Xray 3.107.7 Cloud

Xray Release Information

Products
JFrog Xray
Content Type
Release Notes
ft:sourceType
Paligo

Released: November 11, 2024

Highlights

JFrog Advanced Security Exposures Support

You can now scan builds and Release Bundles V2 for Exposures.

Use JFrog Catalog Labels as Waivers in a Policy

This feature enables the security team to specify multiple packages and versions that can be excluded from the Policy (i.e., not violating it) allowing them to enter the repository. Waivers are added as labels on a per-policy basis, using preset labels from the JFrog Catalog.Use Labels as Waiver in Policy

Resolved Issues

Jira

Description

XRAY-78247

Xray didn’t block the download of a folder via REST API when the folder contained non-downloadable artifacts.

XRAY-76649

Improved secret management by storing secrets as environment variables rather than reading them from mounted secret files. This change improves security and compliance.

XRAY-85322

A notification was not sent for the Notify deployer policy action for existing scans.

XRAY-82897

In the report REST API, when the impacted_artifact parameter contained special characters or space the API returned “Request payload is invalid as impacted artifact is invalid"

XRAY-81898

The Export Details V2 REST API retrieved data only for the latest build version that was scanned.