Artifactory Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Artifactory 7.50
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-29316 | Artifactory could not install modules and providers from https://registry.terraform.io/ since Terraform Registry changed the CDN Providers on Jan 18th, 2023. This update changes the responses to the HEAD requests sent by the Artifactory remote repository to the Terraform Registry from 200 (Success) to 405 (Method not allowed) error. | Suggested Fix: Enable “Bypass HEAD Requests” in the Terraform Remote repository configurations. |
Artifactory 7.49
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-29316 | Artifactory could not install modules and providers from https://registry.terraform.io/ since Terraform Registry changed the CDN Providers on Jan 18th, 2023. This update changes the responses to the HEAD requests sent by the Artifactory remote repository to the Terraform Registry from 200 (Success) to 405 (Method not allowed) error. | Suggested Fix: Enable “Bypass HEAD Requests” in the Terraform Remote repository configurations. | |
JFUI-11951 | Selecting the "Attach License" screen does not display the JPD names. | An empty error message is displayed when trying to attach a license where in the expected license count is zero. | |
RTFACT-27545 | OpenJdk17.0.3, which is bundled with Artifactory 7.46/7.47/7.49 has a bug in the newrelic java agent, which causes Artifactory to fail to start up. | ||
RTFACT-29308 | The creation of new indexes might fail during the Artifactory upgrade for customers with Microsoft SQL Server (MSSQL) running with non-enterprise edition, since ‘online index’ operations are not available in every SQL Server edition. | ||
JA-4703 | Any changes made to the security configurations UI will override the custom configurations defined in the Access YAML Configuration. | 7.49.5, 7.50.3 | Customers with an Enterprise+ subscription that have Access Federation enabled will lose the Access Federation setup as a result of editing the security configurations WebUI. |
Due to MSSQL limit of number of parameters that a parameterized query can have (2100), an Artifactory with more than 300 repositories will not start after upgrading to version 7.49.5. | 7.49.5 | Workaround: After the upgrade, place the parameter | |
RTDEV-29281 | The maxUniqueSnapshots are not saved when the value is changed in remote repositories. | 7.49.5 | |
JFUI-11773 | In some cases, users are unable to login to the JFrog Platform when using Google Multi-Factor Authentication. | 7.49.5 | Workaround: Clear the browser cache and refresh the JFrog UI before attempting to login. If that does not work, disable Google Multi-Factor Authentication by removing the parameter |
Artifactory 7.47
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-27545 | OpenJdk17.0.3, which is bundled with Artifactory 7.46/7.47/7.49 has a bug in the newrelic java agent, which causes Artifactory to fail to start up. | ||
JA-4703 | Any changes made to the security configurations Web will override the custom configurations defined in the Access YAML Configuration. | 7.47.15 | Customers with an Enterprise+ subscription that have Access Federation enabled will lose the Access Federation setup as a result of editing the security configurations WebUI. |
Any external user (SAML, LDAP, OAuth, etc.) and users who previously had admin privileges are no longer able to be added via the UI to any Permission Target. | 7.47.12 | Workaround: You can add the user to the permission target with the Create or Replace Permission Target REST API. | |
RTFACT-29240 | When trying to initialize a new remote CocoaPods repository with GitHub, if the default branch on GitHub is not ‘master’, Artifactory will return a 404 error. | Workaround: Create a branch with the name ‘master’ and make it default. The initialize should work after that. | |
JA-4324 | Enabling anonymous access can cause Artifactory operate in unhealthy mode, meaning that the WebUI continuously displays the message "JFrog Platform will be available shortly". | 7.47.12 |
Artifactory 7.46
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-27545 | OpenJdk17.0.3, which is bundled with Artifactory 7.46/7.47/7.49 has a bug in the newrelic java agent, which causes Artifactory to fail to start up. | ||
JA-4703 | Any changes made to the security configurations UI will override the custom configurations defined in the Access YAML Configuration. | 7.46.21 | Customers with an Enterprise+ subscription that have Access Federation enabled will lose the Access Federation setup as a result of editing the security configurations UI. |
RTFACT-29239 | The default expiration of Access Tokens created by the deprecated Artifactory Create Token REST API ( | Suggested Workarounds:
| |
NPM installation fails if a bundledDependencies is present in the package.json. | 7.47.10 | ||
