Released: 5 August, 2024
This topic describes the new features, feature enhancements, and resolved issues that are part of the Artifactory 7.77.3 release for Self-Hosted environments. It includes all improvements since Artifactory 7.72.
Important Announcements
Operating Systems - End of Support
As part of JFrog commitment to maintain the security and reliability of the JFrog Platform, Artifactory will officially run with Node.js 20.x on all installation types from Artifactory 7.77.3.
Node.js 20.x provided with Linux Archive/Debian/RPM installations (non-containerized distributions) is not supported on the following operating systems:
Ubuntu 18.04 (has reached End of Standard Support on May 31, 2023).
RHEL 7.x - Red Hat Enterprise Linux 7.x (has reached End of Full Support on 2019)
Centos 7.x (has reached End of Active Support on 2020).
Suse Linux Enterprise Server (SLES) 12 SP5 ( will reach End of Standard Support on October 31, 2024)
Amazon Linux 2 (no support for Node.js 20x)
Hence, starting from Artifactory version 7.77.3, these operating systems will no longer be supported.
Update in the NGINX Image
The Nginx image used in Artifactory installation (for Helm, Docker Compose, and Docker installations) has been modified so that all processes inside the container can now bind to any port (of the container) including ports lower than 1024. The external ports are still 80 and 443 for HTTP and HTTPS respectively.
If you run the Nginx container with a container engine that have restriction regarding binding of lower ports or use custom values for ports in the values.yaml
, and face issues, you must adjust accordingly or remove port restriction from your setup.
Breaking Change for Blocking Creation of New API Keys
From Artifactory 7.77, to block the creation of new API Keys, in the the Access YAML Configuration file, set security.authentication.disable-api-key-creation=true
.
Previous to Artifactory version 7.77, to block creation of new API Keys, you used the artifactory.system.properties
file and the set the property, artifactory.security.apiKey.blockCreate
to true.
Integration Service Sunset
The Integration service has been deprecated. For more information, see Artifactory Deprecations.
Highlight: Hugging Face GA
Support for New Hugging Face Repository Structure
Artifactory now uses a new repository layout for Hugging Face, allowing you to store several revisions under one integration version. For more information, see Hugging Face Repository Structure.
Federation support for Hugging Face
It is now possible to create Federated repositories based on the Hugging Face package type.
Support for Private Hugging Face Repositories
Artifactory now supports resolving private Hugging Face models from Hugging Face Hub using authenticated access. For more information, see Resolve Hugging face Models from Private Repositories.
Breaking Change for Hugging Face
Using Hugging Face GA may break your local repositories and make your stored Hugging Face models inaccessible by Hugging Face REST API due to layout changes. Please re-deploy all of your Hugging Face models in local repositories to ensure consistent performance. For more information, see Hugging Face GA Repository Structure Migration.
New Features
Installation
Support for Nginx in OpenShift Installation
Artifactory now supports Nginx in OpenShift installations.
Platform Installation
OpenID Connect Integration
OIDC integration in the JFrog Platform allows you to use services such as GitHub Actions with OpenID Connect to work on the JFrog Platform. With OIDC integration, you can allow the GitHub Actions CI pipelines to download and publish artifacts without storing JFrog passwords, tokens, or API keys in GitHub.
OpenID Connect Integration is now available for the self-hosted JFrog Platform and has been available for JFrog Cloud since Artifactory version 7.73.1.
OpenID Connect integration provides the following benefits:
Passwordless experience The integration eliminates the storage of Secrets in GitHub Secrets.
Enhanced security Fine grained Token upon Identity
Seamless token management The integration eliminates the need to manually handle and manage tokens.
Passwordless Access for Amazon EKS
JFrog Platform can leverage AWS AssumeRole to provide passwordless access experience in Amazon EKS. AssumeRole authentication method allows AWS users to use roles assigned to them to create temporary authentication tokens that can be used in the JFrog Platform.
You can leverage this feature when you use a JFrog Platform Installation on an Amazon EKS cluster. For more information, see Passwordless Access for Amazon EKS.
Webhooks Troubleshooting
You can now view webhooks troubleshooting data in the JFrog Platform UI. You can configure whether to display only the failed events or all events of a webhook. For more information, see View Webhooks Troubleshooting Data in the UI.
