Released: 26 August 2024
This topic describes the new features, feature enhancements, and resolved issues that are part of the Artifactory 7.84.10 release for Self-Hosted environments. It includes all improvements since Artifactory 7.77.
Change to AWS S3 Storage Direct Download Option
From this version and on, the direct download option no longer works with eventual and cluster providers. If you want to continue using direct download, use the s3-storage-v3-direct template.
Replicator Sunset
The Replicator service for Release Bundles v1 has been deprecated. For more information, see Artifactory Deprecations.
Known Issue in this Version
Starting from Artifactory version 7.84, AQL searches will undergo throttling, potentially resulting in 429 errors. The default setting for the parameter below will be TRUE. You can opt to set it to FALSE to disable the throttling:
artifactory.aql.queries.limit.enabled
More information may be found here. To avoid this issue, upgrade to Artifactory version 7.84.16 or later.
Cargo Git Indexing Deprecation
Starting at the end of Q2, 2024, Cargo indexing will only be enabled using Sparse indexing, and the use of Git indexing will be discontinued. For more information, see Deprecations in Process.
Highlights
PostgreSQL is the Recommended Database for Artifactory Installation
After a comprehensive evaluation of leading database providers' capabilities, scalability, and support, JFrog selected PostgreSQL as the preferred database solution for all its product offerings.
Organizations can still choose to use any database in the list of Artifactory-supported databases, however, there is a minor new configuration step that will need to be performed for new installations. When installing a new Artifactory instance with any database other than PostgreSQL, you are required to specify the configuration in the
system.yaml
file.For more information, see Choose the right database.
Major Performance Improvements for PyPI, NuGet, and npm
This version includes significant reductions in response time, as well as simplified and reduced database calls from the previous Self-Hosted version (7.77). These improvements apply to several important use cases, including virtual package resolution and external dependency resolution, among others. We have measured:
Up to 24% response time reduction in PyPI-related use cases
Up to 23% response time reduction in NuGet-related use cases
Up to 84% response time reduction in npm-related use cases
New Features
APIs for Creating & Retrieving Batches of Repositories
A new API enables you to create multiple repositories using a batch request. The batch request can contain a mix of different package types and repository types. For more information, see Create Multiple Repositories . Another new API enables you to retrieve the configurations for a batch of repositories based on the repository names. For more information, see Get Multiple Repositories by Name.
Oracle RAC support for Federated repositories
Customers who use Oracle Real Application Clusters (RAC) must configure the following Artifactory system property to support Federated repositories:
artifactory.oracle.node.events.sequence.is.no.cache
Setting this property to
true
enables a converter that fixes the Oracle node events sequence definition for RAC instances.Note
For additional prerequisites, see Setup Prerequisites for Federated Repositories.
Support for OpenTofu Terraform Client
Artifactory now supports the OpenTofu registry and client, which provides an alternative to Hashicorp’s Terraform Provider Registry.
For more information, see Configure OpenTofu to Work With Artifactory.
Support for CocoaPods Virtual Repositories
Artifactory now supports using CocoaPods virtual repositories, only for repositories using CDN- allowing you to access both local and remote CocoaPods resources through a single URL.
For more information, see Set Up Virtual CocoaPods Repositories and Use CocoaPods CDN for Virtual Repositories.
CocoaPods CDN Now Supported for Local Repositories
CocoaPods CDN expedites the workflow by creating a static copy of the CocoaPods Specs repository, reducing the time required for adding repositories. For more information, see Use CocoaPods CDN.
Feature Enhancements
Installation
Helm Installation Updates
The
setSecurityContext
field in Helm installation has been renamed aspodSecurityContext
.Added a dedicated image section for
initContainers
instead ofinitContainerImage
Added
unifiedSecretInstallation
flag, which enables single unified secret holding all chart secrets to true by default.
Authentication
Automatically pair OAuth SSO users with JFrog Platform users
You can now automatically pair OAuth SSO users when they log in to the JFrog Platform with their JFrog Platform user based on their email address. No configuration change is required to enable the feature. For more information on OAuth SSO, see OAuth SSO.