The List Docker Tags API does not work as expected - when executing this API, Artifactory queries the remote resource only once and caches the response. As a result, it will always use the cached response and will not query the remote again. | 7.49.5 | ||
RTDEV-28501 | Users are unable to log into Artifactory when there is an IP address in the X-Forwarded-For Header in the format <ip:port> in the schema name. | Suggested workaround: Add a header rewrite for X-Forwarded-For header in the application gateway. The header value should be: {var_add_x_forwarded_for_proxy} | |
RTDEV-28125 | Users performing Google authentication to the JFrog Platform will receive an error. | 7.46.6 | |
RTDEV-28125 | |||
JA-4295/JA-4233 | When there are more than five outbound servers configured in Access Federation, Artifactory fails to start. | 7.46.17 |
Artifactory 7.42
Issue ID | Description | Fix Version | Additional Information | |
---|---|---|---|---|
RTDEV-27713 | Native browser view doesn't have a scroll option | 7.46.11 |
Artifactory 7.41.6
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Access tokens timeout with a Terraform backend causing a permission error. | 7.46.3 | ||
Project Admin unable to create Repositories if a binding token exists. | 7.46.3 | If a binding token has been created (for Cold Storage or Federated Repositories), project admins are unable to create repositories for their projects. | |
RTDEV-26051 | The Proxy field in the remote/federated repositories settings that was actively set by users as empty with the intention that the proxy be disabled, is now automatically populated with the default proxy. | The following workaround is:
Note that in an upcoming Artifactory version you will have an option to configure this option in | |
JFUI-10893 / XRAY-12279 | When using Artifactory 7.41.4 & 7.41.6, when the Xray version is upgraded to 3.55.2, the Xray tabs in the UI will disappear. However, Xray functionality continues to work as expected. | 7.41.7 | This issue affects Artifactory 7.41.2 and 7.41.6 (inclusive) when using Xray 3.55.0 and above. This issue was resolved in Artifactory 7.41.7. |
Artifactory 7.41.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
META-1405 | Artifactory fails to start due to a failed MDS migration on MSSQL. | ||
RTDEV-26051 | The Proxy field in the remote/federated repositories settings that was actively set by users as empty with the intention that the proxy be disabled, is now automatically populated with the default proxy. | 7.41.7 | The following workaround is:
Note that in an upcoming Artifactory version you will have an option to configure this option in the WebUI. |
JFUI-10893 / XRAY-12279 | When using Artifactory 7.41.4 & 7.41.6, when the Xray version is upgraded to 3.55.2, the Xray tabs in the UI will disappear. However, Xray functionality continues to work as expected. | 7.41.7 | This issue affects Artifactory 7.41.2 and 7.41.6 (inclusive) when using Xray 3.55.0 and above. This issue was resolved in Artifactory 7.41.7. |
NPM virtual repositories cannot find specific URLs. | 7.49.5 | ||
RTDEV-27263 | Helm | Aritfactory adds unnecessary quotes to the index.yaml file. | 7.42.1 | |
Artifactory license file takes very long time to decrypt and load and fails starting up new nodes. | 7.49.5 | ||
RTDEV-27591 | NPM audit does not detect any vulnerabilities. | 7.42.1 |
Artifactory 7.41.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifacts deployed to repository via distribution of release bundle do not create Xray Index Events. | 7.41.4 |
Artifactory 7.39.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JA-3455 | Artifactory fails to verify Reference tokens federated by Access Federation, while other endpoints like Router/Access are able to verify the same token. | 7.41.6 | |
JR-5608 | Importing a Release Bundle through the UI upload fails using airgap. |
Artifactory 7.38.10
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory upgrade to version 7.49.5 which is integrated with MSSQL and has multiple repositories (~200 and above), might fail due to MSSQL hard-coded limitation of 2100 parameters per query. | 7.49.5 | Possible Workaround: Add the following property to the |
Artifactory 7.38.8
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Distribution and PDN Server appear to be up although they are not. | |||
JFUI-10052 | Not all packages are visible in the UI/Native Browser when listRemoteFolderItems=true for Maven Central Repo. |
Artifactory 7.38.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JA-3299 | Reference token expires earlier than expected. | 7.41.4 | Workaround: Use either Access Tokens or API Keys as a workaround. |
Artifactory 7.37.14
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
When a local repository is converted to a federated repository, all property sets are dropped. | |||