Roles and Permissions
Custom Global Roles
You can now create, define, edit, and delete custom global roles in the JFrog Platform. Custom global roles are high-level roles that can be created at the global level and can be applied to all projects. A global role allows project Members assigned with the role from any project to perform a defined set of actions.
Next Generation Permissions
The next generation of permission model (Permissions V2) is now available in the self-hosted JFrog Platform. The new model is fully backward compatible with the legacy permissions (Permissions V1) model. The new model simplifies the UI user flows to configure all resource types. The popups to add resource type (like builds and repositories) have a new look and feel.
For more information, see Permissions.
Access Federations
Automatic Recovery in Access Federation
Access Federation now supports automatic recovery for stale services. For more information, see Revive a Stale Service.
Conflict Resolution in Access Federation
Access Federation now has advanced conflict resolution to resolve conflicts in the updates between JPDs. For more information, see Conflict Resolution in Access Federation.
Repository Management
Self-Hosted Support for OCI Registry
You can now use OCI registry version 1.0.2 natively in Artifactory as its own package type, so you can manage and save your OCI containers in Artifactory while providing full flexibility and usability.
For more information, see OCI Registry.
Self-Hosted Support for Helm OCI Repositories
You can now use OCI to package Helm charts, making it easier to scale, distribute, and leverage the power of OCI to deliver charts.
For more information, see Helm OCI Repositories.
New Support for GitLab, Bitbucket Cloud, and Bitbucket Server for Go Remote Repositories
It is now possible to create remote repositories that proxy private registries in GitLab, Bitbucket Go, and Bitbucket Server. For more information, see Set Up Go Repositories to Proxy Private Registries.
Feature Enhancements
Release Lifecycle Management
Release Lifecycle Dashboard
The Release Lifecycle dashboard provides a new and intuitive interface for creating, promoting, and distributing Release Bundles v2. Use the kanban board to promote a Release Bundle version between environments with ease. Use the timeline to see a complete history of actions performed on a Release Bundle version. Use the Distribution board to see which versions have been distributed to each of your Edge nodes. For more information about the dashboard, see Manage the Release Lifecycle Using the Dashboard.
Storage and Cold Storage
Improved Balancing in the Sharding Binary Provider
The process of balancing in the Sharding Binary Provider was improved such that the retrieval of binaries from the active providers skips the cache.
New REST APIs for Pruning Unreferenced Data (PUD)
Three new REST APIs have been added for pruning unreferenced data (PUD): Start PUD Process, Get Status of the PUD Process, and Stop PUD Process. These APIs are used to delete randomly existing binaries in the filestore that are not referenced in Artifactory and cannot be deleted by Artifactory Garbage Collection. These APIs offer greater control over the PUD process from what was available prior to this release through the PUD user interface. The Start API can be used to start the PUD process from a specific directory or even from a specific binary in a directory, and there is an option to refrain from deleting unreferenced binaries that were created after a certain date. The Get Status API returns the current status of the PUD process (i.e., running, stopped, finished, or error), along with relevant data on the process such as total binaries deleted, total size of disk space cleaned, information on the last handled directory, and other information. And the Stop API allows you to stop the PUD process before it reaches the end of the directories list.
For more information, see Pruning Unreferenced Data (PUD) APIs
Package Mangement
Support for Docker and OCI Blob Single Post
Added support for pushing a blob using a single
POST
request. For more information, see the OCI Specification.Support for Uploading Larger Hugging Face Models
Removed the 2GB model size limit for uploading Hugging Face models to JFrog.
Docker Tag Retention Logic Improvements
Improved the process of deleting multi-architecture tags so that when a multi-architecture image exceeds its Docker tag retention limit, not only will the primary manifest be deleted, but its associated sub-manifests (or sub-images/architectures) and their related blobs will also be removed. For more information, see Tag Retention Logic.
Federated Repositories
Performing a system import with active repository Federations
It is now possible to perform a system import on an Artifactory instance that has active repository Federations. For more information, see System Import and Active Repository Federations.
