Artifactory 7.77.3 Self-­Hosted

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

Released: 5 August, 2024

This topic describes the new features, feature enhancements, and resolved issues that are part of the Artifactory 7.77.3 release for Self-Hosted environments. It includes all improvements since Artifactory 7.72.

Important Announcements

Operating Systems - End of Support

As part of JFrog commitment to maintain the security and reliability of the JFrog Platform, Artifactory will officially run with Node.js 20.x on all installation types from Artifactory 7.77.3.

Node.js 20.x provided with Linux Archive/Debian/RPM installations (non-containerized distributions) is not supported on the following operating systems:

Hence, starting from Artifactory version 7.77.3, these operating systems will no longer be supported.

Update in the NGINX Image

The Nginx image used in Artifactory installation (for Helm, Docker Compose, and Docker installations) has been modified so that all processes inside the container can now bind to any port (of the container) including ports lower than 1024. The external ports are still 80 and 443 for HTTP and HTTPS respectively.

If you run the Nginx container with a container engine that have restriction regarding binding of lower ports or use custom values for ports in the values.yaml, and face issues, you must adjust accordingly or remove port restriction from your setup.

Breaking Change for Blocking Creation of New API Keys

From Artifactory 7.77, to block the creation of new API Keys, in the the Access YAML Configuration file, set security.authentication.disable-api-key-creation=true.Access YAML Configuration

Previous to Artifactory version 7.77, to block creation of new API Keys, you used the artifactory.system.properties file and the set the property, artifactory.security.apiKey.blockCreate to true.

Integration Service Sunset

The Integration service has been deprecated. For more information, see Artifactory Deprecations.

Highlight: Hugging Face GA

  • Support for New Hugging Face Repository Structure

    Artifactory now uses a new repository layout for Hugging Face, allowing you to store several revisions under one integration version. For more information, see Hugging Face Repository Structure.Hugging Face Repository Structure

  • Federation support for Hugging Face

    It is now possible to create Federated repositories based on the Hugging Face package type.Federated RepositoriesHugging Face Repositories

  • Support for Private Hugging Face Repositories

    Artifactory now supports resolving private Hugging Face models from Hugging Face Hub using authenticated access. For more information, see Resolve Hugging face Models from Private Repositories.Resolve Hugging Face Models From Private Repositories

Breaking Change for Hugging Face

Using Hugging Face GA may break your local repositories and make your stored Hugging Face models inaccessible by Hugging Face REST API due to layout changes. Please re-deploy all of your Hugging Face models in local repositories to ensure consistent performance. For more information, see Hugging Face GA Repository Structure Migration.

New Features

Installation

  • Support for Nginx in OpenShift Installation

    Artifactory now supports Nginx in OpenShift installations.

Platform Installation

  • OpenID Connect Integration

    OIDC integration in the JFrog Platform allows you to use services such as GitHub Actions with OpenID Connect to work on the JFrog Platform. With OIDC integration, you can allow the GitHub Actions CI pipelines to download and publish artifacts without storing JFrog passwords, tokens, or API keys in GitHub.

    OpenID Connect Integration is now available for the self-hosted JFrog Platform and has been available for JFrog Cloud since Artifactory version 7.73.1.OpenID Connect Integration

    OpenID Connect integration provides the following benefits:

    • Passwordless experience The integration eliminates the storage of Secrets in GitHub Secrets.

    • Enhanced security Fine grained Token upon Identity

    • Seamless token management  The integration eliminates the need to manually handle and manage tokens.

  • Passwordless Access for Amazon EKS

    JFrog Platform can leverage AWS AssumeRole to provide passwordless access experience in Amazon EKS. AssumeRole authentication method allows AWS users to use roles assigned to them to create temporary authentication tokens that can be used in the JFrog Platform.