Cannot apply properties where the value contains an emoji on MySQL instances. | |||
RTDEV-26679 | ECDSA keys stop working upon an Artifactory restart. | 7.42.1 |
Artifactory 7.37.13
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The Get LDAP groups API returns a forceAttributeSearch = false even when it is set to true in the config.xml. | 7.41.4 | ||
Artifactory Returns 404 Instead of 403 for blocked artifacts from NPM Virtual Repositories. | 7.41.4, 7.41.6 | ||
JFUI-9594 | Bullseye view does not show issue details when the applicability scanner feature is enabled (Xray) | 7.38.0 |
Artifactory 7.35.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Users can set the |
Artifactory 7.35.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The CLI build scan command often does not match the severity of the UI Xray data. Related to Xray 3.44.3 |
Artifactory 7.35.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The Native browser returns a 404 message for artifacts that are not cached in remote repositories. | |||
Artifactory Cold Storage does not handle Docker images properly. | |||
Unable to create a release bundle from artifacts in a Project-assigned repository. Related to Distribution 2.12.0 | 7.37.12 | ||
For Self-Hosted Enterprise + users running an on-prem installation: When restarting Artifactory while using MySQL, Oracle, or MSSQL, if the Mission Control microservice is enabled, an SQL error occurs and Artifactory fails to restart. | 7.35.2 | ||
When customer tries to access the simple index of a smart remote pypi repo, they get a 404 response instead of getting the simple index of the upstream repository. |
Artifactory 7.33.9
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The uniqueNugetDeploy user plugin does not work in Artifactory version 7.x. |
Artifactory 7.33.6
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Project admins are not able to create remote repositories in Artifactory. |
Artifactory 7.31.10 & 7.33.6
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Conan authentication fails after updating group in UI. | 7.36.8, 7.37.13, 7.38.x |
Artifactory 7.31.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Using a DevExpress NuGet feed as a remote repository in Artifactory can result in a memory leak. The installation of NuGet packages from this remote repository may fail due to timeouts. | 7.38 | Workaround: Add the system property below to $JFROG_HOME/artifactory/var/etc/artifactory/artifactory.system.properties file and restart Artifactory for changes to take effect: artifactory.nuget.v2.search.page.size=1000 | |
Artifactory will fail to start up after upgrade if the system property artifactory.sql.converter.allowExternalConversionScripts=true | 7.31.11 | Workaround: Remove the system property artifactory.sql.converter.allowExternalConversionScripts=false |
Artifactory 7.29.7
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Unable to perform authentication to SaaS instance using user/password method |
Artifactory 7.29.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Attempting to resolve a NuGet package with PowerShellGet causes an NPE | 7.31.10 |
Artifactory 7.28.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
When clicking edit profile user gets a | 7.28.8 |
Artifactory 7.27.10
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
When using the Build UI and going to the dependencies, the ability to Diff with a previous build is disabled. The same is true for the Diff tab in the Build UI. | 7.29.0, 7.30.0 | ||
Artifactory cannot index some APK files generated by a build. |
Artifactory 7.27.6
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The 'Sync Delete' feature does not process the path prefix of the replication configuration. | 7.27.9, 7.28.1 | Triggering Replication will delete all the other artifacts in the repository and replicate the artifacts only mentioned in the path prefix. Workaround: | |
A case-insensitive download for a NuGet local repository did not work after restart. | 7.31.10 | ||
Federation does not work in a simple setup where Artifactory is configured without any reverse proxy or LB. | 7.27.9, 7.28.1, 7.29.3 |
Artifactory 7.27.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The "Delete From Archive" toggle on an Archive Policy may cause artifacts in the Cold Storage instance to get deleted prematurely. | 7.27.10 | We recommend disabling the "Delete From Archive" option in any Archive Policy for any version before 7.27.10. | |
Federation does not work in a simple setup where Artifactory is configured without any reverse proxy or LB. | 7.27.9, 7.28.1, 7.29.3 |
Artifactory 7.26.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The REST API for deploying artifacts with Checksum should not deploy the same file if the user does not have delete/overwrite permissions. | The solution for the issue is controlled by this property: |
