Have a question? Want to report an issue? Contact JFrog support

Skip to end of metadata
Go to start of metadata

Overview

This page presents release notes for JFrog Artifactory describing the main fixes and enhancements made to each version as it is released. For a complete list of changes in each version, please refer to the JIRA Release Notes linked at the end of the details for each release.

If you need release notes for earlier versions of Artifactory, please refer to the  Release Notes in the Artifactory 3.x User Guide.

Download 

Click to download the latest version of  JFrog Artifactory Pro.

Click to download the latest version of  JFrog Artifactory OSS.

Previous Versions

Previous versions of JFrog Artifactory Pro and JFrog Artifactory OSS are available also on JFrog Bintray.

Click to download previous versions of  JFrog Artifactory Pro.

Click to download previous versions of JFrog Artifactory OSS as a  ZIP or  RPM.

Installation and Upgrade

For installation instructions please refer to Installing Artifactory.

To upgrade to this release from your current installation please refer to Upgrading Artifactory.

(lightbulb) To receive automatic notifications whenever there is a new release of Artifactory, please watch us on  Bintray.


Artifactory 5.1

Released: February 21, 2017

Configuration Management with Chef

Artifactory meets the heart of DevOps adding full support for configuration management with Chef. Share and distribute proprietary Cookbooks in local Chef Cookbook repositories, and proxy remote Chef supermarkets and cache remote cookbooks locally with remote repositories. Virtual Cookbook repositories let you access multiple Cookbook repositories through a single URL overcoming the limitation of the Knife client that can only access one repository at a time.

Configuration Management with Puppet

Artifactory now also fully supports configuration management with Puppet. Use local Puppet repositories to share and distribute proprietary Puppet modules, and use remote Puppet repositories to proxy and cache Puppet Forge and other remote Puppet resources. Use a virtual Puppet repository so the Puppet client can access multiple repositories from a single URL. 

Main Updates
  1. Support configuration management with Chef through Chef Cookbook repositories. Artifactory fully supports the Knife client for authenticated access, and also supports Berkshelf for anonymous access. Authenticated access for Berkshelf will be added in a forthcoming release. 
  2. Support configuration management with Puppet through Puppet repositories. Full support for Puppet command line along with local, remote and virtual repositories for hosting and provisioning Puppet modules. 
  3. For Artifactory administrators, a list of common actions is available from the top ribbon in the Artifactory UI for quick and easy access. This makes it easy to do things like creating repositories, adding users, adding groups and more. 
  4. Artifactory can now be run as a standalone instance in a Kubernetes cluster. For details, please refer to JFrog's examples using Docker on GitHub.
  5. Artifactory now supports disabling UI access (i.e. the user may only access Artifactory through the REST API) through the addition of the disableUIAccess element in the Security Configuration JSON.  
  6. The default order of repository types in the tree browser has been changed to show virtual and distribution repositories first, as these are accessed more frequently, and then local and remote repositories.
  7. Modified NGINX reverse proxy configuration generated by Artifactory to enable using NPM scoped packages. 
  8. A performance issue with the login and logout procedure has been fixed, so the time to login or logout is now significantly reduced.
  9. A bug in which duplicate files simultaneously uploaded to a sharded filestore occasionally caused deletion of the files, was fixed.
  10. A bug in permissions management that disabled the Admin module after removing the default "Anything" and "Anonymous" permissions, was fixed.
  11. Fixed an issue when upgrading Artifactory 4.x to 5.x in which the IAM role settings for S3 object storage in the binarystore.xml were not correctly migrated to the upgrade has been fixed.

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 5.0

Released: January 31, 2017 

Improvements in Artifactory HA
  • Cloud Native Storage: Artifactory HA infrastructure has undergone significant changes and now fully supports cloud native storage. We have completely removed the requirement for using a Network File System (NFS). This release introduces a new type of binary provider that manages distribution of files and configuration across the cluster nodes. This new functionality supports scaling out your storage by relying on object storage solutions or using the nodes' filesystem without the limitations of a traditional NFS, while enjoying other benefits such as distributed storage and redundancy.
  • Removal of Sticky Sessions: Artifactory no longer requires that the load balancer used in the Artifactory HA network configuration support session affinity (sticky sessions). You may need to change or remove NGINX configurations that related to sticky sessions.
  • Cluster License Management: Managing licenses for an Artifactory HA cluster is much simpler in Artifactory 5.x. Instead of registering a license per node, just upload all your cluster license keys to any cluster node, and Artifactory will transparently allocate them as new nodes are added to and removed from the cluster. This allows automatic provisioning of cluster nodes without the need to deal with manually assigning a license for each node. 
Compatibility with JFrog Mission Control

If you are managing your Artifactory licenses through JFrog Mission Control, Cluster License Management will also be supported in Mission Control, starting from version 1.8, scheduled for release with the next release of Artifactory which is scheduled for February 2017.

To perform a clean installation of Artifactory HA, please refer to HA Installation and Setup.

To upgrade your current installation of Artifactory HA, please refer to Upgrading Artifactory HA.

Running Artifactory as a Docker Container

Installing and running the Artifactory Docker image has been greatly simplified. Essentially it is now a matter of running docker pull and then docker run, while passing in mounted volumes to maintain persistence. 

Access Tokens

Artifactory 5.0 introduces access tokens as a new and flexible means of authentication allowing cross-instance authentication, authenticating both users and non-users, providing time-based access control and group-level access control. 

Enriched and Simplified Onboarding Experience

When starting up for the first time, Artifactory presents two new ways to get you through basic setup and configuration so you can get started immediately. The first is the Onboarding Wizard that creates default repositories for package types you select, sets up a reverse proxy, sets the Admin password and more. The second is a YAML Configuration File in which you can configure the same parameters that the wizard is used for. For example, once you have configured your first instance of Artifactory through the Onboarding Wizard, you can generate the YAML Configuration File from it and use that to spin up additional instances with the same initial configuration.

New Home Screen

The Artifactory Home Screen has been completely redesigned in version 5.0. The new Home Screen provides quick and easy access to some of the most common actions taken by users including searching for artifacts using any of the search methods available, creating new repositories, displaying the "Set Me Up" dialog for any repository, showing information on the latest builds and downloaded artifacts and more.



