Artifactory 7.4
Released: April 6, 2020
Artifactory 7.4 is Available as a Cloud Version
The Artifactory 7.4 release is currently available only as a Cloud version, and will be available for on-premise shortly.
Highlights
Go Private GitHub Repositories Support
It is now possible to create a remote Go repository and proxy Go modules from GitHub private repositories.
Additional information on how to configure Artifactory and your Go client to work with GitHub private repositories can be found here.
Conda v2 Format
Artifactory now supports the Conda v2 metadata format. You can now use Conda clients from version 4.7, and download/upload Conda v2 format packages from all repository types (local, remote and virtual).
As part of this change, Artifactory now supports the .conda file extension to compress packages more effectively and the current_repodata.json file that makes packages search faster.
Create Admin Access Tokens from within the UI
Administrators can now generate admin-scoped access tokens, for any of the services in the JFrog Platform directly from the UI. This is available from the administration module, Identity and Access | Access Tokens screen | Generate Admin Token. Previously available only as a REST API.
Google Cloud Platform Binary Provider Native Client Support
This release introduces support for the Google Storage native client binary provider, providing improved security using unique private keys.
To opt-in and use the new Google Cloud Storage template, see here.
Feature Enhancements
Improved AQL Performance with MSSQL DB
Significant performance improvement for AQL queries when searching artifacts according to build name and number.
Docker Installation Includes Upgraded OpenJDK Version 11.0.6
The OpenJDK version that is bundled with the Artifactory Docker image was upgraded to OpenJDK 11.0.6.
Debian InRelease
Added support for Debian InRelease metadata files. Artifactory will now produce an InRelease metadata file in the repository when working with GPG signing. Downloading a Debian package from Artifactory will now be faster as the client will only download the InRelease file without downloading the Release and Release.gpg files that are heavier.
Resolved Issues
JIRA Issue | Description |
|---|---|
| RTFACT-19530 | Improved the performance for the Promote Docker Image API. |
| RTFACT-19381 | Fixed an issue in which the RPM group settings would not be returned when using the Get Repository Configuration API. |
| RTFACT-16370 | Fixed an issue in npm repositories in which downloading npm packages that contain “.json” (e.g. merge-package.json) as part of the package name would fail. |
| RTFACT-8966 | Fixed an issue in Ruby Gems repositories in which downloading packages (e.g. sidekiq-pro) from a remote repository that points to gems.contribsys.com would fail. |
| Fixed an issue in NuGet repositories in which virtual repositories indexes would include extra unnecessary pages that would slow packages installation in some cases. This will now improve performance for NuGet virtual repositories. |
For a complete list of changes, please refer to our JIRA Release Notes.
Artifactory 7.3
Released: 23 March, 2020
Artifactory 7.3 is Available as a Cloud Version
The Artifactory 7.3 release is available only as a Cloud version. Artifactory 7.3.2 applies to on-prem and contains all the resolved issues in Artifactory 7.3.0 and 7.3.1.
Highlights
PAT (Personal Access Token) Support for Remote Repository Authentication
In addition to the basic authentication, with username and password, Artifactory now supports remote repository authentication using Personal Access Tokens (PAT). The big advantage of using PATs is that you can strengthen your Artifactory security practices by using Access Tokens for authentication instead of using your primary credentials. For example, you can configure your remote Docker repository to point to GitHub and authenticate it by using a PAT. You can use PATs for any package type. For more information, see Remote Credentials.
LDAP Improvements
Artifactory now supports a new type of Active Directory "Nested Groups" search, enabling performance improvements when working with LDAP. This feature requires that Active Directory runs on Windows Server 2012 R2 version or later. There are no additional requirements for the Active Directory Windows Server side. For more information, see Support for Nested Groups.
Write-disabled Mode Supported for Shard Storage Requests
To enhance storage sharding, Artifactory now supports disabling write-requests to shards.
This is useful, for example, when migrating data from a shard that must be replaced. First, the feature is used to write-disable the shard and then the data is migrated to a new shard.
