jfrog · attiasas · May 14, 2026 · May 14, 2026 · May 14, 2026 · May 14, 2026
diff --git a/audit_test.go b/audit_test.go
@@ -1166,11 +1166,11 @@ func TestAuditNewScaCycloneDxPipenv(t *testing.T) {
 	assert.NoError(t, err)
 	validations.VerifyCycloneDxResults(t, output, validations.ValidationParams{
 		ExactResultsMatch: true,
-		Total:             &validations.TotalCount{Vulnerabilities: 10, BomComponents: 4 /* components */ + 1 /* root */, Licenses: 1},
+		Total:             &validations.TotalCount{Vulnerabilities: 11, BomComponents: 4 /* components */ + 1 /* root */, Licenses: 1},
 		SbomComponents:    &validations.SbomCount{Root: 1, Direct: 4},
 		Vulnerabilities: &validations.VulnerabilityCount{
-			ValidateScan:                &validations.ScanCount{Sca: 10},
-			ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 4, NotApplicable: 6},
+			ValidateScan:                &validations.ScanCount{Sca: 11},
+			ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 5, NotApplicable: 6},
 		},
 	})
 }
@@ -1184,11 +1184,11 @@ func TestAuditNewScaCycloneDxUV(t *testing.T) {
 	assert.NoError(t, err)
 	validations.VerifyCycloneDxResults(t, output, validations.ValidationParams{
 		ExactResultsMatch: true,
-		Total:             &validations.TotalCount{Vulnerabilities: 18, BomComponents: 1 /* root */ + 8 /* direct */ + 1 /* file (secret)*/, Licenses: 5},
+		Total:             &validations.TotalCount{Vulnerabilities: 19, BomComponents: 1 /* root */ + 8 /* direct */ + 1 /* file (secret)*/, Licenses: 5},
 		SbomComponents:    &validations.SbomCount{Root: 1, Direct: 8},
 		Vulnerabilities: &validations.VulnerabilityCount{
-			ValidateScan:                &validations.ScanCount{Sca: 16, Sast: 1, Secrets: 1},
-			ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 7, NotApplicable: 9},
+			ValidateScan:                &validations.ScanCount{Sca: 17, Sast: 1, Secrets: 1},
+			ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 8, NotApplicable: 9},
 		},
 	})
 }

diff --git a/git_test.go b/git_test.go
@@ -67,7 +67,7 @@ func testGitAuditCommand(t *testing.T, params auditCommandTestParams) (string, e
 }
 
 func getDummyGitRepoUrl() string {
-	return fmt.Sprintf("https://github.com/jfrog/dummy-repo-url%s.git", securityTests.GetUniqueSuffix())
+	return fmt.Sprintf("https://test.git.provider.com/jfrog/dummy-repo-url%s.git", securityTests.GetUniqueSuffix())
 }
 
 func createTestProjectRunGitAuditAndValidate(t *testing.T, projectPath string, gitAuditParams gitAuditCommandTestParams, xrayVersion, xscVersion, expectError string, validationParams validations.ValidationParams) {
@@ -271,8 +271,8 @@ func TestGitAuditJasSkipNotApplicableCvesViolations(t *testing.T) {
 		xrayVersion, xscVersion, "",
 		validations.ValidationParams{
 			Violations: &validations.ViolationCount{
-				ValidateScan:                &validations.ScanCount{Sca: 12, Sast: 2, Secrets: 2},
-				ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotApplicable: 10, NotCovered: 2, Inactive: 2},
+				ValidateScan:                &validations.ScanCount{Sca: 20, Sast: 2, Secrets: 2},
+				ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotApplicable: 10, NotCovered: 10, Inactive: 2},
 			},
 			ExactResultsMatch: true,
 		},
@@ -299,8 +299,8 @@ func TestGitAuditJasSkipNotApplicableCvesViolations(t *testing.T) {
 		xrayVersion, xscVersion, "",
 		validations.ValidationParams{
 			Violations: &validations.ViolationCount{
-				ValidateScan:                &validations.ScanCount{Sca: 2, Sast: 2, Secrets: 2},
-				ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 2, Inactive: 2},
+				ValidateScan:                &validations.ScanCount{Sca: 10, Sast: 2, Secrets: 2},
+				ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 10, Inactive: 2},
 			},
 			ExactResultsMatch: true,
 		},

diff --git a/jas/analyzermanager.go b/jas/analyzermanager.go
@@ -25,7 +25,7 @@ import (
 const (
 	ApplicabilityFeatureId                    = "contextual_analysis"
 	AnalyzerManagerZipName                    = "analyzerManager.zip"
-	defaultAnalyzerManagerVersion             = "1.33.0"
+	defaultAnalyzerManagerVersion             = "1.34.1"
 	analyzerManagerDownloadPath               = "xsc-gen-exe-analyzer-manager-local/v1"
 	analyzerManagerDirName                    = "analyzerManager"
 	analyzerManagerExecutableName             = "analyzerManager"

diff --git a/sca/bom/buildinfo/technologies/java/deptreemanager.go b/sca/bom/buildinfo/technologies/java/deptreemanager.go
@@ -106,6 +106,7 @@ func parseDepTreeFiles(jsonFilePaths string) ([]*moduleDepTree, error) {
 }
 
 func parseDepTreeFile(path string) (results *moduleDepTree, err error) {
+	// jfrog-ignore: The file is a JSON file that contains the dependency tree of a module in a Gradle/Maven project.
 	depTreeJson, err := os.ReadFile(strings.TrimSpace(path))
 	if errorutils.CheckError(err) != nil {
 		return

diff --git a/sca/bom/buildinfo/technologies/pnpm/pnpm_test.go b/sca/bom/buildinfo/technologies/pnpm/pnpm_test.go
@@ -43,7 +43,7 @@ func TestBuildDependencyTreeLimitedDepth(t *testing.T) {
 			name:      "With transitive dependencies",
 			treeDepth: "1",
 			expectedUniqueDeps: []string{
-				"npm://axios:1.16.0",
+				"npm://axios:1.16.1",
 				"npm://balaganjs:1.0.0",
 				"npm://yargs:13.3.0",
 				"npm://zen-website:1.0.0",
@@ -53,7 +53,7 @@ func TestBuildDependencyTreeLimitedDepth(t *testing.T) {
 				Nodes: []*xrayUtils.GraphNode{
 					{
 						Id:    "npm://balaganjs:1.0.0",
-						Nodes: []*xrayUtils.GraphNode{{Id: "npm://axios:1.16.0"}, {Id: "npm://yargs:13.3.0"}},
+						Nodes: []*xrayUtils.GraphNode{{Id: "npm://axios:1.16.1"}, {Id: "npm://yargs:13.3.0"}},
 					},
 				},
 			},