Artifactory 7.26.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory fails to start due to a circular reference of systemRepoFactory . | 7.26.1 |
Artifactory 7.25.7
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Vagrant returns a 401 message when trying to add boxes from a restricted repository. | Access Tokens work to authorize Vagrant access, so instead of grabbing the token from the endpoint https://jfrog.com/knowledge-base/how-to-generate-an-access-token-video/ | ||
RTFACT-26382 | Edge nodes are not visible if a user has multiple permission targets associated with them. | Workaround: For non-admin users that have references in multiple permission targets, make sure to have only one permission target where the user is referred. |
Artifactory 7.25.6
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The distribution process fails with "Not found 400" errors when release bundles are being distributed after the Incomplete Release Bundles Cleanup Period time period and if the release bundle clean up job is triggered at that corresponding time. Related to Mission Control 4.7.11 & Distribution 2.9.2 | Suggested Workaround: Increase the Incomplete Release Bundles Cleanup Period |
Artifactory 7.24
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-26250 | The link to the HTTP-SSO does not work after the upgrade and generates an error message. | 7.24.6 | |
INST-5385 | Unable to create a Helm chart for Distribution. | 7.33.7, 7.35.10 |
Artifactory 7.22.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory auto recovery after the connection to standalone, i.e., a single database server is lost and then reestablished. | 7.36.1 |
Artifactory 7.21.7
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-26177 | Upgrading from Artifactory 6.x to 7.x creates a startup issue "Unknown HK2 failure detected". | 7.27.3 | Suggested Workaround: Download version 7.19 and take the relevant .jars from that version to the upgraded Artifactory. Replace the files in the following location: |
Artifactory 7.21.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JFUI-9886 | It is impossible to navigate in the Native UI if the directory in the path contains special characters. | This is a limitation of the Native browser. | |
RTFACT-26216 | The "Native Browser Redirect" feature prevents Windows PowerShell (Invoke-WebRequest command) from downloading a file. | Workaround: PowerShell users are advised to disable this feature until it addressed. To disable it, update artifactory.redirect.native.browser.requests.to.ui=false | |
Updating users via REST API affects user tokens for Conan requests. | 7.35.x |
Artifactory 7.21.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The application could not be initialized: Pull replication for repo php-flex-remote requires non-anonymous authentication to the remote repository. | 7.21.3 |
Artifactory 7.19.8
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-26046 | In Federated Repository, if the URL ends with a "/" when configuring Federated Repositories, this results in a GetVersion warning and pauses the queue. | Workaround: Input the URL without the ending "/" while adding repository as a member |
Artifactory 7.17 to 7.27
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The Artifacts browser general tab appears as blank | 7.29.7 |
Artifactory 7.9.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The Conan repositories created in the Free Trial are broken in version 7.9.0: Free Trial instances do not support Conan repositories; therefore, it is not possible to configure users using Conan repositories. | 7.10.5 |
Artifactory 7.8.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
System messages do not work in the UI. | 7.9.0 |
Artifactory 7.8.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory 7.8.0 does not start up after upgrading from Artifactory 6.21.0. | 7.8.1 |
Artifactory 7.7.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-23368 | When an Azure guest user tries to log in to Artifactory, they are not able to log in successfully. | 7.10.1 |
Artifactory 7.6.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Unable to run Singleton type tasks, such as garbage collection. Singleton type tasks are marked with markers to decide if they can run and stop other tasks from running. | 7.7.0 |
Artifactory 7.6.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
PostgreSQL driver should not be bundled in WARs but under tomcat/lib (the Postgres driver is being added twice in Docker containers: both as part of the Artifactory war (artifactory-online-war ) and copied during the Docker build (artifactory-pro-docker )). | 7.7.0 |
