January 2023

JFrog Hosting Models Documentation
Content Type
User Guide
ft:sourceType
Paligo

Product

Update

Details

Platform

Support for Custom Webhooks

Custom Webhooks are Webhooks whose HTTP request headers and payload can be fully customized to adapt to any target service, such as GitHub actions, Gitlab pipelines, Jenkins jobs, Slack, and more. Custom Webhooks trigger events with the format expected by the vendor.

Ability to Edit the Live Logs Buffer Size

You can now set the Live Logs buffer size using the Artifactory System YAML configuration readBlockSizeKB.

Support to Select Whether an Access Token Gets the "force revocable" Flag in the Access REST API

The "force revocable" flag in the tokens has been removed as a default setting and is now a Boolean parameter called "force_revocable" in the Create Token REST API. When the "force_revocable" param is set to true, we will add the "force_revocable" flag to the token's extension.

In addition, a new configuration has been added that sets the default for setting the "force_revocable" default when creating a new token - the default of this configuration will be "false" to ensure that the Circle of Trust remains in place.

Conan Metadata Calculation has been Optimized

The time required to calculate metadata for Conan has been reduced by up to half.

npm Login Method has been Updated

The Web Login method for npm is now supported

Security & Compliance

Generate Violations by Specific Vulnerabilities

You can now create a security policy with the ability to generate violations for specific vulnerabilities (CVEs).

Jira Integration Enhancements

The Xray Jira Integration feature has been enhanced to support creating Jira tickets manually for any violation from Xray's UI. In addition, you can now create one Jira ticket for all the information regarding all affected components instead of creating a Jira ticket for each component.

JFrog Advanced Security Scan Existing Artifacts

You can now run Contextual Analysis and perform Exposures Scan on an existing artifact from the Scans List page. This feature is also supported through the REST API.

Exposures Additional Scanners

The Services category in Exposures has been expanded with 7 new scanners for NGINX configuration issues.

UI Improvements

Added a number of UI improvements in the Scans List to the Vulnerabilities and Exposures categories screens.

CI/CD

New Variable for SCM Repository Name

A new variable, {{ sourceRepository }}, has been introduced to replace the SCM repository full path during Pipelines sync.

New OOTB Global Template

A new template to promote a BuildInfo resource is now available out of the box.

Support for Multiple Operating Systems in Matrix Step

In the matrix native step, steplets can now be configured to execute in parallel on multiple node pools with different operating systems.

preRun and postRun Steps

In the pipelines section in your pipelines YAML, you can now configure two optional steps:

  • preRun: This is an optional step. When configured, this step will always run at the beginning of a pipeline. This is useful when you want to run some checks at the beginning of a run.

  • postRun: This is an optional step. When configured, this step will always run at the end of a pipeline. This is useful when you want to run some checks at the end of a run.

UI for Adding Pipeline Source via Template Deprecated

As of this release, the From Template UI option for adding a pipeline source is deprecated. However, Global and system templates can now be added using pipelines YAML (see next item)

Project and system-level admins can now create custom admin views for pipelines using simple wildcard patterns on pipelines name or branch name. When a view is created for a Project, it will be visible to all users of that Project. Up to 10 views can be created per Project. Approval Gates ImprovementThe approve/reject link will now be disabled for the users that do not have necessary permissions.

New Templates Flow

With this release, Pipelines templates have been improved to offer more simplified and flexible user experience completely based on pipelines YAML.

Changes to the Node Pool

  • Node Pool for Custom Run: When triggering a custom run, you now have the option of selecting the node pool for the pipeline and individual steps.

  • Node Pool and Node Name and Stats on Run Dashboard: During a run, the run dashboard page will now display the name of the node pool and node as clickable links, and the status of the node being used for the run.

  • Editable Kuberentes Node Pools Intervals: You can now edit node idle interval for custom Kubernetes node pools.

New Admin Views

Project and system-level admins can now create custom admin views for pipelines using simple wildcard patterns on pipelines name or branch name. When a view is created for a Project, it will be visible to all users of that Project. Up to 10 views can be created per Project. 

Approval Gates Improvement

The approve/reject link will now be disabled for the users that do not have the necessary permissions.