    You can leverage this feature when you use a JFrog Platform Installation on an Amazon EKS cluster. For more information, see Passwordless Access for Amazon EKS.Passwordless Access for Amazon EKS

  • Webhooks Troubleshooting

    You can now view webhooks troubleshooting data in the JFrog Platform UI. You can configure whether to display only the failed events or all events of a webhook. For more information, see View Webhooks Troubleshooting Data in the UI.View Webhooks Troubleshooting Data in the UI

Roles and Permissions

  • Custom Global Roles

    You can now create, define, edit, and delete custom global roles in the JFrog Platform. Custom global roles are high-level roles that can be created at the global level and can be applied to all projects. A global role allows project Members assigned with the role from any project to perform a defined set of actions.Create Custom Global Roles

  • Next Generation Permissions

    The next generation of permission model (Permissions V2) is now available in the self-hosted JFrog Platform. The new model is fully backward compatible with the legacy permissions (Permissions V1) model. The new model simplifies the UI user flows to configure all resource types. The popups to add resource type (like builds and repositories) have a new look and feel.

    For more information, see Permissions.Permissions

Access Federations

  • Automatic Recovery in Access Federation

    Access Federation now supports automatic recovery for stale services. For more information, see Revive a Stale Service.Revive a Stale Service

  • Conflict Resolution in Access Federation

    Access Federation now has advanced conflict resolution to resolve conflicts in the updates between JPDs. For more information, see Conflict Resolution in Access Federation.Conflict Resolution in Access Federation

Repository Management

  • Self-Hosted Support for OCI Registry

    You can now use OCI registry version 1.0.2 natively in Artifactory as its own package type, so you can manage and save your OCI containers in Artifactory while providing full flexibility and usability.

    For more information, see OCI Registry.OCI Registry

  • Self-Hosted Support for Helm OCI Repositories

    You can now use OCI to package Helm charts, making it easier to scale, distribute, and leverage the power of OCI to deliver charts.

    For more information, see Helm OCI Repositories.Helm OCI Repositories

  • New Support for GitLab, Bitbucket Cloud, and Bitbucket Server for Go Remote Repositories

    It is now possible to create remote repositories that proxy private registries in GitLab, Bitbucket Go, and Bitbucket Server. For more information, see Set Up Go Repositories to Proxy Private Registries.Set Up Go Repositories to Proxy Private Registries

Feature Enhancements

Release Lifecycle Management

  • Release Lifecycle Dashboard

    The Release Lifecycle dashboard provides a new and intuitive interface for creating, promoting, and distributing Release Bundles v2. Use the kanban board to promote a Release Bundle version between environments with ease. Use the timeline to see a complete history of actions performed on a Release Bundle version. Use the Distribution board to see which versions have been distributed to each of your Edge nodes. For more information about the dashboard, see Manage the Release Lifecycle Using the Dashboard.Release Lifecycle ManagementUse the Release Bundle v2 Promotions Kanban BoardUse the Release Bundle Version TimelineDistribute a Release Bundle (v2) using the Platform UIManage the Release Lifecycle Using the Dashboard

Storage and Cold Storage

  • Improved Balancing in the Sharding Binary Provider

    The process of balancing in the Sharding Binary Provider was improved such that the retrieval of binaries from the active providers skips the cache.

  • New REST APIs for Pruning Unreferenced Data (PUD)

    Three new REST APIs have been added for pruning unreferenced data (PUD): Start PUD Process, Get Status of the PUD Process, and Stop PUD Process. These APIs are used to delete randomly existing binaries in the filestore that are not referenced in Artifactory and cannot be deleted by Artifactory Garbage Collection. These APIs offer greater control over the PUD process from what was available prior to this release through the PUD user interface. The Start API can be used to start the PUD process from a specific directory or even from a specific binary in a directory, and there is an option to refrain from deleting unreferenced binaries that were created after a certain date. The Get Status API returns the current status of the PUD process (i.e., running, stopped, finished, or error), along with relevant data on the process such as total binaries deleted, total size of disk space cleaned, information on the last handled directory, and other information. And the Stop API allows you to stop the PUD process before it reaches the end of the directories list.