Access Token Creation by Project Admins
Project admins can create access tokens that are tied to the projects in which they hold administrative privileges. For more information, see Access Token Creation by Project Admins.
Changes to Anonymous Access
From Artifactory 7.84.3, new users with anonymous access cannot access any ad hoc repository. You need to create a new permission target, select the repository's anonymous user, and set actions, and only then they can access the repositories.
For more information, see Allow Anonymous Access.
General
Availability Zone Affinity
You can configure a preferred availability zone in the router section of the Artifactory System YAML file. If a service is available in the local zone, traffic is sent to this local service. However, if a service is not available locally, traffic is sent to a service in another zone using a round robin strategy.
For more information, see JFrog Router Service.
Storage
Storage Improvements
This release contains the following storage improvements:
When using Azure Blob storage with a SAS token, the SAS token is now encrypted at rest in the the binarystore.xml file.
When using the state-aware-s3 binary provider, sensitive properties are now encrypted in the same manner as they are for the s3-storage-v3 binary provider.
Federated Repositories
Federated repository support for projects
In versions before 7.78.1, new Federation members ignored the association of a Federated repository with a specific project. For example, if a Federated repository in existing members was associated with myProject, new Federation members would lack the project association.
Starting with version 7.78.1, Artifactory will check whether the associated project in existing members is defined in the site of the new Federation member. If the project exists, the new member will be associated with this project automatically. If the project does not exist, the new member will not be associated with the project.
Note
A current limitation of this feature is that if the project association later changes in one Federation member, this change is not synchronized with the other members.
Full Sync improvements for Federated repositories
This release contains an option for generating the file list for a Full Sync operation using multiple SQL queries (paging) instead of a single AQL query. Dividing the database query into pages helps prevent the operation from crashing when retrieving a large file list (by default, more than 400000 artifacts). In addition, several new system properties have been introduced for managing this paging feature. For more information, see System Properties for Full Sync File List Queries. For more information about Full Sync, see Perform Full Sync on Federated Repositories.
Solutions for resolving 'stuck' Full Sync operations on Federated repositories
Two new options have been introduced for resolving Full Sync operations that have become 'stuck', meaning the operation persists in the database but is not active in memory. For example, this situation can arise if a user restarts an Artifactory instance while a Full Sync operation is in progress.
A new async task defined in the
system.properties
file (artifactory.reset.stale.full.sync.job.interval.min
) can reset the status of a Full Sync operation that has become 'stuck', enabling the operation to restart.A new Force Full Sync API enables you to force a Full Sync operation between the Federated repository members, interrupting another Full Sync operation that is already in progress.
Auto Healing of Federated repositories enabled by default
The auto-healing mechanism introduced in version 7.71.1 is now permanently enabled for all customers who work with Federated repositories. This mechanism checks Federated repositories at regular intervals for exhausted queues (queues that have exceeded the maximum number of attempts to send events to other Federation members), resets the failed events automatically, and tries again to sync with the target mirror. For more information, see Federation Recovery and Auto-Healing.
Perform recovery on repository Federation
It is now possible to perform a recovery operation on an entire Federation at once by leaving off the
{repo-key}
parameter when invoking the REST API. For more information, see Federation Recovery.Open Metric for Federated Repository status
A new Open Metric records the number of Federated repositories that have the indicated status. For more information, see Federated Repository Metrics.
Get Federated Repository Status V2 API
This enhanced version of the existing API endpoint supports a wider range of statuses. For more information, see Get Federated Repository Status (v2).
Release Lifecycle Management
Updates to Release Lifecycle Management APIs
Several changes have been made to the Release Lifecycle Management APIs. Among the changes:
For all relevant APIs, the status value of
PROCESSING
has been changed toSTARTED
.For all relevant APIs, the
messages[].source
andmessages[].created
properties have been deprecated.The
X-JFrog-Signing-Key-Name
request header has been made optional instead of mandatory when promoting a Release Bundle v2 version using the API.