Breaking Changes

Artifactory HA Infrastructure has Undergone Several Changes
  • Removal of NFS requirement: Previously, Artifactory HA required setting up a mount that was used by the $CLUSTER_HOME folder to synchronize configuration and binary files between the cluster nodes. This requirement is now removed. Configuration files are maintained in the database, and binaries may be stored on alternative storage such as local storage on each node or on a cloud storage provider.  To learn how to migrate your filestore from NFS to alternative storage, please refer to Migrating Data from NFS.
  • Bootstrap Bundle: When setting up an HA cluster, you need to create a bootstrap bundle on the primary node, and then copy it to each secondary node you add to the cluster before starting it up. 
  • License Management: Artifactory HA licenses are now fully managed through the Cluster License Manager. 
  • Unlicensed Nodes: When adding and starting up a node, if a valid license is not available to the Cluster License Manager, the node will continue to run, but will remain unlicensed and return a 503 error to any requests it receives. To keep your HA cluster running until the node is licensed, you can modify your reverse proxy configuration to redirect requests to the next upstream if a 503 error is received by adding 
    proxy_next_upstream http_503 non_idempotent;

    Please refer to Configuring a Reverse Proxy where you can generate a new Reverse Proxy Configuration that includes the modification needed.
Black Duck Code Center Integration Deprecated

Artifactory's direct integration with Black Duck Code Center has been deprecated. To continue using the Black Duck service, you can connect Artifactory to JFrog Xray which has integrated with Black Duck as an external provider of issues and vulnerabilities. 

Global /repo Repository Deprecated

The Artifactory /repo repository endpoint is being deprecated. As part of the deprecation, any requests to the global /repo repository will no longer be valid, regardless to the value of the artifactory.repo.global.disabled system property. If you believe this deprecation will affect existing build jobs or scripts that are referencing the global repo, due to the deprecation, you will now be able to create your own standard Virtual Repository and call it “repo”, since the name will no longer be reserved.

Change in Startup and Shutdown Scripts

The startup and shutdown scripts have changed in Artifactory 5.0. Previously, these scripts used to create the "Artifactory" user as a standard user. To improve security, the user is now created without a login shell and the execution scripts use "su -s" (instead of "su -l") which means that the Artifactory user will not be available for any purpose other than for startup and shutdown.

Set Item Properties REST API Endpoint Changed

The version of Tomcat used in Artifactory 5.0 has been upgraded to 8.0.39. This version of Tomcat no longer supports unencoded URLs, so the Set Item Properties REST API endpoint which used a pipe character ("|") as a separator has undergone corresponding changes so you can use a semicolon (";") as a separator instead, or use escaping to represent a pipe as %7C. Any scripts that use this endpoint may have to be changed to support the new specification. For details, please refer to Set Item Properties

Session ID Cookie Changed

Your Artifactory session ID is now stored in a SESSION cookie (instead of a JSESSIONID cookie).

 


Main Updates
  1. Artifactory can now be installed in a High Availability configuration without needing an NFS.  
  2. Cluster License Manager for Artifactory HA installations automatically manages licensing for your cluster nodes. This will also be supported by JFrog Mission Control in its forthcoming release.
  3. Greatly simplified Artifactory Docker image installation.
  4. Authentication using Access Tokens
  5. Greatly simplified onboarding using either a UI wizard or a YAML file. 
  6. Home Screen has been redesigned with a new look and feel for easy access to common actions and a rich user experience.  
  7. Search has been redesigned and is now available as a separate module for easy access from anywhere. 
  8. UI notifications in Artifactory have been improved for clarity.
  9. Monitoring Storage is updated with a new look and feel.
  10. Removed the requirement for session affinity in the load balancer used in an Artifactory HA cluster.
  11. Direct integration with Black Duck has been deprecated. You may continue using Black Duck through JFrog Xray.
  12. Global /repo repository has been deprecated.
  13. Artifactory Tomcat version was upgraded to 8.0.39.
  14. From version 5, the YUM package type is replaced with RPM. i.e. what used to be a YUM repository is now referred to as an RPM repository. YUM will continue to be supported as a package type when creating repositories through the REST API for backward compatibility.  
  15. Users who are logged in through a SAML server can be associated with LDAP groups through the use of a user plugin. Use this user plugin as a reference as an example of a user plugin.
  16. LDAP login performance was improved by narrowing Arifactory's search filter so it only searches through groups that have been imported to Artifactory rather than the full set of LDAP groups.
  17. Added support for Docker manifest to reference remote layers by URL that will be pulled by the Docker engine before running the image.
  18. Added metadata validation for Debian packages to ensure Debian repositories are not corrupted by malformed packages. 
  19. Fixed an issue in which Docker images which were imported to Artifactory and then exported sometimes failed to produce the correct schema.
  20. Fixed an issue regarding email notifications for backups so that now, a notification is sent for both manual and automatic scheduled backups if the backup fails.
  21. Fixed an issue in which downloading from a virtual Git LFS repository would fail if the file would not exist in the first positioned repository in the list. 
  22. Fixed an issue in which YUM metadata GPG signing was skipped if the passwords in Artifactory were encrypted.
  23. Fixed an issue in which Git LFS repositories that require authentication will fail push requests when Anonymous Access is enabled.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 5.0.1

Released: February 7, 2017

Main Updates
  1. A memory leak that was discovered in the new cluster license manager implementation has been fixed. This issue may have caused Artifactory to stop responding and is now resolved.
  2. A limitation in Artifactory HA, that potentially prevented you from accessing large support bundles, and prevented Artifactory from starting up, has been removed. Now, you can access the support bundle for any node in an HA cluster regardless of its size.

  3. An issue preventing Artifactory from starting up when using IBM JDK 8 has been fixed.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.16

Released: January 16, 2017

Support for Xray CI/CD Integration

As a critical link between JFrog Xray and Jenkins CI (more CI servers will be added in future releases), Artifactory adds support for Xray's CI/CD integration allowing you to fail build jobs if vulnerabilities are found in the build. Artifactory acts as an intermediary between Jenkins and JFrog Xray. 

You can configure the Jenkins Pipeline to send a synchronous request to Xray to scan a build that has been uploaded to Artifactory. Artifactory passes the request on to Xray which scans the builds in accordance with Watches you defined, and respond with an indication to fail the build job if an alert is triggered.

Xray CI/CD integration is supported from Artifactory 4.16, JFrog Xray 1.6 and Jenkins Artifactory Plugin 2.9.0.

Main Updates
  1. Add support for JFrog Xray CI/CD integration allowing you to fail build jobs if the build scan triggered an alert.

  2. Fix a bug that caused a memory leak related to JFrog Mission Control DR configuration.
  3. Fix an issue in which createdBy and modifiedBy fields were missing after running an import.