In addition, the feature still allows garbage collection to continue to clean the deleted binaries from the write-disabled shard.
To set the write-disable mode on a shard in Artifactory, see the Configuring State-Aware Binary Provider section.
Support for Matrix-params with Conan Repositories
Artifactory now supports matrix parameters for Conan repositories. As a result, the Build Info for Conan packages uploaded to Artifactory SaaS is now available.Feature Enhancements
Restricting System and Repository Imports
Artifactory allows admin users to import and export data at both the system level and the repository level. For more information, see the Importing and Exporting section.
Sometimes, however, it is advantageous to restrict imports to avoid causing undesirable results. With this new feature, the system and repository import options can be disabled, thereby preventing specific admin users in the enterprise from performing imports. For example, you can stop an admin from overriding the Release Bundles distributed to an Artifactory Edge, by preventing him from importing the initial Artifactory state. For more information, see Importing and Exporting.
Resolved Issues
JIRA Issue | Description |
|---|---|
| Fixed an issue where Artifactory did not start as a service on RedHat 7.7 and Centos 7.7 when upgrading Artifactory from versions earlier than 6.14.0. | |
Fixed an issue where Docker Image failed to start with Oracle DB because Artifactory's Docker entry point could not get the endpoint of the external Oracle DB. | |
RTFACT-14848 | Fixed an issue where, even if the user had Deploy Permissions for the default deployment repository in the virtual repository, Set Me Up would incorrectly issue the following warning message: |
RTFACT-21117 | Fixed an issue whereby in some cases of a load-balanced remote repository, where two nodes are out-of-sync, a conflict between the metadata of a file and the contents of the file might result. |
RTFACT-20905 | Fixed an issue where pulling an image from a smart remote Docker repository always causes it to pull the manifest.json file from the source Artifactory. This behavior would cause a failure if the Artifactory source instance was not reachable. |
RTFACT-18779 | Fixed an issue where, after a pull replication was executed from a Docker smart remote repository, which was pointing to a Docker remote repository that in turn was pointing to a Docker Hub, Artifactory was not able to serve the artifacts from the local cache when the Docker smart remote repository was set to offline mode. |
RTFACT-20127 | Fixed an issue where the latest npm package was always being determined by the publish date, regardless of the artifactory.npm.tag.tagLatestByPublish system property value. |
RTFACT-19364 | Artifactory now supports the new Maven XML tag attributes that were introduced with Maven 3.6.x. |
RTFACT-21189 | The Go remote GitHub repository can now resolve both incompatible and compatible Go Module v2+ project version formats. |
RTFACT-20160 | Fixed an issue where the checksum for a Go module that was directly resolved from GitHub differed from the checksum when the module was resolved from gocenter.io or proxy.golang.org. |
RTFACT-20460 | Fixed an issue where Debian packages that did not contain control files would cause metadata resolution to fail when the $ apt update command was invoked. |
RTFACT-18399 | Fixed an issue that resulted in Artifactory generating incorrect metadata for some CRAN package types. |
RTFACT-21088 | Fixed an issue whereby viewing Docker images stored in a remote-cache displayed a hash symbol instead of a tag. |
RTFACT-21170 | Fixed an issue whereby the port used for Artifactory authentication in Artifactory 7 (8082) differed to Artifactory 6.0 (8081) causing backward compatibility to fail. |
RTFACT-20988 | Fixed an issue whereby upgrading to Artifactory 7.x caused the internal Hostname to be set to Artifactory instead of being configured as the IP address of the Artifactory server. |
RTFACT-18414 | Fixed an issue whereby the SHA256SUMS file was not tracked as an IDK in Debian Remote repositories. |
RTFACT-21395 | Fixed an issue whereby PyPI redirections did not recognize the value of the |
RTFACT-21388 | Fixed an issue whereby users (that are not defined as admins) in any group defined as an Admin group could not generate Join Keys. |
| Fixed an issue whereby indexing Helm Charts failed during high concurrent indexing. | |
RPG-287 | Fixed an issue whereby, hijacked sessions caused a memory leak in the JFrog Router service. |
For a complete list of changes, please refer to our JIRA Release Notes.
