Released: January 31, 2023
Highlights
JFrog Advanced Security Scan Existing Artifacts (Cloud-only)
You can now run Contextual Analysis and perform Exposures Scan on an existing artifact from the Scans List page. This feature is also supported through the REST API.
Feature Enhancements
Exposures Additional Scanners (Cloud-only)
The Services category in Exposures has been expanded with 7 new scanners for NGINX configuration issues.
Jira Integration Enhancement
Enhanced the Jira ticket creation to have one Jira ticket for all the information regarding all affected components instead of creating a Jira ticket for each component.
UI Improvements
UI improvements in Scans List to the Vulnerabilities and Exposures categories screens, such as:
Vulnerabilities screen:
Modified default displayed columns
Modified column order
Added sorting options by different columns
Modified the default sorting adding a secondary sort key by applicability result
Clarified the Contextual Analysis results
Exposures categories screens:
The screen is now split into two tabs; To Fix and Checked OK.
Issues that were checked and found OK are moved to the Checked OK tab.
Navigation bar:
Added info tooltip explaining each of the Security Issues screens
Resolved Issues
Jira | Description |
|---|---|
XRAY-14210 | Fixed an issue whereby, the Xray ID was not displayed in the violation details (right pane) on the Scans List page. |
XRAY-12622 XRAY-12538 | Fixed an issue whereby, navigating to components containing '/' in their name from the Xray Data tab pages, could lead to a 404 error. |
XRAY-10749 | Jira integration now supports creating Jira tickets for generic packages. |
XRAY-11989 | Fixed an issue whereby, on the Scans List page, in the Builds tab, when entering a build that doesn't exist in Artifactory, a 500 error was issued. Builds that were deleted from Artifactory will now be omitted from the Scan lists Builds tab. Builds that were deleted and weren't omitted will not result in this error. |