Quick Start

Modes of Operation

The JFrog Plugin offers two modes: Local and CI. You can switch between them using the JFrog Panel tabs at the IDE's bottom.

Displays information about the local code as it is being developed in the IDE.
Enables continuous scanning of your project with the JFrog Platform.
Identifies security vulnerabilities in dependencies and source code before they become part of the final product.
To scan your project, click the Run Scan button in the JFrog panel.

The plugin uses severity icons to indicate the highest severity issue within a selected component and its transitive dependencies.

Icon	Severity	Description
	Critical	Issue with critical severity
	High	Issue with high severity
	Medium	Issue with medium severity
	Low	Issue with low severity
	Unknown	Issue with unknown severity
	Not Applicable	CVE issue not applicable to source code
	Normal	No issues (used only in CI view)

The CI information displayed in the IDE is fetched from JFrog Artifactory.
Build details are stored as build-info, published to Artifactory by the CI server.
If JFrog Xray scans build-info, the plugin will display the scan results in the CI View.

Before the CI View can display data, configure your CI pipeline to expose build information:

Go to Settings (Preferences) > Other Settings > JFrog Global Configuration.
Configure your JFrog Platform URL and user credentials.
Navigate to Settings (Preferences) > Other Settings > JFrog CI Integration.
Set your CI Build Name Pattern – this should match the build name published to Artifactory.
- Use * to view all builds published to Artifactory.
Click Apply, then open the CI Tab in the JFrog panel.
Click Refresh to fetch and display build details.