Xray 3.4.0

Xray Release Information
Products
JFrog Xray
ft:sourceType
Paligo

Released: May 17, 2020

Database Sync Known Issue

In all current Xray 3.x versions up to Xray 3.6.2, you might experience the Database sync process getting stuck. To resolve this, it is recommended to abort the process and retry. To learn more, click Synchronize the Database when Working with Xray..Synchronize the Database when Working with Xray

Highlights
Externalization of the PosgreSQL Database

From Xray 3.4, you have more control over your resource allocation and you can direct Xray to use an external PostgreSQL database in use in your organization. Keep in mind that if you direct Xray to use an external database, you have full control over the database, and also full responsibility to maintain and backup the database for Xray's use.

Resolved Issues

  1. Improved performance and time of the initial DB sync with Xray Update Center (XUC).

  2. Fixed an issue whereby, in a number of cases, the Docker pull did not work properly when a Docker remote repository was configured with the Block Download Block Unscanned Artifacts setting.

  3. Fixed an issue whereby, the Impact Analysis process did not work properly due to a stack overflow error.

  4. Fixed an issue whereby, Impact Analysis stopped functioning due to an out of memory issue caused by multiple infected artifacts.

  5. Fixed an issue whereby, Xray stopped functioning when indexing RPM files due to high memory consumption causing an out of memory issue.

  6. Fixed an issue whereby, a connection deadlock occurred when the number of workers was larger than the number of connections.

  7. Fixed an issue whereby, applying a watch for a history scan triggered scans on all watches.

  8. Fixed an issue whereby, under certain rare circumstances, Artifactory would disconnect from Xray during a periodic license check.

  9. Fixed an issue whereby, when exporting data in Xray, the displayed results were inconsistent in the different file formats, JSON, PDF, and CSV where the CVE was not displayed in the PDF and CSV files.

  10. Fixed an issue whereby, after migrating from Xray 2.0 to Xray 3.0, stored messages were not passed correctly during migration, and retrying the messages in Xray 3.0 did not work properly.

  11. Fixed an issue whereby, a component persist did not work due to character limit constraints.

  12. Fixed an issue whereby, an invalid memory address or nil pointer error was issued when indexing GO packages in Xray.

  13. Fixed an issue whereby, the Artifact Summary Rest API returned an issues response for components that did not contain a ComponentID.

  14. Fixed an issue whereby fetching all watches from the database overloaded the database.

  15. Fixed an issue whereby, upon installation, the initial Xray URL was defined incorrectly with /xray path.

  16. Fixed an issue whereby, under certain circumstances, an empty license was added when indexing NuGet packages.

  17. Fixed an issue whereby, a number of Python packages were not indexed properly in Xray.