Modern software governance necessitates managing not only the quality of one's own code but also the quality, security, integrity, and legal aspects of open-source packages utilized. Various organizational teams, including security, legal, and the CTO office, address these risks based on factors such as risk severity and package popularity. JFrog Xray 2.2 introduces an enhanced mechanism for defining and enforcing governance standards on binaries, focusing on security and compliance. This system allows organizations to create policies that specify governance behavior, which can be enforced through 'Watches' that determine the resources to be monitored. A policy in Xray is contextless, meaning it defines enforcement specifications without specifying the context, and can be assigned to multiple watches. This separation of behavior from context enhances efficiency, flexibility, and accountability within organizations, allowing for streamlined governance across projects. The latest release helps manage software dependencies by providing tools for policy creation and enforcement, improving the security and compliance of software projects.