Released: May 24, 2021
Highlights
Extended Flagging Safe Repositories Support for Alpine, Bower, Conan, Conda, Cran, Go, Gradle, Ivy, Maven, Nuget, and SBT Packages
Declaring local and remote repositories as ‘safe’ by enabling the ‘Priority Resolution’ field for Local and Remote repositories has been extended to support Alpine, Bower, Conan, Conda, Cran, Go, Gradle, Ivy, Maven, Nuget, and SBT Packages. Setting Priority Resolution takes precedence over the resolution order when resolving virtual repositories. Setting repositories with priority will cause metadata to be merged only from repositories set with this field. If a package is not found in those repositories, Artifactory will merge metadata from the repositories that have not been set with the Priority Resolution field.
Feature Enhancement
Support for Controlling Signed URL Download Methods
You now have the option to set your signed URL redirects using one of these methods: S3, CloudFront, or using a direct download without a signed URL redirect.
Enhanced the S3 Configuration Template
To reduce the overhead on the Ceph backend, you can now modify the chunk size that was previously fixed at 5 MB by setting the multipartElementSize tag in the Amazon S3 Official SDK Template. If no tag is specified, the AWS client default of 5 MB will be applied.
UI for the JFrog Platform Vault Integration with HashiCorp Vault
CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+
The JFrog Platform integration with HashiCorp Vault now enables you to configure an external vault connection to use as a centralized secret management tool not only through the APIs but also using the JFrog Platform UI. Using vault allows you to store JFrog Platform GPG keys, RSA keys, and Trusted keys used to sign packages and Release Bundles as secrets in HashiCorp Vault and provides you with the capability to generate and manage keys in a centralized tool for security and compliance. To learn more, see Vault.
UI for the JFrog Platform SCIM Integration
CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+
JFrog Platform now enables you to generate a dedicated admin access token for SCIM in the JFrog Platform by going to Admin | Security | SCIM. The token generated can then be used in the identity service setup. To learn more, see SCIM.
Signing Keys Management
CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+
The JFrog Platform now features a centralized dashboard for creating and managing all signing keys. This feature enables you to create and control the keys used to encrypt or digitally sign your artifacts - in one central location, which makes it easier for you to manage signing keys throughout your organization. To learn more, see Security Keys Management.
Resolved Issues
Jira Issue | Description |
|---|---|
Fixed an issue whereby, Docker pull commands failed due to a new HTTP implementation used by Docker Hub, affecting the response headers. | |
Fixed an issue whereby, Installing from a v3 remote repository triggered an NPE if the downloadRemoteRegistrationSpecificVersion failed even if the requested package exists in the other aggregated repositories. | |
Fixed an issue whereby, Artifactory could not resolve signed Helm Charts from Artifactory version 7.10 and above. | |
Fixed an issue whereby, downloading Helm Charts from Smart Remote repository routed to the remote URL instead of routing through Artifactory. | |
Fixed an issue whereby, upgrading JFrog Artifactory version 6.x to 7.x, caused the Metadata Migration process to fail if there was an artifact with a multi-value property and its total number of characters extended 4000 characters. | |
Fix an issue whereby, GitLFS with SSH authentication did not function in Artifactory 7.x when using a base URL of the Platform root (i.e. without | |
Fixed an issue whereby, an offline remote repository failed to serve requests from the cache if the metadata retrieval value was set to zero. | |
Fixed an issue whereby, Artifactory cached corrupted Docker layers in remote Docker repositories. | |
Fixed an issue whereby, the latest JFrog Helm charts using the Kubernetes startupProbe failed to launch on Kubernetes clusters. Applies to Charts running Kubernetes versions lower than 1.18, if the feature was not enabled. |