Cloud customer?
 Upgrade in MyJFrog >

Search





Overview

The Application global Search provides a set of five dedicated searches for each of your resource types - packages, artifacts, builds, and Release Bundles and a dedicated Security and Compliance search for viewing scanned resource results.  

The active Search view changes according to the resource page you are currently viewing and displays results for the repositories on which you have permissions to view. For example, the Packages Search is active when you are in the Packages page.


Product-Specific Requirements

The following search types require the following be installed with their associated licenses:

  • Release Bundles Search: Requires JFrog Distribution be installed with an Enterprise+ license.
  • Security & Compliance Search: Requires JFrog Xray be installed with a Pro X, Enterprise with Xray, or an Enterprise+ license.



Search Syntax

The Application Search supports the following syntax:

  • Supports a keyword-based search
  • Search terms are case-sensitive.
  • Supports * and ? wildcards to help you narrow down your search. For example, when searching for a package named angular, typing an*, angula? will return angular as a result.
Page Contents


Viewing Your Recent Searches

When you first start, your search is initially empty. Once you start adding searches, they are saved and viewable in the Recent searches drop down for future reference.


Supported Search Methods

The search supports the following search methods.  

Free-Text Search

You can search by using one or more words, terms that include wildcard symbols and Boolean expressions.

Advanced Search Using Filters

Narrow down your search results for complex searches by setting filters in the the advanced filtered search. The search contains filters that apply to all the resources, for example, name and data range, and resource-specific filters.  For example you can search for all the Docker images in your docker-local repository that have a specific Docker tag.In the Advanced Search, selecting or typing a search criteria, displays the criteria syntax in the Search line area. For example, Docker from the Type List, added the docker pkgType:docker keyword to the search bar.

Search by Keywords

You can search by using a set of predefined keywords. All you have to do is click in the search box and type the keyword or multiple keywords within the search. For example, you can search for all Docker packages in the Docker-local repository by typing: pkgType:docker repo:docker-local.
The Advanced search filter is also based on these keywords. Selecting a filter in the Advanced search displays the keyword in the search bar.

 Click here to view a list of of keywords

The following table contains the full list of keywords.

NameDescriptionPackagesArtifactsBuildsRelease
Bundles
Security &
Compliance
pkg

Searches according to a package type.
For example: pkg:dockerreturns results for
 Docker packages.

(tick)(tick)


repo

Searces according to the repository type - local, remote, virtual, or distribution.

For example: repo:docker-local type:package myApp
returns results for packages in the docker-local.

(tick)(tick)


checksum

Searches according to the checksum of the package or artifact.
For example: checksum:13f2ab8fa returns results for packages or artifacts containing the
checksum number.

(tick)(tick)


properties

Searches for artifacts that are annotated with properties.
For example: properties: passedQA=true,oss=true returns results for packages that have passed QA and are OSS.


(tick)


beforeSearches for resources that were created before the specified date.
For example: pkg:docker before:2019-01-03 returns results for Docker packages created before this date.


(tick)(tick)(tick)
after

Searches for resources that were created after the specified date.
For example: 
pkg:docker after:2019-01-03 returns results for Docker packages created after this date.



(tick)(tick)(tick)
cve

Searches for resources that have the specified issue.
For example: cve:CVE-2019-12 returns results for resources affected by CVE-2019-12.





(tick)
license

Searches for resources containing the specified license. 
For example: 
license:MIT returns results for resources containing the MIT license.





(tick)
severitySearches for resources contain a violation with a specific severity level.
For example: 
severity:medium,high returns results for resources containing security violations with Medium and High severity levels.




(tick)

The following table contains dedicated Artifact keywords:

Keyword by Search TypeSupported Package TypeSupported Values
Artifacts
searchType
Packages, Archive, Properties, Checksum, JCenter, or Trash.
Artifacts > Packages
versionAll PackagesSearches for artifacs according to a specific version.
categoryChefFree text
platformChef and CondaFree text
userConanFree text
channelConanFree text
osConanFree text
archConan, Conda, Debian, Opkg, RPMFree text
buildType

Conan

Free text
compilerConanFree text

priority

Debian, Opkg

Free text
maintainer

Debian, Opkg

Free text
distDebianFree text
componentDebianFree text
digestDockerFree text
v1DockerFree text
appVersionHelmFree text
groupIDMavenFree text
artifactIDMavenFree text
classifierMavenFree text
scopenpmFree text
keywords

npm

Free text
boxProviderVagrantFree text
Artifacts > Archive Entries
path
Free text

classResourcesOnly


Indicates whether to search according to class resources only.  
Possible values: true, false
Default value: false

excludeInnerClasses


Indicates whether to exclude inner classes are part of the search.
Possible values: true, false
Default value: false

checksumSearch


Indicates whether the search pattern needs to be searched as a checksum 
Possible values: true, false
Default value: false



Search By Resource Type

Package Search

You can specify the following parameters for your search:

Type
Select the package from the Type list.
Package Name
Type the package name.
Version
Type the package version (e.g. 1.0.0). This field is enabled after you enter the Package Name.
Repositories

Limit the packages to display for the selected package type. The list displays repositories on which you have permissions. 

Checksum
Type the package checksum value.



Build Search

You can specify the following parameters for your search:

Name
Type the build name.
From/To
Select the date range between two dates in which the build was deployed.


Artifacts Search

Use the Search Type filters to narrow down your artifact results. Each search type offers a set of input fields corresponding to the type of search you have selected to help narrow down your search. 

The artifact search results are displayed in a dedicated view. For each resource in the list, click the arrow on the far right to perform one of these actions on the resource:

  • View the resource contents. For example, a JSON file.
  • View the resource in the Artifact tree.
  • Delete the resource. 

