Xray 3.11.0

Xray Release Information

JFrog Xray

Released: November 8, 2020

Refrain from Upgrading to 3.11 and 3.11.1

A critical issue was identified in versions 3.11 and 3.11.1 (XRAY-6597). This issue was fixed in version 3.11.2 , we recommend upgrading directly to 3.11.2.

Violations Report

Introduced the new Violations report, which provides you with information on security and license violations for each component in the selected scope. Violations information includes information such as type of violation, impacted artifacts, and severity.Xray Report Types


The Violations report is available with Artifactory version 7.10.6 and above

Feature Enhancements
Ignore Rules

Enhanced the Ignore Rules feature functionalities, including the ability to set granularity on a defined Ignore Rule. All of the Ignore Rule functionalities are supported via the REST API.

To enable these enhancements, it requires Artifactory version 7.10.5 (available) or above.

To learn more, see Ignore Rules.IGNORE RULES

New Connection Parameters in the Xray system YAML

Added support for the following two new parameters in the Xray system YAML:Xray System YAML

  • maxLifetimeSecs: The number of seconds to allow a connection to be alive before a connection is recycled and another connection is established in its place.

  • maxIdleSecs: The number of seconds a connection may be in idle mode before it is closed.

Resolved Issues


The resolved issues now contain the associated JIRA number to help you keep track of your issues that were fixed in the release.

JIRA Number



Fixed an issue whereby, a build number that contained a colon was not being scanned in Xray.



Fixed an issue whereby, in some cases, the DB sync failed to update database rows.


Fixed an issue whereby, Xray in some cases, was not recognizing licenses of some RPM packages.


Fixed an issue whereby, the Impact Analysis sometimes ignored messages in case of errors, which caused some information loss.


Fixed an issue whereby, build selection in the Watch configuration and in the report definition is very slow when there is a large number of builds available.


Fixed an issue whereby, Xray failed to add custom licenses to components due to a race condition in the code.


Fixed an issue whereby, indexing all repositories sometimes failed when there was a large number of repositories.


Fixed an issue whereby, the Analysis microservice failed to process some messages due to panic errors.


Performance improvements to reduce the load on the database.


Fixed an issue, whereby, in some cases, Xray misclassified RPM packages as generic packages.


Fixed an issue, whereby the Persist & Analysis processes in some cases crashed due to high memory consumption.


Added a configurable limit for the number of rows that appear in a report. The default limit is 100,000 rows for each report.

Deprecated CommonName Field on X.509 Certificates

Disabled using the CommonName field on X.509 certificates as host name, when the certificate does not include Subject Alternative Names.