Released: 24 October 2023
This topic describes the new features, feature enhancements, and resolved issues that are part of the Artifactory 7.71.2 release for Self-Hosted environments. It includes all improvements since Artifactory 7.68.
Breaking Change for Audience Restriction in SAML SSO Authentication Provider Configuration
From Artifactory version 7.70 and up, Audience Restriction will be enabled by default for SAML SSO without the ability to disable it. The verifyAudienceRestriction attribute for SAML SSO is set by default in the Access Configuration YAML in the JFrog Platform for new Artifactory installations.
Breaking Change: Legacy member-of-groups:"*"
scope is no longer accepted in Access Tokens
In Artifactory 7.71.2, due to a parsing issue with the scope, member-of-groups:"*"
, the scope for access tokens is not parsed correctly and does not provide user-scoped token
permissions to the token.
To workaround the issue, you can create a token with the same scope without the quotes - member-of-groups:*
. You can also use the scope, applied-permissions/user
, which replaces the legacy, member-of-groups:*
token scope.
Breaking Change for Conan Repositories
From Artifactory version 7.71.x and forward, when using the CLI to perform actions on a Conan package that does not exist in the upstream repository, Artifactory will return a 404 error instead of returning a 200 message and creating an empty folder.
Upcoming Behavior Change: Docker Tag Retention Enhancement
In the upcoming Artifactory version 7.74.x, we're introducing an enhancement to the Docker tag retention logic for better management of multi-architecture images.
This enhancement specifically targets multi-architecture images, which are represented with a manifest.list
. Here's what to expect:
When a multi-architecture image exceeds its Docker tag retention limit, not only will the primary manifest be deleted, but its associated sub-manifests (or sub-images/architectures) and their related blobs will also be removed.
Even though these components are deleted, they're not lost. You can retrieve the manifest and its associated sub-manifests and blobs from the trash can, based on your system settings.
Known Issue in This Version
Artifactory failed to pull Go Submodules of packages when the remote repository is pointed to github.com. For more information, see Known Issues.
Known Issue in This Version
When enabling the setting Bypass HEAD Requests for one or more remote repositories, a connection leak might occur. For more information, see Known Issues.
New Features
Self-Hosted Support for Hugging Face ML Repositories (Beta release)
JFrog now supports local and remote Hugging Face repositories in Self-Hosted instances, allowing you to use Artifactory to house ML models alongside your other software components and Xray to detect malicious models and enforce license compliance. Create a single system of record for ML models that brings ML/AI development in line with your existing SSC. For more information, see Hugging Face Repositories.
Federation Recovery and Auto-Healing
Artifactory now features an auto-healing mechanism that can recover automatically from error exhaustion and reduce the need to perform full sync operations on Federated repositories.
Auto-healing checks Federated repositories at regular intervals for exhausted queues (queues that have exceeded the maximum number of attempts to send events to other Federation members). This mechanism resets the failed events automatically and tries again to sync with the target mirror. For more information, see Federation Recovery and Auto-Healing.
There is also a new Federation Recovery API that enables administrators to perform recovery manually as an alternative to performing a full sync.
Hide SSO Providers
You can now hide the SSO providers that you configured in the JPD from the login screen. If you hide the providers, the users need to type in the SSO providers to log in to the JFrog Platform UI. For more information, see Hide SSO Providers.
Feature Enhancements
Configuration Settings Added to Cached Filesystem Binary Provider
The following two configuration settings were added to cache-fs, the Cached Filesystem Binary Provider:
maxFileSizeLimit: Set the maximum limit for a binary to be saved in the cache-fs layer.
skipDuringUpload: A flag that allows you to skip saving binaries to cache-fs during upload requests.
For more information, see Cached Filesystem Binary Provider.
Migration of Authentication Provider Configuration from Artifactory Service to Access Service
As part of enhancements to the JFrog Access Service to make it the primary service for authentication providers, from Artifactory version 7.71.x, the functionality for the following authentication providers has moved to the Access Service: Internal, LDAP, HTTP SSO, and Crowd/JIRA.
Improved Trash Can functionality
Trash Can functionality has been improved such that if you select an artifact to be deleted to the Trash Can, and there is already an artifact in the Trash Can with the same path as the artifact that you selected for deletion, a pop-up appears and informs the user that if they continue with the deletion, the artifact currently in the Trash Can will be permanently deleted. The user can click Cancel in the pop-up if they decide that the artifact currently in the Trash Can should not be permanently deleted.
Package Archiving Improvement
Prior to this release, when archiving a package to cold storage, if a package already existed in cold storage with the same name, type, version, and repository path, the older package would be overridden by the newer package. In this release, cold storage archiving of packages has been modified such that if a package already exists in cold storage with the same name, type, version, and repository path, the older package in cold storage remains there and the newer package is not archived in cold storage. When this happens, an info-level log message is written to the log to inform the user that the newer package was not archived.
