Released: May 28, 2025
Feature Enhancements
JFrog Xray
Added Support for SBOM ingest and enrichment support for CycloneDX version 1.6
Added a new REST API that analyzes and compares vulnerability differences between two build versions. For more information, see Build Vulnerability Diff
Source Code
The Git repository configuration now reflects the actual hierarchy in your Source Control Management (SCM) system. It also supports inheriting configuration settings across future repositories and folders, streamlining setup and ensuring consistency.
Git Repository Scans List table now reflects the actual hierarchy in your Source Control Management (SCM) system.
Resolved Issues
Jira | Description |
|---|---|
XRAY-108647 | Resources are deleted despite a successful response when updating a Watch via the REST API without including the build_repo: release-bundles-v2 parameter. |
XRAY-94756 | Non-admin users can now run the Fore Reindex REST API. |
XRAY-110652 | Duplicate bom-ref identifiers in CycloneDX export |
XRAY-113448 | Fixed an issue where NuGet packages were not being scanned during repository scans. |
XRAY-113397 | Fixed an issue where Contextual Analysis scans on remote generic repositories were incorrectly marked as failed instead of showing as unsupported. |
XRAY-110869 | Fixed a rare issue where Xray failed to start in certain custom setups, particularly when the kubeconfig file was misconfigured. |
XRAY-116138 | Resolved an issue where the Commits table did not display the latest scan results for a commit. |