Artifactory 7.109.2 Cloud

Improved Project Navigation

The Projects navigation menu now includes UI usability enhancements: it is now located in the sidebar and highlights Projects filtering to clarify context switching between Project and All Projects scope.

SCIM Token Expiry Configuration

The JFrog Platform now supports the creation of SCIM tokens with configurable expiry times. To learn more, see Generate a Scoped Token for SCIM.Generate a Scoped Token for SCIM

Blocking Blob Uploads If a Digest Does Not Match the Blob’s SHA-256 Checksum

Added a flag to block blob uploads if a provided digest does not match the blob’s SHA-256 checksum. This flag is disabled by default but can be enabled as needed.

Permissions Added for Using Zapping Cache on Remote Repositories

The Zapping Cache action on remote repositories now requires Manage or Delete permissions, either via the UI or API. This change is backward-compatible. For more information on UI changes, click here, and for API changes, click here.Zapping CachesZap Cache

RPM Repositories - SHA-256 checksums have been integrated into Local and Virtual repositories

Added SHA-256 checksums to the repomd.xml files of local and virtual repositories. This improvement ensures package integrity verification aligns with remote repositories' security standards.

Local repositories previously do not have SHA-256 checksums in their repomd.xml files, increasing the risk of undetected package tampering or corruption.

Enable SHA-256 for enhanced security in package integrity verification. To enable SHA-256 checksums, update the configuration by setting yum.local.repomd.calculate.sha2.enabled = true

Support for Vagrant and Hex in Cleanup and Archive

Maximum placed on bad checksum search responses

Responses to the Bad Checksum Search REST API are now limited to a maximum of 10,000 results.Bad Checksum Search

Changes to Evidence GraphQL APIs

The repositoryKey and path fields have been deprecated from the Get Evidence and Search Evidence GraphQL APIs, and subject (which contains repositoryKey, path, name, and sha256) has been added.Get EvidenceSearch Evidence

New API for removing Federation members

A new REST API enables you to remove a member from all repository Federations to which it belongs. This can be used, for example, when a site is taken out of commission. This API removes the member on this site from all the Federations in which it was a part. For more information, see Remove Federation Member.Remove Federation Member

Searching for distributed Release Bundle versions containing a specific artifact

The Get Release Bundle v2 Versions with a Specific Artifact REST API (introduced in 7.107.1) has a new query parameter has a new query parameter that can return distributed Release Bundle versions (origin=target) containing the artifact in addition to created Release Bundle versions (origin=source). This new query parameter makes it possible to run the API on Edge nodes in addition to standard Artifactory instances.Get Release Bundle v2 Versions with a Specific Artifact

Access Token Expiry Email Now Points to the CNAME Domain

The JFrog platform will send users Access token expiry reminder emails which include the CNAME URL instead of the JFrog instance URL