New menu options for creating Release Bundle v2 versions
The Actions menu in the Release Lifecycle Management kanban board now includes options for creating a new version of the selected Release Bundle v2 from builds or other Release Bundles. For more information, see Create a New Version of an Existing Release Bundle.
Local Deletion of Distributed Release Bundles v2 from Edge Nodes Reported in Source Timeline
When a distributed Release Bundle v2 version is deleted locally from the target (typically an Edge node), as opposed to being deleted remotely from the source Artifactory, a new service provided by JFrog Distribution informs the source Artifactory of the operation. An event that describes the deletion is then added to the Release Bundle timeline for maximum visibility.
The behavior of this functionality is configurable in both Distribution (requires 2.24.x and higher) and Artifactory. For more information, see Configure Deleted-at-Target Scraping Service.
Support for Release Lifecycle Management in Federated Environments
It is now possible to work with Release Bundles v2 in a Federated environment as part of managing your release lifecycle. This is particularly useful when Federations are employed in a DR (disaster recovery) or Active/Active multi-site framework, as it ensures that your releases (as contained in an immutable Release Bundle) are replicated across all sites. For more information, see Release Lifecycle Management in Federated Environments.
Project Key Validator for Federated Release Bundle Repositories
A validator has been added to ensure that Release Bundle repositories related to a specific project can be Federated only if the same project key exists on the other JPDs in the Federation.
Lifecycle System YAML
There is a new section in the Artifactory YAML file for configuring parameters related to Release Lifecycle Management. This replaces the Configuration APIs that were used previously and have now been deprecated. For more information, see Lifecycle System YAML.
Improved Tracking of Distribution Task Progress
JFrog Distribution now uses an improved method for tracking distribution tasks, which enables more accurate updates about the progress of each task.
Package and Repository Management
Support for new CocoaPods CLI Commands
Artifactory now supports using the
pod search
andpod list
commands for local and remote CDN repositories.Helm Virtual
index.yaml
Resolution ImprovementsWe have improved our index calculation mechanism for virtual repositories to minimize potential OOM issues. We recommend setting the Metadata Retrieval Cache Period (Sec) in the repository page in the JFrog Platform WebUI to 60 seconds or more. For more information, see Helm Virtual Repository Index Improvements.
Go Virtual Repositories Performance Improvement
Added Go Remote VCS repositories requests caching using local cache to reduce remote API calls and avoid rate limits.
Support for
.zip
Package Format in CocoaPods Remote CDN RepositoriesArtifactory now supports resolving and caching
.zip
format packages in CocoaPods remote CDN-enabled repositories, in addition to.tgz
format.
User Interface
Improved Artifact Tree View
The Artifact Tree view has been significantly improved such that when opening a node on a repository, a specific (configurable) number of artifacts will be displayed instead of the entire contents of the repository. This significantly reduces loading time for repositories containing a large number of artifacts. The default display number is 500, but this number can be changed in the Aritfactory UI (click here for instructions). If there are more artifacts to display beyond the current list, a Load more option appears at the end of the list and when clicked displays more items.
The enhanced Artifact Tree View is available both in a Tree Browser and a Native Browser.
Display List Manifest Content on the Artifacts Page
Artifactory now displays the manifests under a
list.manifest
file directly in the Artifacts page in the JFrog Platform WebUI. For more information, see List Manifest Content.
Xray
New Default Timeout Value for Blocking Operations After Unfinished Scans
The default timeout value for the
blockUnfinishedScansTimeoutSeconds
property has been changed from 600 seconds (10 minutes) to 1800 seconds (30 minutes). This property defines how long Artifactory waits for Xray to finish scanning before blocking operations automatically if the scan is still unfinished.
