Artifactory 7.17.4 Cloud | Self-Hosted

JFrog Release Information


Released: 31 March, 2021


Announcing Projects in the JFrog Platform

CLOUD: Enterprise | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

JFrog Projects is a management entity for hosting your resources (repositories, builds, Release Bundles, and Pipelines), and for associating users/groups as members with specific entitlements. As such, using projects helps Platform Admins to offload part of their day-to-day management effort and to generate a better separation between the customer products to improve customer visibility on efficiency, scale, cost, and security. Projects simplifies the onboarding process for new users, creates better visibility for LOBs and project stakeholders. To learn more, see Projects.Projects

Cloud-Native High Availability (HA) is Now Supported for Self-Hosted Artifactory Installations

From Artifactory 7.17.4, all nodes in the high availability cluster can perform tasks such as replication, garbage collection, backups, exporting, and importing, removing the need to set up a primary node in the cluster. Instead, every node in the cluster can serve any of the mentioned tasks and if any node goes down, the different nodes in the cluster will be able to perform these tasks instead. By default, when adding a new node (member) to the cluster, it will be able to perform cluster-wide tasks without user intervention.

Cargo Packages Support

Artifactory natively supports a Cargo Registry for the Rust language, giving you full control of your deployment and resolve process of Cargo packages. Cargo downloads your Rust package's dependencies, compiles your packages, makes distributable packages, and uploads them to, the Rust community’s package registry.

You can contribute to this book on GitHub. To learn more, see Cargo Package RegistryCargo Package Registry.

SCIM ID Management Support

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

JFrog introduces initial support for the System for Cross-domain Identity Management (SCIM) protocol 2.0, to enable Enterprise and Enterprise+ customers to create, remove and disable user accounts from their choice of user management tool and automatically update the platform with these changes. Okta and Azure Active Directory (AD) have used to verify this capability.

To learn more, see SCIM.SCIM

HashiCorp Vault Integration with the JFrog Platform

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

The JFrog Platform integration with HashiCorp Vault enables you to configure an external vault connection to use as a centralized secret management tool. Using vault allows you to store JFrog Platform GPG keys, RSA keys, and Trusted keys used to sign packages and Release Bundles as secrets in HashiCorp Vault and provides you with the capability to generate and manage keys in a centralized tool for security and compliance. To learn more, see VaultVault.

PrivateLink for AWS Cloud

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

The MyJFrog Cloud Portal enables customers to establish a secure network connection from their cloud account into their JFrog Cloud instance-without going through a public Internet-by setting establishing a private connection. MyJFrog provides customers with step-by-step instructions on how to set up a PrivateLink connection, in which the source is the customer's own AWS Virtual Private Cloud (VPC) and the target is the JFrog PrivateLink. To learn more, see Setting up AWS PrivateLinks.Set up AWS PrivateLinks

Live Logs

CLOUD:Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

The JFrog Platform now includes an integrated Live Logs plugin, which allows customers to get the JFrog product logs (Artifactory, Xray, Mission Control, Distribution, and Pipelines) using the JFrog CLI Plugin. To learn more, see

Support for User-Provided Certificates for TLS

The Access router now supports using user-provided certificates for the TLS. When setting the TLS certificates and indicating to the Platform which TLS certificate to use, customers may now use provide their own signed certificate. For more information, see Using Access as a Certificate Authority.Using Access as a Certificate Authority

Feature Enhancements
Resolved Issues

Jira Issue



Fixed issue, whereby npm could not deserialize tokens of an unpublished repository.


Fixed an issue whereby, the 'Docker uploads folder cleanup' job was triggered every 1000 days instead of a single day. To fix this, a new parameter artifactory.docker.cleanup.uploadsTmpFolderJobSecs has been introduced to replace the artifactory.docker.cleanup.uploadsTmpFolderJobMillis.


Fixed an issue whereby, trying to run two plugins simultaneously (using Cron), resulted in only one of the plugins running.


Fixed an issue whereby, special characters in Nuget V3 packages were not supported.


Fixed an issue when trying to use event-based pull replication, whereby a remote repository pointed to a local repository using HTTPS, caused a read timeout and the remote cache was not updated.


Fixed an issue, whereby OAuth secrets containing special characters, caused authentication to fail.


Fixed an issue whereby, sending a username containing upper case characters from LDAP, using an API key, caused the response to fail, even if an API key was generated for the username.


Fixed an issue whereby, Smart repositories did not support artifacts containing the plus ('+') symbol in the URL.


Fixed an issue whereby, browsing virtual repositories containing '_cache' at the end of the name generated a 500 error.

Security-related Items

Fixed an issue, whereby in certain circumstances, logs displayed private text.

Fixed an issue, whereby a potential XXE was detected in p2 XML inputs.