Xray 3.46.0

Xray Release Information
Products
JFrog Xray
ft:sourceType
Paligo

Released: April 7, 2022

Highlights
Operational Risk

Xray can now provide information about the operational risk of using open source software components. These include the risk of using outdated versions or inactive open source software components in your projects. In the current version of this release, we will provide operational risk information for Maven and npm packages. More package types will be added in future releases. For more information, see Components Operational Risk .Components Operational Risk

Note

This feature is available with Artifactory version 7.37.x and above.

Resolved Issues

JIRA

Description

XRAY-10586

Fixed an issue whereby, in some cases, the Scan Build had a slow performance.

XRAY-10378

Fixed an issue whereby, in some cases, when accessing the Xray tab for specific artifacts with special characters, Xray returned an authorization error.

XRAY-10252

Fixed an issue whereby, due to a breaking change in the npm registry, Xray failed to perform an npm audit.

XRAY-10028

Fixed an issue whereby a Project Admin was unable to access the Index Resources Configuration.

XRAY-9995

Fixed an issue whereby, in some cases, MongoDB migration failed due to licenses with long names.

XRAY-9683

Fixed an issue whereby, when vulnerabilities were detected on an rpm file and not on its dependencies, the infected component, and fixed versions returned empty data.

XRAY-9674

Fixed an issue whereby, the build URL shared in the Watch email notifications for the Project builds was inaccessible.

XRAY-9642

Fixed an issue whereby, Xray Jira Integration could not show more than 30 Projects.

XRAY-8794

Fixed an issue whereby, jar files in an npm archive were classified as npm package type.

XRAY-8464

Fixed an issue whereby, in some cases, build scans failed if they included a Docker image that was scanned previously.

XRAY-8116

Fixed an issue whereby, when several components shared the same checksum the matched component ID was incorrect.

XRAY-9622

Fixed an issue whereby, Xray fails to parse package.json with the old license format.

XRAY-9824

Fixed an issue whereby, too many warning messages were written to the logs and filled the persist retry queue.

XRAY-9839

Reduced the disk load by removing ping requests from the logging system.