Artifactory 7.3.1
Released: March 23, 2020
Artifactory 7.3.1 is Available as a Cloud Version
The Artifactory 7.3.1 release is available only as a Cloud version. Artifactory 7.3.2 applies to on-prem and contains all the content from Artifactory 7.3.0 and 7.3.1.
Resolved Issues
| JIRA Issue | Description |
|---|---|
Fixed an issue whereby during an upgrade from Artifactory 6.x to Artifactory 7.x the admin password was reset. | |
| Fixed an issue whereby Artifactory could not pull artifacts from the Azure Container Registry. |
For a complete list of changes, please refer to our Jira Release Notes.
Artifactory 7.3.2
Released: 23 March, 2020
Tomcat Breaking Change
The Tomcat bundled with Artifactory has been upgraded to version 8.5.51 which introduces a change that might affect your Artifactory instance.
HTTP Date Headers
Due to a known issue in Tomcat 8.5.51, Artifactory may return HTTP date headers (Date, Last-Modified) in a timezone that is different than GMT. See more details here.
If you are using clients that make use of the "If-Modified-Since" request header in the request to Artifactory, you need to make sure that dates are sent in GMT format (as the HTTP spec mandates).
If the clients that you use send dates in GMT format, this change will not affect you.
Feature Enhancement
Upgraded Tomcat Version in JFrog Artifactory
The Tomcat bundled with Artifactory has been upgraded to version 8.5.51.
Issues Resolved
| JIRA Issue | Description |
|---|---|
Fixed an issue whereby under certain circumstances, authenticated users were able to:
| |
RTFACT-21509 | Fixed an issue whereby, selecting the Remember Me option in the Login screen to the Artifactory Cloud Web UI, would occasionally return an internal server 500 message if Artifactory was configured behind a reverse proxy using a small proxy buffer size. |
RTFACT-21539 | Fixed an issue whereby after upgrading Artifactory to 7.x, the Artifactory logs would not be sent to Sumo Logic in cases where the Sumo Logic integration was enabled. |
For a complete list of changes, please refer to our JIRA Release Notes.
Artifactory 7.2
Released: February 23, 2020
Highlight
JFrog Container Registry 7.0
JFrog Container Registry 7.0 has been released as part of the Artifactory 7.2 release. The JFrog Container Registry is powered by JFrog Artifactory with a set of features that have been customised to serve the primary purpose of running Docker and Helm packages in a Container Registry. For more information, see JFrog Container Registry.
Resolved Issues
| JIRA Issue | Description |
|---|---|
Fixed an issue whereby a metadata server reindex operation resulted in a database connection leak. |
Artifactory 7.2.1
Released: 23 February, 2020
Resolved Issues
JIRA Issue | Description |
|---|---|
Fixed an issue whereby, when upgrading to Artifactory 7.x, an error was generated when trying to log in to the JFrog Platform using OAuth SSO provider authentication and your Artifactory was configured with a context path other than |
Artifactory 7.1
Released: February 17, 2020
Resolved Issues
- Fixed an issue, whereby S3 CloudFront redirections did not function correctly.
- Fixed an issue, whereby Maven snapshot were not indexed with snapshot versions in the metadata server.
- Fixed an issue, whereby the Virtual repository info tab was displayed incorrectly when sorting by package type.
- Fixed an issue, whereby builds were displayed incorrectly in the Build view when performing multiple promotion steps.
- Fixed an issue, whereby Conan packages were uploaded incorrectly to Artifactory.