Artifactory 7.6.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory fails to start in Azure SAAS due to "FileNotFoundException: /home/artifactory/.postgresql/root.crt ". Consistently affects both AOL and JCR editions in SAAS. This issue occurs when we perform a redeploy of a SaaS customer with a new version, and occurs only on Azure staging environments (as opposed to other cloud providers). | 7.6.1 |
Artifactory 7.5.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Artifactory failed to start after redeployment. | 7.6.1 |
Artifactory 7.2.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
MDS migration causes the distributed_locks table to bloat during a 6.x to 7.x upgrade. | 7.24.0 | ||
RTFACT-21580 | Using join key twice (in file and system.yaml) causes startup failures | 7.11.1 |
Artifactory 7.0.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-7850 | Setting the default system proxy also changes the existing remote repositories definition. | 7.27.0 | |
RTFACT-21287 | Re-indexing a path on the metadata server will cause a connection leak and eventually a starvation of connections of the database connection pool, due to a query with a lazy AQL query with an unclosed result set. | 7.2.0 | |
Artifact search performance issue due to case-insensitivity. | From Artifactory 7.0.0, the "artifact search" via UI/API is case-insensitive by default. Workaround: The case-insensitive search can be disabled by applying the following property:
|
Artifactory 6.23.16
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Because the addition of the "Allow Content browsing" in feature allowed stored XSS and phishing, an addition was made to version 6.23.16 to remove this potential security issue. However, this addition can lead to problems with accessing resources like XML, HTML due to the new CSP header "Content-Security-Policy: sandbox". | 7.17.2 |
Artifactory 6.20.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-22591 | When trying to pull Docker images through mcr.microsoft , the proxy mcr.microsoft no longer works. This is probably due to an upgrade with the HTTP client. | 7.6.4, 6.21.0 |
Artifactory 6.19.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-21838 | Nuget local repository may return an incorrect version when IsLatestVersion=true . | 7.5.0, 6.20.0, 6.19.1 |
Xray Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Xray 3.59.x - 3.62.x
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-13755 | The indexer is stuck because the http response is not closed after isValidDocker returns an error. | 3.62.4, 3.63.0 |
Xray 3.59.4 & 3.60.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-13311 | Xray has stopped supporting Access Tokens generated with /api/security/token. | 3.59.8, 3.61.5 |
Xray 3.56.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-12360 | UI does not send repo name for builds | 3.57.6 |
Xray 3.55.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JFUI-10893 / XRAY-12279 | When using Artifactory 7.41.4 & 7.41.6, when the Xray version is upgraded to 3.55.2, the Xray tabs in the UI will disappear. However, Xray functionality continues to work as expected. | 7.41.7 | This issue affects Artifactory 7.41.2 and 7.41.6 (inclusive) when using Xray 3.55.0 and above. This issue was resolved in Artifactory 7.41.7. |
XRAY-12207 | Xray Ignore Rule creation fails because the component name is the same as the artifact name. | 3.57.2 |
Xray 3.52.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11685 | When there are two violations are on the same vulnerability - only one should be highlighted when the right-pane is open. |
Xray 3.51.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11687 | The Xray tab is not accessible for artifacts. |
Xray 3.51.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11600 | The Xray data tab crashes on Go artifacts. |
Xray 3.51.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11445 | Disabling the Contextual Analysis on a Docker repository causes the enabling switch to disappear from the UI and HTTP 500 errors. | 3.52.4 |
Xray 3.49
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11701 | In the Violations tab, sometimes when a policy is deleted, an error occurs and the violations related to the policy remain. | 3.59.4 |
Xray 3.45.0 & 3.48.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
XRAY-11565 | The API /api/v1/summary/component [post] is broken when Operational Risk is enabled. | 3.55.2 |
Xray 3.44.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
The CLI build scan command often does not match the severity of the UI Xray data. Related to Artifactory 7.35.2 |
Xray 3.44.2 and Below
Description | Fix Version | Additional Information |
---|---|---|
Due to a breaking change in the npm registry, for all Xray versions from 3.44.2 and below, Xray fails to perform an npm audit. | 3.43.4 | Workaround: Disable the feature by setting the following Artifactory system property ( $ARTIFACTORY_HOME/etc/artifactory.system.properties ) to a high value, for example:artifactory.npm.minimal.xray.audit.support=9.9.9 (default value). |
