Released: January 8, 2024
Highlights
Template Based Custom Conditions
Introducing Curation's new capability; creating Curation custom conditions based on JFrog provided templates. Up until this version, Curation offered out-of-the box conditions that are provided as-is by JFrog and allowed detection of security, operation, and legal threats in 3rd party packages.
Now, these new JFrog templates allow you to define the condition's values and thresholds to be used for threat and violation detection. The first template provided in this version is the "Package is vulnerable to CVE {CVE-ID}" template, where you can define a specific CVE-ID which once is detected in a package it will be blocked by Curation.
Support Go Packages in Curation
Now you can configure your Artifactory Go remote repository to be protected by Curation.
When adding an Artifactory Go repository use either https://proxy.golang.org/ or https://gocenter.io/ URLs and configure your Curation settings to add Curation malicious, security, operational or license policies.
Support Mirroring Servers for Maven
Adding Curation to an Artifactory remote repository that is pointing to a Maven Central mirror repository could now also be done if the Artifactory remote repository is using the repository URL: https://repo.maven.apache.org/maven2/.