  4. When a build is deleted, whether through the UI, via REST API or due to a build retention policy, Artifactory now sends a corresponding event to Xray so it can remove that build from its database and avoid triggering alerts for deleted builds.
  5. A fix has been put in place to prevent a security vulnerability (CVE-2016-10036) that may have been exploited through a web UI API endpoint, which potentially allowed unauthorized uploading of files to unexposed locations in the Artifactory host. 
    JFrog would like to thank Alessio Sergi of Verizon Enterprise Solutions for reporting this issue and for working with JFrog to help protect our customers.

Artifactory 4.15

Released: December 13, 2016 

Conan Repositories

Artifactory brings binary repositories to the world of C/C++ development with support for Conan repositories. By supporting the Conan client, Artifactory offers enterprise grade repository management supporting high-availability, fine-grained access control, multi-site development, CI integration and more. Providing an in-house local repository for C/C++ binaries, Artifactory is a secure, robust source of dependencies and a target to efficiently upload packages built through Conan. C/C++ development will never be the same again.

Main Updates
  1. Add support for Conan repositories
  2. Significantly improved performance in Artifactory installations serving thousands of users related to the intensive permission validation process. For example, this should solve slow NuGet search issues in these Artifactory installations.
  3. Fixed an issue in which changing the severity specified for download blocking for a repository, or removing it altogether, did not update Xray correctly and the change was not registered. 
  4. Fixed an issue in which the JSON returned from Get Repository Replication Configuration was not always compatible with REST API endpoints used to set repository replication configuration. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.14

Released: October 20, 2016

PHP Composer Repositories

Artifactory now supports development with PHP as a fully-fledged PHP Composer repository. Create local repositories to host your internal PHP packages, or proxy remote resources that host PHP index files or PHP binary packages. 

Main Updates
  1. Support PHP Composer local and remote repositories.
  2. Artifactory can now issue a warning before running a backup if there is insufficient disk space.
  3. Performance when simultaneously calculating Debian metadata for multiple distributions in multiple repositories has been improved.
Known Issues
  1. In case DR instance is manage by JFrog Mission Control there is a risk of a memory leak which may cause the Artifactory service to stop responding.
    Related issues are RTFACT-12854RTFACT-13358

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.14.1

Released: November 1, 2016

Main Updates
  1. Fixed an issue related to clean up of YUM metadata index files.
  2. Fixed a distribution issue related to packages with special characters (e.g. ':') in the package or version name.
Known Issues
  1. In case DR instance is manage by JFrog Mission Control there is a risk of a memory leak which may cause the Artifactory service to stop responding.
    Related issues are RTFACT-12854RTFACT-13358

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.14.2

Released: November 27, 2016 

Main Updates
  1. LDAP login performance improved
    Login performance has now been improved by only searching attributes that have been configured in the LDAP Group setting rather than for the entire set of attributes. This is especially noticeable when user belongs to many groups.

  2. Npm search issue fix
    Due to breaking changes in npm client behavior, from version 4.0 of the Npm client, searching through Artifactory was failing. This was because the client could not parse the response with the "_updated" field of searches that used "since" . This has now been fixed by removing the field from the response for partial searches.

  3. NuGet search issue fix
    When the results of NuGet package search required pagination, several results were omitted. This was due to a mismatch between how Artifactory returned each page of the results (using a "$skip" parameter), and how the NuGet client expected the result (based on the "$top" parameter. This has now been fixed by aligning Artifactory with the NuGet client so no results are omitted.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.14.3

Released: December 7, 2016 

Using Previous Encryption Keys

If Artifactory is unable to decrypt data with the current Master Key (the contents of the artifactory.key file), you can now set the artifactory.security.master.key.numOfFallbackKeys property in the artifactory.system.properties file which specifies the number of previous keys Artifactory should try and use to decrypt data .

Main Updates
  1. Enable Artifactory to use previous Master Keys keys to decrypt data.
Known Issues
  1. In case DR instance is manage by JFrog Mission Control there is a risk of a memory leak which may cause the Artifactory service to stop responding.
    Related issues are RTFACT-12854RTFACT-13358

For a complete list of changes please refer to our JIRA Release Notes .


Artifactory 4.13

Released: September 21, 2016

Xray Enhancements
  • Global enable/disable: Globally enable or disable the Xray integration 
  • Download blocking: When connected to JFrog Xray, Artifactory can be configured per repository to block download of artifacts that have not yet been scanned, or those that have been scanned and identified to include issues of a given severity
  • Scan specific artifact or path: Initiate scanning and indexing of a specific artifact or path selected in the tree browser
JMX MBeans to support monitoring of log appenders for log analytics 

Artifactory now implements MBeans that let you monitor appenders that send log information to Sumo Logic for log analytics. 

Main Updates
  1. Enhancements to the Xray integration including globally enabling or disabling the integration, download blocking and specific artifact/path scanning.

  2. JMX MBeans that monitor appenders that send log data to Sumo Logic for log analytics.

For a complete list of changes please refer to our  JIRA Release Notes.


Page Contents


Artifactory 4.13.1

Released: October 13, 2016

Main Updates
  1. An issue, in which Bower packages downloaded from virtual repositories were returned "flat" rather than in their original structure, has been fixed.

  2. The system logs are refreshed periodically. An administrator can now pause the countdown to refresh the system log. 

  3. The order in which different repository types are sorted in the tree browser can now be set by a system property. 

  4. Performance when managing Groups and Users for permission targets has been improved.

Known Issues
  1. In case DR instance is manage by JFrog Mission Control there is a risk of a memory leak which may cause the Artifactory service to stop responding.
    Related issues are RTFACT-12854, RTFACT-13358

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.13.2

Released: October 18, 2016

Main Updates
  1. Fixed security issue and minor bugs. 

Known Issues
  1. In case DR instance is manage by JFrog Mission Control there is a risk of a memory leak which may cause the Artifactory service to stop responding.
    Related issues are RTFACT-12854RTFACT-13358

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.12.0.1

Released: August 29, 2016

Note: This release replaces version 4.12.0 due to a critical issue that was found.

JMX MBeans

To monitor resource usage, Artifactory now implements JMX MBeans that monitor HTTP connections. This exposes a variety of new parameters that you can monitor such as remote repositories, JFrog Xray client connection, distribution repositories, replication queries, HA event propagation and more.

YUM Virtual Repositories

With support for virtual YUM repositories, you can both download and upload RPMs using a single URL.

Main Updates
  1. Support YUM Virtual Repositories.