Xray 3.42.3
Description | Fix Version | Additional Information |
---|---|---|
In Xray HA, under certain situations, block download might not work as expected | 3.43.1 |
Xray 3.41.6, 3.42.3
Description | Fix Version | Additional Information |
---|---|---|
After upgrading from 3.26.2 to 3.41.7, Xray goes down periodically. | Workaround: The issue appears to be caused by a cleanup job. Disabling the cleanup job should stop this issue. |
Xray 3.41.0
Description | Fix Version | Additional Information |
---|---|---|
The JCLI indexing is failing for GO binaries. | 3.41.3 |
Xray 3.38.5, 3.40.2
Description | Fix Version | Additional Information |
---|---|---|
An internal AQL from Xray to Artifactory can cause significant load on the Artifactory database. The AQL is triggered when Xray scans a build. | 3.41.1, 3.38.6, 3.40.4 |
Xray 3.34.0
Description | Fix Version | Additional Information |
---|---|---|
JIRA integration - oauth1 integration does not working if there is not forward slash at the end of the jira server url | ||
in the integration page the name field gets cleared if we change the auth type | ||
JIRA integration - editing a profile sometimes crashes the xray | 3.35.0 |
Xray 3.33.1
Description | Fix Version | Additional Information |
---|---|---|
Updating a profile gives the wrong status code. | 3.33.3 | |
JIRA integration - for the basic auth integration, when mandatory keys are missing in the payload, the response should mention which exact keys are missing. | 3.33.3 | |
JIRA integration - for the oauth1 auth integration, when mandatory keys are missing in the payload, the response should mention which exact keys are missing. | 3.33.3 | |
JIRA integration - for the oauth2 auth integration, when mandatory keys are missing in the payload, the response should mention which exact keys are missing. | 3.33.3 | |
Some oauth2 fields are missing when clicking edit for the first time after creation. | ||
JIRA integration - the API allows the creation of an integration with empty values. | 3.33.3 | |
JIRA integration - the validation of the auth type during creation and update is missing, which means that the user can create an integration with any authType. | 3.33.3 | |
JIRA integration - the status code when trying to delete a non-existent integration is shown as 200 instead of 404. | 3.33.3 | |
JIRA integration - the status code when using an invalid integration name is 200 instead of 404. | 3.33.3 | |
JIRA integration - the status code when trying to get the issue types with an invalid integration name and ticketing project is 500 instead of 404 (when specifying which parameter is wrong). | 3.33.3 | |
JIRA integration - the status code when trying to get all Jira projects with an invalid integration name is 500 instead of 404. | 3.33.3 | |
JIRA integration - the status code when trying to get all labels with an invalid integration name is 500 instead of 404. | ||
While generating a public key, clicking the eye icon and then clicking copy creates different spacing in the public key compared to the key spacing without clicking the icon. |
Xray 3.27.0
Description | Fix Version | Additional Information |
---|---|---|
The scan build times out when the build name contains '/'. | 3.30.2 |
Distribution Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Distribution 2.14.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JR-5938 | No signing keys displays for non-admin users. | 2.14.3 |
Distribution 2.13.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JR-5569 | API Key is not supported in the Access Client |
Distribution 2.12.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Unable to create a release bundle from artifacts in a Project-assigned repository. Related to Artifactory 7.35.1 | 7.37.12 |
Distribution 2.11.0
Description | Fix Version | Additional Information |
---|---|---|
A critical issue causes a distribution process to fail when using older Artifactory versions. | 2.11.1 |
Distribution 2.10.3
Description | Fix Version | Additional Information |
---|---|---|
Unable to perform authentication to SaaS instance using user/password method |
Distribution 2.9.3 (Upgrade from 2.7.2 and 2.9.2)
Description | Fix Version | Additional Information |
---|---|---|
Unable to display distribution targets on UI - missing Mission Control backwards compatibility. Related to Artifactory 7.25.6 & Mission Control 4.7.3 | Workaround: You will need to upgrade Mission Control, preferably to 4.7.16, since 4.7.3 does not return the base URL, so that Distribution sets a null in place of it. | |
Distribution removes the properties that were set on the edge node repository. This means that there is a possibility that all the properties set by customer will be overridden. | 7.31.x | Fixed in Artifactory to resolve known issue. |
