Released: February 4, 2021
REST API Open Metrics
Added metrics related to Xray DB sync time, and the total number of scanned artifacts and components. For more information, see Open Metrics.
Go Version Upgrade
Upgraded Go version to 1.15.7 to fix security vulnerabilities.
Impact Path Data in Reports
Scan Build REST API Permissions
The Scan Build REST API no longer requires Admin permissions, only Manage Xray Metadata permissions.
The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.
Fixed an issue whereby, in the Builds UI page, when a build number contained characters in the Build Name, the build status did not show as scanned when the build was scanned.
Fixed an issue whereby, in some cases, the DB initial sync would unexpectedly pause.
Fixed an issue whereby, Violations were not created when the database server was down or in case of some failures occurring with the database.
Reduced the risk of getting affected by CVE-2020-29652.
Reduced the risk of getting affected by CVE-2020-26160.
Fixed an issue whereby, a security issue when indexing an artifact may cause DOS or override an OS file.
Fixed an issue whereby, a violation with multiple sources could not be ignored by an Ignore Rule with a specific component or a version of the component.
Requires Artifactory version 7.15.0 and above.
Fixed an issue whereby, ignoring a violation by using the artifact filter in the artifacts/watches screen, and the artifact existed in multiple repositories/paths and contains violations, the violation was not ignored.