  2. JMX MBeans support has been expanded to allow monitoring HTTP connections.

  3. A remote repository and its corresponding cache are now collated in the Artifact Repository Browser and displayed together rather than in separate sections. 

  4. As a convenience feature, you can now filter users to be removed from a group or repositories to be removed from a permission target.

  5. Hazelcast interface matching has been disabled, allowing you to run Artifactory HA cluster nodes under different Docker hosts.
  6. targetInfo variable has been added to the Replication User Plugin context allowing you to specify the target Artifactory URL and repository. 

  7. Performance of RubyGems api/dependencies queries has been improved.
  8. Push replication now supports synchronizing download stats (for local repositories). To avoid inadvertent deletion artifacts, this is recommended when setting up replication for disaster recovery.

Known Issues
  1. When pushing existing docker layers to using to deploy to virtual layers will be uploaded to the wrong path. The path with be prefixed with the target local repository key.
    Note that pull command will continue to work as expected.
    Related issue is RTFACT-12396, fixed in version 4.12.1.
  2. RubyGems dependency query might cause unexpected DB behavior when working with a very large sets of artifacts.
    Related issue is RTFACT-12480, fixed in version 4.12.2. 

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.12.1

Released: September 7, 2016

Main Updates
  1. Fix an issue that caused existing Docker layers to be uploaded to the wrong path when deploying to a virtual repository. 
    This patch will also include a conversion to move layers from the wrong path to the correct path. 

  2. Fix "AWS EC2 IAM SessionCredentials" refresh token process, when using IAM role and time is set to any time zone other than GMT.

 
Known Issues
  1. RubyGems dependency query might cause unexpected DB behavior when working with a very large sets of artifacts.
    Related issue is RTFACT-12480, fixed in version 4.12.2. 

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.12.2

Released: September 14, 2016

Main Updates
  1. Fix an issue causing DB to behave unexpectedly when using /api/gem/dependencies query on RubyGems repositories with a very large set of artifacts. 

  2. Fix an internal server error on "Artifacts Not Downloaded Since" REST api.

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.11

Released: July 31, 2016

JFrog Xray Integration

The first official version of JFrog Xray, version 1.0 has been co-released with this version of Artifactory. JFrog Xray 1.0 supports Artifactory 4.11, and above.

To integrate JFrog Artifactory 4.11 with JFrog Xray 1.0 you need to take the following steps:

  • If you are doing a clean installation of JFrog Artifactory 4.11, follow the usual instructions under Installing Artifactory, and then install JFrog Xray as described in the JFrog Xray User Guide.

  • If you are upgrading from a previous version of JFrog Artifactory to which you had connected the JFrog Xray preview version, please follow  these instructions to create a clean environment for installation. 

Performance

This version presents several improvements in performance including deletion of an artifact's properties, garbage collection and data import and restoring artifacts from the trash can.

Main Updates
  1. Performance when making many changes (e.g. Delete all) to an artifact's properties has been greatly improved.

  2. Performance of the trash can has been greatly improved both when deleting artifacts or restoring them from the trash can.

  3. Garbage collection and data import performance has been greatly improved by separating these two actions in different threads.

  4. For artifacts that are indexed by JFrog Xray, the General tab in the tree browser now displays Xray indexing and status information.

  5. Repository Configuration REST API endpoint has been updated to provide caller with the same information that is available, according to that user's permissions, when querying a repository through the UI . 

  6. A fix has been put in place to prevent a security issue due to "LDAP Attribute Poisoning" (CVE-2016-6501).
    JFrog would like to thank Alvaro Munoz and Oleksandr Mirosh of Hewlett Packard Enterprise for reporting this issue and for working with JFrog to help protect our customers.
     

Known Issues
  1. Null pointer exception error is thrown when a property has a NULL value (RTFACT-12058).
    This might be caused by YUM metadata calculation when a YUM group is being used causing the vendor value to be NULL. 
    As a workaround for this issue you can set the following system property artifactory.node.properties.replace.all=true under $ARTIFACTORY_HOME/etc/artifactory.system.properties and restart Artifactory service. (in case you are using High Availability set up this change need to be done on each node).

    Make sure to change the value back to false after you upgrade to a later version since this issue is already fixed and leaving it to true will result in Artifactory not using the new properties update mechanism. 

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.11.1

Released: August 14, 2016

Improvements to Docker Registries

Several improvements have been made for Docker registries in Artifactory.

  • Pull replication for remote Docker repositories, that was previously not possible due to a limitation in the Docker client, has now been enabled for images created with the manifest schema v2.
  • Storage of Docker images has been optimized so that Artifactory will not duplicate layers of a Docker image that is pushed if those layers already exist elsewhere in Artifactory.
Main Updates
  1. In addition to listing files in Amazon S3 storage, Artifactory can now also list files in Google S3 storage.

  2. Pull replication has now been enabled for Docker registries for images created with manifest schema v2.
  3. When pushing a Docker image that contains layers that already exist, Artifactory will using the existing layers rather than storing an additional copy.
  4. Artifactory now supports GPG signing for YUM metadata
  5. AQL can now be invoked from user plugins related to search.
  6. Artifactory is now available for installation as a Debian distribution for Xenial (Ubuntu 16.04).

Known Issues
  1. When pushing existing docker layers to using to deploy to virtual layers will be uploaded to the wrong path. The path with be prefixed with the target local repository key.
    Note that pull command will continue to work as expected.
    Related issue is RTFACT-12396, fixed in version 4.12.1.

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.11.2

Released: August 17, 2016

Main Updates
  1. Fix sending unnecessary delete event to Xray when overriding file with the same checksum.

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.10

Released: July 19, 2016

Log Analytics

This version introduces the capability for integration with Sumo Logic Log Analytics. Artifactory creates an account with Sumo Logic so you can view advanced analytics of your Artifactory logs to discover performance bottlenecks, attempts at unauthorized server access and more.

Docker Image Cleanup

You can now configure how many snapshots of each docker image tag Artifactory should store before deleting old snapshots to avoid them accumulating and bloating your filestore.

Main Updates
  1. Integration with Sumo Logic for Log Analytics
  2. Configure Artifactory to automatically cleanup old tags of Docker images by limiting the number of unique tags stored in any Docker registry in Artifactory.
  3. Performance of Maven metadata calculation has been improved to accommodate many delete operations on a Maven repository.
  4. A new navigation menu with major improvements in the Admin module allowing you quickly filter and navigate to a specific category. The full menu is displayed on a mouse-over, and you can enter a search term to emphasize the item you are looking for. 
  5. Support retagging a Docker image as part of the Docker promotion REST API, enabling you to easily rename and retag an image without having to pull and push it again. This is very useful when using promotion to manage your CI pipeline.  

