Released: 25 July, 2024
This topic describes the new features, feature enhancements, and resolved issues that are part of the Artifactory 7.90.5 release for Self-Hosted environments. It includes all improvements since Artifactory 7.84.
Highlights
Known Issue in this Version
Upgrading self-hosted deployments from version 7.71 directly to 7.90 or higher fails due to a problematic Artifactory revision number in 7.71 causing converters not to run. For more information, see Artifactory 7.71. To avoid this issue, upgrade to Artifactory version 7.90.7 or above.
New Platform Navigation
JFrog is launching the new platform UI navigation for Self-Hosted instances.
This will be the default experience when using version number 7.90.x.
To find out more about this change, see JFrog Platform Navigation.
Classic UI Navigation Sunset
Classic UI navigation is planned to be deprecated with the Self-Hosted release of October 2024.
For more information, see JFrog Platform Deprecations.
Support for Ansible Repositories
You can now use Artifactory to manage and store your Ansible collections (including Roles, Playbooks, Plugins, Modules, etc.), providing full flexibility and usability. You can store and distribute your own collections through secure local repositories, and cache remote resources from the Ansible Galaxy registry for reliable access. For more information, see Ansible Repositories.
Support for Hugging Face Datasets
Artifactory now supports storing and caching of Hugging Face ML datasets, allowing you to manage all stages of the ML development lifecycle. For more information, see Hugging Face Repositories.
Individual JVM for Access Service
The Access service will now run on a dedicated Java Virtual Machine (JVM), separated from the main Artifactory JVM. While the Access JVM will utilize additional resources, this change is anticipated to decrease the memory usage of the Artifactory JVM. Additional configuration steps might be required for customers using the Derby database. For more information, see Individual JVM for Access Service
Major Performance Improvements for Alpine
This version includes up to an 87% improvement in the response time in Alpine-related use cases, such as downloading from a virtual repository.
New Features
Security Hardening for Artifactory Container Images
As part of JFrog's commitment to maintain the security and reliability of our products, JFrog Artifactory container images are now enforced with read-only permission to
webapps
andconf
folders located in theapp/artifactory/tomcat
andapp/access/tomcat
directories.Support for PyPI Name Normalization and Enforce Layout
Artifactory now supports the PyPI package features name normalization and enforce layout, as specified in PEP-440. These features help you keep a consistent naming method for PyPI packages and avoid issues. For more information, see Use PyPI File Path Name Normalization, Use PyPI Enforce Layout, and Using Both PyPI File Path Naming Normalization and Enforce Layout.
Support for OCI Referrers API
You can view the connection between images and their related information, such as signatures and attestations, for better visibility and management. For more information, see Use Referrers REST API to Discover OCI References.
Get Status of Repository Project API
A new API allows users to obtain the status of a repository and whether it was assigned and/or shared to a project, to multiple projects, or to all projects. For more information, see Get Status of Project Repository.
Feature Enhancements
Installation
Improved User Experience for Helm Installations
Artifactory now supports the following Helm improvements:
The
nginx.artifactoryConf
andnginx.mainConf
fields have been reallocated to the 'files' directory.The
artifactory.openMetrics
field has been renamed asartifactory.metrics
.Added
nginx.hosts
field to use asserver_name
directive on the embedded Nginx instead ofingress.hosts
field.Changed
migration.enabled
flag to false by default. For Artifactory 6.x to 7.x migration, this flag needs to be set totrue
.
Authentication
Temporary Login Suspension Configuration Moved to Access Service
As part of enhancements to the JFrog Access Service to make it the primary service for Authentication and Authorization, from Artifactory version 7.90, the configuration management for Temporary Login Suspension has moved to the Access Service. For more information, see User Lock and Login Suspension.
Project Admin Scoped Access Token
Now in addition to an API that was released in Artifactory version 7.84, you can also generate project admin access tokens using the JFrog Platform UI. For more information, see Create a Project Admin Scoped Token.
Integrations
OpenID Connect Integration
OIDC integration in the JFrog Platform allows you to use services including GitHub Actions and Azure with OpenID Connect to work on the JFrog Platform.
OpenID Connect Integrationnow supports Azure.
Database & Storage
Project Storage Quotas
You can now view and manage project storage quotas. A table view with project details is now the default All Project View, and a new Storage Quota column with a usage bar has been added. You can now perform actions such as Edit Storage to manage and change the storage quota from the table view. For more information, see Manage Storage Quotas.