The following search types are supported:

Quick Search

Using Quick Search you can search for artifacts by name. Select Quick, enter your search term and then click Search.

You can specify the following parameters for your search:

Name

Type the name of the artifact. You can use ? and * as wildcards

Repositories
Select specific repositories from the Repositories list to narrow down your search

Archive Search

Archive search performs a search for all the files that match your search parameters and are located in the archive folder. Typical examples are a zip or jar file, however, all file types defined in the MIME types configuration are supported. You can specify the following parameters for your search.

Name
The term to search for within the file name.
Path
Allows you to specify a path filter for the search. For example, Org/JFrog.
Search Class Resources Only
When selected, only class resources are searched. Any other file type is filtered out of the search.
Exclude Inner Classes
When selected, inner classes are excluded from the search.
Repositories
Limits search to the specified repositories.

View the source file

You can hover over a class file and select View to view the corresponding source file if it's available.

Package Search

Package search enables you to run a search based on a specific packaging type. For each type, you can specify search parameters based on the relevant metadata for the selected package type. For example, Helm search is suitable for searching through Helm Chart repositories. 

Under the hood

Package search is based on standard properties that Artifactory attaches to packages according to their type. For example, when searching for NuGet packages, Artifactory is actually matching the search terms to the values for the nuget.id and nuget.version properties that should be attached to every NuGet package.

Limitation

Package search does not currently work on remote repository caches for RubyGems, PyPI and Debian repositories. 

The following table displays the parameters you may use for each package type:

Search typeSearch parameters
Alpine
Package name, Version, Repositories, Checksum
Bower
Package name, Version
Chef
Name, Version, Category, Platform
CocoaPods
Package name, Version
Composer
Package name, Version
Conan
Package name, Version, User , Channel, OS, Architecture, Build Type, Compiler
Conda
Package Name, Version, Arch, Platform
CRAN
Package Name, Version
Debian
File name (without the .deb extension), Distribution, Component, Architecture
Docker
Full Image Namespace, Image Tag, Image Digest
Gems
Package name, Version
Go
Package Name, Version
Helm
Helm Chart Name, Helm Chart Version, App Version
Maven GAVC
Group ID, Artifact ID, Version, Classifier
Npm
Package name, Version, Scope
NuGet
Package ID, Version
Opkg
Package name, Version, Architecture, Priority, Maintainer
PyPI
Package name, Version
RPM
Package name, Version, Architecture, Release
Vagrant
Box Name, Version, Provider

All these search fields support the ? and * wildcard characters.

Package search as an AQL query

For most package formats, package search is implemented as an AQL query. After searching, click the AQL Query button to view the AQL query used in the search. You may also click the Copy icon in the AQL code snippet to copy the query to your clipboard.

Limit search to specific repositories

When limiting search to specific repositories, you can select repositories with the corresponding package type. Package search depends on those repositories having the correct layout. Searching through repositories with the wrong layout will have unpredictable and unreliable results.

The example below shows the results of searching for any Docker image with latest in its name:

Property Search

Requires an Artifactory Pro license and above.

You can search for artifacts or folders based on Properties assigned to them, whether they are standard properties assigned by Artifactory, or custom properties which you can freely assign yourself.

To define your search parameters, click Add Property and in the Key field, enter the name of the property to search for, or select one from the list provided.

Then, in the Value field, set the value you are searching for in the specified property. To add more properties to the search use the Add Property.

You can repeat this process to specify any number of properties and values for your search.

Wildcards can be used in the Property Value field

You can use the ? or * wildcards in the Value field.


Combining Properties and Values

Properties can be combined using the AND operator.

Different values assigned to a specific property can also combined using the AND operator.
This means that only artifacts that meet all the search criteria specified will be found.

This example shows a search for artifacts that have a build.number property with a value of 2.


Checksum Search

You can search for artifacts based on MD5, SHA1 or SHA2 checksum value. This can be especially useful if you want to identify an artifact whose name has been changed.

Wildcard characters are not supported in Checksum Search, so the term entered in the search field must be valid MD5 or SHA1 value.

This example shows a search for an artifact using its SHA1 checksum. 

JCenter Search

Bintray is JFrog's software distribution platform. Using this free cloud-based service, you can publish, download and share your binaries with the developer community.

For more details, please refer to the JFrog website Bintray page.

Artifactory provides a direct connection to Bintray's JCenter repository which contains a comprehensive collection of popular Apache Maven packages.

To search for packages on Bintray, select JCenter as the Search Type and enter the name of the package you are looking for.

You can hover over any search result and click Show in Bintray to display the selected artifact in Bintray.


Trash Search

You can search for artifacts you have removed to the trash can by selecting Trash as the Search Type.

Enter the artifact's name in the Query field, or select the Checksum Search check box and type the artifact's checksum.

Release Bundles Search

Requires JFrog Distribution be installed with an Enterprise+ licence.

You can search for distributable and received Release Bundles within a specified time page.


Searching for Scanned Resources

Requires JFrog Xray to be installed with a Pro X, Enterprise with Xray, or an Enterprise+ license.

Searching for scanned results in the Security & Compliance search, returns the scan result by resource type - packages. builds, Release Bundles and artifacts. The total number of scanned resources that contain an issue for the specific resource is displayed.

You can specify the following parameters for your search.

Name
Search according to a specific issue name.
CVE
Search for resources containing a specific CVE.
By License
Search for resources containing a specific license or unknown licences.
By Severities
Search for resources containing vulnerabilities according to severity level - High, Low, Medium, or Unknown.
Date Range
Limits search to the specified date range.

The results are displayed by resource type. Click on each tab to view the full list and click on the resource to view the issue in the dedicated resource page.

Copyright © 2020 JFrog Ltd.