Released: 11 October 2020
JFrog Artifactory 7.10.1 is Available as a Cloud Version
The JFrog Artifactory 7.10.1 release is available as a Cloud version and is aligned with the Artifactory 7.10.2 Self-Hosted version.
New JFrog Platform Onboarding Experience
In Artifactory 7.10.1, we have introduced a new Onboarding experience in the web UI for Admin users. This new interactive experience guides the user through the essential onboarding steps to get started with the JFrog Platform.
This new Onboarding experience will be rolled out to all users over the next couple of weeks.
Artifactory Supports AWS Secrets for DB Connections
You can now use the AWS
SecretsManager alias in the Artifactory
system.yaml allowing Artifactory to automatically retrieve the secret associated with the alias connection.
Verify Audience Restriction Applied for SAML SSO
As part of JFrog's security enforcement, an additional verification step has been set up opposite the SAML server to validate SAML SSO authentication requests. The verifyAudienceRestriction attribute for SAML SSO is set by default in the JFrog Platform for new Artifactory installations. When upgrading from a previous Artifactory release, this parameter is disabled only if SAML was already configured.
Improved Maven Plugin Metadata Calculation
Maven plugin metadata is now calculated for every deploy or delete actions.
Fixed an issue, whereby Pypi remote and virtual repositories returned a 404 error even if the package existed in the public registry.
Fixed an issue, whereby Artifactory indexed Helm Charts with an invalid version number or appVersion number but the Helm repository containing these charts could not be added to the helm client’s repository.
Fixed an issue, whereby value updates (add/remove) to Property sets were not reflected in files and directories in the repositories.
Fixed an issue whereby, Artifactory did not proxy Nexus PyPi repositories.
Fixed an issue whereby, the Prune process was consuming a lot of memory when handling a large files list.
Fixed an issue, whereby in a number of cases the CRAN package metadata displayed in the UI was not consistent with the CRAN package info.
Fixed an issue whereby, checksum mismatch errors and 404 errors occurred when resolving nested Go modules in Artifactory from a virtual repository that included remote pointers to Github.
Fixed an issue, whereby the Artifactory CacheLoader returned a null error following LDAP authentication.
Fixed an issue, whereby Conda metadata calculation failed due to a Race condition.
ixed an issue, whereby JFrog Xray unable to connect to Artifactory when the Password policy was set in the
Fixed an issue, whereby the
Fixed an issue, whereby in certain instances, Azure guest users were unable to log in to Artifactory.
Fixed an issue, whereby users without the required permissions could deploy the same package to their Local Cran repository.
Fixed an issue, whereby, under certain circumstances, the Helm remote repository URLs were not added correctly to the Artifactory virtual repository index.yaml file.
Fixed an issue, whereby Exclude patterns were not applied on Remote Repositories when REST API commands when triggering REST API commands.
Security-Related Resolved Issues
Artifactory now will check the
Hardened the logging process between Artifactory and the Docker Client.
Vulnerable security values are no longer supported when running the Create User command via the REST API.
Vulnerable security values are no longer supported for permission targets.
For a complete list of changes, please refer to our JIRA Release Notes.