Get Release Bundle Versions API Enhancement
A new query parameter option in the Get Release Bundle v2 Versions API makes it possible to return the permission settings for promoting, distributing, and deleting the specified Release Bundle v2 versions.
Resolved Issues
JIRA Issue | Description |
---|---|
Fixed an issue whereby, when trying to resolve an RPM package from a remote repository, Artifactory returned a 'Metadata file does not match checksum' error. | |
Fixed an issue related to npm whereby, when installing packages through Artifactory, the client downloaded all flavors of the package, instead of downloading only the specific flavor (OS and CPU architecture) of the requested package. | |
Fixed an issue whereby, when upgrading from Artifactory version 7.59.9 to 7.63.5, the filter section was missing from the repository list of replications in the JFrog Platform WebUI. | |
Fixed an issue whereby, Artifactory did not support sending notification emails to admins when a project reached 75% of its storage limit on Cloud instances. | |
Fixed an issue whereby, when modifying any part of the Security element in the Artifactory YAML Configuration using REST API, the HTTP SSO was set to the default value, which is disabled. | |
Fixed an issue in Artifactory versions 7.46.3 and higher whereby, when modifying the userLockPolicy settings through the YAML configuration file, the changes were not applied accordingly. | |
Fixed an issue whereby, the minor Garbage Collector feature did not clean up as many items as expected. | |
Fixed an issue related to Terraform whereby, when trying to resolve modules from a smart repository, Artifactory returned a 404 error. | |
Fixed an issue related to Conda whereby, Artifactory did not support retrieving artifact metadata from remote repositories that use the | |
Fixed an issue related to Chef whereby, when trying to resolve a package from a Smart Remote repository using the JFrog Platform WebUI, Artifactory returned an error. | |
Fixed an issue whereby, Artifactory did not support downloading un-cached packages from virtual repositories using the JFrog Platform WebUI. | |
Fixed an issue whereby Federated repositories did not stay in sync after files were cleaned up by a plugin. | |
Fixed an issue whereby, when using the CLI to perform actions on a Conan package that does not exist in the upstream repository, Artifactory returned a 200 message and created an empty folder. | |
Fixed an issue whereby, when restoring a deleted artifact or folder from the trash can with the 'Recursive' checkbox not selected, properties from the repository level are also added to the artifact or folder. | |
Fixed an issue in pull replication that caused empty folders to appear in the cache even when the include/exclude pattern should have caused the path to not be included. | |
Fixed an issue whereby, after restarting an Artifactory instance, the JAR signing feature did not work as expected. | |
RTDEV-36089 | Fixed an issue related to Docker whereby, when trying to perform orphan layer cleanup on an Artifactory instance with S3, a connection leak might occur. |
RTDEV-36014 | Fixed an issue whereby the Federation event mechanism would not resume after disabling and re-enabling the Federated member. |
RTDEV-35969 | Fixed an issue whereby, when pulling a common blob that appears over 500 times in the nodes table under local and remote repositories, Artifactory might return a blob not found error |
RTDEV-35586 | Fixed an issue whereby, when attempting to import the artifactory.config.import.yml file, Artifactory returned an error. |
RTDEV-35216 | Fixed an issue whereby, when deploying a BuildInfo resource that contains a null BuildAgent, Artifactory returned a Null Pointer Exception error, failing the deploy. |
RTDEV-35001 | Fixed an issue related to Maven whereby, under some circumstances, when deploying artifacts using a Maven client in version 3.9.x, the maven-metdata.xml file was not updated as expected. |
RTDEV-34969 | Fixed an issue whereby the optimization percentage value displayed in the storage monitoring user interface was showing a highly inaccurate and exaggerated value. |
RTDEV-34814 | Fixed an issue whereby Docker cleaned up a Federated Docker repository based on an outdated manifest, which resulted in removing new blobs instead of orphaned blobs. |
RTDEV-34149 | Fixed an issue whereby, when pushing a multi-architecture layer that already exists in the system, Artifactory created a redundant appearance of the layer with its architecture name |
RTDEV-34078 | Fixed an issue related to Go whereby, Artifactory did not support changing a remote repository's Git provider to "ARTIFACTORY" using the YAML configuration REST API. |
RTDEV-33935 | Fixed an issue in push replication that caused a replication attempt to take place even when the same artifact was already deployed to the same path on the destination instance (before replication was set to take place). |
RTDEV-31458 | Fixed an issue whereby, under certain circumstances, the performance of virtual PyPI repositories with multiple local repositories was impaired. |
JA-5100 | Fixed an issue whereby, when authenticating using LDAP in an environment containing several LDAP settings, Artifactory searched for the user's group association across all group settings, instead of only in the paired LDAP setting. |
INST-6603 | Fixed an issue whereby, Artifactory did not support configuring a private registry for rabbitmq pre-upgrade hook containers in Xray and platform chart. |