Artifactory 7.0
Released: January 12, 2020
Deprecated Features
Artifactory 7.0 introduces several deprecated features. Learn More >
Also, read about the features that are currently out of scope and will be available in later releases. Learn More >
Breaking Changes
For a list of breaking changes in Artifactory and other services in the JFrog Platform, click here >
REST API Changes
For a list of REST API changes in Artifactory, click here >
Important: The JFrog Platform web UI is now accessed through port 8082 (For example, http://SERVER_HOSTNAME:8082/ui/). Accessing Artifactory directly for REST API and downloads is still possible through port 8081. Learn More >
Highlights
JFrog Platform
Announcing the new JFrog Platform, designed to provide developers and administrators with a seamless DevOps experience across all JFrog products, supporting the following main features:
- Universal package management with all major packaging formats, build tools, and CI servers.
- Security and Compliance that's fully integrated into the JFrog Platform, providing full trust of your pipeline from code to production.
- Radically simplified administration with all configurations in one place.
- Complete trust in your pipeline all the way from code to production.
- Seamless DevOps experience from on-prem, cloud, hybrid or multi-cloud of your choice.
JFrog Platform New Functionalities
System Architecture
The new Artifactory architecture is more Cloud Native. The Artifactory application has been divided into several microservices. Learn More >
Artifactory system.yaml
This release introduces a new system configuration file, allowing system configurations to be handled externally to the application, before/after the installation process. Learn More >
Installation and Upgrade
Artifactory 7.0 comes with a new installer, which affects the installation and upgrade procedures. The file structure has been improved and is now aligned across all JFrog products. Learn More >
Upgrade process changes
Update reverse proxy and load balancer
When upgrading your Artifactory HA installation from version 6.x to 7.x, make sure to adjust your reverse proxy settings and update your load balancer configuration to use the new JFrog Platform URL http://<hostname>:8081. Complete upgrade instructions here.
Unified User Interface
This version introduces a new UI that is unified for the entire JFrog Platform, including all JFrog products. If you are using Artifactory and other JFrog products such as JFrog Xray, JFrog Distribution, JFrog Mission Control and JFrog Insights, you will now be able to access them all from within a single UI with one URL address. Learn More >
Unified Permission Model
This version unifies all JFrog product permissions, allowing easier permission management across all products from one unified UI. The Unified Permission Model enables you to create a single permission target that applies to all products installed in the JFrog Platform. Since the products are unified within the Platform, you can now use a single permission target to control the permissions of all products. Learn More >
Logging
All JFrog products now follow a standardized logging format and naming convention. Learn More >
Feature Enhancements
Packages page
While previously the Packages page provided information for Docker and npm packages, it is now extended to provide metadata for all package types in your system (excluding Git LFS and Generic repositories). Learn More >
Search Experience
The search experience has been enhanced to enable searching for all resource types, including packages, builds and artifacts from a single search bar. It now also includes advanced capabilities, such as keyword search, simplifying the search experience. Learn More >
Issues Resolved
JIRA Issue | Description |
|---|---|
RTFACT-17343 | When groups are imported from an LDAP server, groups names containing special characters are blocked and error messages are issued to alert the administrator. |
Fixed an issue where the | |
RTFACT-20888 | Fixed an issue where deploying an artifact using basic authentication, such as <username>:<API Key>, or an access token for authentication, would not send an email notification to users following the relevant repository. |
For a complete list of changes, please refer to our JIRA Release Notes.
Artifactory 7.0.1
Released: January 14, 2020
Issue Resolved
- Fixed an issue whereby the Download stats propagated incorrect information to the Metadata Service, resulting in incorrect data displayed in the UI.
Artifactory 7.0.2
Released: January 15, 2020
Issue Resolved
- Fixed an issue, whereby when performing SAML-based Single Sign-On to Artifactory, a URL with double slashes (‘//’) was returned causing the redirection requests to break.
Artifactory 7.0.3
Released: January 17, 2020
Issue Resolved
| JIRA Issue | Description |
|---|---|
Fixed an issue, whereby Filtered Resources (e.g. Maven's settings.xml) would return an incorrect encrypted password when authenticating with an access token or via the UI. |