    For more information, see Pruning Unreferenced Data (PUD) APIsPruning Unreferenced Data (PUD) APIs

Package Mangement

  • Support for Docker and OCI Blob Single Post

    Added support for pushing a blob using a single POST request. For more information, see the OCI Specification.

  • Support for Uploading Larger Hugging Face Models

    Removed the 2GB model size limit for uploading Hugging Face models to JFrog.

  • Docker Tag Retention Logic Improvements

    Improved the process of deleting multi-architecture tags so that when a multi-architecture image exceeds its Docker tag retention limit, not only will the primary manifest be deleted, but its associated sub-manifests (or sub-images/architectures) and their related blobs will also be removed. For more information, see Tag Retention Logic.Tag Retention Logic

Federated Repositories

  • Performing a system import with active repository Federations

    It is now possible to perform a system import on an Artifactory instance that has active repository Federations. For more information, see System Import and Active Repository Federations.System Import and Active Repository Federations

  • Additional Full Sync event properties for Federated repositories

    Two new event properties are available when performing Full Sync operations on Federated repositories. These new properties retry the attempt to create event bulks (or batches) if the initial attempt fails. For more information, see Configure Federated Repositories for Bulk Event Mirroring and Parallel Processing.Perform Full Sync on Federated RepositoriesFederated RepositoriesConfigure Federated Repositories for Bulk Event Mirroring and Parallel Processing

Users and Authentication

  • New REST APIs for Disable Basic Authentication

    Two new REST APIs have been added to get the status for Disable Basic Authentication and to enable/disable Disable Basic Authentication. For more information, see GET Status of Disable Basic Authentication and Enable or Disable Disable Basic Authentication.GET Status of Disable Basic AuthenticationEnable or Disable Disable Basic Authentication

  • Define Session Time

    For security reasons, from Artifactory version 7.73, you can now define the maximum time in minutes that a user can remain idle in the user login session.

Resolved Issues

JIRA Issue

Component

Severity

Description

RTDEV-35197

Authentication Providers

Medium

Fixed an issue whereby, when trying to browse repositories using SAML login in an instance with Anonymous Access enabled, Artifactory returned an error and did not automatically redirect to the login page for authentication.

RTDEV-38042

Builds

Medium

Fixed an issue whereby, when searching for build artifacts with an empty Output field, Artifactory returned an error.

RTDEV-38568

Builds

High

Fixed an issue whereby, when promoting a build with more than 1,000 modules using the Oracle database, the promotion failed.

RTFACT-29449

Builds

Medium

Fixed an issue whereby, when publishing the build numerous times with the same name and number, and then trying to access one of the builds, Artifactory redirected to the most recent build.

RTDEV-36457

Database

Medium

Fixed an issue whereby when the binary store is configured with sharding or a sharding cluster and a remote connection reset occurred, Artifactory would sometimes incorrectly cache a portion of a binary and subsequently serve it to users.

RTFACT-30079

Database

Medium

Fixed an issue whereby when the binary store is configured with sharding or a sharding cluster and a remote connection reset occurs, Artifactory would sometimes incorrectly cache a portion of a binary and subsequently serve it to users.

RTDEV-35609

Federated Repositories

High

Fixed an issue that prevented an Artifactory system import from completing successfully when a Federated repository is active.

RTDEV-38552

Federated Repositories

High

Fixed an issue in the batch propagation mechanism for Full Sync operations that sometimes caused parsing exceptions. In addition, a new retry mechanism will fail only after a defined number of attempts. (By default, Full Sync will fail if a batch fails to propagate 5 times.)

RTDEV-38555

Federated Repositories

High

Fixed an issue whereby Full Sync operations could not be triggered again after failing the initial attempt.

RTDEV-38558

Federated Repositories

High

Full Sync operations on Federated repositories now always update the timestamp in the node_event_cursor table.

