Released: April 16, 2023
RabbitMQ Version Upgrade
Xray version 3.71.x includes RabbitMQ version 3.11.13. Before upgrading to this version of Xray, some feature flags need to be enabled in RabbitMQ. For more information, see Upgrading from Upgrading from Xray Version 3.x to 3.x
AAR Packages Support
Xray now supports scanning AAR packages.
Support Zstandard (zstd) Compression
Added support for packages using zstd compression.
Fixed an issue whereby, Ignored Violation URL sent as an email notification was broken.
Fixed an issue whereby, in some cases, when using the artifact summary API with multiple components, results were duplicated.
Fixed an issue whereby, users with read permissions were not authorized to retrieve the details of the violation via the Get Violations REST API. Users can view details of violations only on resources they have read permissions for.
Fixed an issue whereby, sha256 was missing from the SBOM report.
Fixed an issue whereby, when a Policy in a Project Watch was blocking unscanned artifacts on Any-Repository it resulted in blocking repositories in other Projects as well.
Fixed an issue whereby, defining a non-default Vhost of the rabbitMQ caused Xray to hang and stop processing requests. A new system.yaml parameter now allows the user to define a non-default Vhost of the rabbitMQ and make Xray aware of it. For more information, see Xray System YAML.
Fixed an issue whereby, the Notify Deployer option for Policies for Builds was not working properly.
Fixed an issue whereby modifying a custom issue was not successful.
Fixed an issue whereby, in some cases, custom issues that were created by the Issues REST API were not editable.