Additional Full Sync event properties for Federated repositories
Two new event properties are available when performing Full Sync operations on Federated repositories. These new properties retry the attempt to create event bulks (or batches) if the initial attempt fails. For more information, see Configure Federated Repositories for Bulk Event Mirroring and Parallel Processing.
Users and Authentication
New REST APIs for Disable Basic Authentication
Two new REST APIs have been added to get the status for Disable Basic Authentication and to enable/disable Disable Basic Authentication. For more information, see GET Status of Disable Basic Authentication and Enable or Disable Disable Basic Authentication.
Define Session Time
For security reasons, from Artifactory version 7.73, you can now define the maximum time in minutes that a user can remain idle in the user login session.
Resolved Issues
JIRA Issue | Component | Severity | Description |
---|---|---|---|
RTDEV-35197 | Authentication Providers | Medium | Fixed an issue whereby, when trying to browse repositories using SAML login in an instance with Anonymous Access enabled, Artifactory returned an error and did not automatically redirect to the login page for authentication. |
RTDEV-38042 | Builds | Medium | Fixed an issue whereby, when searching for build artifacts with an empty Output field, Artifactory returned an error. |
RTDEV-38568 | Builds | High | Fixed an issue whereby, when promoting a build with more than 1,000 modules using the Oracle database, the promotion failed. |
Builds | Medium | Fixed an issue whereby, when publishing the build numerous times with the same name and number, and then trying to access one of the builds, Artifactory redirected to the most recent build. | |
RTDEV-36457 | Database | Medium | Fixed an issue whereby when the binary store is configured with sharding or a sharding cluster and a remote connection reset occurred, Artifactory would sometimes incorrectly cache a portion of a binary and subsequently serve it to users. |
Database | Medium | Fixed an issue whereby when the binary store is configured with sharding or a sharding cluster and a remote connection reset occurs, Artifactory would sometimes incorrectly cache a portion of a binary and subsequently serve it to users. | |
RTDEV-35609 | Federated Repositories | High | Fixed an issue that prevented an Artifactory system import from completing successfully when a Federated repository is active. |
RTDEV-38552 | Federated Repositories | High | Fixed an issue in the batch propagation mechanism for Full Sync operations that sometimes caused parsing exceptions. In addition, a new retry mechanism will fail only after a defined number of attempts. (By default, Full Sync will fail if a batch fails to propagate 5 times.) |
RTDEV-38555 | Federated Repositories | High | Fixed an issue whereby Full Sync operations could not be triggered again after failing the initial attempt. |
RTDEV-38558 | Federated Repositories | High | Full Sync operations on Federated repositories now always update the timestamp in the node_event_cursor table. |
Federated Repositories | High | Fixed an issue whereby Federated repositories did not stay in sync after files were cleaned up by a plugin. | |
JA-6908 | General | Medium | Fixed an issue whereby, support bundles did not support authentication providers configuration, which is provided in file |
RTDEV-36091 | General | Medium | Fixed an issue whereby the Small Garbage Collection pruning query took a long time due to redundant trash.time node properties that were created on directories. Artifactory now stops creating new |
RTDEV-36091 | General | Medium | Fixed an issue whereby the Small Garbage Collection pruning query took a long time due to redundant trash.time node properties that were created on directories. Artifactory now stops creating new |
RTDEV-37106 | General | Medium | Fixed an issue whereby, deleted |
RTDEV-37608 | General | Medium | Fixed an issue whereby, |
RTDEV-38572 | General | Low | Fixed an issue whereby, when using a curl command with a ‘range’ HTTP header to fetch bytes from the end of a text file, Artifactory fetched bytes from the beginning of the file instead. |
RTDEV-45824 | General | Critical | Fixed an improper path validation issue that could potentially lead to cache poisoning. |
General | Medium | Fixed an issue where YAML configuration changes couldn't be applied if the file size exceeded 3 MB. | |
INST-7039 | Installation | Medium | Fixed an issue whereby, Artifactory failed to initialize in an Artifactory Windows installation due to the incorrect loading of the JDBC driver. The JDBC drivers are now automatically copied to the |
INST-7294 | Installation | Medium | Fixed an issue whereby, custom CA certificates could not be added to Artifactory in an OpenShift installation. |
RTDEV-33397 | Packages | N/A | Fixed an issue related to RPM whereby, when trying to upgrade the Artifactory version, a virtual repository containing multiple remote repositories was not updated as expected. The fix, for now, works when the remote repositories added in virtual are not prioritized. |
RTDEV-35364 | Packages | Low | Fixed an issue related to Hugging Face whereby, when trying to download a module where one or more of the file names contain spaces, Artifactory returned an error. |
RTDEV-35992 | Packages | N/A | Fixed an issue related to Terraform whereby, Terraform Backend repositories did not support using client versions 1.6 and above. |
RTDEV-36089 | Packages | High | Fixed an issue related to Docker whereby, when trying to perform orphan layer cleanup on an Artifactory instance with S3, a connection leak might occur. |
RTDEV-36098 | Packages | Low | Fixed an issue related to npm whereby, when turning on the trace logger and failing to access a resource in a virtual repository, Artifactory returned a 404 error. |
RTDEV-36499 | Packages | Medium | Fixed an issue related to the docker tags/list REST API whereby, when using the endpoint in a remote repository pointing to a Ret Hat registry with Include Patterns enabled, Artifactory did not return the tags list. |
RTDEV-37022 | Packages | High | Fixed an issue related to Hugging Face whereby, Artifactory did not support the |
RTDEV-37107 | Packages | Medium | Fixed an issue that caused the internal index artifacts of Debian repositories to be replicated to other Federation members. |
RTDEV-37326 | Packages | Medium | Fixed an issue related to PyPI whereby, empty |
RTDEV-37404 | Packages | Medium | Fixed an issue related to RPM whereby, Artifactory failed to extract the metadata for certain packages containing invalid XML characters. |
RTDEV-37473 | Packages | Medium | Fixed an issue related to Go whereby, when requesting a submodule that does not exist from a remote repository proxying GitHub, Artifactory incorrectly returned a success message. |
RTDEV-38465 | Packages | Medium | Fixed an issue related to Docker whereby, when using HTTP single sign-on authentication and performing certain REST API requests, Artifactory might return an error. |
RTDEV-38641 | Packages | Medium | Fixed an issue related to Docker whereby, when trying to resolve an artifact from a repository blocked by Xray remote validation, Artifactory returned a 404 instead of a 403 error. |
RTDEV-38770 | Packages | High | Fixed an issue related to Terraform whereby, under certain circumstances, modules from remote repositories could not be resolved due to a Terraform update. |
RTFE-740 | Packages | Medium | Fixed an issue related to Debian whereby, Artifactory did not support updating the Indexed Remote Architecture field in the JFrog Platform WebUI. |
Packages | Medium | Fixed an issue related to Cargo whereby, Artifactory returned a 403 instead of a 401 error in case of authorization mismatch. | |
Packages | N/A | Fixed an issue related to Conda whereby, Artifactory did not support retrieving artifact metadata from remote repositories that use the | |
Packages | Medium | Fixed an issue related to Terraform whereby, when using a statefile weighing more than 20MB, the backend repository returned a 400 error. | |
Packages | Medium | Fixed an issue related to Terraform whereby, when using a statefile weighing more than 20MB, the backend repository returned a 400 error. | |
Packages | Medium | Fixed an issue related to npm whereby, when installing packages through Artifactory, the npm client downloaded all flavors of the package, instead of downloading only the specific flavor (OS and CPU architecture) of the requested package. | |
Packages | Medium | Fixed an issue related to Helm whereby, when moving helm charts between local repositories, the | |
Packages | Low | Fixed an issue related to Docker whereby, when pulling an image from an offline remote repository, the Docker client could return a warning. | |
Packages | Medium | Fixed an issue related to npm whereby, when trying to resolve an artifact from a smart remote repository pointing to an npm repository, Artifactory returned an incorrect response code. | |
Packages | N/A | Fixed an issue related to Go whereby, when trying to resolve packages from GitHub, Artifactory returned an error. | |
Packages | Medium | Fixed an issue related to NuGet whereby, when configuring a symbol server with Artifactory and trying to fetch the | |
Packages | Medium | Fixed an issue related to npm whereby, when using dist-tags to resolve artifacts, Artifactory only returned the first result in the priority resolution order. For more information, see Resolve npm Packages Using Dist-tags. | |
