Xray 3.67.9

Xray Release Information

ft:sourceType
Paligo

Released: February 23, 2023

Highlights

Advanced Scans 

Advanced Scans is now available in Self-Hosted environments for Enterprise X and Enterprise + subscriptions with Advanced DevSecOps.

In this release, Advanced Scans for Self-Hosted is supported for Kubernetes only. 

In addition, Advanced Scans for Cloud and Self-Hosted have been enhanced with the following:

  • The Scans List page for Advanced Scans results has been enhanced with an improved look and feel. 

  • You can now create Policies with Exposures and Contextual Analysis rules. 

  • Ignore rules has been enhanced to support ignoring Exposures violations. 

Advanced Scans in your IDE

Enterprise X and Enterprise + subscriptions with Advanced DevSecOps

Contextual Analysis is now available in your IDE, enabling developers to reduce the time spent assessing and remediating vulnerabilities. In this release, Contextual Analysis is supported for JFrog VS Code Extension and JFrog IntelliJ IDEA Plugin. (Supported packages npm and Python).

Vulnerability Exploitability eXchange (VEX)

You can now export SBOM with CycloneDX VEX information that includes vulnerability details enabling you to reduce exploitability risk.

Resolved Issues

Jira

Description

XRAY-12678

Fixed an issue whereby, Project Admins were unable to create Ignore Rules for violations.

XRAY-14990

Fixed an issue whereby, Advanced Scans, failed to initiate properly on remote repositories.

XRAY-10872

Fixed an issue whereby, Xray did not scan builds that contained special characters.