Released: 26 May, 2025
Feature Enhancements
Support for Reading Permissions Scoped Tokens
It is now possible for non-admin users to use the HA License Information and Get Storage Summary Info endpoints using a scoped token. For more information, see Create Scoped Token.
Default Socket Timeout for Federated Repositories
The default socket timeout for Federated repositories has been changed to 300000 milliseconds (5 minutes). This value can be adjusted, if required, using an Artifactory system property. For more information, see Increase the Predefined Socket Timeout for Larger Repositories.
Resolved Issues
JIRA Issue | Component | Severity | Description |
|---|---|---|---|
Release Lifecycle Management | High | Fixed an issue that prevented the creation of a Release Bundle v2 version from a build containing multiple images that share a layer. | |
Repositories | Medium | Fixed an issue whereby when a Smart-Remote repository on Edge was pointing to another Artifactory instance and had artifacts in the cache, if the Main instance was up but had returned an unexpected error code, artifacts could not be resolved even if they were in the cache. | |
RTDEV-57309 | Packages | Medium | Fixed an issue whereby it was not possible to delete an improper list.manifest.json in a Docker repository. |
RTDEV-56961 | Archiving/Cold Storage | Medium | Fixed an issue whereby the next token was included in the Maven/Gradle cleanup results even if the number of results was less than the limit. |
RTDEV-56651 | Packages | Medium | Fixed an issue whereby an empty string in the noarch element in the Conda repodata.json metadata file caused a failure when downloading artifacts from a Conda repository with a pixi client. |
RTDEV-56347 | Release Lifecycle Management | Medium | Fixed an issue whereby only the latest piece of evidence was preserved when promoting a release bundle with Move. |
RTDEV-55094 | Repositories | Low | Fixed an issue whereby, when a remote repository pointed to a blocked URL, the Disable Artifact Resolution in Repository setting could not be disabled even though the update request returned a 200 status code. |
RTDEV-54362 | General | High | Fixed an issue whereby when calling the zap cache API, the zap repository cache was holding all artifact locks in a single long transaction. |
JA-17177 | Projects | High | Fixed an issue whereby project-level access tokens were circumventing the Read-Only restriction in a shared repository. |
JA-17040 | User Management | Medium | Fixed a issue with synchronization in Access Federation for groups containing the 'anonymous' user, as the user's membership wasn't getting replicated. |
JA-16308 | Authentication Providers | Medium | Fixed an issue whereby the JFrog CLI refresh token was failing for non-admin SAML users when their token scope included additional permissions beyond the default. |