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.9

Released: July 3, 2016

JFrog Xray Integration

This version introduces the capability for full integration with JFrog Xray, Universal Artifact Analysis, that reveals a variety of issues at any stage of the software application lifecycle. By scanning binary artifacts and their metadata, recursively going through dependencies at any level, JFrog Xray provides radical transparency and unprecedented insight into issues that may be lurking within your software architecture.

Main Updates
  1. Artifactory JFrog Xray integration.
  2. You can now restrict a user to accessing Artifactory only through the REST API
  3. Deprecated "Force Authentication"configuration field has been removed from Docker repository configuration that was used to enable the docker login command. Currently all Docker repositories support both authenticated and anonymous access according to the permission configuration making this field obsolete.This is especially useful for users representing different tools that interact with Artifactory such as CI servers, build tools, etc.  
  4. Artifactory now supports custom Atlassian Crowd authentication tokens. 
  5. Artifactory OAuth integration now supports passing in query params as part of the authorization URL. 
  6. AQL and Artifactory public API, have been enhanced to support reporting detailed remote download statistics for smart remote repositories. 
  7. When deploying archives to Artifactory using the REST API, you can specify that they should be exploded in an atomic operation through the X-Explode-Archive-Atomic header. 
  8. Removed support for deprecated artifactory.security.useBase64 flag in artifactory.system.properties and as a consequence artifactory.security.authentication.encryptedPassword.surroundChars.
    In order to trigger generation of a new encrypted password, compatible with Artifactory version 4.9.0 and above, users are required to access their user profile page and obtain a new encrypted password.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.9.1

Released: July 14, 2016

Main Updates
  1. Improves performance when editing a user's details for a system with a large number of users.

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.8

Released: May 23, 2016

Distribution Repository

A new repository type designed to let you push your software out to customers and users quickly and easily through JFrog Bintray. Once set up, access to Bintray is managed by Artifactory so all you need to do is put your artifacts in your distribution repository, and they automatically get pushed to Bintray for distribution.

Main Updates
  1. Distribution Repository 
  2. Recalculation of metadata for different repository types (Ruby Gems, Npm, Bower, NuGet, Debian, YUM, Pypi, CocoaPods, Opkg) can now be triggered by users with the set of permissions assumed by Manage (i.e. Manage + Delete/Overwrite + Deploy/Cache + Annotate + Read). Previously this required admin permissions. Known limitation: triggering metadata recalculation for virtual repositories through the Artifactory UI still requires admin privileges.
  3. When rewriting external dependencies for npm or Bower repositories, shorthand dependencies that are GitHub URLs will be matched by all patterns that contain "github.com"

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.8.1

Released: May 23, 2016

Change in OSS license

From version 4.8.1, Artifactory OSS is licensed under AGPL 3.0 (previously LGPL 3.0).

Distribution Repositories

Added support for distribution dry run as well as support for both named and unnamed capture groups when specifying repositories and paths for distribution provides enormous flexibility in how you upload files to Bintray.

Tree Performance Improvements

Major improvement in tree loading time when working on large scale tree with thousands of entries.  

Main Updates
  1. Improvements to Distribution Repository
    1. Offer enormous flexibility in how you upload files to Bintray by supporting both named and unnamed capture groups.
    2. Added dry run option before executing distribution. 
  2. The Tree Browser has undergone many changes under the hood to significantly improve behavior and performance when heavily populated with many items. 
  3. Artifactory will now reject repository names that would conflict and create duplicate entries in the Tree Browser.
  4. Resolved RubyGems error caused by version comparator method. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.8.2

Released: May 23, 2016

Main Updates
  1. Conversion of the Docker manifest schema from v2 to v1 when pulling an image from a remote repository that proxies DockerHub. This issue caused Docker client below version 1.10.0 to fail pulling images uploaded with client version 1.10.0 and higher.
  2. In a High Availability configuration, Artifactory fails to delete a repository if a download from the repository is in progress while the repository is being deleted.
  3. Allow disabling maven auto-data calculation upon delete event. This will allow performing massive deletes. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.7

Released: March 31, 2016

Remote and Virtual Git LFS Repositories

Artifactory is the only repository manager that supports remote and virtual Git LFS repositories. Use remote repositories to easily share your binary assets between teams across your organization by proxying Git LFS repositories on other Artifactory instances or on GitHub. Wrap all your local and remote Git LFS repositories in a virtual repository allowing your Git LFS client to upload and download binary assets using a single URL.

Artifactory Query Language

AQL has two great new features!

Added a new Promotion domain. This allows you to run queries on builds according to details on their promotion status. For example, find the latest build with that has been promoted to "release" status.

In addition, we now support running queries across multiple domains, for example items.find().include("archive.entry","artifact.module.build"). This is especially useful since permissions can now be supported for domains which until now where available for admins only.

Authentication for Docker Repositories

We have removed the need to configure separate repositories for anonymous and authenticated users. Previously when anonymous access was enabled, Docker repositories allowed unauthenticated access, but in order to support authenticated access, using docker login for example, you had to use the "Force Authentication" flag. This limitation is now removed and anonymous users can pull and push, according to configured permissions, to all repositories, including ones checked with the "Force Authentication" flag.

As a result, the "Force authentication" checkbox in Docker repository settings is deprecated. It is currently left in the UI in a checked and immutable state for reference only, and will be removed in a future version.

NOTE: Anonymous users can continue working with existing repositories where "Force Authentication" was set to false. In a later version when this configuration will be removed, authenticated users will be able to work with those repositories as well.

Block Mismatched Mime-types in Remote Repositories

Added support to validate that a returned artifact matches the expected Mime-Type. For example, if you request a POM file but receive an HTML file, Artifactory will block the file from being cached. When such a mismatch is detected, Artifactory will return a 409 error to the client.

By default Artifactory will block HTML and XHTML Mime-Types. You can override this configuration from the Advanced tab in the remote repository configuration to specify the list of Mime-Types to block.

Support for AWS IAM Role with S3

There's no need to save your credentials in a text file. As another way to authenticate when using AWS S3, you can now use an IAM role instead of saving the credentials in the $ARTIFACTORY_HOME/etc/storage.properties file.