Enhanced Performance for Get Storage Summary Info REST API
The time needed to return the storage summary information using REST API has been significantly reduced for virtual repositories.
Archiving & Cold Storage
Additional Package Types Now Support Package Archiving
Additional package types have been added to support package archiving. The full list of all package types that now support package archiving is: Docker, Maven, npm, Gradle, YUM, generic, NuGet, Conan, and Helm. For more information on package archiving, see Working with Cold Storage.
Improved Performance with Storage Summary Queries
A flag was added to the Artifactory System Properties (
artifactory.db.operations.totalSize.mysql.noIndex = true
) that changes the storage summary queries (file count and repository table) to not use indexes in MySQL DB and hence improves query performance.
Federated Repositories
Additional synchronized metadata in Federated repositories
It is now possible to synchronize the following artifact metadata with all Federation members:
createdBy: The name of the user who uploaded the artifact to Artifactory (including the suffix '
federated
'.) The name is mirrored to other members even if the user does not exist on those members.deploymentDate: Defines when the artifact was deployed. Synchronizing this metadata is important for features such as the Max Unique Snapshot policy in Maven.
modifiedDate: Defines when the artifact was last modified.
A new Artifactory system property controls the inclusion of this metadata:
artifactory.federated.mirror.events.metadata.enabled
By default, this flag is set to
false
. To mirror this metadata to other Federation members, change the flag setting totrue
on each relevant member. The metadata is mirrored only if the flag is activated on both the source and target JPD.Cleanup Job for Removing Orphaned Cursors
A new job cleans up orphaned cursors from the Federated repository database. This was done to optimize the auto-healing process.
Package Management
Support for new CocoaPods CLI Commands
Artifactory now supports using the
pod search
andpod list
commands for virtual CDN repositories.
Resolved Issues
JIRA Issue | Component | Severity | Description |
---|---|---|---|
JA-8230 | Access | Medium | Fixed an issue whereby, newly created generic repositories intermittently disappeared under projects. |
JA-8346 | Access | Medium | Fixed an issue whereby, Release Bundle did not appear as a resource in the Permissions UI for JFrog Pro subscriptions. |
JA-8600 | Access | High | Fixed an issue whereby, SAML login with Azure failed on multi-SAML SSO. |
JA-8655 | Authentication Providers | Medium | Fixed an issue whereby, LDAP user refresh failed when the lock time was set without setting a lockout duration. |
JA-8655 | Authentication providers | Medium | Fixed an issue whereby, LDAP user refresh failed when the lock time was set without setting a lockout duration. |
JA-8980 | General | Medium | Fixed an issue whereby, when starting the Access service, an unnecessary warning related to |
JA-9056 | Database | Medium | Fixed an issue whereby, Artifactory did not support updating a Permission Target with empty repository scope JSON when using Oracle Database. |
JFUI-15366 | Packages | Medium | Fixed an issue whereby, when using a URL to access the JFrog Platform WebUI, and logging in using HTTP SSO, Artifactory was redirected to the incorrect URL. |
RTDEV-40320 | Repositories | Medium | Fixed an issue whereby, Artifactory Export failed on Windows due to unsupportable characters in a file name or restricted file names. |
RTDEV-40507 | Storage | High | Fixed an issue whereby when CDN Download was enabled, if contentType contained a special character (such as '+') it was omitted and caused a failure with the redirect URL. |
RTDEV-40750 | Repositories | Medium | Fixed an issue that prevented the creation of a federated Release Bundle v2 repository with multiple members using a single API call ( |
RTDEV-41067 | Packages | Medium | Fixed an issue relate to NuGet whereby, |
RTDEV-41317 | Packages | Medium | Fixed an issue related to Helm whereby, when trying to use a virtual repository containing a remote repository pointing to the |
RTDEV-41390 | User Interface (UI) | Medium | Fixed an issue related to OCI whereby, when creating a repository using the JFrog Platform WebUI, it is possible to use a repository key containing uppercase characters, but when trying to use the repository through the REST API, Artifactory returned a 400 error. |
RTDEV-41630 | Packages | High | Fixed an issue related to Docker whereby, under certain circumstances, Artifactory failed to generate the docker tags list when the registry returned a full URL instead of a relative URL in the link header as expected. |
RTDEV-41714 | General | High | Fixed an issue whereby, under certain circumstances, when trying to perform pull replication, Artifactory created an infinite loop and failed to complete the operation. |
