Released: October 22, 2020
Highlights
Alpine Package Support in Xray
Xray now scans and indexes your Alpine Repositories and Alpine Packages, including recursive analysis, component graph integration, and providing detailed metadata information.
Feature Enhancements
Python Package File Format Support
Xray now supports the indexing of Python files (PyPI) inside .tar
, .gz
, .tgz
, .whl
, and .egg
file formats.
Support PHP files in *.tar Archives
Xray now supports PHP files inside *.tar
archives.
New Metadata REST API
Added a new Resend Artifacts Metadata REST API that enables administrators to resend artifact metadata to the Metadata Server.
Resolved Issues
Note
The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.
JIRA Number | Description |
---|---|
XRAY-6196 | Fixed an issue, whereby Xray did not process rules in a policy according to their order. |
XRAY-6181 | Fixed an issue, whereby the Index Existing option was not working properly for RPM packages. |
XRAY-6127 | Fixed an issue, whereby if a PostgreSQL password was not escaped correctly in the Xray system |
XRAY-6076 | Fixed an issue, whereby when upgrading from Xray version 2.x to 3.x, the data migration failed when one of the Docker layers that were previously scanned by Xray contained "fslayers" with the prefix " |
XRAY-5271 | Fixed an issue, whereby not all license violations were created when the same watch had more than one license policy. |
XRAY-6371 | Fixed an issue whereby, scan build might take longer than usual, when the builds' artifacts contained many references. |
XRAY-6418 | Fixed an issue whereby in some extreme cases, a message can cause Xray to crash. A mechanism was added to prevent those messages from repeatedly crashing Xray. |
XRAY-6446 | Fixed an issue whereby, in some cases, the scan builds did not detect any violations when the build should have failed. |
XRAY-6281 | Fixed an issue whereby, when searching for violations by an X number of days, the search returned all violations. |
XRAY-6372 | Fixed an issue whereby, two builds with the same docker images returned different violations. |
XRAY-6417 | Fixed an issue whereby, corrupted |
XRAY-6449 | Fixed an issue whereby, in some cases, the API |
XRAY-6475 | Fixed an issue whereby, In some cases, Xray initiated a full DB sync, even when it was not needed. |