Resolved Issues
JIRA Issue | Component | Severity | Description |
---|---|---|---|
JA-7939 | Authentication Provider | Low | An error occurs with the group scope token when attempting to set up identity mapping. |
JA-8655 | Authentication Providers | Medium | Fixed an issue whereby, LDAP user refresh failed when the lock time was set without setting a lockout duration. |
RTDEV-39111 | Authentication Providers | Medium | Fixed an issue whereby, when a transient user was created the API security.currentUser().isTransientUser() returned false. |
RTDEV-40549 | Authentication Providers | Medium | Fixed an issue that enabled a Release Bundle v2 to be created successfully even when the GPG key assigned to the Release Bundle was provided with the wrong passphrase. |
Authentication Providers | Medium | Fixed an issue whereby, when trying to remove an SSH key from Artifactory, the key was not completely removed. | |
RTDEV-37193 | Federated Repositories | High | Fixed an issue that caused fetch failures from deleted Federated repositories to persist indefinitely in the database. |
RTDEV-38116 | Federated Repositories | Medium | Fixed an issue that prevented sites using Oracle RAC from supporting Federated repositories. For more information, see Oracle RAC support for Federated repositories. |
RTDEV-38558 | Federated Repositories | Medium | Full Sync operations on Federated repositories now always update the timestamp in the node_event_cursor table. |
Federated Repositories | Medium | Fixed an issue that enabled users to Federate two repositories on the same Artifactory instance and to create a Federation with an Edge node as a target instance. | |
JA-8461 | General | High | Fixed an issue related to Helm whereby, when using an Oracle database with only one repository with permissions, cannot remove this repository from permissions. |
RTDEV-38572 | General | Low | Fixed an issue whereby, when using a curl command with a ‘range’ HTTP header to fetch bytes from the end of a text file, Artifactory fetched bytes from the beginning of the file instead. |
RTDEV-38828 | General | Medium | Fixed an issue whereby the process of reading the same binary multiple times simultaneously to the Cached Filesystem Binary Provider was getting stuck and caused high CPU processing. |
RTDEV-40089 | General | Medium | Fixed an issue whereby the backup would fail when Artifactory attempted to verify if enough disk space was available for the backup and a remote repository was selected for backup. |
RTDEV-40166 | General | Medium | Fixed an issue whereby, when applying Artifactory YAML Configuration with mail server changes containing quotation marks, Artifactory returned an error and became unresponsive. |
RTDEV-42076 | General | Critical | Fixed an improper input validation issue that could potentially lead to privilege escalation. |
General | Medium | Fixed an issue where YAML configuration changes couldn't be applied if the file size exceeded 3 MB. | |
RTDEV-36400 | Packages | Medium | Fixed an issue related to Conan whereby, under certain circumstances, when copying Conan artifacts from one repository to another, Artifactory did not update the |
RTDEV-37586 | Packages | Medium | Fixed an issue related to Conda whereby, under certain circumstances, some packages were not indexed as expected. |
RTDEV-37982 | Packages | Medium | Fixed an issue whereby, when using a dotnet NuGet client with incorrect authentication credentials, Artifactory returned a 500 server error instead of a 401 error. |
RTDEV-38770 | Packages | High | Fixed an issue related to Terraform whereby, under certain circumstances, modules from remote repositories could not be resolved. |
RTDEV-38815 | Packages | Medium | Fixed an issue related to Go and PyPI whereby, when resolving artifacts from remote repository using a plugin that uses the |
RTDEV-39036 | Packages | Medium | Fixed an issue related to npm whereby, Artifactory did not support installing external dependencies with URLs containing question marks (?). |
RTDEV-39105 | Packages | Medium | Fixed an issue related to Maven whereby, Artifactory did not force authentication for unavailable artifacts in virtual repositories in the native JFrog Platform WebUI even when the Force Authentication checkbox was selected. |
RTDEV-39551 | Packages | Low | Fixed an issue related to PyPI whereby, under certain circumstances, the |
RTDEV-39600 | Packages | Medium | Fixed an issue related to Terraform whereby, Artifactory did not support dereferenced commits for Terraform modules when proxying remote registries. |
