Released: March 31, 2021
The new features introduced in this release require Artifactory version 7.17.4 and above.
Xray in Projects
CLOUD: Enterprise | Enterprise+ SELF-HOSTED: Enterprise | Enterprise+
Use Xray capabilities in the scope of JFrog Projects. JFrog Projects is a management entity for hosting your resources (repositories, builds, Release Bundles, and Pipelines), and for associating users/groups as members with specific entitlements. Offload and delegate Xray tasks to the different personas in your organization, such as assigning Xray security management capabilities to Project Admins on the scope of their specific projects. For more information, see Projects.
Xray CVSS v3 Scoring Support
Xray now supports CVSS v3 scoring in addition to the CVSS v2 scoring. This will ensure that Xray's scoring of vulnerabilities is up-to-date and provide the latest universally standard severity ratings of vulnerabilities. For more information, see CVSS Scoring in Xray.
Xray Conan and C/C++ Support
Xray can now scan Conan packages deployed to Artifactory. Xray can also scan C/C++ dependencies as part of a build. For more information, see Conan and C/C++ Support in Xray.
Xray UI Changes
The Xray UI in the JFrog Platform has changed to create a better division of Xray tasks reflecting the different tasks by persona. Management and creation of Watches and Policies have been moved to the Administration module, as these are tasks usually performed by the administrators or users with special privileges. The Watch Violations and Reports are in the Application module.
The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.
Fixed an issue whereby, the
Fixed an issue whereby, the Xray Analysis Log contained too many error messages when a very long license string was extracted from a file during reindexing.
Fixed an issue whereby, the Scan Build REST API returned vulnerabilities and failed the build, however, the Xray data tab in the UI showed no violations.
Fixed an issue whereby, in some cases, Xray crashed when the DB sync contained a vulnerability with a large size of information.
Fixed an issue whereby, exporting data in CSV format produced less data than in JSON format.
Fixed an issue whereby, Xray was issuing errors when a user's permission target is empty.