not already logged in)
    • For current Trusted Advisor users, follow these steps to keep access to your installations in Trusted Advisor:
      • Log in to Trusted Advisor with your OutSystems account (the one you use to log in to Community)
      • On first login, Trusted Advisor will try to automatically associate the OS account with your installation user(s) via email
      • If after this first login, there are any installations missing in your user menu, go to the Trusted Advisor plugin home screen, on each missing installation's LifeTime and click "Go To Trusted Advisor". Both logged in users will be automatically associated.

TrAd OutSystems Account Login


  • UI changes to user menu when user has access to more than one platform installation and included link on how to add a platform installation to a user.


  • Fixed issue with last synchronization timestamp which could lead to getting only part of the module changes since the previous synchronization (when previous synchronization had errors or took too long).

  • Fixed issue with count of modules to be received from probe on each synchronization, which could lead to synchronization seemingly taking too long and timing out, even though it had finished successfully much earlier.

LifeTime Plugin


  • Changed "Go to Trusted Advisor" link in plugin home screen to open Trusted Advisor SaaS in a way that allows it to:
    • Associate the logged in user in LifeTime with the logged in user in Trusted Advisor SaaS (when not done already). This is necessary for the new SaaS unified login mechanism to work properly.
    • Redirect a user (after logged in in SaaS) directly to the findings of that specific installation
  • Added licensing information (customer name, current application object count and limit) to the data collected for each installation
  • Increased to 10 minutes the time that the probe will wait to get more instructions from SaaS when asked to. This will reduce the possibility in very large factories that SaaS hasn't generated further instructions when probe asks for them.


August 2017 (R1708)

Release date: 2017/09/04

This release was mostly focused on preparing Trusted Advisor to be used for creating reports for GAP (in an internal module). There were still a few improvements and optimizations, like the most requested feature: "application filter".


Code Analysis Patterns

  • New Maintainability pattern: "Unidentified public action managing transaction"
    • Public actions that manage the database transaction (commit or abort) should have a description stating it to clearly identify them in consumers

New Features

  • Added ability to filter by Application in Code Analysis view
    • Filter icon will now also serve as "Clear filters" action and "Show or hide snoozed" filter was simplified to a button


  • Changes to Code Analysis view
    • When applied filters yield no results, filters section is no longer hidden, so user can easily "clear filters"
    • Performance and CSS optimizations to Code Analysis view
    • Fixed Preparation element name not being shown in paths
  • Fixed a situation where some findings were being assigned to an extension module instead of an eSpace module - they would still appear in Code Analysis but would be difficult to filter
  • Fixed a situation where modules changed would not be correctly detected for a period of time (up to 3 hours) because the previous analysis process took too long or had errors

LifeTime Plugin

There were no changes to the LifeTime Plugin in this release.

July 2017 (R1707)

Release date: 2017/08/10

This release was mostly focused in improving scalability and reliability of the analysis engines. It also included many back office improvements to ease operations of Trusted Advisor.


Code Analysis Patterns

  • New Architecture pattern: "Public entities should be exposed as read only"
  • Improved pattern "Missing description on public element"
    • Included check for missing descriptions on public Structure attributes
    • Added more cases to exclusion list of attribute/parameter names not requiring description
  • Added check for large resources in module to pattern "Large images" and renamed it to "Large image or resource"
  • Reviewed "Impact" and "How to Fix" content of several patterns

New Features

  • New "Already fixed" snooze reason
    • Use this snooze reason for cases where you've already applied Trusted Advisor's recommendation in your code and you want the recommendation to be removed from the list. The recommendation will be snoozed until the next analysis runs, at which time, if it was actually fixed, it will be considered solved and no longer appear in the list.
    • This reason replaced the "Reminder me tomorrow" reason


  • Several performance and scalability improvements to Code and Architecture analysis engines
    • There were a few cases of Discovery and module analysis timeouts in SaaS, which prevented in these cases recommendations to be generated and shown to the user - these should no longer occur
  • Improved performance of element path widget (shown for each finding)
  • Some findings were incorrectly being shown as belonging to an Extension module, when they belonged to an eSpace module which internally had the same identifier
  • Renamed "Not working on it now" snooze reason to "Remind me later" (same snooze period)

LifeTime Plugin

There were no changes to the LifeTime Plugin in this release.


June 2017 (R1706)

Release date: 2017/07/19

This release was mostly focused on improving solution stability and probes installation and configuration experience. Included some quick-wins to improve analysis and address feedback received from early adopters and many back office changes.


Code Analysis Patterns

  • Improved analysis on "Required description on public elements" pattern
    • Included checks for description in application, module, processes, timers, themes, site properties and session variables
    • Only the first occurrence of lack of description is reported if the element contains more than one
      • e.g. a public action with description set and with multiple input parameters without description set will result in only 1 occurrence of the pattern

New Features

  • Modules belonging to Trusted Advisor Probes (which are also published in customer installations) are now being ignored in analysis and won't be displayed or accounted for in pattern occurrences, which will lead to a reduction in total occurrences.