Distribution 2.9.2
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-26363 | The distribution process fails with "Not found 400" errors when release bundles are being distributed after the Incomplete Release Bundles Cleanup Period time period and if the release bundle clean up job is triggered at that corresponding time. Related to Artifactory 7.25.6 & Mission Control 4.7.11 | Suggested Workaround: Increase the Incomplete Release Bundles Cleanup Period | |
Edge nodes are not visible if a user has multiple permission targets associated with them. | For the non-admin users that have references in multiple permission targets, make sure to have only one permission target where the user is referred. |
Distribution 2.9.0
Description | Fix Version | Additional Information |
---|---|---|
Conflicting target path for the Docker layers | 2.9.1 |
Mission Control Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Mission Control 4.7.11
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
RTFACT-26363 | The distribution process fails with "Not found 400" errors when release bundles are being distributed after the Incomplete Release Bundles Cleanup Period time period and if the release bundle clean up job is triggered at that corresponding time. Related to Artifactory 7.25.6 & Distribution 2.9.2 | Suggested Workaround: Increase the Incomplete Release Bundles Cleanup Period |
Mission Control 4.7.3
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
Unable to display distribution targets on UI - missing MC backwards compatibility. Related to Artifactory 7.25.6 & Distribution 2.9.3 (upgrade from 2.7.2 and 2.9.2) | You will need to upgrade Mission Control, preferably to 4.7.16, since 4.7.3 does not return the base URL, so that Distribution sets a null in place of it. |
Mission Control 4.0.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
When using the Mission Control API GET /mc/api/v1/federation/{JPD ID} , the API overwrites manual configuration of Access Federation in access config files. |
Insight Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Insight 1.11.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
JFI-3725 | Insight promotion occurs from both the default project and Insight project. | Workaround: To prevent this type of race condition, remove the pipelines from the project that is not relevant - whether the pipelines is the default or Insight. |
Pipelines Known Issues
Detected Version
To check whether a released version has a known issue detected in it, look for the version number.
Pipelines 1.27.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
PIPE-9872 | There is an issue with w19 node 16 that appears to be related to JFrog CLI v1. | Workaround: Recommend moving to JFrog CLI v2. |
Pipelines 1.25.1
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
PIPE-9713 | The old UI view does not finish loading, which prevents fetching the run state log. |
Pipelines 1.24.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
PIPE-9438 | Rerun button fails with "Pipeline schema has changed since the previous run. Rerun is not allowed". |
Pipelines 1.21.0
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
PIPE-7891 | Adding event data for steps on an upgrade reqsealer can result in an crash in a scenario where the upgrade happens after the step was kicked off but before it is logged as an event. | 1.21.1 |
Pipelines 1.20.4
Issue ID | Description | Fix Version | Additional Information |
---|---|---|---|
An issue was found in default W19 images whereby GCP integrations were not working. | 1.20.7 |
Pipelines 1.18.0
Description | Fix Version | Additional Information |
---|---|---|
The runtrigger crashes, which causes the pipeline to get triggered multiple times. | 1.18.1 | |
The "Uploading step information' was looped 270 times for a single step that errored out. | 1.18.1 | |
The Jenkins Native steps get stuck. | ||
The "uploading step information" was looped 270 times for a single step that errored out. | 1.18.1 |
Existing Known Issues
Issue ID | JFrog Product | Description | Fix Version | Additional Information |
---|---|---|---|---|
JA-4390 | Platform | gRPC requests fails when user has a lot of groups. | 7.49.5 | |
JA-4174 | Platform | The Reset MFA Enrollment button is always disabled in the User edit page. | 7.49.5 | |
JFUI-11513 | Platform | The "Create New Application Integration" page is missing from Artifactory. | ||
JA-3433 | Platform | A 500 error is received when trying to edit a Permission Target updated via REST API. | 7.46.3 | |
Artifactory | Edge Node smart repository behavior: Able to successfully download the artifacts that exist under the smart remote cache repository of the Edge Node instance when the connection to the source Artifactory instance is lost. | 7.46.3 | ||
