Can JFrog Xray scan only Maven artifact?

Can JFrog Xray be used to scan Maven artifact directly? All examples and resources I can find shows only Xray scanning Docker Images where it also scans layer with java application and its dependencies.

But can one scan Maven artifact directly even if its not part of any Docker images?

Solution

As you can se in the official JFrog Xray documentation, it supports many more technologies. NPM, NuGet, Docker and RPM just to name a few.

The artifacts are scanned regardless of what contains them, as long as they are hosted in a JFrog Artifactory repository that is configured to be scanned by Xray.

BTW, scanning is recursive, so if you have an NPM module in an RPM, it would also be scanned and reported.

After 2023-03-28 http://yum.oracle.com/repo/OracleLinux/ fails Artifactory testremote via API and Admin UI
Getting error as failed to persist file in jfrog artifactory oss
Azure DevOps - JFrogNuget Error - Error occurred while executing task: Error: Command failed
Artifactory OSS won't start, log shows "Failed executing GetEntitlements, Server responded with an invalid status 404 UNIMPLEMENTED"
After Update to 7.84.14, Artifactory returns 400 on download artifact, which is not on the outer most level of the repo
Installing JFrog on Azure DevOps with multiple build servers
How do I deploy a file to Artifactory using the command line?
Why does Artifactory attempt to post data to "system/logs/usageartifactory" every 1 minute?
Maven: Trying to Deploy with credentials in settings.xml file
Docker: Error response from daemon: unauthorized: The client does not have permission for manifest
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm"
Artifactory docker-compose
Artifactory - hide the "last downloaded" info
Jfrog Artifactory: Selectively displaying certain packages from one repo in another
Artifactory Build search page new Default after update
Artifactory Docker Login to Repository Localhost
How to download the latest artifact from Artifactory repository?
Using Jfrog to create and update a build with docker images corresponding to the environment. (dev|staging|prod)
Docker Registry vs Nexus/Artifactory
Do maven repos support uber jars like other depedancies?
How to list all folders with more then 10 artifacts in artifactory repo using CURL?
Publish .aar file with javadocs attached on artifactory repo
jfrog-cli + github: download latest artifacts from specific (main/default) branch
Artifactory: create permission via api fails with "HTTP 405 method not allowed"
What Unsupported docker v2 repository request for 'artifactory' means
Can Nexus or Artifactory store simple tar.gz artifacts?
Any way for conan to automatically upload package to artifactory IF it was just built with --build=missing
On stack deploy, unable to pin image to digest: unauthorized: the client does not have permission for manifest
Storing tagged artifacts with gitlab CI
artifactory upgrade from 7.19.4 to 7.77.5