RTFACT-29862

Federated Repositories

High

Fixed an issue whereby Federated repositories did not stay in sync after files were cleaned up by a plugin.

JA-6908

General

Medium

Fixed an issue whereby, support bundles did not support authentication providers configuration, which is provided in file access.security.latest.yml and contains settings for LDAP, LDAP groups, HTTP SSO and Crowd providers.

RTDEV-36091

General

Medium

Fixed an issue whereby the Small Garbage Collection pruning query took a long time due to redundant trash.time node properties that were created on directories. Artifactory now stops creating new trash.time properties for directories and a new API is available (Delete Redundant Records to Trash Can Directories) to delete all redundant trash.time properties in Trash Can directories.Delete Redundant Records to Trash Can Directories

RTDEV-36091

General

Medium

Fixed an issue whereby the Small Garbage Collection pruning query took a long time due to redundant trash.time node properties that were created on directories. Artifactory now stops creating new trash.time properties for directories and a new API is available (Delete Redundant Records to Trash Can Directories) to delete all redundant trash.time properties in Trash Can directories.Delete Redundant Records to Trash Can Directories

RTDEV-37106

General

Medium

Fixed an issue whereby, deleted tomcat/temp files remained open and consumed disk space.

RTDEV-37608

General

Medium

Fixed an issue whereby, artifactory-request.out.log logs were only rotating according to size, and not according to interval.

RTDEV-38572

General

Low

Fixed an issue whereby, when using a curl command with a ‘range’ HTTP header to fetch bytes from the end of a text file, Artifactory fetched bytes from the beginning of the file instead.

RTDEV-45824

General

Critical

Fixed an improper path validation issue that could potentially lead to cache poisoning.

RTFACT-30314

General

Medium

Fixed an issue where YAML configuration changes couldn't be applied if the file size exceeded 3 MB.

INST-7039

Installation

Medium

Fixed an issue whereby, Artifactory failed to initialize in an Artifactory Windows installation due to the incorrect loading of the JDBC driver. The JDBC drivers are now automatically copied to the $JFROG_HOME/artifactory/app/artifactory/tomcat/lib folder during installation on Windows.

INST-7294

Installation

Medium

Fixed an issue whereby, custom CA certificates could not be added to Artifactory in an OpenShift installation.

RTDEV-33397

Packages

N/A

Fixed an issue related to RPM whereby, when trying to upgrade the Artifactory version, a virtual repository containing multiple remote repositories was not updated as expected. The fix, for now, works when the remote repositories added in virtual are not prioritized.

RTDEV-35364

Packages

Low

Fixed an issue related to Hugging Face whereby, when trying to download a module where one or more of the file names contain spaces, Artifactory returned an error.

RTDEV-35992

Packages

N/A

Fixed an issue related to Terraform whereby, Terraform Backend repositories did not support using client versions 1.6 and above.

RTDEV-36089

Packages

High

Fixed an issue related to Docker whereby, when trying to perform orphan layer cleanup on an Artifactory instance with S3, a connection leak might occur.

RTDEV-36098

Packages

Low

Fixed an issue related to npm whereby, when turning on the trace logger and failing to access a resource in a virtual repository, Artifactory returned a 404 error.

RTDEV-36499

Packages

Medium

Fixed an issue related to the docker tags/list REST API whereby, when using the endpoint in a remote repository pointing to a Ret Hat registry with Include Patterns enabled, Artifactory did not return the tags list.

RTDEV-37022

Packages

High

Fixed an issue related to Hugging Face whereby, Artifactory did not support the likes and downloads properties for remote repositories and did not initialize the tags and id properties for the local repositories in the Hugging Face client version 0.19.0 RevisionData object.

RTDEV-37107

Packages

Medium

Fixed an issue that caused the internal index artifacts of Debian repositories to be replicated to other Federation members.

RTDEV-37326

Packages

Medium

Fixed an issue related to PyPI whereby, empty data-yanked index values from remote repositories were not propagated to the index that Artifactory returned.

RTDEV-37404

Packages

Medium

Fixed an issue related to RPM whereby, Artifactory failed to extract the metadata for certain packages containing invalid XML characters.

RTDEV-37473

Packages

Medium

Fixed an issue related to Go whereby, when requesting a submodule that does not exist from a remote repository proxying GitHub, Artifactory incorrectly returned a success message.

RTDEV-38465

Packages

Medium

Fixed an issue related to Docker whereby, when using HTTP single sign-on authentication and performing certain REST API requests, Artifactory might return an error.

RTDEV-38641

Packages

Medium

Fixed an issue related to Docker whereby, when trying to resolve an artifact from a repository blocked by Xray remote validation, Artifactory returned a 404 instead of a 403 error.

RTDEV-38770

Packages

High

Fixed an issue related to Terraform whereby, under certain circumstances, modules from remote repositories could not be resolved due to a Terraform update.

RTFE-740

Packages

Medium

Fixed an issue related to Debian whereby, Artifactory did not support updating the Indexed Remote Architecture field in the JFrog Platform WebUI.

RTFACT-29873

Packages

Medium

Fixed an issue related to Cargo whereby, Artifactory returned a 403 instead of a 401 error in case of authorization mismatch.

RTFACT-29886

Packages

N/A

Fixed an issue related to Conda whereby, Artifactory did not support retrieving artifact metadata from remote repositories that use the .ZST compression algorithm.

RTFACT-29974

Packages

Medium

Fixed an issue related to Terraform whereby, when using a statefile weighing more than 20MB, the backend repository returned a 400 error.

RTFACT-29974

Packages

Medium

Fixed an issue related to Terraform whereby, when using a statefile weighing more than 20MB, the backend repository returned a 400 error.

RTFACT-29995

Packages

Medium

Fixed an issue related to npm whereby, when installing packages through Artifactory, the npm client downloaded all flavors of the package, instead of downloading only the specific flavor (OS and CPU architecture) of the requested package.

RTFACT-30033

Packages

Medium

Fixed an issue related to Helm whereby, when moving helm charts between local repositories, the index.yaml file in the source helm local repository was not updated correctly.

RTFACT-30045

Packages

Low

Fixed an issue related to Docker whereby, when pulling an image from an offline remote repository, the Docker client could return a warning.

RTFACT-30061

Packages

Medium

Fixed an issue related to npm whereby, when trying to resolve an artifact from a smart remote repository pointing to an npm repository, Artifactory returned an incorrect response code.

RTFACT-30068

Packages

N/A

Fixed an issue related to Go whereby, when trying to resolve packages from GitHub, Artifactory returned an error.

RTFACT-30069

Packages

Medium

Fixed an issue related to NuGet whereby, when configuring a symbol server with Artifactory and trying to fetch the .PDB file using a GUID suffix containing uppercase letters, Artifactory returned a 404 error.

RTFACT-30093

Packages

Medium

Fixed an issue related to npm whereby, when using dist-tags to resolve artifacts, Artifactory only returned the first result in the priority resolution order. For more information, see Resolve npm Packages Using Dist-tags.Resolve npm Packages using dist-tags

RTFACT-30097

Packages

Medium

Fixed an issue related to Helm whereby, when deleting a build and its multiple related Helm artifacts, the Helm index.yaml file was not updated accordingly.

RTFACT-30105

Packages

Medium

Fixed an issue related to RPM whereby, when trying to resolve an artifact from an upstream remote repository with a cache retrieval period set to zero using a virtual repository, Artifactory returned outdated data.

RTFACT-30114

Packages

Medium

Fixed an issue related to the List Docker Tags REST API whereby, Artifactory did not return the full tags list in cases of a large number of pages.

RTFACT-30125

Packages

Low

Fixed an issue related to npm whereby, Artifactory did not support the acceptDependencies object when resolving artifacts.

RTFACT-30134

Packages

Medium

Fixed an issue related to Docker whereby, when trying to pull several images with the same layer, Artifactory returned an error, even when including the image name pattern as an include pattern.

RTFACT-30168

Packages

Medium

Fixed an issue whereby, downloading certain Go modules through a Go virtual repository containing Go remote GitHub repository failed.

RTFACT-30175

Packages

Medium

Fixed an issue related to Docker whereby, when using Catalog REST API on a virtual repository where the user doesn't have permission to at least one of the remote repos, Artifactory returned a 403 error.

RTFACT-30181

Packages

Medium

Fixed an issue related to npm whereby, when trying to retrieve the npmrc configuration for a transient user using a reference token via CLI, Artifactory returned a 400 error.

RTFACT-30183

Packages

Medium

Fixed an issue related to npm whereby, when copying a package to a different repository, after removing the package with the disttag=latest, the package.json metadata file was copied as empty.

RTFACT-30189

Packages

Medium

Fixed an issue related to Maven whereby, Artifactory did not require authentication when resolving from a virtual repository when using the JFrog Platform native browser, even though the 'force authentication' checkbox was selected.

RTFACT-30196

Packages

High

Fixed an issue related to Conda whereby, under certain circumstances, Artifactory did not support installing certain packages.

RTFACT-30200

Packages

Medium

Fixed an issue related to CocoaPods whereby, when configuring a remote repository using CocoaPods CDN, Artifactory did not support the 'pod repo update' command.

RTDEV-26089

Platform Administration

Low

Fixed an issue whereby, the Get Reverse Proxy Snippet REST API was available for non-admin users.Get Reverse Proxy Snippet

RTDEV-37371

Platform Administration

Medium

Fixed a bug whereby when two uploads of the same file to Azure storage occurred simultaneously, one of those uploads sometimes failed during copy.

RTFACT-29874

Platform Administration

Medium

Fixed an issue whereby, when assigning a non-admin user as a project admin, the JFrog Platform WebUI did not perform as expected.

RTDEV-37728

Projects

Medium

Fixed an issue whereby, when trying to access project information as a non-admin user with a project admin role, Artifactory returned an error.

RTFE-757

Projects

Medium

Fixed an issue related to projects whereby, when viewing a repository within a project in the JFrog Platform WebUI, the Environments field was not displayed.

RTDEV-32305

Repositories

High

Fixed an issue whereby, in instances with a large number of repositories, using the getAllRepoKeys CLI command might cause high CPU utilization.

RTDEV-33935

Repositories

Medium

Fixed an issue related to push replication whereby, when replicating an artifact between two repositories on different Artifactory instances that has already been deployed to the same path on the destination instance, Artifactory did not replicate the properties.

RTDEV-35940

Repositories

Medium

Fixed an issue whereby, when blocking replication on the remote Artifactory instance, the event-based pull replication on the configured instance will crash and will not resume even after allowing replication on the remote Artifactory instance again.

RTDEV-36268

Repositories

Low

Fixed an issue related to virtual repositories whereby, Artifactory did not display the image icon as expected.

RTDEV-37383

Repositories

Medium

Fixed an issue whereby, when trying to upload an exported repository from a Self-Hosted server to Jfrog Cloud, Artifactory returned an “Invalid Import Directory” error.

RTFACT-30048

Repositories

Low

Fixed an issue whereby, when configuring a Backup in Artifactory with the Exclude New Repositories checkbox selected, Artifactory still added new local repositories that were created to the included repositories list.

RTFACT-30073

Repositories

Medium

Fixed an issue related to the Get All Repositories Configurations REST API whereby, the response did not include all the required fields for generic remote repositories.

RTFE-662

User Interface (UI)

Medium

Fixed an issue related to the JFrog Platform WebUI whereby, when navigating to an aggregated build and clicking on the link to the nested build, the link redirected to the Packages screen.