RTDEV-28161 | Artifactory / Distribution | In some cases, during a simultaneous distribution of Release Bundle versions that have artifacts with similar parent paths (BulkCopyOnMove mechanism), the distribution may fail silently (i.e., the Release Bundle version distribution will be marked as completed successfully despite the fact that the artifacts are not displayed in the target). | 7.47 | |
Artifactory / Distribution | AQL queries are able to consume massive amounts of database CPU after some time. | 7.46.3 | Distribution relies on AQL to find artifacts for a release bundle; however, if the customer has a lot properties, this becomes heavily inefficient, as some some AQL queries will take over an hour to complete, and hamper database performance. | |
PIPE-8688 | Pipelines | Installing with a custom CA causes connections to public providers to fail. | 1.25.0 | |
PIPE-9075 | Pipelines | Pipelines does not work with the default Helm Chart settings. | Websockets do not work with Artifactory's nginx configuration. You may want to use ingresses when using Pipelines as a workaround. | |
JR-5590 | Distribution | Signing a release bundle that includes artifacts from the build with the name or with a number larger than 64 chars fails. | 2.13.4 | |
XRAY-8838 | Xray | When invoking the build-scan API (via the JFrog CLI) the URL that is returned leads to a 404 when the scan occurs on a build that is in a non-default project. | 3.37.2 | |
RTDEV-26980 | Artifactory | When uploading a file that already exists in the object store remains in eventual. | ||
JR-5440 | Distribution | Signing release bundles with a passphrase works only with the default GPG. | ||
RTDEV-26800 | Artifactory | When setting multiple replications per repository in the UI, there is no way to set a dedicated cron expression for each replication. Only a single one in the main screen. | Suggested Workaround: Use the Multi-push Replication API and set the cron per entry. | |
Artifactory | VCS Remote to Azure-hosted Repositories is not supported in Artifactory. | Currently Azure-hosted repositories are not supported. | ||
Artifactory | The beforeDownloadRequest callback does not work with the Docker Virtual repository. | The repository ID of the actual repository from which the artifact was requested in the callback is unknown in the case of virtual repositories. | ||
A thread leak in the access-go-client causes an error. From Artifactory 7.38.7 also affects Xray. | 3.50.0 | Fixed in Xray version. | ||
Many grpc calls are being blocked because of a platform performance issue: in these cases there are many threads waiting for a cache to be initialized in permissions. | 7.38.7 | Suggested Workaround: If you are not using Projects, you can change the parameter | ||
RTFACT-25553 | Artifactory / Distribution | Edge Webhook - Artifactory Release Bundle Domain should be Release Bundle. The Artifactory Release Bundle domain has been renamed Destination to consolidate all under same Release Bundle domain. | Artifactory 7.18.0 Distribution 2.10.5 | |
Distribution | Slowness issue in the release bundles list page. | Distribution 2.10.3 | ||
Distribution | In cases where the Mission Control token had an extended expiration, the connection of the Distribution instance to the remote Mission Control using a circle of trust for token validation fails. | Distribution 2.9.3 | ||
Xray | Artifacts are not indexed and the persist queue continues to grow when the number of persisted workers is increased without properly updating the max-connections configuration. | The issue has not been resolved but a watchdog was introduced to enable faster detection of the misconfiguration. When the problem occurs, the following warning willl appear in the log file: "All db connections are in use (30/30) for 3m. service might not be functioning. Consider increasing the persist.database.maxOpenConnections configuration parameter". |
Database Schema Known Issues
The JFrog Platform requires a common database upgrade infrastructure for all products. Currently, each product has a different implementation, so the following database schema-related issues are also addressed in this Known Issues document.
Issue ID | Description | Affected From Version | Fix Version | Additional Information |
---|---|---|---|---|
RTFACT-20842 | Added database indexes to support AQL queries for Postgres - performed internal changes to the database indexing mechanism to improve the AQL Query Performance for Postgres. | 7.35.1 | ||
Problems when upgrading from 6.16.2 to 7.7.8 | 7.7.8 | |||
Artifactory does not cleanly remove deleted configuration import files | 7.12.6 | 7.23.3 | ||
The security.<timetstamp>.xml file is being synced between nodes after upgrade upon Artifactory start process | 7.5.7 | 7.23.3 | ||
Artifactory failure on redeployment with MySQL Art database for customers who do not have Mission Control Pro or Enterprise subscriptions. | 4.11.0 | 4.14.0, 4.13.2 |