Artifactory 7.83

JFrog Release Information

ft:sourceType
Paligo

Issue ID

Description

Fix Version

Additional Information

RTDEV-42377

When running the npm audit signatures command against a virtual repository that includes repositories that do not have ECDSA signing enabled, Artifactory will now respond to the npm client as expected with a list of packages that are missing signatures.

Since this feature was not supported on the server side until now, the npm client integrations would previously skip the audit stage and automatically failover due to the 404 status response and continue to execute the next commands. Today, this will stop the client from continuing its usual actions, since not all content in your virtual repository is signed.