Xray Actions on Violations

JFrog Security Documentation

ft:sourceType
Paligo

This topic reviews actions you can take on Xray Violations. For more information on analyzing resource scan results, see Analyzing Resource Scan Results.

Scan for Xray Violations

To initiate a manual scan on your package version, select Scan for Violations from the Actions list.

scan_for_violations.png

Assign Custom Vulnerability Issues

A security vulnerability created by a user is tagged as a Custom issue and can be deleted by users assigned with the Manage Xray Metadata permission.

assign custom issue.png

Assign Custom Licenses

From the Actions list, select Assign a Custom License to assign Custom licenses on a component in your version.

A license created by a user is tagged as a Custom license and can be deleted by

licenses_tab_on_the_Package_verion_level.png

Select a license from a predefined list of licenses.

assigned_custom_licenses_to_a_component.png

Click Save. A manual scan is triggered to update the license list.

Export Xray Data

Using the Actions menu, you can export full details for the selected component and version including violations, security issues and licenses. From the Xray Data tab on the package versions page, select Export Data from the Actions list.

export_data_package_version.png

In the following Export data popup, specify if you want to export violation, licenses or security parameters that should be exported and the export format.

export_data_selection.png

The file is downloaded to your local drive.

sample excel.png

Below are some examples of exported files in different formats.

export xray data json.png

You can also automate exporting component details using the Export Component Details REST API.Export Component Details