Xray 3.13.0

Xray Release Information
Products
JFrog Xray
ft:sourceType
Paligo

Released: December 8, 2020

Feature Enhancements
Ignore Rules Enhancements
Time-based Ignore Rule

Time-based ignore rule enables you to set an expiration date for an Ignore Rule in which the violation will be ignored until the Ignore Rule expires. Once that period expires, the Ignore Rule will be deleted automatically, and if the violation occurs again it will not be ignored moving forward. For more information, see Ignore Rules. This feature is also supported through REST API, as described in the IGNORE RULES REST API.Ignore RulesIGNORE RULES

Ignored Violations Stored in the DB

All ignored violations are now stored in the DB which enables you to view all ignored violations on the artifact, build, and Release Bundle level.

UI Enhancements

The UI now provides more information about an ignored violation in the different screens, including in the violations list for an artifact, build, and Release Bundle.

Requires Artifactory 7.12.0 and above

Some of the Ignore Rules enhancements require Artifactory 7.12.0 and above. Artifactory 7.12.0 is not available yet, and will be soon.

Export Components Details API Enhancement

Added the include_ignored_violations parameter to the Export Component Details REST API. This will return the ignore rule ID per matched policy.Export Component Details

Resolved Issues

Note

The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.

JIRA Number

Description

XRAY-5875

Fixed an issue, whereby adding a custom license to packages with empty archive packages was failing.

XRAY-5816

Fixed an issue, whereby when the severity level of a vulnerability was updated, and a violation was created out of it, Xray created a new violation instead of updating the existing one.

XRAY-4575

Fixed an issue, whereby Xray failed to index corrupted tar.gz archive files.

XRAY-4767

Improved performance in many cases where the component graph is required for the process. For example, processing vulnerabilities update from the central database.

XRAY-6705

Improved performance of the license analysis process when, in some cases, a database update is not necessary.

XRAY-6607

Fixed an issue whereby, in some cases, the Xray data tabs are taking a while to load.