JFrog Artifactory Package Viewer offers a package-centric UI that makes it easier to find and view the details of packages of a specific type. The Package Viewer currently supports Docker images (available from version 5.10) and npm registries (available from version 6.4). Forthcoming versions will add support for additional package formats until all formats supported by Artifactory are available in the Package Viewer.

The Package Viewer is available by selecting the Packages module in the left navigation bar.

Packages Module


Searching for Packages

The Package Viewer is initially displayed empty. To search for packages, select the type of package you are looking for from the drop list (currently only Docker images and NPM packages are supported), and provide a search term. Note you can use the '?' and '*' wildcards in the same way they are used in Artifactory's Search module. The Package Viewer will display all packages that match your search term from all repositories that you have permissions to view.

The Package Viewer only supports Docker V2 images and tags. Docker V1 images and tags will not be returned for any search in the Package Viewer.

Searching with the Package Viewer

The search results displays basic information such as the repositories in which each package found is hosted, the number of times it has been downloaded, last update and other package type-specific information. For example, in the case above, we see the number of tags associated with the Docker image found.

Click the repository name displayed to see the full list of repositories in which the package is found.

You can now click an entry and drill down to view further details about the selected package.

Package Details

The Package Details view is divided into two main panels. The panel on the top provides summary information including total number of downloads over all repositories in which the package is found, and when the package was last modified in any of those repositories.

The lower panel lists all instances of the package along with data about that specific instance. Package type-specific information may also be available. For example, for Docker images, you may click an icon to view the Docker manifest for the selected image.

Depending on the package format, you may be able to click a specific instance of a package to drill down even further. For example, in the case of a Docker image, you can click one of the tags found to view the layers that make up the selected tag.

Docker Layers

Viewing Xray Data

Data from JFrog Xray can also be displayed from within the package viewer. Click the toggle button to get data about security and license violations from Xray about the selected package and all of its versions.

This view exposes license and security violations data, detected by Xray, that's specific to the selected package, enabling you to choose the right packages and version you would like to use.