JFrog Curation 3.87.5

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

Released: January 8, 2024

Highlights

Template Based Custom Conditions

Introducing Curation's new capability; creating Curation custom conditions based on JFrog provided templates. Up until this version, Curation offered out-of-the box conditions that are provided as-is by JFrog and allowed detection of security, operation, and legal threats in 3rd party packages.

Now, these new JFrog templates allow you to define the condition's values and thresholds to be used for threat and violation detection. The first template provided in this version is the "Package is vulnerable to CVE {CVE-ID}" template, where you can define a specific CVE-ID which once is detected in a package it will be blocked by Curation.

Support Go Packages in Curation

Now you can configure your Artifactory Go remote repository to be protected by Curation.

When adding an Artifactory Go repository use either https://proxy.golang.org/ or https://gocenter.io/ URLs and configure your Curation settings to add Curation malicious, security, operational or license policies.

Support Mirroring Servers for Maven

Adding Curation to an Artifactory remote repository that is pointing to a Maven Central mirror repository could now also be done if the Artifactory remote repository is using the repository URL: https://repo.maven.apache.org/maven2/.