Artifactory 7.42.1 Cloud

JFrog Release Information


Released: 31 July 2022

Cloud Only

Artifactory 7.42.1 is available as a Cloud version.

Feature Enhancements

Added a Full Broadcast Function to the Access Federation UI

Added the option to trigger a full broadcast from a specific Access Federation source via the Access Federation UI. See Full Broadcast.Access Federation

CRAN Local Repository Improvements

Aligned the CRAN Local repository to follow the CRAN spec when populating the Archive folder by introducing the following enhancements:

  • Added the cran.archiveMover.enabled system property that will allow the storage of the archives in the correct hierarchy.

  • Added a new Move Archives CRAN REST API, which moves the existing archives to the correct location (if the system property is enabled).

For more information, see Applying the CRAN Official Spec on Local CRAN Repositories.CRAN Repositories

Cold Storage UI Improvements

Added a new Skip Trash Can checkbox allowing you to skip moving items to the trash can when creating or modifying Cold Storage Archive policies in the WebUI.

Property Set /name Validation Endpoint Changed to /propertyName

Changed the property set endpoint from /Name to /propertyName.

Projects Enhancements

Modified the Project Key Name length limitation from three to two characters.

Generate a Non-expiry Admin Token without Changing the Configuration

Admins can now bypass tokens restrictions and can generate a token with any expiry they wish and create refreshable tokens without changing the configuration.The token restrictions will affect non-admin users and they can be set in the Access YAML Configuration.Access YAML Configuration

Resolved Issues

JIRA Issue



Fixed a Cargo package-related issue, whereby a remote Cargo repository could not be created without providing the gitRegistryUrl which prevented Artifactory from starting.


Fixed a PyPI-related issue whereby, remote PyPI artifacts yanked from the registry would not be processed by Artifactory if there were no yanked details in the remote repository.


Fixed an issue whereby, submitting repository-related REST API requests without a repository key returned a 500 error instead of a 400 status error.


Fixed an issue whereby, Crowd users were unable to download artifacts via the URL-to-File requests.


Fixed an issue whereby, running the Get LDAP Groups Rest API returned forceAttributeSearch as false even if it was set as true in the config.xml file.


Fixed an issue whereby, when running NuGet-related REST APIs, the NuGet HTTP status code returned a 403 status message instead of a 409 status message for users with write and not overwrite access while trying to upload an already-existing package.


Fixed an issue whereby, the contents of a virtual repository could not be listed when there is a broken remote repository.


Fixed an issue whereby users with the "Manage Resources" permission granted users access to Admin Settings page.


Fixed a Cargo package-related issue, whereby the Cargo search could not find the carte if the carte name contained more than one hyphen. For example, openid-connect-mock.


Fixed an issue whereby, Helm virtual repositories that were set as the target of a Smart remote repository, downloaded new artifacts even if the artifactoryRequestCanRetreiveRemoteArtifacts flag was disabled (Default setting).

Change to Parameter Usage for Existing Smart Helm Repositories Users

As part of the bug fix, the flag is still set to false, however, the behavior has changed. With the new change, setting this flag to false causes helm virtual repositories not to retrieve remote artifacts from the virtual repositories, if the download request came from a Smart repository.

For existing customers, in order not to fail downloads from your Smart Helm repositories, we have changed the feature flag value to true in the existing helm virtual repositories. Please disable the flag if your intent was to prevent new artifacts from being downloaded from the virtual repository.Please note that from version 7.41.2, the default value is still set as 'false', so take this into consideration when creating your new virtual repositories.


Fixed an issue whereby, running the Create Repository REST API to create a virtual repository with multiple local repositories with the same name, displayed the local repositories many times in the WebUI.Create Repository


Fixed an issue related to NPM packages whereby, a 404 error message was generated when running NPM Install if the package.json located under the local repo contained an extra slash.


Fixed an issue whereby, under certain circumstances, running a Docker Pull generated an "Unknown Blob" error if the remote cache was deleted and the client had a partial cache.


Fixed an issue whereby, when using ECDSA keys for SSH Authentication in Artifactory, the keys stopped to function if Artifactory was rebooted.