Xray On-Demand Binary Scan

XRAY: jf docker scan –watches xx with Ignore rule

AuthorFullName__c
Jian Sun
articleNumber
000005601
ft:sourceType
Salesforce
FirstPublishedDate
2023-03-06T09:18:44Z
lastModifiedDate
2023-03-06
VersionNumber
1
As we all know, Xray supports On-Demand Binary Scan by CLI.
By default, the scan returns vulnerability data found in your dependencies. To retrieve violations data, use one of the following methods:
  • Watches - Select Watches to apply to the scan.
  • Repo Path - Provide a target destination path in Artifactory, and Watches will be determined by the path.
  • Project - Select a Project by project key, and use all Watches defined for the Project.
Take note, that if you run the scan using one of these command options, the scan results will only show violations data and not vulnerabilities data. To view vulnerability data, run the scan without these options.
The results are displayed in table format. Like: