Released: 12 May, 2024
Replicator Sunset
The Replicator service for Release Bundles v1 has been deprecated. For more information, see Artifactory Deprecations.
Known Issue in this Version
Starting from Artifactory version 7.84, AQL searches will undergo throttling, potentially resulting in 429 errors. The default setting for the parameter below will be TRUE. You can opt to set it to FALSE to disable the throttling:
artifactory.aql.queries.limit.enabled
More information may be found here. To avoid this issue, upgrade to Artifactory version 7.84.16 or later.
Highlights
PostgreSQL is the Recommended Database for Artifactory Installation
After a comprehensive evaluation of leading database providers' capabilities, scalability, and support, JFrog selected PostgreSQL as the preferred database solution for all its product offerings.
Organizations can still choose to use any database in the list of Artifactory-supported databases, however, there is a minor new configuration step that will need to be performed for new installations. When installing a new Artifactory instance with any database other than PostgreSQL, you are required to specify the configuration in the
system.yaml
file.For more information, see Choose the right database.
Major Performance Improvements for PyPI, NuGet, and npm
This version includes significant reductions in response time, as well as simplified and reduced database calls from the previous Self-Hosted version (7.77). These improvements apply to several important use cases, including virtual package resolution and external dependency resolution, among others. We have measured:
Up to 24% response time reduction in PyPI-related use cases
Up to 23% response time reduction in NuGet-related use cases
Up to 84% response time reduction in npm-related use cases
Feature Enhancements
Improved Artifact Tree View
The Artifact Tree view has been significantly improved such that when opening a node on a repository, a specific (configurable) number of artifacts will be displayed instead of the entire contents of the repository. This significantly reduces loading time for repositories containing a large number of artifacts. The default display number is 500, but this number can be changed in the Aritfactory UI (click here for instructions). If there are more artifacts to display beyond the current list, a Load more option appears at the end of the list and when clicked displays more items.
The enhanced Artifact Tree View is available both in a Tree Browser and a Native Browser.
Automatically pair OAuth SSO users with JFrog Platform users
You can now automatically pair OAuth SSO users when they log in to the JFrog Platform with their JFrog Platform user based on their email address. No configuration change is required to enable the feature. For more information on OAuth SSO, see OAuth SSO.
Open Metric for Federated Repository status
A new Open Metric records the number of Federated repositories that have the indicated status. For more information, see Federated Repository Metrics.
Lifecycle System YAML
There is a new section in the Artifactory YAML file for configuring parameters related to Release Lifecycle Management. This replaces the Configuration APIs that were used previously and have now been deprecated. For more information, see Lifecycle System YAML.
Helm Installation Updates
The
setSecurityContext
field in Helm installation has been renamed aspodSecurityContext
.Added a dedicated image section for
initContainers
instead ofinitContainerImage
Added
unifiedSecretInstallation
flag, which enables single unified secret holding all chart secrets to true by default.
Availability Zone Affinity
You can configure a preferred availability zone in the router section of the Artifactory System YAML file. If a service is available in the local zone, traffic is sent to this local service. However, if a service is not available locally, traffic is sent to a service in another zone using a round robin strategy.
For more information, see JFrog Router Service.
Access Token Creation by Project Admins
Project admins can create access tokens that are tied to the projects in which they hold administrative privileges. For more information, see Access Token Creation by Project Admins.
Changes to Anonymous Access
From Artifactory 7.84.3, new users with anonymous access cannot access any ad hoc repository. You need to create a new permission target, select the repository's anonymous user, and set actions, and only then they can access the repositories.
For more information, see Allow Anonymous Access.
Resolved Issues
JIRA Issue | Component | Severity | Description |
---|---|---|---|
Repositories | High | Fixed an issue whereby, when attempting to create a Smart Remote Repository on Edge instance that has Platform Proxy configured, Artifactory did not create the repository. | |
Packages | Medium | Fixed an issue related to Go whereby, when trying to download a Golang package in a major version higher than 10 from a remote repository proxying GitHub, Artifactory did not perform as expected. | |
Storage | Medium | Fixed an issue whereby initiating the process for pruning unreferenced data with a federated repository configured resulted in 403 forbidden errors. | |
Release Lifecycle Management | Medium | Fixed an issue whereby, Release Bundle V2 could not be created from a Build having dependencies without SHA-256. | |
Packages | Medium | Fixed an issue related to npm whereby, when using Yarn 2 to publish a scoped npm package to Artifactory, Artifactory did not perform as expected. | |
Packages | Medium | Fixed an issue related to PyPI whereby, when trying to access the simple index of a smart remote repository that is offline, Artifactory returned a 404 error. | |
RTDEV-40507 | Storage | High | Fixed an issue whereby when CDN Download was enabled, if contentType contained a special character (such as '+') it was omitted and caused a failure with the redirect URL. |
RTDEV-41880 | Packages | Medium | Fixed an issue whereby, under certain circumstances, Artifactory failed to index NuGet packages. |
RTDEV-41317 | Packages | Medium | Fixed an issue related to Helm whereby, when trying to use a virtual repository containing a remote repository pointing to the |
JA-8655 | Authentication Providers | Medium | Fixed an issue whereby, LDAP user refresh failed when the lock time was set without setting a lockout duration. |