Main Updates
  1. Remote and virtual Git LFS repositories  
  2. Promotion domain for AQL and cross domain queries for non-privileged users displaying any accessible field from any domain.
  3. Anonymous and authenticated users can access the same docker repository.
  4. Push Docker tags to Bintray directly from the Artifactory UI. 
  5. Support for IAM role with S3.
  6. Improved node recovery mechanism when working in High Availability setup.
  7. Major improvements in YUM resulting in up to 100% improvement in performance while using much less resources.
  8. Block mismatched Mime-Types from being cached in remote repository.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.7.1

Released: April 4, 2016

Main Updates
  1. A fix for compatibility issue with Visual Studio 2015 update

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.7.2

Released: April 4, 2016

Main Updates
  1. Change PyPI repository behavior to be case insensitive and handle '-' and '_' as the same character when comparing package name.
  2. To support disaster recovery in JFrog Mission Control, you can now globally block replication regardless of configuration in specific repositories. 

  3. Configure login link to automatically redirect users to the SAML login page. 

  4. AQL supports specifying time intervals relative to when queries are run. 

  5. Add support for the NuGet --reinstall command.

  6. Add support for the Npm --tag command.

  7. Add support for AWS version parameter in Filestore Configuration

  8. Exposed a method to get or set user properties in Artifactory's Public API.

For a complete list of changes please refer to our JIRA Release Notes.

Known Issues
  1. Existing PyPI packages will not available until triggering an index recalculation and setting the relevant metadata to support the new PyPI implementation.
    This issue is resolved in Artifactory 4.7.3 that will trigger index recalculation when upgrading from an older version for all PyPI repositories.
    Related issue - RTFACT-9865.
  2. Upgrading to pip client 8.1.2 will introduce an issue with installing packages which contain '.' in the package name. This is due to an a chance in pip client behavior that was supposed to included in 8.0.0 but only manifested in 8.1.2 due to a bug in pip client. 
    Related issue - RTFACT-10133

Artifactory 4.7.3

Released: April 17, 2016

Main Updates
  1. Improved migration of existing PyPI packages to new PyPI implementation. 

For a complete list of changes please refer to our JIRA Release Notes.

Known Issues
  1. In case there is a conflict is artifacts resolution that can be as a result of the block-mime types, or trying to resolve a maven snapshot version from a repository configured to only handle releases repository virtual repository will return a 409 (conflict) error code. Gradle clients do not handle this error gracefully and will not try to resolve artifacts from the next repository configured in the build.gradle file.
    This issue was resolved in Artifactory 4.7.4 that reverted this improvement.
    Related issue - RTFACT-9880.

Artifactory 4.7.4

Released: April 20, 2016

Main Updates
  1. Resolution from virtual repository might result in 409 error which can cause unexpected behavior if client doesn't handle error gracefully.

For a complete list of changes please refer to our JIRA Release Notes.

  1. Related issue - RTFACT-9880.

Artifactory 4.7.5

Released: May 1, 2016

Main Updates
  1. Added support for SHA256 hashing for Debian packages.

  2. Maven performance has been significantly improved especially when performing multiple delete operations to use significantly less resources.
  3. Conversion of Docker manifest V2 schema to V1 scheme no longer requires deleting the signing key.
  4. Fixed an issue with Hazelcast timing out due to file locking in Artifactory HA.
  5. Added a new REST API to schedule an immediate pull, push, or multi-push replication. This replaces the old replication REST API which has been deprecated.  

  6. Fixed a compatibility issue with NuGet V2 requesting framework dependencies. 
    NOTE: You need to invoke a reindexing of your NuGet repositories once, via the UI or using the REST API, for the fix to take effect. 
  7. Tree browser performance has been significantly improved, especially when browsing heavily annotated repositories.
  8. The workflow related to disabling the internal password for externally authenticated users (for example, via LDAP) has been improved.
  9. You can now deploy artifacts with multi-value properties. For existing artifacts, you can add multi-value properties or edit them through the UI

 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.7.6

Released: May 9, 2016

Main Updates
  1. Significantly improved performance of Maven metadata calculation on path which contains a large number of versions.

  2. Disable the /repo repository for new Artifactory SaaS instances provisioned.
    NOTE: For existing customers this change will take effect next time the artifactory.system.properties is re-created. This can happen when an Artifactory server is migrated to another region, or during certain maintenance operations.

For a complete list of changes please refer to our JIRA Release Notes.

 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.7.7

Released: May 15, 2016

Main Updates
  1. Fixed PyPI compatibility issue. Package names will be normalized as described in PyPI spec (PEP 503).
    After upgrading an automatic reindex will be triggered for all PyPI repositories. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.6

Released: March 13, 2016

Filestore Management

This release presents great advances in filestore management with the following features:

Advanced Filestore Configuration: A new mechanism that lets you customize your filestore with any number of binary providers giving you the most flexible filestore management capability available today.

Filestore Sharding: Through filestore sharding, Artifactory offers the most flexible and reliable way to scale your filestore indefinitely. 

Google Cloud Storage: Artifactory now supports another option for enterprise-grade storage with Google Cloud Storage.

AWS S3 object store: Artifactory now supports server-side encryption for AWS S3 object store.

Using Docker with AOL

From this version, there is no limitation on the number of Docker repositories you can create on AOL. You can now access Docker repositories on AOL through {account_name}-{repo-key}.jfrog.io

Bundled Tomcat Version

The Tomcat bundled with Artifactory has been upgraded to version 8.0.32.

Artifactory as a Bower  Registry

Artifactory is now a private Bower registry as well as a repository for Bower packages. You can now  use the bower register commands to register your packages to any remote or virtual Bower repository in Artifactory proxying your internal VCS server (e.g. Stash, Git, BitBucket).

Main Updates

This release includes the following main updates: 

  1. Advanced Filestore Configuration
  2. Filestore Sharding
  3. Support Google Cloud Storage
  4. Artifactory now supports server side encryption for AWS S3 object store.
  5. The bundled Tomcat in which Artifactory runs has been upgraded to version 8.0.32.
  6. The simple-default repository layout used in generic repositories has been updated.
  7. Unlimited Docker repositories on AOL.  
  8. Enhanced Docker Info tab showing detailed information on Docker images. 
  9. When searching with the Artifactory UI, Artifactory performs prefix matching for search terms in all the different search modes.
  10. Artifactory is now a private Bower registry as well as a repository for Bower packages.  
  11. The number of characters in MSSQL properties' values is now limited to 900 characters.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.6.1

Released: March 21, 2016

Main Updates
  1. A fix, to accommodate a change in the Docker client, that enables re-pushing existing layers when working with Docker 1.10.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.5

Released: February 14, 2016

CocoaPods repositories

Manage your dependencies for Apple OS development  through Artifactory. Artifactory supports CocoaPods with local and remote repositories.

