Released: January 13, 2026
Feature Enhancements
Curation
Added support for the Pub ecosystem in Catalog and Curation policies.
Added support for PHP Composer in Catalog and Curation policies.
Added support for Debian and Ubuntu in Catalog and Curation policies.
Added support for waiver requests in the API and UI, enabling developers to request waivers from policy owners for specific blocked packages, in addition to the existing CLI flow.
Xray
Added Impact Search capability for searching vulnerability identifiers or package identifiers across the entire Xray database.
A new REST API, Get Jira Integration Status, has been introduced to enable programmatic retrieval of the current health and operational status of an existing Jira integration.
Resolved Issues
Jira | Description |
|---|---|
XRAY-131885 | Resolved an intermittent Indexer crash. |
XRAY-131798 | Resolved an issue preventing expected violations from being generated when re-scanning Release Bundles after removing ignore rules. |
XRAY-131790 | Resolved incorrect component IDs returned during fix-version checks for Debian distributions when using the new SBOM. |
XRAY-131704 | Resolved an issue where license violations from Git repository scans failed to load in the violation right pane. |
XRAY-131644 | Resolved an issue in Xray Reports that caused redirect errors during navigation. |
XRAY-131573 | Resolved an issue that caused errors due to incorrectly formatted requests in the Violations API. |
XRAY-131012 | Resolved an issue where, in some cases, external links to license information under the SBOM tab were broken. |
XRAY-130525 | Resolved an issue that caused false positives for specific RPM components. |
XRAY-129037 | Resolved an issue where packages with invalid or outdated license metadata were not updated during forced reindex operations. |
XRAY-129030 | Resolved an issue that caused sorting preferences to reset in the Report Results view. |
XRAY-126114 | Resolved an issue that caused failures when scanning a specific CRAN package. |
XRAY-122439 | Resolved an issue where fix versions were not displayed for some packages during on-demand scanning. |
XRAY-130792 | Resolved an issue with NPM “latest” tag handling where inspections could select a non-compliant version; the inspection process now evaluates all available versions and automatically excludes non-compliant releases from the metadata. |