RTDEV-41880 | Packages | Medium | Fixed an issue whereby, under certain circumstances, Artifactory failed to index NuGet packages. |
RTDEV-42061 | Packages | Medium | Fixed an issue related to PyPI whereby, when resolving packages via Artifactory Cloud, the |
RTDEV-42072 | General | Medium | Fixed an issue related to the Mail Server page whereby, when setting up a mail server without configured password, users encountered an error to re-enter the password, when editing the mail server configuration or testing the connection. |
RTDEV-42350 | Packages | Medium | Fixed an issue related to Gradle whereby, the Set Me Up menu in the JFrog Platform WebUI showed incorrect instructions. |
RTDEV-42560 | Repositories | Medium | Fixed an issue whereby Artifactory Export overwrites a file with the same name but written in a different case. |
RTDEV-42772 | Packages | High | Fixed an issue related to Conda whereby, under certain circumstances, when trying to resolve a package from a virtual repository, Artifactory returned a 500 error. |
RTDEV-43090 | Packages | Medium | Fixed an issue related to Generic repositories whereby, when deploying |
RTDEV-43533 | Repositories | Medium | Fixed an issue whereby, when clicking Load More in the Tree View menu in the JFrog Platform WebUI, Artifactory did not perform as expected. |
RTDEV-43850 | Repositories | Medium | Fixed an issue whereby remote repositories were not set to an “assumed offline” state in certain situations. |
RTDEV-44031 | Packages | Medium | Fixed an issue related to Cargo whereby, updating or creating repository settings through the YAML configuration did not work as expected. |
RTDEV-44298 | General | Medium | Fixed an issue whereby, from Artifactory version 7.84, AQL searches will undergo throttling, potentially resulting in 429 errors. for more information, see the Known Issues. |
RTDEV-44325 | Repositories | Medium | Fixed an issue related to npm whereby, when performing metadata processing, a connection leak might occur. |
RTDEV-4982 | Repositories | Medium | Fixed an issue related to Helm whereby, when turning off the ‘List Remote Folder Items’ setting for smart remote repositories, it was still enabled. |
Repositories | Medium | Fixed an issue related to P2 whereby, creating a local repository was allowed using repository creation REST API, even though only remote and virtual P2 repositories are supported. | |
Packages | Medium | Fixed an issue related to Terraform whereby, when trying to resolve modules from a virtual repository containing a smart remote repository in an air-gapped environment, Artifactory returned a 404 error. | |
Packages | Medium | Fixed an issue whereby, when trying resolving artifact metadata from a virtual repository, Artifactory did not merge metadata files of | |
Packages | Medium | Fixed an issue related to PyPI whereby, when trying to access the simple index of a smart remote repository that is offline, Artifactory returned a 404 error. | |
Repositories | High | Fixed an issue whereby, when attempting to create a Smart Remote Repository on Edge instance that has Platform Proxy configured, Artifactory did not create the repository. | |
General | Medium | Fixed an issue whereby, when setting up a webhook to monitor | |
Packages | Medium | Fixed an issue related to Go whereby, when trying to download a Golang package in a major version higher than 10 from a remote repository proxying GitHub, Artifactory did not perform as expected. | |
Packages | Medium | Fixed an issue related to Hugging Face whereby, the ‘Store Artifacts Locally’ checkbox was visible for remote repositories via the JFrog Platform WebUI. | |
Release Lifecycle Management | Medium | Fixed an issue whereby, a Release Bundle v2 could not be created from a build that has dependencies lacking a SHA-256. | |
Packages | Low | Fixed an issue related to Docker whereby, when trying to promote a multi-architecture image more than once in the same repository with the same source tag and destination tag, Artifactory returned a 400 error. | |
Packages | Medium | Fixed an issue related to npm whereby, when requesting package metadata, Artifactory returned the same response headers for JSON and abbreviated JSON files. | |
General | Medium | Fixed an issue whereby, when trying to edit or delete project roles with names containing special characters, Artifactory returned a 400 error. | |
Medium | Medium | Fixed an issue whereby a project admin could not delete a repository associated with a project. | |
RTFE-1341 | Repositories | Medium | Fixed an issue whereby the Run Now option was available when adding a replication configuration to a new local repository that was still being created in the UI. |
RTFE-1593 | Repositories | Medium | Fixed an issue related to Helm OCI whereby, the repositories were not displayed on the Repositories page in the JFrog Platform WebUI Administration module as expected. |