Released: 30 July, 2025
New Features
New Parent Manifests API
A Parent Manifests API has been added, which allows you to discover all parent manifest lists associated with a specific Docker manifest. For more information, see Find Parent Manifest Lists.
New JFrog for GitHub App
The JFrog Platform now supports the JFrog for GitHub App, which allows you to connect GitHub repositories to the JFrog platform. This integration enables a scalable setup, allowing you to create a centralized OIDC configuration and automate Frogbot deployment. For more information, see Integration With GitHub App.
Feature Enhancements
Improved npm Search
It is now possible to search for up to three search terms in npm local repositories when using the "npm search" command.
Improved Change Artifacts count UI widget caching mechanism
Improvements were made to the Change Artifacts count UI widget caching mechanism.
Improved Configuration Descriptor Validation
Configuration descriptor validation was improved to increase system stability.
Redesigned presentation of Release Bundle v2 contents
The Content tab for Release Bundle v2 versions has been redesigned to show each package and standalone artifact included in the version (known as "releasables") and their source (for example, a build or a different Release Bundle). For more information, see View the Contents of a Release Bundle v2 Version.
Improvements to evidence graph
The design of the Release Bundle evidence graph has been improved to make it easier to distinguish between the various elements (builds, packages, etc.) that comprise the Release Bundle. For more information, see View Release Bundle v2 Evidence.
Platform UI support for displaying larger evidence files
The platform UI can now display evidence files up to a maximum size of 3000 lines (compared to 1500 lines in previous versions). Larger evidence files can be downloaded with a single click. For more information, see View Evidence.
Adding days/weeks selection for Time-based Policy Condition - Cleanup Release Bundle V2
Enhanced RB V2 cleanup functionality with the addition of days/weeks selection for policy condition. You can now configure cleanup conditions, specifying days/weeks for the RB V2. For more information, see Create Cleanup Policy - Release Bundle V2.
Resolved Issues
JIRA Issue | Component | Severity | Description |
|---|---|---|---|
RTFE-3459 | Packages | Medium | Fixed an issue whereby the setting Enable Token Authentication was always checked (set TRUE) for a Helm OCI remote repository and a Docker remote repository, even if the actual value for this setting was false. |
RTFE-3332 | User Interface | Medium | Fixed an issue whereby the Artifactory UI displayed an option to delete properties from virtual repositories, even though it is not possible to delete these properties. |
RTDEV-60768 | General | Medium | Fixed an issue whereby when configuring Artifactory to work with a MySQL database, an unnecessary warning message was received indicating that “No NativeDbLocksService implementation bean exists for DB type". |
RTDEV-60689 | Packages | Medium | Fixed an issue where Artifactory was not honoring include/exclude patterns on a Go remote GitHub repository for .info artifacts. |
RTDEV-60496 | Repositories | High | Fixed an issue whereby the .jfrog system folder could not be deleted from local repositories or remote caches. |
RTDEV-59666 | General | Low | Fixed an issue whereby when setting up Apache as a reverse proxy for Artifactory, the default configuration that was generated from the Artifactory UI did not forward the original user IP address. |
RTDEV-58806 | Packages | Medium | Fixed an issue whereby the removal of a child repository from an RPM virtual repository did not trigger metadata calculation. |
RTDEV-58624 | Repositories | Medium | Fixed an issue whereby the following APIs were accessible to admins only: Now, after the fix, these APIs can be accessed by non-admins with the appropriate permissions. |
JA-7750 | User Management | Medium | Fixed an issue in user creation whereby, when using a numeric value in the Username field, the JFrog Platform could not accept a value of over 3 digits. |
JA-17727 | Authentication Providers | Low | Fixed an issue where authentication attempts with invalid tokens caused temporary login suspension. Only basic credentials authentication attempts should count toward login suspension. |