While Xray allows performing a history scan on repositories, the same does not apply to builds. It is possible to use the JFrog CLI to scan previously deployed builds that have not yet been scanned by running the following command, including the build name and build number:
jfrog rt bs build-name build-number
For instance, to scan build-id 3 of the test build:
jfrog rt bs test 3
This is an easy way to scan specific builds, however, when dozens and hundreds of builds need to be scanned, performing such a task manually can be tedious. This article will demonstrate how this task can be automated using AQL, the JFrog CLI, and python.