Main Updates
  1. CocoaPods Repositories.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.5.1

Released: February 18, 2016

OAuth Security Fix

This release fixes a security vulnerability related to OAuth.

YUM performance

YUM memory management had undergone additional tuning to further improve performance.

Main Updates
  1. OAuth security fix.
  2. YUM performance tuning.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.5.2

Released: February 28, 2016

This is a minor update that provides several bug fixes. 

For a complete list of changes please refer to our  JIRA Release Notes.


Artifactory 4.4

Released: January 4, 2016
Security

Artifactory 4.4 brings more advancements to security capabilities including:

  • Preventing brute force attacks at identity theft with increasingly delayed responses to repeated failed attempts at authentication, and locking out users after repeated failed login attempts.
  • SSH Authentication for Git LFS and Artifactory CLI
  • OAuth support for Docker client
Opkg Repositories

Artifactory is now a fully fledged Opkg repository, and generates index files that are fully compliant with the Opkg client. Create local repositories for your internal ipk packages, or proxy remote Opkg repositories. Provide GPG signatures for use with the Opkg client, and manage them using the UI or through REST API.

Trash Can

Artifactory now provides a trash can that prevents accidental deletion of important artifacts from the system. All items deleted are now stored for a specified period of time configured by the Artifactory administrator, before being permanently removed.

Main Updates
  1. Local and remote Opkg repositories.
  2. Deletion protection with a Trash Can
  3. SSH Authentication for Git LFS and Artifactory CLI.
  4. OAuth authentication for the Docker Client. In addition, users can be granted access to their profile page using OAuth instead of having to type in their passwords. 
  5. Scan RubyGems to extract their licenses and display them as properties. 
  6. To combat unauthorized logins that use brute force, an administrator can configure user locking. In addition, Artifactory also implements temporary login suspension for unauthorized REST API access.
  7. Extract Docker labels and create corresponding properties on the image's manifest.json file.
  8. Support for Virtual Repositories and Inserting User Credentials in Set Me Up dialogs.

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.4.1

Released: January 13, 2016

Password Expiration Policy

An Artifactory administrator can now force all users to change their password periodically by enabling a password expiration policy.

Externally Authenticated Users

An Artifactory administrator can now enable users, who are authenticated using external means such as SAML SSO, OAuth or HTTP SSO, to access their profile and generate an API Key or modify their password. 

Apache Reverse Proxy Configuration

In addition to NGINX, Artifactory now also provides you with the code snippet you need to configure Apache as your reverse proxy. Just feed in your reverse proxy settings, including your handling of Docker repositories, and Artifactory will generate the configuration script you can just plug into your Apache reverse proxy server.

Main Updates
  1. Password expiration policy
  2. Allow users authenticated by SAML SSOOAuth, or HTTP SSO to access their profile and generate an API Key or modify their password.
  3. Reverse proxy configuration for Apache

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.4.2

January 18, 2016

In addition to several bug fixes, this minor update fixes an issue with backward compatibility for S3 Object Store when upgrading to Artifactory v4.3 and above.

This version also presents a significant improvement in download performance.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.4.3

February 8, 2016
Basic Authentication

You can now use your API key as your password for basic authentication. This means that clients that cannot provide the API key in a header, can still be authenticated with the API key by including it instead of the password in the basic authentication credentials.

List Docker images

Using the List Docker Images REST API, you can get a list of images in your Docker repositories.

YUM Performance Improvements

Major improvements in performance when working with YUM  repositories, showing up to 300% faster indexing of RPM packages.

Main Updates

This release includes the following main updates: 

  1. Compatibility with Docker v1.10 and the Docker Manifest v2 schema.
  2. Major improvements in performance when working with YUM  repositories.
  3. Use your API key for basic authentication.  
  4. API key header changed to X-JFrog-Art-Api.
  5. REST API to enable or disable replication tasks.
  6. When authenticated externally, an admin can allow you to access your API key, Bintray credentials and SSH public key without having to unlock your profile.
  7. REST API to list Docker repositories using /_catalog end point.

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.3

November 22, 2015
API Keys

You may now authenticate REST API calls with an API key that you can create and manage through your profile page or through the REST API.  

Package Search

Run a search based on a specific packaging format with dedicated search parameters for the selected format. Performance is improved since search is restricted to repositories with the specified format only. 

Support Zone

Generate the information that our support team needs to provide the quickest resolution for your support tickets.

Dependency rewrite for Bower and NPM

Remove the dependence on external artifact resources for Bower and Npm. When downloading a Bower or Npm package, Artifactory will analyze the package metadata to evaluate if it needs external dependencies. If so, Artifactory will download the dependencies, host them in a remote repository cache, and then rewrite the dependency specification in the original package's metadata and point it to the new location within Artifactory.

Improved support for S3 object store

JFrog S3 object store now supports S3 version 4 allowing you to sign AWS with Signature v4. Multi-part upload and very large files over 5 GB in size are now also supported.

Main Updates
  1. Authentication using API keys.
  2. Package search
  3. Convenient Support Zone page for submitting support requests. 
  4. Improved support for S3 object store with support for S3 version 4. 
  5. Automatic rewrite of external dependencies for Npm and Bower repositories.  
  6. HTTP request object is now accessible from Realms closures in user plugins ( RTFACT-8514 ).  
  7. REST API to download a complete release from VCS repositories. 

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.3.1

December 6, 2015
Reverse Proxy 

Artifactory now provides a mechanism to generate reverse proxy configuration for NGNIX. This is very helpful when using clients, like Docker, that require a reverse proxy.

Support Google Cloud Storage (GCS)

Artifactory now supports GCS as a storage provider for you Artifactory instance.

Git LFS Batch API

Artifactory now supports batch calls from the Git LFS client allowing batch multiple file uploads.

Main Updates
  1. Reverse proxy configuration generator
  2. Google Cloud Storage 
  3. Batch file uploads for Git LFS repositories

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.3.2

December  8, 2015
This is a minor update that provides several bug fixes. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.3.3

December 21, 2015
Propagating Query Params

When issuing requests through generic remote repositories in Artifactory, you may include query params in the request, and Artifactory will propagate the parameters in its request to the remote resource.

