Released: October 4, 2020
Highlights
Due Diligence Licenses Report
Introduced the new Due Diligence Licenses Report, which provides you with a list of components and artifacts and their relevant licenses. This enables you to review and verify that the components and artifacts comply with the license requirements.
DB Sync Improvements
Improved initial vulnerabilities database synchronization by 92%. The total time is down to less than one hour with minimum Xray system requirements.
Resolved Issues
Fixed an issue whereby, in some cases, Docker layers descendants were not displayed in the UI.
Fixed an issue whereby, if violations were found, Webhooks was not triggered if the Fail Build option was enabled.
Improved the Xray request log format to be aligned with the JFrog Platform standards. If you have automation that is based on the old format, make sure to update it accordingly.
Improved performance in Xray when responding to requests coming from Xray IDE plugins.
Improved the database connection pool configuration by reducing the default number of idle connections to the database to a lower value of 5. The system YAML parameter names have been changed to support this enhancement, however, the old parameter names are supported for backward compatibility. For more information, see Xray system YAML.
Deprecated APIs
The following APIs are not supported starting from Xray version 3.9.1:
/ui/api/v1/xray/api/v1/projects/<project_name>/notes/*
v1alpha1/projects/{projectsId}/occurrences