JFrog Xray has enhanced its capabilities to support developers in identifying vulnerabilities and license violations earlier in the software development lifecycle by allowing on-demand scanning of source code and binaries using the JFrog CLI. This shift-left approach aims to catch issues before code is uploaded to Artifactory, thus improving security and compliance. Developers can run ad-hoc scans of source directories for Maven, Gradle, and NPM packages without needing to compile or deploy, and apply Xray policy rules to manage security standards. Additionally, on-demand binary scans can be performed on local files, producing detailed reports about vulnerabilities and license issues, although Docker support is pending. These features are designed to enhance developer visibility and adherence to organizational compliance standards, ultimately aiming for more secure and efficient software development.