Artifactory 7.19.4 Cloud | Self-Hosted

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

Released: May 24, 2021

Highlights

Extended Flagging Safe Repositories Support for Alpine, Bower, Conan, Conda, Cran, Go, Gradle, Ivy, Maven, Nuget, and SBT Packages

Declaring local and remote repositories as ‘safe’ by enabling the ‘Priority Resolution’ field for Local and Remote repositories has been extended to support Alpine, Bower, Conan, Conda, Cran, Go, Gradle, Ivy, Maven, Nuget, and SBT Packages. Setting Priority Resolution takes precedence over the resolution order when resolving virtual repositories. Setting repositories with priority will cause metadata to be merged only from repositories set with this field. If a package is not found in those repositories, Artifactory will merge metadata from the repositories that have not been set with the Priority Resolution field.Repository Management

Feature Enhancement

Support for Controlling Signed URL Download Methods

You now have the option to set your signed URL redirects using one of these methods: S3, CloudFront, or using a direct download without a signed URL redirect.

Enhanced the S3 Configuration Template

To reduce the overhead on the Ceph backend, you can now modify the chunk size that was previously fixed at 5 MB by setting the multipartElementSize tag in the Amazon S3 Official SDK Template. If no tag is specified, the AWS client default of 5 MB will be applied.Amazon S3 Official SDK Template

UI for the JFrog Platform Vault Integration with HashiCorp Vault

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

The JFrog Platform integration with HashiCorp Vault now enables you to configure an external vault connection to use as a centralized secret management tool not only through the APIs but also using the JFrog Platform UI. Using vault allows you to store JFrog Platform GPG keys, RSA keys, and Trusted keys used to sign packages and Release Bundles as secrets in HashiCorp Vault and provides you with the capability to generate and manage keys in a centralized tool for security and compliance. To learn more, see Vault.Vault

UI for the JFrog Platform SCIM Integration

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

JFrog Platform now enables you to generate a dedicated admin access token for SCIM in the JFrog Platform by going to Admin | Security | SCIM. The token generated can then be used in the identity service setup. To learn more, see SCIM.SCIM

Signing Keys Management

CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+

The JFrog Platform now features a centralized dashboard for creating and managing all signing keys. This feature enables you to create and control the keys used to encrypt or digitally sign your artifacts - in one central location, which makes it easier for you to manage signing keys throughout your organization. To learn more, see Security Keys Management.Security Keys Management

Resolved Issues

Jira Issue

Description

RTFACT-25912

Fixed an issue whereby, Docker pull commands failed due to a new HTTP implementation used by Docker Hub, affecting the response headers.

RTFACT-25683

Fixed an issue whereby, Installing from a v3 remote repository triggered an NPE if the downloadRemoteRegistrationSpecificVersion failed even if the requested package exists in the other aggregated repositories.

RTFACT-25585

Fixed an issue whereby, Artifactory could not resolve signed Helm Charts from Artifactory version 7.10 and above.

RTFACT-24627

Fixed an issue whereby, downloading Helm Charts from Smart Remote repository routed to the remote URL instead of routing through Artifactory.

RTFACT-25227

Fixed an issue whereby, upgrading JFrog Artifactory version 6.x to 7.x, caused the Metadata Migration process to fail if there was an artifact with a multi-value property and its total number of characters extended 4000 characters.

RTFACT-25065

Fix an issue whereby, GitLFS with SSH authentication did not function in Artifactory 7.x when using a base URL of the Platform root (i.e. without /artifactory).

RTFACT-23590

Fixed an issue whereby, an offline remote repository failed to serve requests from the cache if the metadata retrieval value was set to zero.

RTFACT-20781

Fixed an issue whereby, Artifactory cached corrupted Docker layers in remote Docker repositories.

Fixed an issue whereby, the latest JFrog Helm charts using the Kubernetes startupProbe failed to launch on Kubernetes clusters. Applies to Charts running Kubernetes versions lower than 1.18, if the feature was not enabled.