Xray 3.9.1

Xray Release Information
Products
JFrog Xray
ft:sourceType
Paligo

Released: October 4, 2020

Highlights
Due Diligence Licenses Report

Introduced the new Due Diligence Licenses Report, which provides you with a list of components and artifacts and their relevant licenses. This enables you to review and verify that the components and artifacts comply with the license requirements.Generate Due Diligence Report

DB Sync Improvements

Improved initial vulnerabilities database synchronization by 92%. The total time is down to less than one hour with minimum Xray system requirements.

Resolved Issues

  1. Fixed an issue whereby, in some cases, Docker layers descendants were not displayed in the UI.

  2. Fixed an issue whereby, if violations were found, Webhooks was not triggered if the Fail Build option was enabled.

  3. Improved the Xray request log format to be aligned with the JFrog Platform standards. If you have automation that is based on the old format, make sure to update it accordingly.

  4. Improved performance in Xray when responding to requests coming from Xray IDE plugins.

  5. Improved the database connection pool configuration by reducing the default number of idle connections to the database to a lower value of 5. The system YAML parameter names have been changed to support this enhancement, however, the old parameter names are supported for backward compatibility. For more information, see Xray system YAML.Xray System YAML

Deprecated APIs

The following APIs are not supported starting from Xray version 3.9.1:

/ui/api/v1/xray/api/v1/projects/<project_name>/notes/*

v1alpha1/projects/{projectsId}/occurrences