Released: February 23, 2023
Highlights
Advanced Scans
Advanced Scans is now available in Self-Hosted environments for Enterprise X and Enterprise + subscriptions with Advanced DevSecOps.
In this release, Advanced Scans for Self-Hosted is supported for Kubernetes only.
In addition, Advanced Scans for Cloud and Self-Hosted have been enhanced with the following:
The Scans List page for Advanced Scans results has been enhanced with an improved look and feel.
You can now create Policies with Exposures and Contextual Analysis rules.
Ignore rules has been enhanced to support ignoring Exposures violations.
Advanced Scans in your IDE
Enterprise X and Enterprise + subscriptions with Advanced DevSecOps
Contextual Analysis is now available in your IDE, enabling developers to reduce the time spent assessing and remediating vulnerabilities. In this release, Contextual Analysis is supported for JFrog VS Code Extension and JFrog IntelliJ IDEA Plugin. (Supported packages npm and Python).
Vulnerability Exploitability eXchange (VEX)
You can now export SBOM with CycloneDX VEX information that includes vulnerability details enabling you to reduce exploitability risk.
Resolved Issues
Jira | Description |
|---|---|
XRAY-12678 | Fixed an issue whereby, Project Admins were unable to create Ignore Rules for violations. |
XRAY-14990 | Fixed an issue whereby, Advanced Scans, failed to initiate properly on remote repositories. |
XRAY-10872 | Fixed an issue whereby, Xray did not scan builds that contained special characters. |