Product | Update | Details |
---|---|---|
Platform | Full JFrog Support for Terraform Packages | JFrog provides a fully-fledged Terraform repository solution, which gives you full control of your deployment and resolution process of Terraform Modules, Providers, and Backend packages. This solution includes both the Terraform Registry and the Terraform Backend Registry in the JFrog Platform. |
Token Enhancements | Scoped Admin Access Tokens: From Artifactory release 7.38.4, JFrog enables companies to create their own admin-scoped access tokens without using the JFrog Platform UI or via another token. New Identity Token Format and API Key Replacement: Artifactory release 7.38.4, includes a new Identity Token format, also called a Reference Token, which can also be used to replace the API Keys that will be deprecated in a future version.The new Reference Token includes an option to create a "shortened," 128-character key, thereby providing an alias for the Identity Token. | |
Added PKCE Support for OAuth Integrations | Artifactory now supports enabling the PKCE extension over Oauth to gain an additional level of security and serves as an alternative to the basic Secret mechanism. By selecting the | |
Enforce Internal Dynamic Search of Attributes in LDAP Groups | Introducing the new functionality for the LDAP group dynamic strategy, which enforces a dynamic internal search of attributes in a group by setting the | |
Maven Non-Preemptive Authentication for Local, Remote, and Virtual Repositories | An enhanced Maven authentication mechanism has been implemented in Artifactory to eliminate the need to perform authentication prior to checking if a package is located in local, remote and virtual repositories. With the new authentication mechanism, when reaching Maven-local-three (which requires authentication), instead of first performing for authentication and next authorization, Artifactory will check if the requested item is located in the repository. If the requested package does exist, it will proceed to perform authentication and authorization. If not, a 404 error message will be triggered. | |
Anonymous Users can be Routed to Login Page by Default | To provide anonymous users in the JFrog Platform with an improved navigation experience, you can set all anonymous users to be routed to the Login page by enabling the new ' | |
GAVC Search REST API Supported on Virtual and Remote Repositories | Maven users can now search by Maven Coordinates (GAVC: | |
Added Support for Custom Ports to be Exposed on the NGINX Pod | As part of the alignment of the JFrog Platform with the conventional Kubernetes YAML syntax for container ports, we have added support for comments in the values.yaml file. It is self-explanatory as it is traditional Kubernetes YAML syntax and allows you to pass additional ports other than HTTP and HTTPS port to Nginx deployment and service in the values.yaml file. | |
New Webhook to Support Pull Replication from Remote Repositories | The newly added 'Cache' webhook event is triggered for Pull Replication events occurring opposite remote repositories. Note that for push replication, you should use this 'Deployed' event. | |
Extended the Priority Resolution feature to Support RPM Packages | You can now declare local and remote repositories as ‘safe’ by enabling the ‘Priority Resolution’ field for local and remote repositories for RPM packages. | |
Security & Compliance | Support for Components Operational Risk | Xray can now provide information about the operational risk of using open-source software components.. These include the risk of using outdated versions or inactive open source software components in your projects. In the current version of this release, we provide operational risk information for Maven and npm packages. |