Xray 3.10.3

Xray Release Information

JFrog Xray

Released: October 22, 2020

Alpine Package Support in Xray

Xray now scans and indexes your Alpine Repositories and Alpine Packages, including recursive analysis, component graph integration, and providing detailed metadata information.

Feature Enhancements
Python Package File Format Support

Xray now supports the indexing of Python files (PyPI) inside .tar, .gz, .tgz, .whl, and .egg file formats.

Support PHP files in *.tar Archives

Xray now supports PHP files inside *.tar archives.

New Metadata REST API

Added a new Resend Artifacts Metadata REST API that enables administrators to resend artifact metadata to the Metadata Server.Resend Artifacts Metadata

Resolved Issues


The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.

JIRA Number



Fixed an issue, whereby Xray did not process rules in a policy according to their order.


Fixed an issue, whereby the Index Existing option was not working properly for RPM packages.


Fixed an issue, whereby if a PostgreSQL password was not escaped correctly in the Xray system YAML file, it appeared in the Xray console log.


Fixed an issue, whereby when upgrading from Xray version 2.x to 3.x, the data migration failed when one of the Docker layers that were previously scanned by Xray contained "fslayers" with the prefix "tarsum.v1+sha256:" in the Docker's manifest.json.


Fixed an issue, whereby not all license violations were created when the same watch had more than one license policy.


Fixed an issue whereby, scan build might take longer than usual, when the builds' artifacts contained many references.


Fixed an issue whereby in some extreme cases, a message can cause Xray to crash. A mechanism was added to prevent those messages from repeatedly crashing Xray.


Fixed an issue whereby, in some cases, the scan builds did not detect any violations when the build should have failed.


Fixed an issue whereby, when searching for violations by an X number of days, the search returned all violations.


Fixed an issue whereby, two builds with the same docker images returned different violations.


Fixed an issue whereby, corrupted Certain ELF files caused the Indexer to fail.


Fixed an issue whereby, in some cases, the API /xray/ui/userIssues/details ended with 500 Server Error due to long processing.


Fixed an issue whereby, In some cases, Xray initiated a full DB sync, even when it was not needed.