Released: 28 June, 2023
API Key Deprecation
As notified in Artifactory 7.47.10, support for API Key is slated to be removed in a future release. To ease customer migration to reference tokens, which replaces API key, we are disabling the ability to create new API keys at the end of Q3 2024. The ability to use API keys will be removed at the end of Q4 2024. For more information, see JFrog API Key Deprecation Process.
Known Issue in this Version
under some circumstances, users who attempt to modify their binary-store.xml configuration file might experience files being deleted. Users with Sharding Cluster and Eventual Cluster configured should upgrade to version 7.63.11 or higher. For more information, see Known Issues.
Highlights
Release Lifecycle Management
JFrog introduces the Release Lifecycle Management solution for managing release candidate versions throughout your SDLC, from the time the build is created until the version is distributed to users. Release Lifecycle Management is based on Release Bundles v2, a new version of Release Bundles that specifies the files and packages that comprise a release, along with their metadata. Release Bundles are signed and immutable, which guarantees their integrity as they are moved through the stages of your SDLC.
For more information, see JFrog Release Lifecycle Management Solution.
The ability to create Release Bundles v2 and promote them to different environments (for example, DEV, QA, STG, and PROD) is available to all license levels from Pro and above. The ability to distribute Release Bundles v2 to Distribution Edge nodes and other distribution targets is limited to Enterprise+ users.
Note
The existing Release Bundles that can be created in JFrog Distribution (now known as Release Bundles v1) are still available, but they are not forward-compatible with Release Bundles v2.
Support for CocoaPods CDN
Artifactory now supports CocoaPods CDN for remote repositories, a CocoaPods endpoint that greatly reduces the time required to create a new repository. For more information, see Using CocoaPods CDN.
JFrog Workers (Beta)
JFrog Workers is a service in the JFrog Platform that provides a serverless execution environment with which you can create workers that react to events in the JFrog Platform. Workers Service is currently in beta and is being gradually rolled out for JFrog Cloud customers. For more information, see Workers Service.
REST API Key User Collection for Cloud Users
As notified in Artifactory 7.47.10, API Key is slated to be removed at the end of Q1 2024. You can now download the list of users in your JFrog Cloud environment that are using the REST API key so that you can warn users that are using the REST API key and move them to use user tokens.
New Features
New Get Token Default Expiry REST API
This new API endpoint allows you to get the default expiry value for the tokens in your account. For more information, see Get Token Default Expiry Value.
New Put Token Default Expiry REST API
This new API endpoint allows you to put the default expiry value for the tokens in your account. For more information, see Put Token Default Expiry Value. You can also set the value in the JFrog Platform UI. For more information, see Token Expiration.
Feature Enhancements
Cold Storage package archiving
It is now possible to archive packages in Cold Storage and, if needed, restore them back in Live Artifactory afterwards. For instructions on how to set up a retention policy for archiving packages in Cold Storage, see Set Up Archive Retention Policies. For instructions on how to search for archived packages in Cold Storage and restore them in Live Artifactory, see Search and Restore Archived Artifacts or Packages.
Warning when converting to a Federated repository
A message now appears when converting a local repository to a Federated repository warning the user that this action is irreversible.
Federated repository Full Sync improvements
Artifactory 7.63.2 features important improvements to the Federated repository Full Sync feature that can significantly optimize this operation:
In-Memory sorting: Full Sync queries can take a long time to perform, and under extreme circumstances can sometimes fail to complete. Users who determine that their database is not sufficiently robust or scalable to accommodate heavy loads now have the option to sort queries in memory instead of in the database. The sort is performed according to depth, path, and name.
In-memory sorting is enabled using a new system property. For more information, see Working with Federated Repositories.
Streaming results from the database: Artifactory now streams results from the database instead of holding them in the database memory until all results are collected. Streaming the results reduces the memory load on the database and greatly reduces the chances of a timeout during the Full Sync process.
Internal caching mechanism: In Artifactory 7.63.2, Full Sync now uses a new internal caching mechanism that greatly improves operation performance among multiple Federation members
Update to GET Users REST API
The GET Users REST API now allows you to fetch the details of all users. Previously, the API fetched the details of only the first 20 users. For more information, see GET Users.
Update to Get Groups REST API
The Get Groups REST API now allows you to fetch the details of all groups. Previously, the API fetched the details of only the first 20 users. For more information, see Get Groups.
Support for the Organization Field in GitHub Authentication
Artifactory now supports setting the Organization field in GitHub Enterprise Cloud OAuth, allowing you to limit JFrog subscription access to users who belong to the same organization. For more information, see the GitHub Documentation.
To use this feature, go to Authentication Providers > OAuth SSO on your JFrog WebUI, and enter your organization in the Organization field.
Update to Create Token REST API
The Create Token REST API now allows users with basic credentials to generate identity tokens. For more information, see Create Token. You have to enable creation of such tokens in the JFrog Platform UI before you can use the API. For more information, see Enable Token Generation via API .
Update to Creating Access Tokens Via the WebUI
You can create group scoped tokens, which can be used by all the members in the group. For more information, see Create a Group Scoped Token.
Resolved Issues
JIRA Issue | Description |
|---|---|
Fixed an issue related to Conan whereby, when replicating a local repository, the metadata file | |
Fixed an issue related to Cocoapods whereby, when using the Fetch Index REST API on a Smart Remote repository, Artifactory returned a 500 error. | |
Fixed an issue related to Maven whereby, when changing the value of the Cleanup Repository References in POMs field in the JFrog WebUI, the setting was not updated as expected. | |
Fixed an issue related to NuGet whereby, when requesting the package metadata for a package in a virtual repository pointing to a local repository, Artifactory returned a 400 error. | |
RTDEV-32925 | Fixed an issue related to Debian whereby, when fetching a Debian local repository using the |
RTDEV-32818 | Fixed an issue whereby, under certain circumstances, metadata files were generated with partial content when triggered by a user with limited read permissions. |
JA-6076 | Fixed an issue that prevented a user from creating a token while using mTLS authentication. |
JA-6254 | Fixed an issue in the WebUI whereby, when selecting a project that is out of the first scroll scope and refreshing the page, the project selection dropdown did not display the selected project. |
JA-5693 | Fixed an issue whereby, When creating a group with the name admins, Artifactory returned an error. |
JA-5089 | Fixed an issue related to the Create Token REST API whereby, when creating a refreshable token with a scope set to a group and then using this token as authentication to refresh itself, Artifactory returned an error. |
JA-6017 | Fixed an issue whereby, Artifactory did not support modifying the |
JA-5698 | Fixed an issue whereby, when trying to log in to the WebUI using Crowd, Artifactory returned an error. |
JFUI-11840 | Fixed an issue whereby, when logging in to the WebUI, the developer console displayed error messages. |