RTDEV-39764 | Packages | Medium | Fixed an issue related to RPM whereby, when adding GPG keys without extension with a file name containing ‘GPG’, Artifactory did not support making the keys expirable. |
RTDEV-40052 | Packages | High | Fixed an issue related to Helm whereby, when trying to use the dependencies commands in virtual repositories, Artifactory returned an error. |
RTDEV-40083 | Packages | Medium | Fixed an issue related to Hugging Face whereby, Artifactory did not support the |
RTDEV-40221 | Packages | High | Fixed an issue related to npm whereby, under certain circumstances, Federated repository instances overwrote the latest dist-tag to the wrong version during package indexing instead of excluding the dist-tag from the mirror. |
RTDEV-40543 | Packages | Medium | Fixed an issue related to Maven whereby, when trying to configure a Maven client with the “Mirror Any“ option checked, Artifactory did not generate the |
RTDEV-41317 | Packages | Medium | Fixed an issue related to Helm whereby, when trying to use a virtual repository containing a remote repository pointing to the |
RTDEV-41630 | Packages | High | Fixed an issue related to Docker whereby, under certain circumstances, Artifactory failed to generate the docker tags list when the registry returned a full URL instead of a relative URL in the link header not as expected. |
RTDEV-41685 | Packages | High | Fixed an issue related to PyPI whereby, under certain circumstances, a persistent connection leak caused slowness in Artifactory. |
RTDEV-41880 | Packages | Medium | Fixed an issue whereby, under certain circumstances, Artifactory failed to index NuGet packages. |
Packages | Medium | Fixed an issue related to NuGet whereby, Artifactory did not support searching for specific packages in a virtual repository using the PowerShell client. | |
Packages | Medium | Fixed an issue related to Helm whereby, when deleting a build and its multiple related Helm artifacts, the | |
Packages | High | Fixed an issue related to RPM whereby, when trying to resolve artifacts from an upstream repository through a virtual repository, Artifactory did not work as expected at first attempt. | |
Packages | Medium | Fixed an issue related to npm whereby, when copying a package to a different repository, after removing the package with the | |
Packages | Medium | Fixed an issue related to CocoaPods whereby, when configuring a remote repository using Cocoapods CDN, Artifactory did not support the 'pod repo update' command. | |
Packages | Medium | Fixed an issue related to RPM whereby, when deploying a package with a name containing the substring | |
Packages | Low | Fixed an issue related to P2 whereby, Artifactory did not support creating a Smart Remote repository with a key containing special characters. | |
Packages | Low | Fixed an issue related to NuGet whereby, under certain circumstances, Artifactory did not support resolving artifacts through a virtual repository containing a large number of remote repositories. | |
Packages | Low | Fixed an issue related to Maven whereby, when deploying a snapshot to a local repository with the | |
Packages | Medium | Fixed an issue related to Docker whereby, when running a ‘docker push’ command on a new image, the ‘docker tag promoted’ webhook was incorrectly triggered. | |
Packages | Medium | Fixed an issue related to Conda whereby, when trying to deploy an artifact with an empty | |
Packages | Low | Fixed an issue whereby, Artifactory did not support setting a Cargo registry URL via the configuration YAML file. | |
Packages | Medium | Fixed an issue whereby, when navigating to the package version details page and clicking the Show In Tree button near a package artifact while moving to the Artifacts page, Artifactory returned an error. | |
Packages | Medium | Fixed an issue related to Terraform whereby, when trying to resolve versions of modules that were already cached, the gitref files were not updated as expected and Artifactory returned a 404 error or an incorrect latest version. | |
Packages | High | Fixed an issue related to Cargo whereby, after calculating repository metadata, Artifactory did not support resolving packages from local repositories. | |
Packages | Medium | Fixed an issue whereby, when trying resolving artifact metadata from a virtual repository, Artifactory did not merge metadata files of xml.bz2 format from a nested remote repository, which caused longer resolution times and an inability to view or resolve artifacts from the nested remote repository. | |
