Released: February 9, 2025
Feature Enhancements
JFrog Xray
Added support for SBOM component properties in compliance with the German SBOM Regulation (BSI TR-03183) and the Indian SBOM Regulation (CERT-IN SBOM Guidelines).
Xray now supports scanning podspec.json (extension of Cocoapods)
The Export Component Details v2 REST API now supports passing an array of objects instead of a single JSON. This allows you to generate SBOM reports for multiple artifacts at a time and the aggregated reports will be returned in a “multiple_components_report.zip” file.
Enhanced the Xray-Jira integration by adding the Jira Status Retrieval feature. Xray users can now view the status of related Jira tickets without leaving the Xray platform.
Note: This feature will be enabled by default for all integration types, except for OAuth2 authentication with Jira Cloud. OAuth2 Jira Cloud users will need to follow the additional steps outlined in the Enabling for OAuth2 on Jira Cloud section to activate the feature
JFrog Curation
You can now export audit data in CSV format directly from the UI in Curation > Audit.
You can now export audit data in CSV format through the Approved/blocked-audit REST API.
Users can now connect repositories by package type to Curation, gaining a comprehensive overview of all curatable ecosystems in their Artifactory. Easily manage connections, view status updates for each package type, and define automatic connections for future repositories. Stay informed with notifications for any disconnections, ensuring seamless management and oversight.
Resolved Issues
Jira | Description |
|---|---|
XRAY-97064 | License Due Diligence report for artifacts with many child components returned empty impact paths. |
XRAY-95570 | Unable to view Xray scan data for builds with special characters in their names. |
XRAY-98492 | Improved performance of the block download functionality linked to JFrog Xray Policies. |