Source Absence Detection for Smart Remote Repositories

You can configure whether Artifactory should indicate when an item cached in a smart remote repository has been deleted from the repository at the remote Artifactory instance.

Main Updates
  1. Query params may now be propagated to generic remote repositories
  2. Source absence detection for smart remote repositories is now configurable.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.2

October 18, 2015

In addition to implementing several bug fixes and minor improvements, this release introduces a Debian Artifactory installation and Deploy to Virtual repositories .

Debian Installation

Artifactory can now be installed as a Debian package.

Deploy to Virtual

Artifactory now supports deploying artifacts to a virtual repository via REST API. All you need to do is specify a local repository aggregated within the virtual repository that will be the deploy target.

OAuth Login

Artifactory now supports login and authentication using OAuth providers. Currently, Google, Open ID and GitHub Enterprise are supported.

Artifactory Query Language (AQL)

AQL has been greatly extended to include several additional domains, including Build and Archive.Entry as primary  domains, giving you much more flexibility in building queries.

Main Updates
  1. Artifactory installation as a Debian package 
  2. Deploy artifacts to a virtual repository 
  3. Authentication using OAuth providers
  4. AQL has been extended to include additional domains
  5. Improvements to Smart Remote Repositories 
  6. REST API to retrieve storage information
  7. Overwrite NuGet pre-release packages without delete permissions
  8. Pushing Docker images to Bintray is now also supported for Docker V2 repositories
  9. Several minor improvements to the UI

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.2.1

November 1, 2015
OAuth Provider

Cloud Foundry UAA is now supported as an OAuth provider.

SHA256

In addition to SHA1 and MD5, SHA2 checksums are now supported also.

Main Updates
  1. Artifactory now supports Cloud Foundry UAA for OAuth authentication.
  2. Since Artifactory now fully supports the Bower client, support for older versions of Bower (below v1.5) that were using bower-art-resolver beta version is now deprecated.
  3. Internet Explorer compatibility issues have been fixed.
  4. Artifactory's HTTP client has been upgraded to version 4.5.
  5. Automatic license analysis is now also triggered when deploying RPMs.
  6. SHA256 calculation is now available, on demand via the UI or via REST API.
  7. Several minor improvements to the UI.

For a complete list of changes please refer to our JIRA Release Notes


Artifactory 4.2.2

November 5, 2015
This is a minor update that provides several bug fixes. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.1

October 18, 2015

In addition to implementing several bug fixes and minor improvements, this release introduces Smart Remote Repositories and Virtual Docker Repositories.

Smart Remote Repositories

Define a repository in a remote Artifactory instance as your remote repository and enjoy advanced features such as automatic detection, synchronized properties and delete indications.

Virtual Docker Repositories

Aggregate all of your Docker repositories under a single Virtual Docker Repository, and access all of your Docker images through a single URL.

Main Updates
  1. Support for Smart Remote Repositories
  2. Docker enhancements with virtual Docker repositories and detailed Docker image info  
  3. Context sensitive help
  4. Custom message 
  5. Stash search results
  6. Enhanced AQL supporting queries in the Build domain
  7. Downloading a folder from the UI and REST API
  8. Ability to browse the content of tag and tar.gz files
  9. Full support for Bower (out of Beta)
  10. Several minor improvements to the UI

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.1.2

September 20, 2015

This is a minor update that provides a fix for clients, such as Maven, that do not use preemptive authentication. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.1.3

September 27, 2015

This is a minor update that provides a fix for Docker Login with anonymous access. 

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.0

JFrog is excited to announce the release of Artifactory 4.0. This release presents major changes in Artifactory providing a fresh look 'n feel with a completely revamped user interface and many other changes described below.
New User Interface

JFrog-Artifactory's user interface has been rebuilt from scratch to provide the following benefits:

  • Intuitive: Configuration wizards for easy repository management
  • Fresh and modern: New look and feel providing a rich user experience
  • Set Me Up: Convenient code snippets to support simple copy/paste integration with software clients and CI tools
  • Context-focused repositories: Repositories are optimized to calculate metadata for single package types
  • Easy access control: Easily implement your access policies with intuitive user, group and permission management
  • Smart tables: Group and filter any data that is presented in tables
Groovy 2.4 for User Plugins

JFrog Artifactory 4 supports Groovy 2.4 letting you enjoy the latest Groovy language features when writing User Plugins.

We strongly recommend you verify that all of your current User Plugins continue to work seamlessly with this version of Groovy.

Tomcat 8 as the Container

JFrog Artifactory 4.0 only supports Tomcat 8 as its container for both RPM and standalone versions. If you are currently using a different container (e.g. Websphere, Weblogic or JBoss), please refer to Upgrading When Using External Servlet Containers for instructions on how to migrate to Tomcat 8.

System Requirements

Java

JFrog Artifactory 4.0 requires Java 8

Browsers

JFrog Artifactory 4. 0 has been tested with the latest versions of Google Chrome, Firefox, Internet Explorer and Safari.

Breaking Changes

User Plugins

Some features of Groovy 2.4 are not backward compatible with Groovy 1.8. As a result, plugins based on Groovy 1.8 may need to be upgraded to support Groovy 2.4.

Multiple Package Type Repositories 

JFrog Artifactory 4.0 requires you to specify a single package type for each repository. For the specified package type, Artifactory will calculate metadata and work seamlessly with the corresponding package format client. For example, a repository specified as Docker will calculate metadata for Docker images and work transparently with the Docker client.

Artifactory will not prevent you from uploading packages of a different format to any repository, however, metadata for those packages will not be calculated, and the corresponding client for those packages will not recognize the repository. For example, if you upload a Debian package to a NuGet repository, Debian metadata will not be calculated for that package, and the Debian client will not recognize the NuGet repository.

You may specify a repository as Generic and upload packages of any type, however, for this type of repository, Artifactory will not calculate any metadata and will effectively behave as a simple file system. These repositories are not recognized by clients of any packaging format.

If your system currently includes repositories that support several package types, please refer Single Package Type Repositories to learn how to migrate them to single package type repositories.


Artifactory 4.0.1

August 9, 2015

This is a minor update that provides significant enhancements to our support for Docker, additional UI improvements as well as several bug fixes.

For a complete list of changes please refer to our JIRA Release Notes.


Artifactory 4.0.2

August 12, 2015

This is a minor update that provides support for the latest Docker client 1.8.

For a complete list of changes please refer to our JIRA Release Notes.


Previous Release Notes

For release notes of previous versions of JFrog Artifactory, please refer to Release Notes under the Artifactory 3.x User Guide