Released: November 11, 2024
Highlights
JFrog Advanced Security Exposures Support
You can now scan builds and Release Bundles V2 for Exposures.
Use JFrog Catalog Labels as Waivers in a Policy
This feature enables the security team to specify multiple packages and versions that can be excluded from the Policy (i.e., not violating it) allowing them to enter the repository. Waivers are added as labels on a per-policy basis, using preset labels from the JFrog Catalog.
Resolved Issues
Jira | Description |
---|---|
XRAY-78247 | Xray didn’t block the download of a folder via REST API when the folder contained non-downloadable artifacts. |
XRAY-76649 | Improved secret management by storing secrets as environment variables rather than reading them from mounted secret files. This change improves security and compliance. |
XRAY-85322 | A notification was not sent for the Notify deployer policy action for existing scans. |
XRAY-82897 | In the report REST API, when the |
XRAY-81898 | The Export Details V2 REST API retrieved data only for the latest build version that was scanned. |