Packages | Medium | Fixed an issue related to Helm whereby, when deleting a build and its multiple related Helm artifacts, the Helm | |
Packages | Medium | Fixed an issue related to RPM whereby, when trying to resolve an artifact from an upstream remote repository with a cache retrieval period set to zero using a virtual repository, Artifactory returned outdated data. | |
Packages | Medium | Fixed an issue related to the List Docker Tags REST API whereby, Artifactory did not return the full tags list in cases of a large number of pages. | |
Packages | Low | Fixed an issue related to npm whereby, Artifactory did not support the | |
Packages | Medium | Fixed an issue related to Docker whereby, when trying to pull several images with the same layer, Artifactory returned an error, even when including the image name pattern as an include pattern. | |
Packages | Medium | Fixed an issue whereby, downloading certain Go modules through a Go virtual repository containing Go remote GitHub repository failed. | |
Packages | Medium | Fixed an issue related to Docker whereby, when using Catalog REST API on a virtual repository where the user doesn't have permission to at least one of the remote repos, Artifactory returned a 403 error. | |
Packages | Medium | Fixed an issue related to npm whereby, when trying to retrieve the npmrc configuration for a transient user using a reference token via CLI, Artifactory returned a 400 error. | |
Packages | Medium | Fixed an issue related to npm whereby, when copying a package to a different repository, after removing the package with the | |
Packages | Medium | Fixed an issue related to Maven whereby, Artifactory did not require authentication when resolving from a virtual repository when using the JFrog Platform native browser, even though the 'force authentication' checkbox was selected. | |
Packages | High | Fixed an issue related to Conda whereby, under certain circumstances, Artifactory did not support installing certain packages. | |
Packages | Medium | Fixed an issue related to CocoaPods whereby, when configuring a remote repository using CocoaPods CDN, Artifactory did not support the 'pod repo update' command. | |
RTDEV-26089 | Platform Administration | Low | Fixed an issue whereby, the Get Reverse Proxy Snippet REST API was available for non-admin users. |
RTDEV-37371 | Platform Administration | Medium | Fixed a bug whereby when two uploads of the same file to Azure storage occurred simultaneously, one of those uploads sometimes failed during copy. |
Platform Administration | Medium | Fixed an issue whereby, when assigning a non-admin user as a project admin, the JFrog Platform WebUI did not perform as expected. | |
RTDEV-37728 | Projects | Medium | Fixed an issue whereby, when trying to access project information as a non-admin user with a project admin role, Artifactory returned an error. |
RTFE-757 | Projects | Medium | Fixed an issue related to projects whereby, when viewing a repository within a project in the JFrog Platform WebUI, the Environments field was not displayed. |
RTDEV-32305 | Repositories | High | Fixed an issue whereby, in instances with a large number of repositories, using the getAllRepoKeys CLI command might cause high CPU utilization. |
RTDEV-33935 | Repositories | Medium | Fixed an issue related to push replication whereby, when replicating an artifact between two repositories on different Artifactory instances that has already been deployed to the same path on the destination instance, Artifactory did not replicate the properties. |
RTDEV-35940 | Repositories | Medium | Fixed an issue whereby, when blocking replication on the remote Artifactory instance, the event-based pull replication on the configured instance will crash and will not resume even after allowing replication on the remote Artifactory instance again. |
RTDEV-36268 | Repositories | Low | Fixed an issue related to virtual repositories whereby, Artifactory did not display the image icon as expected. |
RTDEV-37383 | Repositories | Medium | Fixed an issue whereby, when trying to upload an exported repository from a Self-Hosted server to Jfrog Cloud, Artifactory returned an “Invalid Import Directory” error. |
Repositories | Low | Fixed an issue whereby, when configuring a Backup in Artifactory with the Exclude New Repositories checkbox selected, Artifactory still added new local repositories that were created to the included repositories list. | |
Repositories | Medium | Fixed an issue related to the Get All Repositories Configurations REST API whereby, the response did not include all the required fields for generic remote repositories. | |
RTFE-662 | User Interface (UI) | Medium | Fixed an issue related to the JFrog Platform WebUI whereby, when navigating to an aggregated build and clicking on the link to the nested build, the link redirected to the Packages screen. |