Skip to end of metadata
Go to start of metadata

Xray 2.8.8

Released: 24 June, 2019

Feature Enhancements

Xray Supports Displaying the Fixed Version in the IDE Plugin 

Remediation information can now be viewed directly in your IDE plugin in addition to viewing panels displaying vulnerability information about the components and their dependencies. 

Improved Xray Classification of Maven Artifacts

Xray searches and classifies artifacts located in the Maven root as Maven artifacts in addition to searching the POM and JAR files in the folder. 

Multiple Licenses are Added to Xray Known Licenses 

Xray recognizes multiple licenses grouped using the 'And' operator in the local file resource.  

Improved MIT License Detection

Xray adds improved MIT license detection by searching for the 'expression' variable in the NuGet package. 

Xray Supports Externalized PostgreSQL Connection Pools 

Xray externalizes the 'max connection' and 'max idle connection' PosgreSQL connection pools. 

Issues Resolved

  1. Fixed an issue whereby Xray scanned and tagged the org.aist:configurations component for Maven packages with an unknown license. 
  2. Fixed an issue whereby Xray scanned all json files as license files in npm packages.
  3. Fixed an issue whereby database updates were skipped as they did not progress during database sync. 
  4. Fixed an issue whereby users using native installers could connect to the MongoDB without credentials. 
  5. Fixed an issue whereby Xray did not detect a number of Python .whl file as components. 
  6. Fixed an issue where Xray triggered a false notification during monitoring alerting that specific services were down in Kubernetes. 
  7. Fixed an issue in which Xray could not index certain JAR files. 
  8. Fixed an issue whereby missing Docker layers were skipped by Xray resulting in corrupted scan results. 
  9. Fixed an issue whereby Xray could not connect to an external user if the username contained the '@' symbol. 
  10. Fixed an issue whereby DB sync get stuck while calculating on SaaS. 
  11. Fixed an issue whereby running queries in PSQL failed when collecting data for the support bundle. 
  12. Fixed an image whereby Xray continued to generate a violation for an Alpine image that was fixed. 

  • No labels