Try JFrog
API Reference
Contact SupportTry JFrog

Update a curation policy

put
{protocol}://{host}:{port}/xray/api/v1/curation/policies/

Update an existing policy.

Note about editable properties: Do not send the entire object returned by GET. Properties like id, created_by, updated_by, created_at, updated_at cannot be set via the API and sending them will cause an error.

Note about waivers: Waivers and label waivers cannot be edited in place. They can be:

  • added — send an object without an id but with the content fields
  • retained — send an object with the id of an existing waiver
  • removed — omit the object

To edit a waiver, remove it and add a new one with the desired values.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Path Params
string
required

Unique identifier of the policy.

Body Params

Mutable fields of a policy, used for create and update operations.

boolean

Automatically true on creation. Automatically set to false if the policy's effective scope becomes empty (e.g. the only covered repo is deleted). Can be set to true on update if the effective scope is non-empty.

string
required

Name of the policy.

string
enum
required

Determines which repositories the policy applies to:

  • all_repos — all curated repositories, optionally excluding those in repo_exclude.
  • specific_repos — only the repositories listed in repo_include.
  • pkg_types — all curated repositories whose package type is in pkg_types_include.
Allowed:
string
enum
required

block — non-compliant packages are blocked from download. dry_run — only audit logs are accumulated; packages are not blocked.

Allowed:
string
required

ID of the condition used by this policy.

pkg_types_include
array of objects

Used with scope: pkg_types. Lists the package types the policy applies to.

pkg_types_include
repo_include
array of strings

Used with scope: specific_repos. Lists repository keys the policy applies to.

repo_include
repo_exclude
array of strings

Used with scope: all_repos. Lists repository keys to exclude.

repo_exclude
group_include
array of strings

Groups to include in the policy scope.

group_include
group_exclude
array of strings

Groups to exclude from the policy scope.

group_exclude
waivers
array of objects

List of package-level waivers.

waivers
label_waivers
array of objects

List of label-based waivers.

label_waivers
notify_emails
array of strings

Email addresses notified when the policy blocks a package.

notify_emails
decision_owners
array of strings

JFrog Access groups whose members can approve waiver requests. Used with waiver_request_config: manual.

decision_owners
string
enum
required

Controls waiver request behaviour for the policy:

  • forbidden — waiver requests cannot be created.
  • manual — waiver requests require approval by one of the decision_owners groups.
  • auto_approved — waiver requests are automatically approved on creation.
Allowed:
boolean

When true, the policy also blocks packages served from Artifactory's cache.

boolean

When true, the policy is shared across federated instances. Only allowed for all_repos or pkg_types scopes.

Responses

Updated about 2 months ago

Language
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated about 2 months ago