Packages | Medium | Fixed an issue related to Pub whereby, when trying to resolve an artifact with a version containing a '+' character from a virtual repository, Artifactory did not include the metadata as expected. | |
Packages | Medium | Fixed an issue related to PyPI whereby, when trying to access the simple index of a smart remote repository that is offline, Artifactory returned a 404 error. | |
Packages | Medium | Fixed an issue related to Go whereby, when trying to download a Golang package in a major version higher than 10 from a remote repository proxying GitHub, Artifactory did not perform as expected. | |
Packages | Medium | Fixed an issue related to npm whereby, when using Yarn 2 to publish a scoped npm package to Artifactory, Artifactory did not perform as expected. | |
RTDEV-37678 | Release Lifecycle Management | Medium | Fixed an issue that caused the promotion and distribution filters on the Release Lifecycle dashboard to present Release Bundle versions created during the selected timeframe instead of versions that were promoted or distributed during that timeframe. |
RTDEV-37966 | Release Lifecycle Management | Medium | Established a limit to the number of versions (default = 200) that can be displayed for one Release Bundle v2 on the Release Lifecycle dashboard. |
RTDEV-38849 | Release Lifecycle Management | Medium | Fixed an issue that caused an unexpected server error when deleting a Release Bundle v2. |
RTDEV-38927 | Release Lifecycle Management | Medium | Fixed an issue that prevented failed Release Bundle v2 promotions from appearing with the correct icon on the Release Lifecycle dashboard. |
RTDEV-38928 | Release Lifecycle Management | Medium | Fixed an issue that caused errors in the Release Lifecycle dashboard due to Release Bundle v2 promotions to a renamed or deleted environment. |
RTDEV-39037 | Release Lifecycle Management | Critical | Fixed an issue that prevented a Release Bundle v2 from collecting all artifacts of the same name from within a single build-info module. |
RTDEV-39093 | Release Lifecycle Management | Critical | Fixed an issue that excluded certain properties by default ( |
RTDEV-39724 | Release Lifecycle Management | Medium | Fixed a permissions issue that prevented users with a license other than Enterprise+ from creating Release Bundles v2 from the Release Lifecycle Management dashboard. |
Release Lifecycle Management | Medium | Fixed an issue whereby, Release Bundle V2 could not be created from a Build having dependencies without SHA-256. | |
RTDEV-36586 | Repositories | Medium | Fixed an issue whereby, virtual repositories containing remote repositories with no metadata were not visible to non-admin users. |
RTDEV-40796 | Repositories | Medium | Fixed an issue related to OCI and HelmOCI whereby, the JFrog Platform WebUI displayed the ‘enable indexing in Xray’ option, even though Xray indexing is not supported for OCI and HelmOCI repositories. |
Repositories | Low | Fixed an issue whereby, when running the Update Repository Configuration REST API using a mismatched | |
Repositories | Medium | Fixed an issue whereby, when enabling the “Disable Artifact Resolution in Repository“ setting at the repository level, it was still possible to download the entire repository’s content as a ZIP file. | |
Repositories | Low | Fixed an issue whereby, when trying to resolve an un-cached artifact from a remote repository pointing to a registry that does not allow content browsing through the Native Browse, Artifactory returned a 404 error. | |
Repositories | Medium | Fixed an issue related to Go whereby, when trying to set up a remote repository using the Set Me Up instructions in the JFrog Platform WebUI, Artifactory returned a 404 error. | |
Repositories | High | Fixed an issue whereby, when attempting to create a Smart Remote Repository on Edge instance that has Platform Proxy configured, Artifactory did not create the repository. | |
RTDEV-39396 | Storage | Medium | Fixed an issue whereby, |
RTDEV-40507 | Storage | High | Fixed an issue whereby when CDN Download was enabled, if contentType contained a special character (such as '+') it was omitted and caused a failure with the redirect URL. |
Storage | Medium | Fixed an issue whereby initiating the process for pruning unreferenced data with a federated repository configured resulted in 403 forbidden errors. | |
JFUI-14838 | User Interface (UI) | Low | Fixed an issue whereby, |
JFUI-14956 | User Interface (UI) | Medium | Fixed an issue whereby, when modifying the |
RTDEV-38945 | Xray | Medium | Fixed an issue whereby, Xray did not support scanning builds with names containing German umlaut characters (ü). |