  • Mobile client entities and actions were not being properly displayed in pattern occurrences.

  • Fixed missing "Learn More" content links in most patterns.

  • Last analysis time is now displayed in the user's time zone.

  • Streamlined UI for installation switcher and log out in user menu.

  • Renamed menu options to "Code Analysis" and "Performance" (before they were "Development" and "Runtime").

  • Streamlined text and UI in the title section.

  • Added "beta" tag to the header.

LifeTime Plugin

New Features

  • New plugin home screen with a direct link to Trusted Advisor SaaS.

  • Plugin is now time zone aware
    • Allows SaaS to properly communicate with probes with any time zone difference
    • All times displayed in Monitor screen are now in UTC time zone
    • For this reason, there is a new dependency on Time Zone component, that must be installed in Development and LifeTime environments
  • Improved configuration experience
    • SaaS API URL configured by default is now correct, avoiding the need to change URL when installing the plugin for the first time
    • Any further changes to SaaS API URL are now being validated by invoking the URL before making the change permanent
  • Reduced Application Object consumption of probes


  • Removed unneeded validation of probe installation in environment, when activating probe in environments other than Development
    • Validation was intended to prevent activation of environments without Environment Probe installed, but for non-Development environments all data is collected from LifeTime, so no need for Environment Probe to be installed
  • Fixed encoding used in messages exchanged between SaaS and Probes to always be the same and not system dependent


May 2017 (R1705)

Release date: 2017/06/09

First release meant to be used internally by Services project teams. Focused in adding Architecture patterns, making improvements to the experience and reducing false positives following feedback received from early adopters.


New Features

  • 9 first Architecture patterns implemented in code analysis
    • Orchestration module providing services
    • End user module providing services
    • Core Module consumed by libraries
    • Cyclic references between modules
    • Orchestration application providing services
    • End User application providing services
    • Core application consumed by Libraries
    • Cyclic references between applications
    • Lack of module classification
      • For Architecture analysis to be executed, Discovery version 2.0.9 (for P9.1) / 3.0.9 (for OS 10) or higher must be installed in Development environment 
  • New Maintainability category with first pattern implemented in code analysis
    • Required description on public elements
  • New "Analysis in progress" message is displayed at the top of the screen while an analysis is running

  • Last analysis execution time is now displayed at the top of the screen to make it easier to check if recommendations being shown are fresh
  • Announcement of a new release is shown the first time user logs in after a release containing a link to the release notes (link also at the bottom of the screen)


  • Reduced false positive findings in "Unlimited records in SQL query" by no longer considering INSERT, UPDATE, DELETE or SELECT TOP/ROWNUM queries
    • Existing findings for queries with these patterns will be removed the next time the module is changed and analyzed
  • Fixed trend graphs shown per category in Code Findings screen displaying multiple lines when changing categories

LifeTime Plugin

New Features

  • Improved initial configuration and synchronization experience
    • In environment configuration, saving and activating probe are now 2 separate actions
    • Connection from LifeTime to environment probe is being tested before activating environment probe
    • First synchronization with SaaS after probe activation will happen automatically to register installation in SaaS



April 2017 (R1704)

Release date: 2017/05/04

This is a private early adopters release which marks the first release in the new monthly release scheme we've adopted for 2017. It has been mainly focused on incorporating feedback from early adopters and preparing TrAd for a public release planned for later in the year.


New Features

  • Implemented 3 new Mobile exclusive patterns in code analysis:
    • Monolithic mobile UI
    • Server and client entities not isolated
    • Server calls without timeout
  • Expanded analysis scope to include server and client user actions for the following patterns (previously only done in Web Screen actions - this is expected to cause an overall increase in number of findings):
    • Inefficient empty list test
    • Inefficient query count
    • Dynamic inline parameter in SQL
    • Unlimited rows in Aggregate/SQL
    • Site property update
  • Added snooze finding feature to allow developers to snooze individual code findings for a specific amount of time depending on the reason selected. While snoozed, findings will not appear in code findings view unless the "Snoozed" filter checkbox is marked.
    • When snoozing a finding, a comment field is made available for the developer to further detail why it is is being snoozed
    • We encourage you to be particularly detailed when using "False Positive" or "Other" reasons since we'll be looking at those particularly to seek possible improvements

Trusted Advisor Snooze Finding

  • Added installation switcher feature available in header user menu to developers that have the same username and email in multiple installations. This removes the need to create a separate account in LifeTime for such developers to be able to use TrAd.

Trusted Advisor Installation Switcher


  • Fixed typo in title of "Large variable in ViewState" pattern

  • Fixed snapshot creation and closing time not using UTC times which led to no code changes being detected when communicating with plugins using a different timezone than the TrAd server.

  • Fixed favicon not displayed.

Known Issues

  • Trend graphs shown per category in Code Findings screen are not properly displayed when changing categories.

LifeTime Plugin

New Features

  • Added option to include or exclude system modules in OML sync.
  • Was this article helpful?