IDE Integration

The cost of remediating an issue or vulnerability is akin to the cost of fixing a bug. The later it is discovered, the more expensive it is. Xray intervenes at every stage of your artifacts’ lifecycle to make sure you are fully protected at all times.

Through continuous analysis, Xray protects your production systems, scanning your production artifacts in case new issues or vulnerabilities are found after the artifacts are deployed.

Using dedicated plugins, Xray integrates with your CI/CD server to identify issues and vulnerabilities at build time so you can avoid having infected artifacts from ever entering your production systems in the first place.

Xray’s IDE Integration takes issue and vulnerability detection to the earliest possible stages of the artifact lifecycle.

Using dedicated plugins, Xray integrates with your IDE* providing detailed issue and vulnerability information on dependencies** used in your project as you work on development.

JFrog Xray 1.8: Content Driven Component Analysis

By surfacing issue and vulnerability information this early in the artifact lifecycle, developers can make informed decisions on whether a dependency should be included in a project or not, and if necessary, find an alternative artifact at a minimal cost.

Currently IDE integration is support for IntelliJ IDEA and Maven artifacts, however, this will be extended to additional industry standard IDEs and additional package types.